If you are encountering any issues with NetAudit, please view system logs in /var/log/opsview/opsview.log.
When a 'Apply Changes' occurs, Opsview Monitor will generate a list of all the hosts that have RANCID enabled. However, if the websvn repository doesn't show the host, check whether 'opsview-netaudit' service is running or not with opsview-monit:
# /opt/opsview/watchdog/bin/opsview-monit -B summary | grep netaudit opsview-netaudit Running Process
The flow of data for NetAudit is:
rancid collection is invoked on NetAudit Collector every 4 hours via a cron job
a message with configuration data is sent to NetAudit master where opsview-netaudit service runs
opsview-netaudit will process message and run an "svn commit" to commit the changes to svn
If your host file is listed in WebSVN (NetAudit page) under 'rancid' repository but it is empty, it might be because the NetAudit Collector hasn't run yet since it runs every 4 hours. You can run NetAudit Collector manually by connecting NetAudit Collector and run the following command as 'opsview' user:
[opsview]% /opt/opsview/netauditcollector/bin/run_rancid_collect Starting at Thu Nov 8 12:07:14 UTC 2018 Created lockfile /opt/opsview/netauditcollector/var/collect/lock/run_rancid_collect.lock NetAudit Collection Done. Number of collections: 1 Number of publishes: 1 Finished at Thu Nov 8 12:07:31 UTC 2018
routers.conf is the main configuration file for collections.
definition.xml is the configuration file for NetAudit hosts being monitored and the notification emails.
Look in /opt/opsview/netaudit/var/svn/ on NetAudit master. If the file here contains information, then this is what should be in subversion. You can run an "svn status" to check compared with the subversion repository.
This could be due to enscript. In /opt/opsview/repository/include/config.php, make sure the following line is uncommented (e.g. doesn't have # at the beginning):
$config->useEnscript(); If websvn now shows the router configuration, then there is probably an issue with enscript software.
On the NetAudit master, in /opt/opsview/netaudit/var/svn/ will be all the latest versions of the RANCID router output files.
This simulates running the code to test the NetAudit connection with credentials:
su - opsview cd /opt/opsview/netauditcollector/bin ./run_check_rancid_connection -t cisco -H <host_ip> -u <username> -p "<password>" -c telnet
Change 'cisco' with your vendor type, and 'telnet' with your connection method. You can add "-A" option at the end if you are using RANCID "autoenable" feature.
NetAudit postinstall script might not have been run properly. You can run it manually as below as root user:
When testing a connection you may see this error:
spawn ssh -c 3des -x -L <username> <ipaddress> Unable to negotiate with <ip> port 22: no matching cypher found.
This means the SSH protocol is unable to agree on a common cypher between the Collector and the network device (in this case
3des is not available on the device). To amend the cypher used you can edit
/opt/opsview/netaudit/var/cloginrc_local on the Orchestrator with a line such as
add cyphertype <hostname_in_opsview> <cypher>
<hostname_in_opsview> is the configured hostname (as seen in the error) and
<cypher> is an available option on the network device. You can list available cypher on the Collector by running
ssh -Q cipher to pick one that both sides can use.
This change is distributed to all Collectors when an
Apply Changes is performed in the UI.
Updated about 2 years ago