Description
Symptoms
Unix type os classification failure.
Release
All currently supported releases.
Environment
Instance with Discovery plugin installed and discovering unix/linux devices.
Cause
The "Unix - Classify" probe is triggered when the Shazzam phase of discovery identifies ssh/port 22 (unless modified in port probes) on a discovered IP address. The "Unix - Classify" probe is a multiprobe. Multiprobes include other probes. One of the probes included in the "Unix - Classify" multiprobe is the "UNIX - OS" probe. The "UNIX - OS" probe runs the command "uname -a" to determine the os version.
The output from "uname -a" is parsed by the multisensor discovery_sensor_multi_probe.do?sys_id=10e63c5e0a0a0b4f0a078a5cfce81e13 as seen in the code below.
| var output = <string_returned_by_uname> var unameParts = output.split(/ /); var osName = unameParts[0]; |
The "osName" later on sets the ci_data.os_name which is used in the classifier criteria.
The expected format of "uname -a" is as follows:
| <OS> <hostname> <version> ... |
For example:
| Darwin MMCOIT1025574 16.7.0 Darwin Kernel Version 16.7.0 ... |
From the multisensor code, in this case the value would be:
| Darwin |
Thus, if the output of "uname -a" is not in the expected format or the os_name does not match any of the configured classifiers, under "Discovery Definition > CI Classification > UNIX", the identification phase for this device will not be triggered.
Note: If one of the classifier probes returns an unhandled error the classification sensors will be skipped. This is expected behavior. For example, if the classification input payload contains <results error="any_non_empty_string">
Resolution
- First check that no unhandled errors were returned, a common example KB0743075.
- Review the input in the payload for "uname -a" from the "Unix - OS" probe.
- Check that the OS is the first word returned.
- Check that there is a classification criteria for such OS, this is necessary in order to classify it properly and trigger the identification phase.
- If no classifier exist, there are classifiers OOB for the linux/unix os types supported OOB, create a new classifier. See one of the other unix classifiers as an example.
- On the new classifier, go to the related list "Triggers Probes" and add the desired identification probe or pattern.
Additional Information
Other helpful KB and docs:
- Troubleshooting the Classification Phase in Discovery
- Discovery device classification
- Discovery classification parameters
- Discovery classifiers
- Linux discovery
- Credentials required for host discovery
- SSH credentials
- Discovery Linux/Unix discovery fails with error "The message store has reached EOF"
- Failed to Classify Linux server in Kingston after upgrading from Jakarta