Install Oxidized
Install Instructions from here
Install prerequisites
For CentOS, RockyLinux, and Alma Linux.
sudo yum -y install make cmake which sqlite-devel openssl-devel libssh2-devel ruby gcc ruby-devel libicu-devel gcc-c++
Install Ruby Gems
If you run into issues with installing the oxidized-web gem because of a ruby version, try installing ruby 2.6.1 via rvm the docs say install 2.1.2, but was having issues with it. 2.6.1 seems fine.
Install Oxidized
Note: If you run into issues with oxidized not being able to ssh into devices, and showing “OpenSSL::PKey::PKeyError with msg “dh#set_pqg= is incompatible with OpenSSL 3.0″” in the log, try installing from git.
gem install oxidized
gem install oxidized-script
gem install oxidized-web
Run Oxidized twice to generate the config
oxidized
If you have issues running oxidized due to an invalid or self signed ssl cert, you can either fix the cert or ignore it in the oxidized config. https://github.com/ytti/oxidized/pull/618/files
Modify the Oxidized config file in “/root/.config/oxidized/config” to look like this.
Modify the http portion of the config file to look like the following.
http:
url: https://localhost/api/v0/oxidized
scheme: https
secure: false
Setup Config
Put the config file in the users home directory.
vi .config/oxidized/config
Setup the config, Basic config below, edit as needed
---
username: admin
password: password
model: airos
resolve_dns: true
interval: 3600
use_syslog: false
debug: false
threads: 30
timeout: 20
retries: 3
prompt: !ruby/regexp /^([\w.@-]+[#>]\s?)$/
rest: 127.0.0.1:8888
next_adds_job: false
vars: {}
groups:
airos:
username: ubnt
password: ubnt
routeros:
username: admin
password:
vars:
ssh_port: 2222
models: {}
pid: /home/incredigeek/.config/oxidized/pid
crash:
directory: /home/incredigeek/.config/oxidized/crashes
hostnames: false
stats:
history_size: 10
input:
default: ssh, telnet
debug: false
ssh:
secure: false
ftp:
passive: true
utf8_encoded: true
output:
default: file
file:
directory: /home/incredigeek/.config/oxidized/configs
source:
default: http
debug: false
http:
secure: false
scheme: https
url: https://localhost/api/v0/oxidized
map:
name: hostname
model: os
group: group
headers:
X-Auth-Token: '3wq2b87fj4e6fb5987b5812t6ej9709g'
model_map:
cisco: ios
juniper: junos
mikrotik: routeros
Setup as system service
Find the “oxidized.service” file, should be in
/usr/local/rvm/gems/ruby-2.6.1/gems/oxidized-0.25.1/extra/oxidized.service
or
/usr/local/share/gems/gems/oxidized-0.28.0/extra/oxidized.service
and copy it to
/usr/lib/systemd/system/
Edit it and change the user and try to launch it
systemctl start oxidized
If it fails, you may need to substitute the ExecStart= variable to the following more info
ExecStart=/usr/local/rvm/gems/ruby-2.6.1/wrappers/oxidize
Change the ruby number if yours is different.
Enable the service on system boot up and start
systemctl enable --now oxidized
Check that oxidized is running
systemctl status oxidized
LibreNMS config
Add the following to your /opt/librenms/config.php config file.
# Oxidized configuration
$config['oxidized']['enabled'] = TRUE;
$config['oxidized']['url'] = 'http://127.0.0.1:8888';
$config['oxidized']['features']['versioning'] = true;
$config['oxidized']['group_support'] = true;
$config['oxidized']['default_group'] = 'default';
$config['oxidized']['reload_nodes'] = true;
$config['oxidized']['ignore_os'] = array('linux','windows');
$config['oxidized']['ignore_types'] = array('server','power');
LibreNMS should now feed Oxidized the devices.
You can check in the LibreNMS interface to see if it is getting the configs. https://librenms/oxidized
Where librenms is your LibreNMS servers ip/hostname.