cisco.dnac.discovery_workflow_manager module -- A resource module for handling device discovery tasks.
Note
This module is part of the cisco.dnac collection (version 6.12.0).
To install it, use: ansible-galaxy collection install cisco.dnac.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: cisco.dnac.discovery_workflow_manager.
New in cisco.dnac 6.6.0
Synopsis
Manages device discovery using IP address, address range, CDP, and LLDP, including deletion of discovered devices.
API to discover a device or multiple devices
API to delete a discovery of a device or multiple devices
Requirements
The below requirements are needed on the host that executes this module.
dnacentersdk == 2.6.10
python >= 3.5
Parameters
Parameter |
Comments |
|---|---|
List of details of device being managed. |
|
Total number of levels that are there in cdp's method of discovery Default: :ansible-option-default:`16` |
|
Parameter to delete all the discoveries at one go Choices: |
|
Name of the discovery task |
|
Credentials specifically created by the user for performing device discovery. |
|
List of CLI credentials to be used during device discovery. |
|
Enable password for CLI authentication, mandatory when using CLI credential. |
|
Password for CLI authentication, mandatory when using CLI credential. |
|
Username for CLI authentication, mandatory when using CLI credentials. |
|
HTTP read credential is used for authentication purposes and specifically utilized to grant read-only access to certain resources from the device. |
|
Password for HTTP(S) Read authentication, mandatory when using HTTP credentials. |
|
Port for HTTP(S) Read authentication, mandatory for using HTTP credentials. |
|
Flag for HTTP(S) Read authentication, not mandatory when using HTTP credentials. Choices: |
|
Username for HTTP(S) Read authentication, mandatory when using HTTP credentials. |
|
HTTP write credential is used for authentication purposes and grants Cisco Catalyst Center the ability to alter configurations, update software, or perform other modifications on a network device. |
|
Password for HTTP(S) Write authentication, mandatory when using HTTP credentials. |
|
Port for HTTP(S) Write authentication, mandatory when using HTTP credentials. |
|
Flag for HTTP(S) Write authentication, not mandatory when using HTTP credentials. Choices: |
|
Username for HTTP(S) Write authentication, mandatory when using HTTP credentials. |
|
To be used when network contains IOS XE-based wireless controllers. This is used for discovery and the enabling of wireless services on the controllers. Requires valid SSH credentials to work. Avoid standard ports like 22, 80, and 8080. |
|
The SNMP v2 credentials to be created and used for contacting a device via SNMP protocol in read mode. SNMP v2 also delivers data encryptions, but it uses data types. |
|
SNMP V2 Read community string enables Cisco Catalyst Center to extract read-only data from device. |
|
Name/Description of the SNMP read credential to be used for creation of snmp_v2_read_credential. |
|
The SNMP v2 credentials to be created and used for contacting a device via SNMP protocol in read and write mode. SNMP v2 also delivers data encryptions, but it uses data types. |
|
SNMP V2 Write community string is used to extract data and alter device configurations. |
|
Name/Description of the SNMP write credential to be used for creation of snmp_v2_write_credential. |
|
The SNMP v3 credentials to be created and used for contacting a device via SNMP protocol in read and write mode. SNMPv3 is the most secure version of SNMP, allowing users to fully encrypt transmissions, keeping us safe from external attackers. |
|
Authentication Password of the SNMP v3 protocol to be used. Must be of length greater than 7 characters. Not required for NOAUTHNOPRIV snmp_mode. |
|
Authentication type of the SNMP v3 protocol to be used. SHA uses Secure Hash Algorithm (SHA) as your authentication protocol. MD5 uses Message Digest 5 (MD5) as your authentication protocol and is not recommended. Not required for NOAUTHNOPRIV snmp_mode. Choices: |
|
Privacy password of the SNMP v3 protocol to be used in AUTHPRIV SNMP mode Not required for AUTHNOPRIV and NOAUTHNOPRIV snmp_mode. |
|
Privacy type/protocol of the SNMP v3 protocol to be used in AUTHPRIV SNMP mode Not required for AUTHNOPRIV and NOAUTHNOPRIV snmp_mode. Choices: |
|
Mode of SNMP which determines the encryption level of our community string. AUTHPRIV mode uses both Authentication and Encryption. AUTHNOPRIV mode uses Authentication but no Encryption. NOAUTHNOPRIV mode does not use either Authentication or Encryption. Choices: |
|
Username of the SNMP v3 protocol to be used. |
|
Determines the method of device discovery. Here are the available options. - SINGLE discovers a single device using a single IP address. - RANGE discovers multiple devices within a single IP address range. - MULTI RANGE discovers devices across multiple IP address ranges. - CDP uses Cisco Discovery Protocol to discover devices in subsequent layers of the given IP address. - LLDP uses Link Layer Discovery Protocol to discover devices in subsequent layers of the specified IP address. - CIDR discovers devices based on subnet filtering using Classless Inter-Domain Routing. Choices: |
|
Set of various credential types, including CLI, SNMP, HTTP, and NETCONF, that a user has pre-configured in the Device Credentials section of the Cisco Catalyst Center. If user doesn't pass any global credentials in the playbook, then by default, we will use all the global credentials present in the Cisco Catalyst Center of each type for performing discovery. (Max 5 allowed) |
|
Accepts a list of global CLI credentials for use in device discovery. It's recommended to create device credentials with both a unique username and a clear description. |
|
Name of the CLI credential, mandatory when using global CLI credentials. |
|
Username required for CLI authentication and is mandatory when using global CLI credentials. |
|
List of global HTTP Read credentials that will be used in the process of discovering devices. It's recommended to create device credentials with both a unique username and a clear description for easy identification. |
|
Name of the HTTP Read credential, mandatory when using global HTTP credentials. |
|
Username for HTTP Read authentication, mandatory when using global HTTP credentials. |
|
List of global HTTP Write credentials that will be used in the process of discovering devices. It's recommended to create device credentials with both a unique username and a clear description for easy identification. |
|
Name of the HTTP Write credential, mandatory when using global HTTP credentials. |
|
Username for HTTP Write authentication, mandatory when using global HTTP credentials. |
|
List of Global Net conf ports to be used during device discovery. It's recommended to create device credentials with unique description. |
|
Name of the Net Conf Port credential, mandatory when using global Net conf port. |
|
List of Global SNMP V2 Read credentials to be used during device discovery. It's recommended to create device credentials with both a unique username and a clear description for easy identification. |
|
Name of the SNMP Read credential, mandatory when using global SNMP credentials. |
|
Username for SNMP Read authentication, mandatory when using global SNMP credentials. |
|
List of Global SNMP V2 Write credentials to be used during device discovery. It's recommended to create device credentials with both a unique username and a clear description for easy identification. |
|
Name of the SNMP Write credential, mandatory when using global SNMP credentials. |
|
Username for SNMP Write authentication, mandatory when using global SNMP credentials. |
|
List of Global SNMP V3 credentials to be used during device discovery, giving read and write mode. It's recommended to create device credentials with both a unique username and a clear description for easy identification. |
|
Name of the SNMP V3 credential, mandatory when using global SNMP credentials. |
|
Username for SNMP V3 authentication, mandatory when using global SNMP credentials. |
|
List of IP addresses to be discovered. For CDP/LLDP/SINGLE based discovery, we should pass a list with single element like - 10.197.156.22. For CIDR based discovery, we should pass a list with single element like - 10.197.156.22/22. For RANGE based discovery, we should pass a list with single element and range like - 10.197.156.1-10.197.156.100. For MULTI RANGE based discovery, we should pass a list with multiple elementd like - 10.197.156.1-10.197.156.100 and in next line - 10.197.157.1-10.197.157.100. |
|
List of IP adddrsess that needs to get filtered out from the IP addresses passed. |
|
Total number of levels that are there in lldp's method of discovery Default: :ansible-option-default:`16` |
|
Preferred method for the management of the IP (None/UseLoopBack) Default: :ansible-option-default:`"None"` |
|
Determines the order in which device connections will be attempted. Here are the options - "telnet" Only telnet connections will be tried. - "ssh, telnet" SSH (Secure Shell) will be attempted first, followed by telnet if SSH fails. Default: :ansible-option-default:`"ssh"` |
|
Number of records to return for the header in fetching global v2 credentials Default: :ansible-option-default:`100` |
|
Number of times to try establishing connection to device |
|
Start index for the header in fetching SNMP v2 credentials Default: :ansible-option-default:`1` |
|
Time to wait for device response in seconds |
|
Determines if device discovery should utilize pre-configured global credentials. Setting to True employs the predefined global credentials for discovery tasks. This is the default setting. Setting to False requires manually provided, device-specific credentials for discovery, as global credentials will be bypassed. Choices: |
|
Set to True to verify the Cisco Catalyst Center config after applying the playbook config. Choices: |
|
Indicates whether debugging is enabled in the Cisco Catalyst Center SDK. Choices: |
|
The hostname of the Cisco Catalyst Center. |
|
Flag to enable/disable playbook execution logging. When true and dnac_log_file_path is provided, - Create the log file at the execution location with the specified name. When true and dnac_log_file_path is not provided, - Create the log file at the execution location with the name 'dnac.log'. When false, - Logging is disabled. If the log file doesn't exist, - It is created in append or write mode based on the "dnac_log_append" flag. If the log file exists, - It is overwritten or appended based on the "dnac_log_append" flag. Choices: |
|
Determines the mode of the file. Set to True for 'append' mode. Set to False for 'write' mode. Choices: |
|
Governs logging. Logs are recorded if dnac_log is True. If path is not specified, - When 'dnac_log_append' is True, 'dnac.log' is generated in the current Ansible directory; logs are appended. - When 'dnac_log_append' is False, 'dnac.log' is generated; logs are overwritten. If path is specified, - When 'dnac_log_append' is True, the file opens in append mode. - When 'dnac_log_append' is False, the file opens in write (w) mode. - In shared file scenarios, without append mode, content is overwritten after each module execution. - For a shared log file, set append to False for the 1st module (to overwrite); for subsequent modules, set append to True. Default: :ansible-option-default:`"dnac.log"` |
|
Sets the threshold for log level. Messages with a level equal to or higher than this will be logged. Levels are listed in order of severity [CRITICAL, ERROR, WARNING, INFO, DEBUG]. CRITICAL indicates serious errors halting the program. Displays only CRITICAL messages. ERROR indicates problems preventing a function. Displays ERROR and CRITICAL messages. WARNING indicates potential future issues. Displays WARNING, ERROR, CRITICAL messages. INFO tracks normal operation. Displays INFO, WARNING, ERROR, CRITICAL messages. DEBUG provides detailed diagnostic info. Displays all log messages. Default: :ansible-option-default:`"WARNING"` |
|
The password for authentication at the Cisco Catalyst Center. |
|
Specifies the port number associated with the Cisco Catalyst Center. Default: :ansible-option-default:`"443"` |
|
The username for authentication at the Cisco Catalyst Center. Default: :ansible-option-default:`"admin"` |
|
Flag to enable or disable SSL certificate verification. Choices: |
|
Specifies the version of the Cisco Catalyst Center that the SDK should use. Default: :ansible-option-default:`"2.2.3.3"` |
|
The state of Cisco Catalyst Center after module completion. Choices: |
|
Flag for Cisco Catalyst Center SDK to enable the validation of request bodies against a JSON schema. Choices: |
Notes
Note
SDK Method used are discovery.Discovery.get_all_global_credentials_v2, discovery.Discovery.start_discovery, task.Task.get_task_by_id, discovery.Discovery.get_discoveries_by_range, discovery.Discovery.get_discovered_network_devices_by_discovery_id', discovery.Discovery.delete_discovery_by_id discovery.Discovery.delete_all_discovery discovery.Discovery.get_count_of_all_discovery_jobs
Paths used are get /dna/intent/api/v2/global-credential post /dna/intent/api/v1/discovery get /dna/intent/api/v1/task/{taskId} get /dna/intent/api/v1/discovery/{startIndex}/{recordsToReturn} get /dna/intent/api/v1/discovery/{id}/network-device delete /dna/intent/api/v1/discovery/{id} delete /dna/intent/api/v1/delete get /dna/intent/api/v1/discovery/count
Removed 'global_cli_len' option in v6.12.0.
Does not support
check_modeThe plugin runs on the control node and does not use any ansible connection plugins instead embedded connection manager from Cisco Catalyst Center SDK
The parameters starting with dnac_ are used by the Cisco Catalyst Center Python SDK to establish the connection
Examples
- name: Execute discovery devices with both global credentials and discovery specific credentials
cisco.dnac.discovery_workflow_manager:
dnac_host: "{{dnac_host}}"
dnac_username: "{{dnac_username}}"
dnac_password: "{{dnac_password}}"
dnac_verify: "{{dnac_verify}}"
dnac_port: "{{dnac_port}}"
dnac_version: "{{dnac_version}}"
dnac_debug: "{{dnac_debug}}"
dnac_log: True
dnac_log_level: "{{dnac_log_level}}"
state: merged
config_verify: True
config:
- discovery_name: string
discovery_type: string
ip_address_list: list
ip_filter_list: list
cdp_level: string
lldp_level: string
prefered_mgmt_ip_method: string
discovery_specific_credentials:
cli_credentials_list:
- username: string
password: string
enable_password: string
http_read_credential:
username: string
password: string
port: integer
secure: boolean
http_write_credential:
username: string
password: string
port: integer
secure: boolean
snmp_v2_read_credential:
desc: string
community: string
snmp_v2_write_credential:
desc: string
community: string
snmp_v3_credential:
username: string
snmp_mode: string
auth_password: string
auth_type: string
privacy_type: string
privacy_password: string
net_conf_port: string
global_credentials:
cli_credentials_list:
- description: string
username: string
http_read_credential_list:
- description: string
username: string
http_write_credential_list:
- description: string
username: string
snmp_v3_credential_list:
- description: string
username: string
snmp_v2_read_credential_list:
- description: string
username: string
snmp_v2_write_credential_list:
- description: string
username: string
net_conf_port_list:
- description: string
start_index: integer
records_to_return: integer
protocol_order: string
retry: integer
timeout: integer
- name: Execute discovery devices with discovery specific credentials only
cisco.dnac.discovery_workflow_manager:
dnac_host: "{{dnac_host}}"
dnac_username: "{{dnac_username}}"
dnac_password: "{{dnac_password}}"
dnac_verify: "{{dnac_verify}}"
dnac_port: "{{dnac_port}}"
dnac_version: "{{dnac_version}}"
dnac_debug: "{{dnac_debug}}"
dnac_log: True
dnac_log_level: "{{dnac_log_level}}"
state: merged
config_verify: True
config:
- discovery_name: string
discovery_type: string
ip_address_list: list
ip_filter_list: list
cdp_level: string
lldp_level: string
prefered_mgmt_ip_method: string
discovery_specific_credentials:
cli_credentials_list:
- username: string
password: string
enable_password: string
http_read_credential:
username: string
password: string
port: integer
secure: boolean
http_write_credential:
username: string
password: string
port: integer
secure: boolean
snmp_v2_read_credential:
desc: string
community: string
snmp_v2_write_credential:
desc: string
community: string
snmp_v3_credential:
username: string
snmp_mode: string
auth_password: string
auth_type: string
privacy_type: string
privacy_password: string
net_conf_port: string
use_global_credentials: False
start_index: integer
records_to_return: integer
protocol_order: string
retry: integer
timeout: integer
- name: Delete disovery by name
cisco.dnac.discovery_workflow_manager:
dnac_host: "{{dnac_host}}"
dnac_username: "{{dnac_username}}"
dnac_password: "{{dnac_password}}"
dnac_verify: "{{dnac_verify}}"
dnac_port: "{{dnac_port}}"
dnac_version: "{{dnac_version}}"
dnac_debug: "{{dnac_debug}}"
dnac_log: True
dnac_log_level: "{{dnac_log_level}}"
state: deleted
config_verify: True
config:
- discovery_name: string
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
A dictionary with the response returned by the Cisco Catalyst Center Python SDK Returned: always |
|
A list with the response returned by the Cisco Catalyst Center Python SDK Returned: always Sample: :ansible-rv-sample-value:`["{\\n \\"response\\": []", "\\n \\"msg\\": String\\n}\\n"]` |
|
A string with the response returned by the Cisco Catalyst Center Python SDK Returned: always Sample: :ansible-rv-sample-value:`"{\\n \\"response\\": String,\\n \\"msg\\": String\\n}\\n"` |