Hi everyone, I’m new to the CheckMK community. I have a question and I am not sure if it’s possible with CheckMK.
When we have a new site with network devices (cameras, firewalls, switches etc) I create a new “Folder” with “Network Scan”. With the DNS configured properly all devices will eventually show up as FQDN device. With bulk rename I remove the domain name.
The next step I want to do (and this is my problem) I want to do a parent… For example, I have a camera that is connected to a switch, the switch is connected to a wireless beam (satelite). On the other end of the satelite there is a base station that goes into the switch.
Now I would l to do a “Detect network parents hosts” so all devices get the correct parent configured. I know switches are on OSI model level 2 and traceroute operates at level 3. Is it possible with CheckMK to get the whole chain of parent and child filled in automatically?? The camera per instance is connected to the firewall (because the rest between is a switch of wireless station).
Is this possible in combination with SNMP? I tried looking up this and AI seems to have a solution (as always) but implementing that solution fails everytime.
I hope the threath isn’t to long. Thank you in advanced.
welcome to the community. Regarding your question: No, there isn’t. As you noted, we’re dealing with different layers, and unfortunately this isn’t a simple topic. There are several pitfalls and no real automation. Layer 2 connections must be maintained manually. Circular dependencies—commonly found in network topologies (e.g., Switch A connected to B, B to C, and C back to A)—are not supported. For a basic overview, I recommend watching this video:
(*) Starting with Checkmk 2.3, there is a “Network Visualization” feature:
This feature uses CDP/LLDP (Layer 2 discovery protocols that must be supported by your network devices) to create a graphical map of your network topology. However, afaik it does not affect your parent configuration in Checkmk—it is intended purely for visualization, as the name implies.
With the Layer 2 information from the discovery protocols, traceroute data, and potentially by extracting MAC/ARP tables, there would likely be enough data to roughly map out the network topology. However, this information currently needs to be processed manually (or via custom scripts) and then assigned to your host objects through the REST API. In complex, modern networks, though, this still won’t be enough—suddenly you’re also dealing with SDN, VRFs, containers, and VMs that can move around the globe in an instant.
My suggestion: Don’t worry too much and keep it simple. Apply the parent configuration only to network gateways/routers and, for now, skip the high granularity (e.g., camera to switch).
If one of the answers helped you solve your question, please mark it as the solution. This way, you thank the person who helped you and also indicate that the question has been resolved. This, in turn, helps others who come across the same question.
