All Apps and Add-ons

Splunk for Asset Discovery: Is my configuration to ping the entire network of the company correct?

jmallorquin
Builder

Hi,
I would like to ping all the net of the company and i am using this configuration at the end of the scrip nmap.sh 192.168.0.0/16
Its mean that i want to ping from 192.168.1.1 to 192.168.255.255
Can anybody tell me if this is correct?

Thanks,

0 Karma
1 Solution

jmallorquin
Builder

Hi,

Finally it works when i configure theses stanzas, one for each segment.

[script:///opt/splunk/etc/apps/asset_discovery/bin/nmap.sh -v -R -sP -PE 192.168.1.0/24]
disabled = false
index = asset_discovery
interval = 900
source = nmap
sourcetype = ping_scan

[script:///opt/splunk/etc/apps/asset_discovery/bin/nmap.sh -v -R -sP -PE 192.168.2.0/24]
disabled = false
index = asset_discovery
interval = 900
source = nmap
sourcetype = ping_scan

View solution in original post

jmallorquin
Builder

Hi,

Finally it works when i configure theses stanzas, one for each segment.

[script:///opt/splunk/etc/apps/asset_discovery/bin/nmap.sh -v -R -sP -PE 192.168.1.0/24]
disabled = false
index = asset_discovery
interval = 900
source = nmap
sourcetype = ping_scan

[script:///opt/splunk/etc/apps/asset_discovery/bin/nmap.sh -v -R -sP -PE 192.168.2.0/24]
disabled = false
index = asset_discovery
interval = 900
source = nmap
sourcetype = ping_scan

View solution in original post

.conf21 CFS Extended through 5/20!

Don't miss your chance
to share your Splunk
wisdom in-person or
virtually at .conf21!

Call for Speakers has
been extended through
Thursday, 5/20!