OpsMgr 2012: Discovering a network device

Comments (39)
  1. Kevin Holman says:

    @Bubslg –

    Yes there are – SP1 added many new devices but I am not sure if we published these in a list.

    Have you attempted to discover them?

    We can "support" any SNMP device – we just might not have extended monitoring for it out of the box.

  2. Kelly_Bee says:

    Same question as @Brett …  How can we supress alerts behind a monitored network device if that device is down.  I clearly remember being told at an MMS presentation for SCOM 2012 network monitoring that this would be possible.

  3. Matt Br says:

    @Brett is there any update on your issue?  I can't believe more people aren't having the issue with loss of network connectivity to a remote site causing false SCOM alerts.

  4. Anonymous says:

    Kevin, are there plans for adding support for more devices?  I have a number of Cisco MDS switches but only 1 of the 3 models I use are supported so far.

  5. Anonymous says:

    @Carl – You can force the network device to use the MIB 2 system name, even if the name does not appear in DNS (or the IP address resolves to something else you do not want to use. I have blogegd the instructions here blogs.inframon.com/…/How-to-use-the-MIB2-System-Name-for-a-device-in-SCOM-2012.aspx

    Sorry the response is around a year late – but hopefully this will help some other people as they search


  6. Hollisorama says:

    When I created my initial network discovery I got one instance of each node. Now this morning, I am seeing a second instance of a few nodes. All the information about the node is the same except the System Name/Device Key fields which corresponds to a
    MAC address on the device. When the device was initially discovered, the System Name/Device Key was the MAC corresponding to the IP for the VLAN interface I used in the discovery. The new instance of the device has a MAC corresponding to the Bridge ID address.
    I’m not sure which one to delete or how to handle the duplication otherwise.

    1. Renato Gonçalves says:

      I have seen this scenario in other customers. In the customer that I am working the devices are being replaced by equipment from the same manufacturer, however, more current. With this, when SCOM does the rediscover, two devices with the same IP appear. Because? The new device is now available for monitoring. Then the customer to remove the old device and sets up the monitoring for the new device (router). Something absolutely normal!
      The process of monitoring and refinement is constant and can not stop.

      And an important point to note is the MAC address of each device. Because even though they are identical to the manufacturer, MAC Address is unique.
      Tips: Observe the device discovery date, MAC Address, and interfaces, because a new device does not have its ports enabled by default.

  7. Hollisorama says:

    When Installing OpsMgr 2012 R2 on Server 2012 R2, firewall rules necessary for network monitoring are created but left disabled. I enabled them and the discovery worked successfully. The firewall rule names are Operations Manager SNMP Response, Operations
    Manager SNMP Trap Listener & Operations Manager Ping Response

  8. Kevin Holman says:

    Vishnu – YOU ROCK!

  9. Kevin Holman says:

    You need to run the tasks to enable port monitoring.

  10. carl says:

    Great job on this functionality but still disappointed that the NW Device is referenced by IP and not sysName ("MIB 2 System Name").  I know you can add that column to the state views but performance views will be less inviting since you can't add the column there.  Dashboards would benefit from sysName too.  Do alert descriptions contain the sysName in addition to the ip address?  If not, assuming sealed MP's, that's going to create some unfortunate work for some of us whose users want alerts with host/system names and not IP's.  I do love the look though.

  11. Discover Linux device says:

    Can you do a blog post on discovering a Linux/Unix server?

  12. michel kamp says:

    Hi Kevin,

    maybe something to mention: Disable (or change) the firewall settings of the management server(s) where you are kicking off the network discovery. I noticed that the discovery process will not give you any error/warning event on this. It will simply tell you no devices are discovered…


  13. Have you messed with any of the interface overrides for the network devices yet? By default they are all disabled. I have been trying to figure out how to turn on interface monitoring, however I have yet to find discoveries for this. The monitors are there, which makes me interested to see how much QA the dev team performed to support more SNMP GUID Monitors in this version.

    As aways, great posts. don't know what I would do without some of them.

  14. Vishnu Nath says:

    @Carl, the naming algorithm actually uses several branches, it attempts DNS resolution on the following items in the order listed, the first one to succeed wins 1) Loopback IP 2) sysName 3) Public IP 4) Private IP 5)SNMP Agent IP

    @Michel We have added diagnostic and recoveries around firewall not being configured in RC/RTM

    @Jason By default the only interfaces with monitoring enabled are those that make up connections between network devices or network devices and servers you are monitoring.  If you wish to enable monitoring on another interface simply add it to the "Critical Network Adapters Group"


    -Vishnu Nath

    Program Manager – Operations Manager

  15. Alok Sinha says:

    Hi All, Is there any power shell script avialable for discovering Network devices in SCOM 2012

  16. brett says:

    Has anyone tried supressing alerts to the computer/agents when the network link goes down?  I have remote offices which often lose connectivity and when doing so i get numerous alerts about AD, DNS, etc relating to the servers at the site.  I thought the new scom 2012 was suppossed to help with oliviating this.  If someone has any experience or guidance with this that would be great as this is what we have been waiting for.



  17. vijayh says:


    If ping is blocked at the network device end, will SCOM be able to discover the device?

  18. Yasar Yigitsoy says:

    Hi All, Kevin,

    I’m running scom2012SP1 on a Windows2012 server and I can’t get any network devices working with SNMP.

    The message which I get is “No response SNMP” but I am sure that the ip/community string is correct. In scom2007R2 on win2k8 is working fine. Of course I added the ip adress of the scom server in the network devices, but it is still not working! Even when I disabled the windows Firewall.(I thought maybe I made the wrong exclusion) The SNMP feature are also installed and the SNMP trap service is disabled.

    Hope you can help me!

  19. MuhammadM says:

    "No Response SNMP" message while discovering a cisco switch with SNMPv3 enabled.


    Some of the same model/OS switches with the same configuration were discovered but others sowing the above message. No configuration difference at all.

    Any suggestions ?

  20. Anonymous says:

    Pingback from SCOM QUICK Install | config.re

  21. js says:

    I thought ICMP & SNMP access method required both to successful else it will fail? Above you state ‘as long as one of those is available we consider the device up’

  22. Hollisorama says:

    I opened a Microsoft case and got a fix for the duplicate device issue. It is a private fix so I suggest opening another ticket and requesting the fix. The issue is resolved with an updated version of he "ic.iftable.asl" file

  23. Anonymous says:

    There are several really good blogs out there which document some of the struggles and workarounds with

  24. Robinson Asirvatham says:

    Hi Kevin,
    I always follow your article and I love it . I just have one question on Reporting on Networking devices .

    I am trying to generate a report for "Interface Traffic Volume " and the report is blank . Does it require the Rules to be enabled by override?

  25. Mark Derouen says:

    Has anyone solved the issue Bret was asking about?

  26. Sam John says:

    I have a Cisco 2960 switch, but it is not monitoring the power supply or fans. How do I enable monitoring for these components?

  27. robber1974 says:

    @Muhammad: AES256 isn’t supported by SCOM. Switch to AES128 and it will work. Or just basic troubleshooting ofcourse.

    Is the fix Hollisorama is talking about already in some SCOM UR update (running scom r2 ur7 now, but we still have this issue).

  28. vincent says:

    Hi Everyone,

    I have a problem with network discovery. I previously discovered a Cisco device that is certified by SCOM, but for now, its not discovering as certified. Have any of you encountered this issue?

    Please help and advise

  29. Steve says:

    Great stuff! Now the tough part, I need to create a class/group of network interfaces on like network devices for monitoring. I followed the directions at http://blogs.catapultsystems.com/cfuller/archive/2013/06/20/how-to-add-monitoring-for-a-port-or-interface-on-a-network-device-in-operations-manager-2012-scom-sysctr/ but that isn’t dynamic enough for me. any help would be much appreciated.

  30. Nabil Laamrani says:

    Hi Kevin,

    I have SCOM2012R2 and i want to catch alerts from vRops 6.2 .
    I can’t discover the vROPS .There is not firewall between the vROPS and the SCOM.
    Also ,i can see the snmp trap from the vROPS on the SCOM server with wireshark ,but i can’t discover it.
    Need help please.

    Best regards

  31. TedH says:

    Is there a way to discover a windows computer that is running an application that generates SNMP traps. Discovering the windows computer fails because it is a windows computer even if SNMP is responding correctly. In our case the application generates SNMP traps only and SCOM will only accept the trap if it comes from a previously discovered device.

    Would it work to have the discovery work against a device using the same IP as the server will get after the discovery? This way I could discover the bogus device at the IP and then replace the real server at the same IP.

    Any other ideas?

  32. RajeshKumar C says:

    Hello Kevin,
    Hope You are doing Good!
    I’m try to discover the NetScaler devices. However I get “”No Response SNMP”
    I have Verified the port connectivity and Community string.The IP address of the Management severs have been added in the netscaler device,which needs to be Monitored.
    Could you please Suggest some troubleshooting Steps.

  33. Rodrigo Silva Red says:

    As for my problem: Devices have been inserted according to procedure, but collection of link counters (interface usage and port usage) are not visible on the console. The ports I want to monitor were enabled by the task and also entered into the critical interfaces group. The other counters for memory and ping are fully visible. Have some punctual tip. Thanks for your feedback.

  34. Nikhil says:


    We have a Dell OME server ( monitoring physical dell servers ) which is forwarding the SNMP V1 traps to SCOM 21012 R2. But the alerts in the SCOM are dropping off as SNMP V1 has an agent address field which contains the source IP “Dell physical server ” not off the Dell OME server.

    Is there any configuration in the SCOM to receive the SNMP V1 alert and disregard the “Agent address”, so that it does not drop off the alerts / traps.

    Please assist. It would be a great help !

  35. joe Thiel says:

    Hi Kevin, Do you know of a way to monitor for packet loss on network devices?

  36. Kevin,
    could you please explain how SCOM picks the device key from the device? Which MAC of which port will be taken? I have a customer where the NW guys feel that this is kind of random and not the expected MAC of the port we use the IP address from…

    Many thanks,

Comments are closed.

Skip to main content