Requirements for the Cisco Nexus adapter and information about adding a Nexus device to IBM QRadar Risk Manger.
The requirements for the Cisco Nexus adapter are described below.
There are no version restrictions for this adapter.
Neighbor data support
This adapter supports neighbor data.
The device matches Cisco NX-OS and an optional qualification string that ends with Software in the SNMP sysDescr.
(Cisco NX\-OS.* Software)
Required credential parameters
The credentials and parameters required are Username, and Password.
If you add virtual device contexts (VDCs) as individual devices so that they can be backed up and viewed in the topology, then there are specific requirements for the username and password. In this situation, the username and password must be able to access the account that is enabled to access the VDCs and use the required commands in that virtual context.
The required commands are listed below.
The supported device protocols are Telnet and SSH.
Required third party files
The following Red Hat Package Manager (RPM) files are required:
The commands that the adapter requires to log in and collect data for are:
Methods for adding Virtual Device Contexts for Nexus devices
- terminal length 0
- show version
- show hostname
- show vdc
- snow snmp
- show module
- dir <fs>, where fs is all of the filesystems on device
- show interface brief
- show interface snmp-ifindex
- show interface <if> , where if is all of the interfaces from show interface brief with config sections
- show running-config
- show startup-config
- show static-route
- show ip access-lists
- show object-group
- show vlan
- show vtp status
- show hsrp
- show vrrp
- show vtp
- show glbp
- show ip arp
- show mac address-table
- show ip route
- show ipv6 route
- show ipv6 ndp
- show cdp entry all
- switchto <vdc>, for all supported virtual device contexts
You use Configuration Source Management to add Nexus network devices and VDCs to IBM Security QRadar SIEM. There are two ways to add multiple VDCs to QRadar Risk Manager.
You can add VDCs as sub-devices of the Nexus device or as individual devices.
View Virtual Device Contexts
If VDCs are added as individual devices, then each VDC displays as a device in the topology.
If VDCs are added as a sub-device, they do not display in the topology. Instead, you can view the VDCs in Configuration Monitor.
Adding VDCs as sub-devices of your Nexus device
You use Configuration Source Manager to add the Nexus device, which includes the VDCs as sub-devices.
Adding VDCs as individual devices
Use Configuration Source Manager to add your Nexus device and the appropriate user credentials. See
IBM Security QRadar Risk Manager Adapter Guide .
2. Use Configuration Source Manager to obtain the configuration information for your Nexus device. See "Obtain device configuration" in the IBM Security QRadar Risk Manager User Guide.
3. If the following commands are not enabled, then you must enable the commands for the user that is specified in the credentials:
- show vdc (at admin context)
- switchto vdc <x>, where x is the VDCs that are supported
What to do next
You can view the Nexus device in the topology and the VDC sub-devices in Configuration Monitor. For information about viewing devices, see the
IBM Security QRadar Risk Manager User Guide.
You use Configuration Source Manager to add each VDC as a separate device. When you use this method, the Nexus device and the VDCs display in the topology.
Disabling VDC commands for VDCs added as individual devices
About this task
When you view your Nexus device and VDCs in the topology, the chassis containment is represented separately.
1. Use Configuration Source Manager to add the admin IP address of each VDC. See in the IBM Security QRadar Risk Manager Adapter Guide .
2. Use Configuration Source Manager to obtain the configuration information for your VDCs. See “Obtain device configuration” in the IBM Security QRadar Risk Manager User Guide.
3. Disable the switchto vdc command.
If you added VDCs as individual devices, then you must disable the VDC command for the username that is associated with the adapter.
Before you begin
You need to add your device and VDCs, and obtain their configuration information.
About this task
After you obtain the configuration information for your Nexus device and VDCs, you must disable the VDC command for the username that you specified the credentials of the device.
1. On the Nexus device, disable the switchto vdc command in the Nexus CLI for access from the backup user account.
For example, if the user name for a Nexus device is qrmuser, you might type the following in the CLI:
NexusDevice(config)# role name qrmuser
NexusDevice(config-role)# rule 1 deny command switchto vdc
NexusDevice(config-role)# rule 2 permit command show
NexusDevice(config-role)# rule 2 permit command terminal
NexusDevice(config-role)# rule 2 permit command dir