All Device Parameters
|* ||String||Device hostname. This is not user-facing.|
|* ||String||Device management hostname or IP address.|
|* ||String||Primary network this device is a member of. Used for device grouping. Usually something like 'AS65000'.|
|* ||String||Device's user-facing name.|
|* ||Integer||TCP port used to connect to the device.|
|* ||String||Network Operating System. |
Must be a supported platform.
|Boolean||Disabled output parsing to structured data.|
|*||Device Credential Configuration|
|*||Device VRF Configuration|
|SSH Proxy Configuration|
|SSL Configuration for devices using hyperglass-agent.|
Any device that uses SSH (see platforms for breakdown) can be accessed through an intermediary SSH "proxy". The process is nearly identical to using local SSH tunneling, e.g.
ssh -L local_port:remote_device:remote_port username@proxy_server -p proxy_port.
|* ||String||Proxy hostname.|
|* ||String||Proxy management hostname or IP address.|
|* ||Proxy Credential Configuration|
|String||Proxy's network operating system. |
Must be a supported platform.
|Integer||TCP port user to connect to the proxy.|
linux_ssh has been tested and validated for use as an SSH proxy.
While all devices require a credential mapping, the credential values themselves may be used in different ways depending on the device NOS. For SSH devices, the credential is used as a typical SSH username and password.
|* ||String||Password |
Passwords will never be logged
HTTP devices may optionally use SSL for the connection between hyperglass and the device. This is disabled by default, which means devices will use unencrypted HTTP by default.
If SSL is enabled, the public key of the device must be provided in the form of an accessible absolute file path. With SSL enabled and a valid certificate specified, every connection to the device will use HTTPS in addition to payload encoding with JSON Web Tokens.
|Boolean||Enable or disable the use of SSL. |
If enabled, a certificate file must be specified (hyperglass does not support connecting to a device over an unverified SSL session).
|* ||String||Absolute path to agent's public RSA key.|
The VRFs section is a list of available VRFs for a given device. Each VRF may be configured with the following fields:
|* ||String||The VRF's name, as known by the device. |
hyperglass sends this field to the device for queries, so it needs to match the device's configuration.
|String||The VRF's user-facing name. This field's value is visible in the UI. |
If this is not specified, hyperglass will try to create a "pretty" display name based on the
|Per-VRF Contextual Help Configuration|
|VRF's IPv4 Configuration|
|VRF's IPv6 Configuration|
May be set to
null to disable IPv4 for this VRF, on the parent device.
|* ||String||Device's source IPv4 address for directed queries (ping, traceroute).|
|IPv4 Access List Configuration|
May be set to
null to disable IPv6 for this VRF, on the parent device.
|* ||String||Device's source IPv6 address for directed queries (ping, traceroute).|
|Boolean||Convert IP host queries to actual advertised containing prefix length|
|IPv6 Access List Configuration|
force_cidr option will ensure that a BGP Route query for an IP host (/32 IPv4, /128 IPv6) is converted to its containing prefix. For example, a query for
22.214.171.124 would be converted to a query for
126.96.36.199/24. This is because not all platforms support a BGP lookup for a host (this is primary a problem with IPv6, but the option applies to both address families).
force_cidris set to
true, hyperglass will perform a lookup via the RIPEStat Data API to get the advertised prefix for an IP host.
access_list block can be thought of like a prefix-list from Cisco IOS. It is a list of rules, where the first matching rule is the action executed.
|* ||String||This rule's IPv4 or IPv6 base prefix|
|String||This rule's action. Must be |
|Integer||To match this rule, the target prefix must be greater than or equal to |
|Integer||To match this rule, the target prefix must be less than or equal to |
Each VRF may enable, disable, or customize the contextual help menu for each enabled query type. The following parameters may be defined under any query type:
|Boolean||Enable or disable the help menu for this command.|
|String||Path to a plain text or markdown file containing customized help information for this command.|
|Object||Any arbitrary key/value pairs where the value will replace any occurrences of the key when wrapped in braces (e.g. |
Telnet support is provided via the underlying device connection handling framework, Netmiko. To connect to a device via serial, add the suffix
_telnet to the device's
nos value and set the
port value to
Below is a full example with nearly every available knob turned: