1. General
  2. Ideas
0

Extensible vendor-based discovery profiles for SNMP and network discovery

steve 4 days ago 0

Problem description

GLPI network discovery and SNMP inventory currently rely on a fixed, generic set of OID definitions and parsing logic maintained in core.

While this works well for common switches and printers, it does not scale well to modern environments that contain many other network-connected, non-agent devices, such as:

  • IP cameras

  • Access control / biometric devices

  • Wireless access points

  • IoT / OT equipment

  • Vendor-specific or rebranded hardware

As a result:

  • Devices are often detected but poorly identified

  • Vendor-specific SNMP data is not parsed

  • Administrators cannot extend or customize discovery behavior

  • Community knowledge about device SNMP structures cannot be reused

Proposed enhancement (scoped MVP)

Introduce extensible, vendor-based discovery profiles that allow GLPI to apply targeted SNMP queries after basic device identification, without changing the existing discovery workflow.

This proposal is intentionally limited to enhancing discovery data, not automatic asset creation.

Minimal viable design

1. Vendor identification hints (non-authoritative)

During discovery, GLPI may already collect:

  • MAC address

  • sysObjectID

  • sysDescr

Use these existing values to derive a vendor hint (best-effort), for example:

  • MAC OUI lookup

  • sysObjectID prefix match

  • Simple sysDescr pattern match

No single signal must be authoritative.

2. Discovery profiles (read-only definitions)

A Discovery Profile defines:

  • One or more vendor/device identification hints

  • A list of additional SNMP OIDs to query

  • Optional parsing rules for returned values

Profiles:

  • Are applied only if identification hints match

  • Fall back safely to generic discovery if unsupported

  • Do not change existing SNMP logic unless explicitly matched

3. Extensibility (initially admin-managed)

For initial scope, profiles could be:

  • Stored as configuration files

  • Loaded at discovery time

  • Enabled/disabled by administrators

This avoids:

  • UI complexity

  • Security concerns

  • Runtime plugin execution

Out of scope (explicitly)

To keep this proposal feasible, the following are not requested:

  • Automatic asset creation or conversion

  • Changes to the asset model

  • Replacement of existing SNMP discovery logic

  • Vendor-specific UI elements

  • Complex fingerprinting heuristics

Benefits

  • Improved identification of non-agent devices

  • Richer SNMP data for supported vendors

  • Reduced number of poorly classified unmanaged devices

  • Community-contributed discovery knowledge becomes reusable

  • Future-proof foundation for modern networks

Why this is safe

  • Discovery remains non-destructive

  • Profiles are opt-in and additive

  • Generic discovery behavior remains unchanged

  • No assumptions or guesses are required

Example use cases

  • IP cameras exposing limited but useful SNMP data

  • Wireless access points without a central controller

  • Access control devices reporting status via vendor OIDs

  • Network devices using non-standard MIB layouts

Closing notes

This proposal aims to extend GLPI’s discovery capabilities without increasing risk or complexity in the core workflow.

By introducing a small, controlled abstraction layer, GLPI can better adapt to modern network environments while remaining backward-compatible and conservative by default.

Customer support service by UserEcho