Unidentified Inventory
The unidentified inventory API provides insights into devices in your network which are not seen by any collector. Unidentified Inventory helps identify Cisco devices attached to the network that do not already appear in the collaborative inventory. Information from software configurations, Syslog messages, and the Cisco Discovery Protocol may be used to highlight an unidentified device.
Devices attached to the network but not included in the collaborative inventory highlight a gap in network management. Legitimate devices found to be attached to the network and missing from the collaborative inventory should be added to inventory. These devices may need configuration changes in order for them to be successfully added to the collaborative inventory. Devices found to be attached to the network that do not need to be added to the collaborative inventory can be shared with Cisco for removal from future reports.
These are the resources:
/unidentifiedInventory/details/unidentifiedInventory/summary
Details
The details endpoint provides detailed information about each unidentified device.
Here is an example:
{
"items": [
{
"collectorName": "din1",
"lastUpdatedTimestamp": "2021-09-14T21:44:26",
"seenByManagedDeviceName": "radio1-sw (GigabitEthernet1/0/23)",
"unidentifiedDeviceIpAddress": "10.68.147.1",
"unidentifiedDeviceName": "floor3-radio1-wap",
"unidentifiedDevicePlatform": "cisco AIR-CAP3702I-A-K9",
"unidentifiedDeviceScore": 2,
"unidentifiedDeviceSource": " CDP",
"unidentifiedDeviceStatus": "Recurring"
},
...
]
}
The device with name floor3-radio1-wap has been seen at least twice (Recurring) and was discovered via the Cisco Discovery Protocol (CDP).
A high score means the device is seen by more managed devices and hence is more likely to be a critical/core device.
Summary
The summary endpoint returns aggregated numbers providing insight in the different categories and trend of unidentified devices in the network.
Here is an example:
{
"cdpSourcedUnidentifiedDeviceCount": 10529,
"configProtocolSourcedUnidentifiedDeviceCount": 0,
"configSubnetSourcedUnidentifiedDeviceCount": 738,
"deletedUnidentifiedDeviceCount": 684,
"lastUpdatedTimestamp": "2022-04-17T13:41:37",
"newUnidentifiedDeviceCount": 5328,
"newlyManagedUnidentifiedDeviceCount": 364,
"recurringUnidentifiedDeviceCount": 11369,
"syslogSourcedUnidentifiedDeviceCount": 5562,
"unidentifiedDeviceCount": 16698
}
In the previous example you can see that 16698 unidentified devices in the last collection out of which 5328 were found for the first time during the last profiling and 11369 that were also seen in a previous profile.
364 devices were previously unidentified but are now in one of the collectors and 684 devices are not longer seen in the latest profile and are not in any collector.
10529 devices were found from CDP, 5562 from syslog, 738 from looking at configuration subnets and 0 from looking at configuration protocol neighbors.