;;; Welcome to the NetBox Sync configuration file. ;;; Version: 1.8.0 (2025-03-07) ;;; Project URL: https://github.com/bb-ricardo/netbox-sync ; The values in this file override the default values used by the system if a config ; option is not specified. The commented out lines are the configuration field and the ; default value used. Uncommenting a line and changing the value will change the value ; used at runtime when the process is restarted. ;;; ;;; [common] ;;; ;;; Controls the parameters for logging ;;; [common] ; Logs will always be printed to stdout/stderr. ; Logging can be set to following log levels: ; ERROR: Fatal Errors which stops regular a run ; WARNING: Warning messages won't stop the syncing process but mostly worth ; to have a look at. ; INFO: Information about objects that will be create/updated/deleted in NetBox ; DEBUG: Will log information about retrieved information, changes in internal ; data structure and parsed config ; DEBUG2: Will also log information about how/why data is parsed or skipped. ; DEBUG3: Logs all source and NetBox queries/results to stdout. Very useful for ; troubleshooting, but will log any sensitive data contained within a query. ;log_level = INFO ; Enabling this options will write all logs to a log file defined in 'log_file' ;log_to_file = False ; Destination of the log file if "log_to_file" is enabled. Log file will be rotated ; maximum 5 times once the log file reaches size of 10 MB ;log_file = log/netbox_sync.log ;;; ;;; [netbox] ;;; ;;; Controls the connection parameters to your netBox instance ;;; [netbox] ; Requires an NetBox API token with full permissions on all objects except 'auth', ; 'secrets' and 'users' api_token = XYZ ; Requires a hostname or IP which points to your NetBox instance host_fqdn = netbox.example.com ; Define the port your NetBox instance is listening on. If 'disable_tls' is set to "true" ; this option might be set to 80 ;port = 443 ; Whether TLS encryption is enabled or disabled ;disable_tls = False ; Enforces TLS certificate validation. If this system doesn't trust the NetBox web server ; certificate then this option needs to be changed ;validate_tls_certs = True ; Defines a proxy which will be used to connect to NetBox. Proxy setting needs to include ; the schema. Proxy basic auth example: http://user:pass@10.10.1.10:312 ;proxy = http://example.com:3128 ; Specify a client certificate which can be used to authenticate to NetBox ;client_cert = client.pem ; Specify the client certificate private key belonging to the client cert ;client_cert_key = client.key ; Whether items which were created by this program but can't be found in any source ; anymore will be deleted or not ;prune_enabled = False ; Orphaned objects will first be tagged before they get deleted. Once the amount of days ; passed the object will actually be deleted ;prune_delay_in_days = 30 ; This will tell netbox-sync to ignore objects in NetBox with tag 'NetBox-synced' from ; pruning if the source is not defined in this config file (https://github.com/bb- ; Ricardo/netbox-sync/issues/176) ;ignore_unknown_source_object_pruning = False ; The maximum number of objects returned in a single request. If a NetBox instance is very ; quick responding the value should be raised ;default_netbox_result_limit = 200 ; The maximum time a query is allowed to execute before being killed and considered failed ;timeout = 30 ; The amount of times a failed request will be reissued. Once the maximum is reached the ; syncing process will be stopped completely. ;max_retry_attempts = 4 ; Defines if caching of NetBox objects is used or not. If problems with unresolved ; dependencies occur, switching off caching might help. ;use_caching = True ; The location of the directory where the cache files should be stored ;cache_directory_location = cache ;;; ;;; [source/*] ;;; ;;; Controls the parameters of a defined source. The string past the slash will be used as ;;; a sources name. Sources can be defined multiple times to represent different sources. ;;; [source/my-vcenter-example] ; Defines if this source is enabled or not ;enabled = True ; type of source. This defines which source handler to use type = vmware ; host name / IP address of the vCenter host_fqdn = vcenter.example.com ; TCP port to connect to ;port = 443 ; username to use to log into vCenter username = vcenter-readonly ; password to use to log into vCenter password = super-secret ; Enforces TLS certificate validation. If vCenter uses a valid TLS certificate then this ; option should be set to 'true' to ensure a secure connection. ;validate_tls_certs = False ; EXPERIMENTAL: Connect to a vCenter using a proxy server (socks proxies are not ; supported). define a host name or an IP address ;proxy_host = 10.10.1.10 ; EXPERIMENTAL: Connect to a vCenter using a proxy server (socks proxies are not ; supported). define proxy server port number ;proxy_port = 3128 ; IP networks eligible to be synced to NetBox. If an IP address is not part of this ; networks then it WON'T be synced to NetBox. To excluded small blocks from bigger IP ; blocks a leading '!' has to be added ;permitted_subnets = 172.16.0.0/12, 10.0.0.0/8, 192.168.0.0/16, fd00::/8, !10.23.42.0/24 ; filter options ; filters can be used to include/exclude certain objects from importing into NetBox. ; Include filters are checked first and exclude filters after. An object name has to pass ; both filters to be synced to NetBox. If a filter is unset it will be ignored. Filters ; are all treated as regex expressions! If more then one expression should match, a '|' ; needs to be used ; ; Example: (exclude all VMs with "replica" in their name and all VMs starting with ; "backup"): vm_exclude_filter = .*replica.*|^backup.* ; If a cluster is excluded from sync then ALL VMs and HOSTS inside the cluster will be ; ignored! a cluster can be specified as "Cluster-name" or "Datacenter-name/Cluster-name" ; if multiple clusters have the same name ;cluster_exclude_filter = ;cluster_include_filter = ; This will only include/exclude the host, not the VM if Host is part of a multi host ; cluster ;host_exclude_filter = ;host_include_filter = ; simply include/exclude VMs ;vm_exclude_filter = ;vm_include_filter = ; defines a comma separated list of vCenter tags which (if assigned to a VM) will exclude ; this VM from being synced to NetBox. The config option 'vm_tag_source' determines which ; tags are collected for VMs. ;vm_exclude_by_tag_filter = tag-a, tag-b ; relations options ; This option defines which vCenter cluster is part of a NetBox site. ; This is done with a comma separated key = value list. ; key: defines the cluster name as regex ; value: defines the NetBox site name (use quotes if name contains commas) ; This is a quite important config setting as IP addresses, prefixes, VLANs ; and VRFs are site dependent. In order to assign the correct prefix to an IP ; address it is important to pick the correct site. ; A VM always depends on the cluster site relation ; a cluster can be specified as "Cluster-name" or ; "Datacenter-name/Cluster-name" if multiple clusters have the same name. ; When a vCenter cluster consists of hosts from multiple NetBox sites, ; it is possible to leave the site for a NetBox cluster empty. All VMs from ; this cluster will then also have no site reference. ; The keyword "" can be used as a value for this. ;cluster_site_relation = Cluster_NYC = New York, Cluster_FFM.* = Frankfurt, Datacenter_TOKIO/.* = Tokio, Cluster_MultiSite = ; Same as cluster site but on host level. If unset it will fall back to ; cluster_site_relation ;host_site_relation = nyc02.* = New York, ffm01.* = Frankfurt ; This option defines which cluster/host/VM belongs to which tenant. ; This is done with a comma separated key = value list. ; key: defines a hosts/VM name as regex ; value: defines the NetBox tenant name (use quotes if name contains commas) ; a cluster can be specified as "Cluster-name" or ; "Datacenter-name/Cluster-name" if multiple clusters have the same name ;cluster_tenant_relation = Cluster_NYC.* = Customer A ;host_tenant_relation = esxi300.* = Infrastructure ;vm_tenant_relation = grafana.* = Infrastructure ; This option defines custom platforms if the VMWare created platforms are not suitable. ; Pretty much a mapping of VMWare platform name to your own platform name. ; This is done with a comma separated key = value list. ; key: defines a VMWare returned platform name as regex ; value: defines the desired NetBox platform name ;host_platform_relation = VMware ESXi 7.0.3 = VMware ESXi 7.0 Update 3o ;vm_platform_relation = centos-7.* = centos7, microsoft-windows-server-2016.* = Windows2016 ; Define the NetBox device role used for hosts. The default is ; set to "Server". This is done with a comma separated key = value list. ; key: defines host(s) name as regex ; value: defines the NetBox role name (use quotes if name contains commas) ;host_role_relation = .* = Server ; Define the NetBox device role used for VMs. This is done with a ; comma separated key = value list, same as 'host_role_relation'. ; key: defines VM(s) name as regex ; value: defines the NetBox role name (use quotes if name contains commas) ;vm_role_relation = .* = Server ; Define NetBox tags which are assigned to a cluster, host or VM. This is ; done with a comma separated key = value list. ; key: defines a hosts/VM name as regex ; value: defines the NetBox tag (use quotes if name contains commas) ; a cluster can be specified as "Cluster-name" or ; "Datacenter-name/Cluster-name" if multiple clusters have the same name ;cluster_tag_relation = Cluster_NYC.* = Infrastructure ;host_tag_relation = esxi300.* = Infrastructure ;vm_tag_relation = grafana.* = Infrastructure ; Try to find existing host based on serial number. This can cause issues with blade ; centers if VMWare does not report the blades serial number properly. ;match_host_by_serial = True ; Attempt to collect asset tags from vCenter hosts ;collect_hardware_asset_tag = True ; Attempt to collect serials from vCenter hosts ;collect_hardware_serial = True ; Perform a reverse lookup for all collected IP addresses. If a dns name was found it will ; be added to the IP address object in NetBox ;dns_name_lookup = True ; use custom DNS server to do the reverse lookups ;custom_dns_servers = 192.168.1.11, 192.168.1.12 ; define how the primary IPs should be set ; possible values: ; ; always: will remove primary IP from the object where this address is ; currently set as primary and moves it to new object ; ; when-undefined: ; only sets primary IP if undefined, will cause ERRORs if same IP is ; assigned more then once to different hosts and IP is set as the ; objects primary IP ; ; never: don't set any primary IPs, will cause the same ERRORs ; as "when-undefined" ;set_primary_ip = when-undefined ; Do not sync notes from a VM in vCenter to the comments field on a VM in netbox ;skip_vm_comments = False ; Do not sync template VMs ;skip_vm_templates = True ; Skip virtual machines which are reported as offline. ; ATTENTION: this option will keep purging stopped VMs if activated! ;skip_offline_vms = False ; If the VMware Site Recovery Manager is used to can skip syncing placeholder/replicated ; VMs from fail-over site to NetBox. ;skip_srm_placeholder_vms = False ; strip domain part from host name before syncing device to NetBox ;strip_host_domain_name = False ; strip domain part from VM name before syncing VM to NetBox ;strip_vm_domain_name = False ; tag source options ; sync tags assigned to clusters, hosts and VMs in vCenter to NetBox ; INFO: this requires the installation of the 'vsphere-automation-sdk', ; see docs about installation possible values: ; * object : the host or VM itself ; * parent_folder_1 : the direct folder this object is organized in (1 level up) ; * parent_folder_2 : the indirect folder this object is organized in (2 levels up) ; * cluster : the cluster this object is organized in ; * datacenter : the datacenter this object is organized in ; this is a comma separated list of options. example: vm_tag_source = object, cluster ; ; Example: vm_tag_source = object, cluster ;cluster_tag_source = ;host_tag_source = ;vm_tag_source = ; sync custom attributes defined for hosts and VMs in vCenter to NetBox as custom fields ;sync_custom_attributes = False ; custom object attributes options ; add arbitrary host/vm object attributes as custom fields to NetBox. ; multiple attributes can be defined comma separated. ; to get a list of available attributes use '-l DEBUG3' as cli param (CAREFUL: output might be long) ; and here 'https://gist.github.com/bb-Ricardo/538768487bdac4efafabe56e005cb4ef' can be seen how to ; access these attributes ;host_custom_object_attributes = summary.runtime.bootTime ;vm_custom_object_attributes = config.uuid ; this will set the sources name as cluster group name instead of the datacenter. This ; works if the vCenter has ONLY ONE datacenter configured. Otherwise it will rename all ; datacenters to the source name! ;set_source_name_as_cluster_group = False ; activating this option will also include "dummy/virtual" interfaces which are only ; visible inside the VM and are exposed through VM guest tools. Dummy interfaces without ; an IP address will be skipped. ;sync_vm_dummy_interfaces = False ; VLAN syncing options ; These options control if VLANs are sync to NetBox or if some VLANs are excluded from sync. ; The exclude options can contain the site name as well (site-name/vlan). Site names and VLAN ; names can be regex expressions. VLAN IDs can be single IDs or ranges. ; disables syncing of any VLANs visible in vCenter to NetBox ;disable_vlan_sync = False ;vlan_sync_exclude_by_name = New York/Storage, Backup, Tokio/DMZ, Madrid/.* ;vlan_sync_exclude_by_id = Frankfurt/25, 1023-1042 ; adds a relation to assign VLAN groups to matching VLANs by name. Same matching rules as ; the exclude_by_name option uses are applied. If name and id relations are defined, the ; name relation takes precedence. Fist match wins. Only newly discovered VLANs which are ; not present in NetBox will be assigned a VLAN group. Supported scopes for a VLAN group ; are "site", "site-group", "cluster" and "cluster-group". Scopes are buggy in NetBox ; https://github.com/netbox-community/netbox/issues/18706 ;vlan_group_relation_by_name = London/Vlan_.* = VLAN Group 1, Tokio/Vlan_.* = VLAN Group 2 ; adds a relation to assign VLAN groups to matching VLANs by ID. Same matching rules as ; the exclude_by_id option uses are applied. Fist match wins. Only newly discovered VLANs ; which are not present in NetBox will be assigned a VLAN group. ;vlan_group_relation_by_id = 1023-1042 = VLAN Group 1, Tokio/2342 = VLAN Group 2 ; enabling this option will add the ESXi host this VM is running on to the VM details ;track_vm_host = False ; define if the name of the device interface discovered overwrites the interface name in ; NetBox. The interface will only be matched by identical MAC address ;overwrite_device_interface_name = True ; define if the name of the VM interface discovered overwrites the interface name in ; NetBox. The interface will only be matched by identical MAC address ;overwrite_vm_interface_name = True ; define if the platform of the device discovered overwrites the device platform in ; NetBox. ;overwrite_device_platform = True ; define if the platform of the VM discovered overwrites the VM platform in NetBox. ;overwrite_vm_platform = True ; set a matching value for ESXi host management interface description (case insensitive, ; comma separated). Used to figure out the ESXi primary IP address ;host_management_interface_match = management, mgmt ; define in which order the IP address tenant will be assigned if tenant is undefined. ; possible values: ; * device : host or VM tenant will be assigned to the IP address ; * prefix : if the IP address belongs to an existing prefix and this prefix has a tenant assigned, then this one is used ; * disabled : no tenant assignment to the IP address will be performed ; the order of the definition is important, the default is "device, prefix" which means: ; If the device has a tenant then this one will be used. If not, the prefix tenant will be used if defined ;ip_tenant_inheritance_order = device, prefix ; Usually netbox-sync grabs the MTU size for the VM interface from the ESXi hosts vSwitch. ; If this is not fitting or incorrect it is possible to disable the synchronisation by ; setting this option to 'False' ;sync_vm_interface_mtu = True ; defines a comma separated list of MAC addresses which should be excluded from sync. Any ; host NIC with a matching MAC address will be excluded from sync. ;host_nic_exclude_by_mac_list = AA:BB:CC:11:22:33, 66:77:88:AA:BB:CC ; defines a comma separated list of custom attribute which should be excluded from sync. ; Any custom attribute with a matching attribute key will be excluded from sync. ;custom_attribute_exclude = VB_LAST_BACKUP, VB_LAST_BACKUP2 ; In NetBox version 4.1.0 and newer the VM disk and RAM values are displayed in power of ; 10 instead of power of 2. If this values is set to true 4GB of RAM will be set to a ; value of 4000 megabyte. If set to false 4GB of RAM will be reported as 4096MB. The same ; behavior also applies for VM disk sizes. ;vm_disk_and_ram_in_decimal = True [source/my-redfish-example] ; Defines if this source is enabled or not ;enabled = True ; type of source. This defines which source handler to use type = check_redfish ; define the full path where the check_redfish inventory json files are located inventory_file_path = /full/path/to/inventory/files ; IP networks eligible to be synced to NetBox. If an IP address is not part of this ; networks then it WON'T be synced to NetBox. To excluded small blocks from bigger IP ; blocks a leading '!' has to be added ;permitted_subnets = 172.16.0.0/12, 10.0.0.0/8, 192.168.0.0/16, fd00::/8, !10.23.42.0/24 ; define if the host name discovered via check_redfish overwrites the device host name in ; NetBox ;overwrite_host_name = False ; define if the name of the power supply discovered via check_redfish overwrites the power ; supply name in NetBox ;overwrite_power_supply_name = False ; define if existing power supply attributes are overwritten with data discovered via ; check_redfish if False only data which is not preset in NetBox will be added ;overwrite_power_supply_attributes = True ; define if the name of the interface discovered via check_redfish overwrites the ; interface name in NetBox ;overwrite_interface_name = False ; define if existing interface attributes are overwritten with data discovered via ; check_redfish if False only data which is not preset in NetBox will be added ;overwrite_interface_attributes = False ; define in which order the IP address tenant will be assigned if tenant is undefined. ; possible values: ; * device : host or VM tenant will be assigned to the IP address ; * prefix : if the IP address belongs to an existing prefix and this prefix has a tenant assigned, then this one is used ; * disabled : no tenant assignment to the IP address will be performed ; the order of the definition is important, the default is "device, prefix" which means: ; If the device has a tenant then this one will be used. If not, the prefix tenant will be used if defined ;ip_tenant_inheritance_order = device, prefix ;EOF