LibreNMS Oxidized Integration Guide

Discover the ultimate LibreNMS Oxidized Integration Guide! Automate network backups, track every config change, and secure your infrastructure with ease. Don’t risk downtime or compliance issues—learn how to set up LibreNMS with Oxidized today before your next outage strikes. #centlinux #linux #librenms #oxidized

Introduction to LibreNMS and Oxidized

What is LibreNMS?

LibreNMS is a powerful, open-source network monitoring system designed to give administrators full visibility into their IT infrastructure. It provides features like auto-discovery, customizable alerts, graphing, and reporting, all wrapped in a user-friendly web interface. Unlike some proprietary tools, LibreNMS supports a wide range of devices through SNMP, API integrations, and community-driven contributions. For network engineers, it’s not just a monitoring tool but a central hub for infrastructure health.

Imagine having hundreds of switches, routers, and servers in your network. Keeping track of their status manually would be nearly impossible. LibreNMS steps in as your watchdog—it keeps an eye on uptime, performance, and resource usage, ensuring you know immediately when something goes wrong. Its strength lies in automation: it automatically discovers devices, maps them, and presents insights without demanding too much manual intervention.

LibreNMS is also loved for its flexibility. You can integrate it with Slack, PagerDuty, Microsoft Teams, or other platforms to send alerts directly to your team. It also works with plugins, giving you room to expand its functionality, which is where Oxidized comes into play.

What is Oxidized?

Oxidized is an open-source network configuration backup tool built to simplify and automate one of the most tedious tasks in networking—backing up device configurations. Inspired by RANCID, Oxidized was developed with modern web-based management and Git integration in mind. It’s written in Ruby and designed to work efficiently with multiple devices, supporting a wide variety of vendors out of the box.

Think of Oxidized as a time machine for your network. Every time a device configuration changes, Oxidized detects it, records the change, and stores it in a version-controlled system like Git. This means you can see exactly when a change was made, who made it, and what was modified. If something goes wrong after a configuration update, you can roll back to a previous version in minutes.

Its integration with LibreNMS makes it even more powerful. Instead of manually adding devices, Oxidized can pull device data directly from LibreNMS, ensuring every router or switch you manage is backed up without extra effort.

Why Integrate LibreNMS with Oxidized?

On their own, LibreNMS and Oxidized are great tools. But when integrated, they become a network engineer’s dream team. LibreNMS continuously monitors devices and discovers new ones, while Oxidized ensures that every device’s configuration is safely backed up and versioned. Together, they provide both visibility and security.

Imagine this scenario: a junior engineer makes a configuration change on a core switch that unexpectedly causes downtime. Without Oxidized, rolling back could take hours, especially if the previous configuration wasn’t saved. With LibreNMS feeding devices into Oxidized, you already have an up-to-date backup. Within minutes, you can restore the device to its last working state.

The integration also reduces human error. Since devices are automatically added from LibreNMS into Oxidized, there’s no need to manually maintain a list of devices in two systems. This makes the setup more efficient and less prone to misconfigurations.

If you’re serious about mastering IT infrastructure monitoring, the Zabbix Application and Network Monitoring by Sean Bradley course is a must-have resource. This practical training walks you through real-world scenarios to monitor servers, applications, and networks with confidence, making it ideal for system administrators, DevOps engineers, and IT professionals aiming to level up their skills. By enrolling, you’ll gain hands-on knowledge that can save countless hours in troubleshooting and system management. [Click here to check out the course] (Disclaimer: This link is an affiliate link, which means I may earn a small commission at no extra cost to you if you decide to purchase through it. This helps support my blog and allows me to continue creating useful content.)

Benefits of Using LibreNMS with Oxidized

Automated Network Configuration Backups

One of the standout benefits of this integration is automation. In large networks, backing up device configurations manually is nearly impossible. With LibreNMS and Oxidized working together, every device added to LibreNMS is automatically pulled into Oxidized’s inventory. This ensures no device is forgotten and every configuration is backed up regularly without requiring manual input.

Automation also minimizes downtime risks. If a configuration file gets corrupted or a device fails after an update, the last working configuration is always available. You don’t have to scramble to recreate the setup from memory or outdated notes—the system has already taken care of it.

For growing businesses, automation also means scalability. Whether you manage 50 devices or 5,000, the process remains consistent. Oxidized scales effortlessly while LibreNMS ensures that all devices are kept in sync.

Version Control and Rollback Features

Unlike traditional backup methods that overwrite old files, Oxidized integrates with version control systems such as Git. This means every configuration change is recorded as a commit, creating a historical record of all modifications. You can easily compare versions side by side to see exactly what was changed.

Let’s say you notice a routing issue in your network after a configuration update. Instead of blindly troubleshooting, you can check Oxidized’s Git history, identify the specific change, and roll back to a previous version. This feature alone can save countless hours of downtime.

Version control also promotes accountability. By maintaining a clear history of changes, teams can track who made updates and when. This improves transparency and makes audits easier, especially for organizations that need to meet compliance requirements like PCI-DSS or HIPAA.

Enhanced Network Monitoring

When combined, LibreNMS and Oxidized provide not just monitoring and backups but also intelligent network management. LibreNMS identifies and tracks devices, while Oxidized ensures their configurations are preserved. Together, they create a system that not only tells you when a device is down but also gives you the tools to restore it quickly.

This integration also enhances troubleshooting. For example, if LibreNMS alerts you that a device is behaving strangely, you can cross-check recent configuration changes in Oxidized to see if they’re the cause. This correlation between performance data and configuration history makes problem resolution faster and more effective.

Improved Security and Compliance

In today’s cybersecurity landscape, configuration management is a critical aspect of security. Misconfigurations are one of the leading causes of vulnerabilities in networks. By keeping an accurate history of device configurations, Oxidized helps ensure that you can quickly identify unauthorized changes.

For compliance-driven industries, having configuration backups and version control isn’t optional—it’s mandatory. Regulations often require organizations to demonstrate proper change management and backup strategies. The integration of LibreNMS with Oxidized makes it easier to meet these requirements without additional overhead.

Furthermore, by automating the backup process and storing configurations in a secure repository, you reduce the risk of losing critical information during hardware failures or security incidents.

Preparing Your Environment for Integration

System Requirements

Before diving into installation, you need to ensure your system meets the basic requirements for running both LibreNMS and Oxidized. While both tools are lightweight compared to some enterprise solutions, they still demand a stable environment.

For LibreNMS:

• A Linux-based server (Ubuntu, Debian, or CentOS recommended)
• Minimum 2 CPU cores and 4GB RAM for small setups (more for larger networks)
• MySQL/MariaDB, PHP, and Nginx/Apache
• SNMP-enabled devices

For Oxidized:

• Ruby (latest stable version) – (Refer to: Install Ruby on Rails in Rocky Linux 9)
• Required Ruby Gems (such as oxidized-script and oxidized-web)
• Git (for version control) – (Refer to: How to install Git on Rocky Linux 9)
• 1 CPU core and 1GB RAM (can scale higher for larger environments)

Storage also plays a role. Since Oxidized stores every configuration version, you’ll need reliable hardware to keep everything running smoothly. While text files aren’t huge, thousands of devices over several years can accumulate a significant archive.

For small to medium networks, a powerful mini PC can serve as a dedicated Oxidized box, offering quiet performance with low power consumption. [Shop for a Mini PC at Amazon]

If you’re managing larger environments or prefer cloud-based scalability, a Hostinger VPS is a cost-effective choice, giving you flexible storage, backups, and easy upgrades as your network grows. [Get premium Hostinger VPS hosting at a lower price with our affiliate link]

Prerequisites and Dependencies

Both LibreNMS and Oxidized have a few dependencies that must be installed beforehand. LibreNMS requires a LAMP/LEMP stack along with SNMP tools, while Oxidized needs Ruby, Git, and essential libraries like libssl-dev and libsqlite3-dev.

You should also set up proper user permissions. Running Oxidized as root is not recommended. Instead, create a dedicated oxidized user for security reasons. Similarly, LibreNMS should be installed under a non-root user with appropriate privileges.

Networking is another prerequisite. Ensure that LibreNMS can communicate with Oxidized over HTTP/HTTPS. If they’re running on separate servers, configure firewalls accordingly.

Choosing the Right Deployment Method

Depending on your environment, you can deploy LibreNMS and Oxidized in different ways:

1. On the same server – Ideal for small networks where resource consumption is minimal.
2. On separate servers – Recommended for larger environments to distribute load and improve performance.
3. Using containers (Docker) – A flexible method that simplifies installation, upgrades, and scalability.
4. Virtualized or cloud-based deployments – For organizations that rely on AWS, Azure, or VMware environments.

The best deployment method depends on your network size, available resources, and existing infrastructure strategy. Many administrators prefer running them separately to avoid resource conflicts and improve fault isolation.

Step-by-Step Installation of Oxidized

Installing Oxidized on Linux (Ubuntu/Debian/CentOS)

Oxidized can be installed on most Linux distributions. Let’s walk through the installation process for Ubuntu/Debian first, followed by CentOS.

For Ubuntu/Debian:

sudo apt update  
sudo apt install -y git ruby ruby-dev libsqlite3-dev libssl-dev make cmake pkg-config  
sudo gem install oxidized  
sudo gem install oxidized-script oxidized-web  

For CentOS/RHEL:

sudo yum install -y git ruby ruby-devel sqlite sqlite-devel gcc gcc-c++ make cmake  
sudo gem install oxidized  
sudo gem install oxidized-script oxidized-web  

Once installed, create a dedicated oxidized user:

sudo adduser oxidized  
sudo su - oxidized  
oxidized --init  

This initializes Oxidized and creates its default configuration directory.

Installing Required Ruby Gems and Dependencies

Oxidized relies heavily on Ruby gems to extend its functionality. The two most important are:

• oxidized-script – Allows external scripts to interact with Oxidized.
• oxidized-web – Provides a web interface for managing and viewing backups.

These can be installed using:

gem install oxidized-script oxidized-web  

Ensure that all dependencies are updated regularly. Outdated gems can lead to compatibility issues, especially when integrating with LibreNMS.

Creating the Oxidized User and Configuration Files

Once installed, you need to configure Oxidized. Its main configuration file is config, usually located in ~/.config/oxidized/config. Here’s a sample configuration:

---
username: admin
password: yourpassword
model: ios
interval: 3600
log: ~/.config/oxidized/logs
use_syslog: false
debug: false
threads: 30
timeout: 20
retries: 3
prompt: !ruby/regexp /^([\w.@-]+[#>]\s?)$/
rest: 127.0.0.1:8888

This defines how Oxidized will connect to devices, how often it will back them up, and where logs will be stored.

You can also configure Oxidized to use Git for version control:

output:
  default: git
  git:
    user: Oxidized
    email: oxidized@example.com
    repo: "/home/oxidized/.config/oxidized/configs.git"

With this setup, every configuration change is committed to a Git repository, giving you full version history.

Configuring LibreNMS Oxidized Integration

efore configuring Oxidized with LibreNMS, ensure you already have a running LibreNMS server. If you haven’t set one up yet, don’t worry—you can easily get started by following our step-by-step LibreNMS installation guide.

Enabling Oxidized in LibreNMS

LibreNMS comes with built-in support for Oxidized. To enable it:

1. Log in to your LibreNMS web interface.
2. Navigate to Global Settings > External Settings > Oxidized.
3. Enable Oxidized support and specify the Oxidized API endpoint (e.g., http://127.0.0.1:8888).

LibreNMS will now send device information to Oxidized, ensuring new devices are automatically added for configuration backups.

Setting Up API and Webhooks

Oxidized exposes a REST API that LibreNMS uses to communicate. Make sure the API is properly configured in your oxidized config file:

rest: 0.0.0.0:8888

For security, restrict access to trusted IPs or use reverse proxy authentication with Nginx/Apache.

LibreNMS also supports webhooks, allowing it to notify Oxidized whenever a new device is added. This ensures immediate synchronization between both systems.

Testing the Connection Between LibreNMS and Oxidized

To verify the integration:

1. Add a new device in LibreNMS.
2. Check Oxidized’s web interface or Git repository to confirm the device’s configuration has been backed up.
3. If the backup fails, check Oxidized logs (~/.config/oxidized/logs) for errors.

Once tested successfully, your integration is complete. From this point onward, LibreNMS will feed devices into Oxidized, and Oxidized will keep their configurations safe.

Managing Device Backups with Oxidized

Adding Devices Automatically from LibreNMS

One of the most useful aspects of integrating LibreNMS with Oxidized is the automation of device management. Normally, Oxidized requires manual entry of devices into its configuration file, which can quickly become unmanageable in a large network. With LibreNMS Oxidized integration, this process becomes seamless. Every device you add to LibreNMS—whether it’s a router, switch, firewall, or even a wireless controller—can be automatically pushed to Oxidized.

This is achieved by enabling Oxidized integration in LibreNMS and pointing it to Oxidized’s REST API. Once enabled, LibreNMS handles the synchronization process in the background. For administrators, this eliminates the risk of forgetting to add a device for backup. It also means you don’t have to maintain two separate inventories: LibreNMS for monitoring and Oxidized for backups.

Think of it as a synchronized notebook. Every time you jot down a new device in LibreNMS, Oxidized instantly makes a backup entry for it, ensuring full coverage. This not only saves time but also ensures consistency across your network management tools.

Scheduling Regular Backups

By default, Oxidized runs on a polling interval. That means it checks your devices at regular intervals (for example, every hour) and pulls their latest configurations. You can adjust this interval in the config file to suit your needs.

For example, if you want Oxidized to back up device configs every 30 minutes, you can set:

interval: 1800

This scheduling ensures that if someone makes a change on a device, Oxidized will capture it in near real-time. You no longer need to rely on engineers to remember to back up configs manually after making adjustments.

For mission-critical environments, shorter intervals are ideal to capture changes quickly. However, for smaller networks, longer intervals may suffice to reduce load on both the devices and the Oxidized server.

The balance depends on your environment, but the key takeaway is that backups are automatic, reliable, and adjustable based on your requirements.

Managing Backup Repositories (Git Integration)

Oxidized doesn’t just back up configurations—it also integrates with Git to provide version-controlled repositories. This means every configuration change is tracked like a software project.

When a device configuration changes, Oxidized commits the new version into a Git repository with a timestamp. This allows you to:

• View historical changes across time.
• Compare two versions of the same configuration.
• Roll back to a specific commit in case of errors.

To set up Git integration, you can configure Oxidized like this:

output:
  default: git
  git:
    user: Oxidized
    email: oxidized@example.com
    repo: "/home/oxidized/.config/oxidized/configs.git"

With Git in place, your configuration backups are not just stored but also managed intelligently. Teams can clone the repository, browse commits, and even automate rollback scripts. It turns your configuration management into a professional, structured process.

Troubleshooting Common Issues

Fixing Authentication and Permission Errors

One of the most frequent issues administrators face with Oxidized is authentication failures. These usually occur because of incorrect login credentials or device privilege levels. For example, Cisco devices may require both a username/password and an enable password. If these are not correctly configured in Oxidized, backups will fail.

You can specify per-device credentials in the Oxidized configuration file or use groups for different vendors. Always ensure that the user accounts used for Oxidized have read-only access and sufficient privileges to display configurations without making changes.

Another common issue is file permission errors. Since Oxidized runs under its own user, make sure it has the necessary permissions to write to its log and configuration directories. Running Oxidized as root is not recommended for security reasons.

Resolving API Connection Failures

LibreNMS communicates with Oxidized through its REST API. If the API is unreachable, devices will not sync, and backups will fail.

Common causes include:

• Oxidized service not running.
• Firewall blocking the API port (default is 8888).
• Misconfigured rest setting in Oxidized’s config file.

To fix this, check that Oxidized is running with:

systemctl status oxidized

and confirm the API endpoint is accessible with:

curl http://127.0.0.1:8888

If running on separate servers, ensure that the LibreNMS server can reach Oxidized over the network.

Debugging Oxidized Logs

Logs are your best friend when troubleshooting Oxidized. They provide detailed information about connection attempts, failed logins, and command outputs.

The logs are usually located at:

~/.config/oxidized/logs

Enable debug mode in the config file to get more detailed logs:

debug: true

By reviewing these logs, you can identify whether issues are related to authentication, device compatibility, or network connectivity.

Best Practices for LibreNMS and Oxidized

Security Hardening Tips

Since Oxidized stores sensitive device configurations, securing it is critical. Here are some best practices:

• Run Oxidized under a dedicated non-root user.
• Restrict API access to trusted IPs or use a reverse proxy with authentication.
• Store Git repositories in a secure location with restricted permissions.
• Regularly update Ruby and Oxidized to patch vulnerabilities.
• Use encrypted connections (HTTPS/SSH) wherever possible.

Think of your Oxidized server as a vault—it should be locked down and monitored closely.

Backup Retention Policies

While Git handles versioning, you still need a retention policy. Over time, the repository can grow large, especially in networks with frequent configuration changes. Consider:

• Archiving old Git commits.
• Implementing branch-based retention (e.g., keeping only 1 year of history).
• Offloading old backups to long-term storage solutions.

The goal is to strike a balance between having enough history for troubleshooting and audits while not consuming unnecessary disk space.

Performance Optimization

Large networks with thousands of devices can put stress on Oxidized if not optimized. Some performance tips include:

• Increasing the number of worker threads (threads: 30 in config).
• Running Oxidized on a dedicated server or VM.
• Splitting devices into groups based on vendor or region to reduce polling conflicts.
• Using SSD storage for faster Git operations. [Check SSD Prices]

With proper optimization, Oxidized can scale to handle even the largest enterprise networks efficiently.

Real-World Use Cases

ISP Network Management

Internet service providers manage massive infrastructures with routers, switches, and firewalls spread across cities or even countries. For them, losing configuration data could mean extended downtime for thousands of customers.

By integrating LibreNMS with Oxidized, ISPs gain:

• Automated discovery of customer-edge devices.
• Instant configuration backups for every network node.
• Rapid rollback capabilities during outages.

This reduces operational risks and helps ISPs meet customer uptime guarantees.

Enterprise Infrastructure Automation

Large enterprises often have diverse vendor equipment: Cisco for routing, Juniper for firewalls, HP for switches, and so on. Oxidized supports multi-vendor environments out of the box, making it a perfect fit.

In enterprises, Oxidized ensures compliance with IT security policies, while LibreNMS provides monitoring and alerting. Together, they give IT teams a centralized view of both device health and configuration history.

Small Business IT Teams

For small businesses, the challenge isn’t scale—it’s resources. Often, IT teams are small and can’t afford expensive commercial tools. LibreNMS and Oxidized provide enterprise-grade features at no cost.

This combination helps small IT teams:

• Save time by automating backups.
• Reduce reliance on manual processes.
• Protect against accidental misconfigurations.

It’s a budget-friendly yet powerful solution for growing businesses.

Alternatives to LibreNMS Oxidized Integration

RANCID vs Oxidized

Before Oxidized, RANCID (Really Awesome New Cisco config Differ) was the go-to tool for network configuration management. While effective, RANCID is older and less user-friendly compared to Oxidized.

Oxidized improves on RANCID by offering:

• Web interface with search and browsing.
• Git integration for version control.
• Better vendor support.
• Easier integration with monitoring tools like LibreNMS.

Still, some legacy environments continue using RANCID due to familiarity.

Using NetBox with Oxidized

NetBox, a popular open-source IP address management (IPAM) and data center infrastructure management (DCIM) tool, can also integrate with Oxidized. This combination is ideal for teams that need both inventory management and configuration backups.

While NetBox doesn’t replace LibreNMS’s monitoring features, it can serve as an alternative integration point for Oxidized in environments focused on asset tracking.

Read Also: How to install NetBox on RHEL 8

Other Commercial Solutions

If you prefer commercial tools, options like SolarWinds NCM, ManageEngine Network Configuration Manager, or Infoblox NetMRI provide similar features with enterprise support.

However, these come at a cost, often running into thousands of dollars annually. For organizations looking to avoid licensing fees while still getting powerful functionality, LibreNMS and Oxidized remain the best open-source option.

Conclusion

Integrating LibreNMS with Oxidized creates a powerful combination for network administrators. LibreNMS ensures you have complete visibility into device health and performance, while Oxidized guarantees every configuration is backed up, versioned, and recoverable. Together, they provide automation, reliability, and peace of mind—features once only available in expensive enterprise solutions.

Whether you’re running a small IT environment, managing enterprise infrastructure, or overseeing an ISP’s massive network, this integration helps simplify operations, reduce downtime, and ensure compliance. With a proper setup and adherence to best practices, your network management becomes not only more efficient but also more resilient.

Looking for a Linux server expert? I provide top-tier administration, performance tuning, and security solutions for your Linux systems. Explore my Freelancer profile for details!

FAQs

Q1: Can I run LibreNMS and Oxidized on the same server?
Yes, but it’s recommended only for small networks. Larger environments should run them on separate servers to avoid performance bottlenecks.

Q2: How do I secure Oxidized backups?
Use Git repositories with restricted permissions, encrypt backups, and run Oxidized under a non-root user. Adding HTTPS authentication for the API also enhances security.

Q3: What devices are supported by Oxidized?
Oxidized supports a wide range of vendors including Cisco, Juniper, HP, Fortinet, MikroTik, and more. Community contributions constantly expand device compatibility.

Q4: How can I monitor backup failures?
LibreNMS can be configured to alert you if Oxidized fails to back up a device. Additionally, you can monitor Oxidized logs or set up external monitoring scripts.

Q5: Is Oxidized free to use with LibreNMS?
Yes, both LibreNMS and Oxidized are open-source and free to use, making them cost-effective alternatives to commercial solutions.