Add guided SNMP discovery to v0.1 scope

docs/agent-handoff.md

@@ -34,6 +34,7 @@ OrbitalWard is a secure monitoring appliance focused on the v0.1 vertical slice:
 - Alert rules, incident opening/resolution, acknowledge, silence, and webhook notifications.
 - Generic webhook, Mattermost, and Zoom Team Chat notification channels.
 - Saved webhook URLs encrypted at rest and not returned to the UI.
+- Guided SNMP device discovery is v0.1 scope, but not yet implemented.
 
 ## Verification State
 
@@ -75,7 +76,7 @@ Issue source docs:
 - `docs/progress.md`
 - `docs/roadmap.md`
 
-Current completed items include TLS expiry monitor support, HTTP/website checks, ping and TCP port checks, basic alert evaluation, incident actions, and webhook notification channels. The next recommended implementation issue is alert rule editing UI.
+Current completed items include TLS expiry monitor support, HTTP/website checks, ping and TCP port checks, basic alert evaluation, incident actions, and webhook notification channels. The next recommended implementation issue is alert rule editing UI, followed by guided SNMP discovery and monitor selection.
 
 ## Guardrails
 

docs/discovery-design.md

@@ -27,4 +27,43 @@ This prevents every monitor from automatically becoming an alert source.
 
 ## Friendly SNMP
 
+SNMP is part of the v0.1 guided discovery scope. A user should be able to add a device, test SNMP access, discover what the device exposes, and choose what to monitor.
+
 The normal UI must not show raw OIDs. SNMP profiles should translate implementation details into friendly labels such as interface names, traffic counters, status, errors, uptime, CPU, and memory.
+
+Initial SNMP discovery workflow:
+
+```text
+Add device
+Enter host/IP and SNMP credential profile
+Test SNMP access
+Identify device basics
+Load available friendly profiles
+Discover monitorable items
+Show interfaces and device health items with friendly names
+User selects what to monitor
+User separately selects what should alert
+Create monitors and optional alert rules
+```
+
+Initial monitorable SNMP items:
+
+- Device uptime
+- Interface admin and operational status
+- Interface speed and friendly description
+- Interface inbound and outbound traffic counters
+- Interface errors and discards
+- CPU and memory when supported by a device profile
+
+SNMP versions:
+
+- SNMPv2c can be the first implementation path for simple networks.
+- SNMPv3 should be supported once the credential workflow can store reusable authenticated/encrypted profiles safely.
+
+Out of v0.1 scope:
+
+- SNMP traps
+- Topology mapping
+- NetFlow/sFlow
+- Config backup
+- Full NMS-style device templates

docs/gitea-issues.md

@@ -47,6 +47,12 @@
 33. Add README setup instructions
 34. Add architecture documentation
 35. Add security documentation
+36. Add SNMP credential profile support
+37. Add SNMP device discovery API
+38. Add guided SNMP discovery UI
+39. Create monitors from SNMP discovery selections
+40. Add SNMP interface status and traffic collection
+41. Add SNMP profile mapping for friendly metric names
 
 ## Current Implementation Snapshot
 
@@ -64,3 +70,5 @@ Completed in the initial scaffold:
 - Configurable notification post username.
 
 Recommended next Gitea issues are listed in [progress.md](progress.md).
+
+Guided SNMP discovery is v0.1 scope. The first SNMP slice should let a user add a device, test SNMP access, discover friendly monitorable items, choose what to monitor, and separately choose what should alert.

docs/progress.md

@@ -48,6 +48,8 @@ Implemented notification slice:
 - User management UI is not implemented.
 - Role management is basic and needs full admin flows.
 - Alert rule editing UI is not implemented.
+- Guided SNMP device discovery and friendly SNMP monitor selection are not implemented yet.
+- SNMP credential profiles, interface status, traffic counters, errors, uptime, CPU, and memory checks are not implemented yet.
 - Notification routing/policies are not implemented; all enabled webhook channels receive incident notifications.
 - Email/SMTP notifications are not implemented yet.
 - Graphing exists only as placeholders; metric visualization is not implemented.
@@ -58,13 +60,16 @@ Implemented notification slice:
 ## Recommended Next Work
 
 1. Add alert rule editing UI and richer alert conditions.
-2. Add notification policy/routing controls.
-3. Add email/SMTP notification channel.
-4. Add audit event writes for auth, monitor, credential, notification, and incident actions.
-5. Build credential vault UI with masked secret handling.
-6. Add user administration UI.
-7. Add graphs for website response time and monitor status history.
-8. Add backend and worker tests for the website-monitor and notification flows.
+2. Add SNMP credential profiles and guided SNMP device discovery.
+3. Add SNMP discovery selection UI to choose what to monitor and alert on.
+4. Add SNMP interface status, traffic, errors, uptime, CPU, and memory collection.
+5. Add notification policy/routing controls.
+6. Add email/SMTP notification channel.
+7. Add audit event writes for auth, monitor, credential, notification, and incident actions.
+8. Build credential vault UI with masked secret handling.
+9. Add user administration UI.
+10. Add graphs for website response time and monitor status history.
+11. Add backend and worker tests for the website-monitor and notification flows.
 
 ## Operational Notes
 

docs/roadmap.md

@@ -6,6 +6,8 @@
 - PostgreSQL, Alembic, API service, worker service, and frontend app
 - Assets, credentials, monitors, alert rules, incidents, and notification channels
 - HTTP/HTTPS status checks, expected text checks, TLS expiry checks
+- Guided SNMP device discovery with friendly monitor selection
+- SNMP interface status, traffic, error, uptime, CPU, and memory monitor foundations
 - Alert evaluation, incident acknowledgement, silence, and notification history
 - Email, Mattermost, Zoom Team Chat, and generic webhook notification foundations
 - Basic dashboard, website monitor creation, alert center, credential vault, and admin pages