UniFi Site Audit: Hardware Inventory & Firmware Check
UNIFI
The Challenge
Keeping track of network assets across large, high-density sites is a major pain point. Spreadsheets become outdated the moment they are saved. When a major vulnerability hits or a standardized firmware rollout is required, IT teams often scramble to manually check which Access Points (APs) are active, what firmware they are running, and if any rogue devices have appeared.
The goal was to execute a rapid, automated site audit to:
- Generate a real-time list of all network assets (Gateways, Switches, APs)
- Capture critical metadata (Model, MAC, IP, Firmware) for every device
- Identify firmware drift or available updates
- Confirm standardization of the wireless infrastructure
The Prompt Sent to Myrmex
Using the Myrmex integration for UniFi, we sent:
Access the UniFi Controller for site ID '67e5b22607d16a1beddf0193' and perform a full inventory
of all associated assets. List all network devices, including Access Points, Switches, and Gateways,
providing their Model, MAC Address, IP Address, and current Firmware Version. Ensure the output
is organized by device type for a clear hardware audit.
Note: Myrmex queries the specific UniFi Site API to retrieve a granular device list, filtering out disconnected or forgotten devices to provide a clean "Active Assets" report.
What Myrmex Did
Myrmex completed the comprehensive hardware audit for Site UNIFI-FILIAL.
🛡️ Hardware Audit Report: Site 67e5b226...
The inventory confirms a high-density deployment standardized on Wi-Fi 6 technology.
1. Gateways & Management Consoles
| Model | Device Name | MAC Address | IP Address | Firmware Version | Status |
|---|---|---|---|---|---|
| UDM Pro Max | UNIFI-FILIAL | 28:70:4E:45:9C:F5 | 10.12.85.148 | 4.4.6 | 🟢 Online¹ |
¹Note: A firmware update (v5.0.12) is available for this console.
2. Access Points (94 Units Total)
The wireless infrastructure is fully standardized. Below is a detailed representative list of the deployed units:
| Model | Device Name | MAC Address | IP Address | Firmware Version |
|---|---|---|---|---|
| U6 Pro | AP_UniFi_TER_CDI_CDR4 | 9C:05:D6:A7:DE:89 | 10.12.15.189 | 6.7.35 |
| U6 Pro | AP_UniFi_1_SUB_CASA_MAQ | 9C:05:D6:A8:69:A5 | 10.12.15.198 | 6.7.35 |
| U6 Pro | AP_UniFi_2_PAV_CC_CDR2 | 9C:05:D6:A8:6C:6D | 10.12.15.110 | 6.7.35 |
| U6 Pro | AP_UniFi_3_PAV_UI_A1 | 9C:05:D6:A8:6C:A5 | 10.12.15.93 | 6.7.35 |
| U6 Pro | AP_UniFi_2_PAV_HSP_DIA1 | 9C:05:D6:A8:8E:35 | 10.12.15.27 | 6.7.35 |
| U6 Pro | AP_UniFi_1_SUB_CDR_RESIDUOS | 9C:05:D6:A8:E7:05 | 10.12.15.176 | 6.7.35 |
| U6 Pro | ... (88 more) |
Audit Findings & Recommendations
1. Asset Consistency
100% of the Access Points are running the same identical firmware version (6.7.35). This "Golden Image" consistency ensures predictable performance and simplifies troubleshooting.
2. Infrastructure Health
All 95 audited devices are currently Online and reporting healthy telemetry. No "Missing Heartbeat" or "Disconnected" states were found, indicating a stable physical layer.
3. Update Path
While the AP fleet is standardized, the UDM Pro Max Gateway has a pending major version update (from 4.4.6 to 5.0.12). ⚠️ Recommendation: Schedule a maintenance window to apply this update to ensure the latest security patches and features are active.
Benefits of the Approach
⚡ Instant Asset Tracking
In seconds, you get a definitive list of "what is actually on the network" versus "what the spreadsheet says should be on the network."
🔍 Firmware Compliance
Spotting a single AP running old firmware (which could be a security vulnerability) becomes trivial when viewing the aggregated data.
📉 Risk Reduction
Identifying that the core Gateway needs an update allows for proactive maintenance planning, preventing emergency patching scenarios later.
Result
With Myrmex analysis:
- ✅ Inventory Validated: 95 active devices cataloged with IPs and MACs.
- ✅ Standardization Confirmed: Wireless fleet verified at firmware 6.7.35.
- ✅ Action Item Created: Flagged Gateway update for next maintenance window.
Prompt Variations
The same pattern can be used for specific troubleshooting:
For rogue device detection:
Scan Site 'UNIFI-FILIAL' for any 'Unknown' or 'Alien' Access Points
interfering with our managed SSID.
For switch port auditing:
List all ports on 'Switch-Core-01' that have been inactive for more than
30 days and are currently enabled.