© 2009 BMC Educational Services Discovery Scripts What Atrium Discovery Will Ask A Host
© 2009 BMC Educational Services
Discovery Scripts
What Atrium Discovery Will Ask A Host
© 2010 BMC Educational Services
Discovery Scripts: Outline
Platforms Methods and scripts Commands
The difference between access types Unix discovery scripts Windows discovery scripts
Slave scripts WMI scripts
© 2010 BMC Educational Services
Discovery Scripts: Platform
Discovery subdivides IP Devices into categories called Platforms that behave in similar ways
Generally a Platform is equivalent to the Operating System
© 2010 BMC Educational Services
Discovery Scripts: Methods
Discovery has a number standard Methods, each of which will try and determine one set of related information from the device
getDeviceInfo
Get basic device properties: os,
name, device type, …
getHostInfo
Get Host properties: kernel, serial, cpu, ram, …
getInterfaceList
Get list of interfaces
getProcessList
Get list of processes
© 2010 BMC Educational Services
For each Platform and each Method Discovery has at least one Script
The Script contains the knowledge of how to gather the information needed by that Method on that Platform
getHostInfo echo 'model:' `uname -i 2>/dev/null`/usr/sbin/prtconf 2>/dev/null | nawk '/^Memory size:/ {print "ram: " $3 "MB"}'
SELECT Name, Manufacturer, Model, Domain FROM Win32_ComputerSystem
getHostInfo
Discovery Scripts: Scripts
© 2010 BMC Educational Services
Discovery Scripts: Access
For each Platform there may be a number of different Access types that can be used
Sometimes a Script needs to use a particular Access type
SNMPSSH TELNET
WMI RCMD SNMP
© 2010 BMC Educational Services
Discovery Scripts: Multiple Scripts
A Method can have more than one Script if there are ways of getting the information from different commands
Each script is run in the order defined until one returns data
SELECT Name, Manufacturer, Model, Domain FROM Win32_ComputerSystemgetHostInfo
SYSTEMINFO /fo csv /nh
WMI
RCMD
© 2010 BMC Educational Services
Platforms in the Atrium Discovery UI
Administration > Discovery Platforms
© 2010 BMC Educational Services
Platforms in the Atrium Discovery UI
© 2010 BMC Educational Services
Discovery Methods in the UI
Red * indicates methods that MUST succeed in order to infer a Host
© 2009 BMC Educational Services
Differences between UNIX, Windows and SNMP
© 2010 BMC Educational Services
SNMP Discovery
SNMP has a fixed set of scripts against standard MIBs
© 2010 BMC Educational Services
Windows vs UNIX Access
Atrium Discovery is a Linux based appliance Unix Platforms can be accessed directly by the appliance
Windows Platforms access must be proxied by the Windows Slave
Slave HostADDM Appliance
ADDM Appliance Target Host
Target Host
© 2010 BMC Educational Services
Why the Windows Slave Is Needed
This is for 2 core reasons High quality Windows Access is via native protocols (mostly WMI) and
needs to be done from a Windows system For Windows protocols to authenticate successfully they need to be
connected to a domain or workgroup
By running on a customer provided Windows Host software updates, anti-virus software, credentials management can all be managed by customer High level credentials like Domain and Enterprise Admin do not need
to be entered into the credential vault
© 2010 BMC Educational Services
Windows and UNIX Differences (1)
UNIX has shell scripting that allows scripts to test and adapt
Windows has a published fine grain management interface, but not all information is available
UNIX Discovery Methods tend to be served by a large single script and a single access type
Windows Discovery Methods tend to be served by several scripts and different access types
© 2010 BMC Educational Services
Windows and UNIX Differences (2)
UNIX credentials tend to have authorities set local to the host via sudo, suexec, etc
Windows credentials tend to have authorities set centrally by the domain
UNIX Discovery scripts can need additional commissioning to get the best quality data
Windows Discovery scripts work out of the box so long as domain admin credentials used
© 2009 BMC Educational Services
Unix Discovery Scripts
© 2010 BMC Educational Services
UNIX Discovery Scripts in the UI (1)
Click on the Platform link to see the Scripts
© 2010 BMC Educational Services
UNIX Discovery Scripts in the UI (2)
Red * indicates methods that MUST succeed in order to infer a host
Red bar indicates methods that have been modified Yellow star indicates scripts that need elevated privileges in order
to succeed
© 2010 BMC Educational Services
Viewing the UNIX Discovery Scripts
Click on the script name to expand inline
Script Notes
Elevated privilege required
© 2010 BMC Educational Services
Use the UI to edit Or download edit, test and
upload
Disable a Script entirely Reset to the default Differences shown in red
UNIX Discovery Scripts Actions
© 2010 BMC Educational Services
Why You Need Privilege Elevation
Primarily because most commands on UNIX that can read configuration can also alter the configuration so are restricted to root
You could enter the root credential into Atrium Discovery General reluctance to do this
You can configure the existing privilege elevation system to run certain commands with root privilege This is usually sudo This configuration will need rolling out
© 2010 BMC Educational Services
Unix Discovery Scripts Privileged Commands
There are a number of privilege elevation systems and a number of ways of configuring them so the scripts need commissioning There is an additional Initialise Method and Script on the UNIX
platforms This is run at the start of every session so functions and shell variables
set in this Script are available in others
© 2010 BMC Educational Services
Editing the Init Script
Only consider editing the init script if You are advised by Support You have knowledge of the particular OS commands You have shell scripting experience You test carefully: mistakes can have greatly impact on data quality and
discovery times
Do not alter the script above the PRIV_ functions
© 2010 BMC Educational Services
PRIV_ functions
You will need to add the path to the command
Always make sure you have the “$@”
© 2009 BMC Educational Services
Windows Discovery Scripts
© 2010 BMC Educational Services
Windows Discovery Scripts in the UI (1)
Click on the Slave Scripts link to see the Scripts
© 2010 BMC Educational Services
Windows Discovery Scripts in the UI (2)
Red * indicates methods that MUST succeed in order to infer a host
© 2010 BMC Educational Services
Discovery Scripts are run in the order shown in the UI
If the first Script in the Method (here WMI) fails to return valid data then the second Script in the list is used
The primary Windows Discovery Method is WMI Queries, click through for details:
Windows Discovery Scripts Ordering
Ord
er
© 2010 BMC Educational Services
Windows Management Instrumentation
WMI is the primary and preferred access
Microsoft standard for accessing management information over the network Can be used to retrieve configuration details about most aspects of a
Windows system
Classes with attributes are defined, with an SQL-like query language Example query:
Select Name, Manufacturer, Domain, Model, Workgroup from Win32_ComputerSystem
© 2010 BMC Educational Services
Windows WMI Discovery Scripts
Administration > Discovery Platforms > Windows Discovery > WMI Support
© 2009 BMC Educational Services
Discovery Scripts Exercises
© 2010 BMC Educational Services
Other Windows Access Types (1)
RemCom Preferred method after WMI Installed on slave with the Slave software
PsTools Microsoft owned remote admin tools, originally Sysinternals Includes pslist, psinfo, psexec, etc
RCMD (Older Windows Resource Kit Utility) No longer distributed with the slave
Customers will need to download and install the appropriate Windows Resource Kit for the OS that the slave is running on, and copy the files into the slave installation directory
All these access types run commands native to the remote Windows Host hostname, systeminfo, ipconfig, netstat, …
© 2010 BMC Educational Services
Other Windows Access Types (2)
Some commands are capable of remote access as part of their design
These are a “local command” access type Will be run on the slave host to access the target host
Microsoft – usually natively available SYSTEMINFO TASKLIST
PsTools – only if installed on the slave host PSINFO PSLIST
© 2010 BMC Educational Services
Online Documentation: http://www.tideway.com/confluence/display/81/Discovery
Tideway Foundation
Version 7.2
Documentation
Title
Further Resources