addmi 15-discovery scripts

© 2009 BMC Educational Services

Discovery Scripts

What Atrium Discovery Will Ask A Host


Discovery Scripts: Outline

Platforms Methods and scripts Commands

The difference between access types Unix discovery scripts Windows discovery scripts

Slave scripts WMI scripts


Discovery Scripts: Platform

Discovery subdivides IP Devices into categories called Platforms that behave in similar ways

Generally a Platform is equivalent to the Operating System


Discovery Scripts: Methods

Discovery has a number standard Methods, each of which will try and determine one set of related information from the device

getDeviceInfo

Get basic device properties: os,

name, device type, …

getHostInfo

Get Host properties: kernel, serial, cpu, ram, …

getInterfaceList

Get list of interfaces

getProcessList

Get list of processes


For each Platform and each Method Discovery has at least one Script

The Script contains the knowledge of how to gather the information needed by that Method on that Platform

getHostInfo echo 'model:' `uname -i 2>/dev/null`/usr/sbin/prtconf 2>/dev/null | nawk '/^Memory size:/ {print "ram: " $3 "MB"}'

SELECT Name, Manufacturer, Model, Domain FROM Win32_ComputerSystem

getHostInfo

Discovery Scripts: Scripts


Discovery Scripts: Access

For each Platform there may be a number of different Access types that can be used

Sometimes a Script needs to use a particular Access type

SNMPSSH TELNET

WMI RCMD SNMP


Discovery Scripts: Multiple Scripts

A Method can have more than one Script if there are ways of getting the information from different commands

Each script is run in the order defined until one returns data

SELECT Name, Manufacturer, Model, Domain FROM Win32_ComputerSystemgetHostInfo

SYSTEMINFO /fo csv /nh

WMI

RCMD


Platforms in the Atrium Discovery UI

Administration > Discovery Platforms


Platforms in the Atrium Discovery UI


Discovery Methods in the UI

Red * indicates methods that MUST succeed in order to infer a Host


Differences between UNIX, Windows and SNMP


SNMP Discovery

SNMP has a fixed set of scripts against standard MIBs


Windows vs UNIX Access

Atrium Discovery is a Linux based appliance Unix Platforms can be accessed directly by the appliance

Windows Platforms access must be proxied by the Windows Slave

Slave HostADDM Appliance

ADDM Appliance Target Host

Target Host


Why the Windows Slave Is Needed

This is for 2 core reasons High quality Windows Access is via native protocols (mostly WMI) and

needs to be done from a Windows system For Windows protocols to authenticate successfully they need to be

connected to a domain or workgroup

By running on a customer provided Windows Host software updates, anti-virus software, credentials management can all be managed by customer High level credentials like Domain and Enterprise Admin do not need

to be entered into the credential vault


Windows and UNIX Differences (1)

UNIX has shell scripting that allows scripts to test and adapt

Windows has a published fine grain management interface, but not all information is available

UNIX Discovery Methods tend to be served by a large single script and a single access type

Windows Discovery Methods tend to be served by several scripts and different access types


Windows and UNIX Differences (2)

UNIX credentials tend to have authorities set local to the host via sudo, suexec, etc

Windows credentials tend to have authorities set centrally by the domain

UNIX Discovery scripts can need additional commissioning to get the best quality data

Windows Discovery scripts work out of the box so long as domain admin credentials used


Unix Discovery Scripts


UNIX Discovery Scripts in the UI (1)

Click on the Platform link to see the Scripts


UNIX Discovery Scripts in the UI (2)

Red * indicates methods that MUST succeed in order to infer a host

Red bar indicates methods that have been modified Yellow star indicates scripts that need elevated privileges in order

to succeed


Viewing the UNIX Discovery Scripts

Click on the script name to expand inline

Script Notes

Elevated privilege required


Use the UI to edit Or download edit, test and

upload

Disable a Script entirely Reset to the default Differences shown in red

UNIX Discovery Scripts Actions


Why You Need Privilege Elevation

Primarily because most commands on UNIX that can read configuration can also alter the configuration so are restricted to root

You could enter the root credential into Atrium Discovery General reluctance to do this

You can configure the existing privilege elevation system to run certain commands with root privilege This is usually sudo This configuration will need rolling out


Unix Discovery Scripts Privileged Commands

There are a number of privilege elevation systems and a number of ways of configuring them so the scripts need commissioning There is an additional Initialise Method and Script on the UNIX

platforms This is run at the start of every session so functions and shell variables

set in this Script are available in others


Editing the Init Script

Only consider editing the init script if You are advised by Support You have knowledge of the particular OS commands You have shell scripting experience You test carefully: mistakes can have greatly impact on data quality and

discovery times

Do not alter the script above the PRIV_ functions


PRIV_ functions

You will need to add the path to the command

Always make sure you have the “$@”


Windows Discovery Scripts


Windows Discovery Scripts in the UI (1)

Click on the Slave Scripts link to see the Scripts


Windows Discovery Scripts in the UI (2)

Red * indicates methods that MUST succeed in order to infer a host


Discovery Scripts are run in the order shown in the UI

If the first Script in the Method (here WMI) fails to return valid data then the second Script in the list is used

The primary Windows Discovery Method is WMI Queries, click through for details:

Windows Discovery Scripts Ordering

Ord

er


Windows Management Instrumentation

WMI is the primary and preferred access

Microsoft standard for accessing management information over the network Can be used to retrieve configuration details about most aspects of a

Windows system

Classes with attributes are defined, with an SQL-like query language Example query:

Select Name, Manufacturer, Domain, Model, Workgroup from Win32_ComputerSystem


Windows WMI Discovery Scripts

Administration > Discovery Platforms > Windows Discovery > WMI Support


Discovery Scripts Exercises


Other Windows Access Types (1)

RemCom Preferred method after WMI Installed on slave with the Slave software

PsTools Microsoft owned remote admin tools, originally Sysinternals Includes pslist, psinfo, psexec, etc

RCMD (Older Windows Resource Kit Utility) No longer distributed with the slave

Customers will need to download and install the appropriate Windows Resource Kit for the OS that the slave is running on, and copy the files into the slave installation directory

All these access types run commands native to the remote Windows Host hostname, systeminfo, ipconfig, netstat, …


Other Windows Access Types (2)

Some commands are capable of remote access as part of their design

These are a “local command” access type Will be run on the slave host to access the target host

Microsoft – usually natively available SYSTEMINFO TASKLIST

PsTools – only if installed on the slave host PSINFO PSLIST


Online Documentation: http://www.tideway.com/confluence/display/81/Discovery

Tideway Foundation

Version 7.2

Documentation

Title

Further Resources

addmi 15-discovery scripts

Documents

domain unix discovery

methods discovery

snmp discovery snmp

unix credentials

fixed set of scripts

unix differences

windows credentials

multiple scripts amethodcan