SDDM User Guide

From FireScope Documentation Site
Jump to: navigation, search

This section is a deep dive into every aspect of FireScope DDM configuration, from populating Configuration Items (CIs), to data collection.

Run Setup Wizard

Setup Wizard guides you to setup Firescope SDDM in sequential order from pre-requisites required to Discovery, where Firescope SDDM will discover the assets and start collecting data. Last page directs you to Configure Integration with Cherwell. Note: For more information, related links to documentation pages are provided on each page.
# The wizard will run on first login given all of the following are true:
  1. No Edge Devices are configured
  2. The user type is a FireScope Administrator or more privileged
  3. To manually run the SDDM Setup Wizard, click on Service Management > Initial Settings > Run Setup Wizard.

Step 1 - Prerequisites Before anything can be set up, there is a checklist of prerequisites that need to be addressed. These prerequisites are described in further detail on their respective documentation pages.

Step 2 - Edge Device Registration All the metrics and data gathered from your environment flows to the Edge Device, and then to the Application Server.

Step 3 - Data Flows Configure your network devices to send data to the Edge Device. By default, the Edge Device will report data to the system at the top of the next clock-hour after the Traffic Sampling Frequency saved in the Global Traffic Settings page. For example, if the Traffic Sampling Frequency is set to "1 hour," and whether the settings are saved at 3:01 or 3:59, data will arrive at 4:00, and again at 5:00. If the Traffic Sampling Frequency is set to "2 hours," and whether the settings are saved at 3:01 or 3:59, data will arrive at 5:00.

Step 4 - Business Services Business Services can be created from either a URL that was found in Firescope SDDM's traffic analysis, or based on the source and/or target IPs and ports that are communicating with each other on the network.

Step 5 - Discovery Scans Firescope DDM has additional discovery scans that can be used to gather additional information about the devices in your environment, including Network Discovery, Topology Discovery, and Virtual Discovery for VMware clusters.

Step 6 - Cherwell Integration (Licensed Feature)

If your product license comes with Cherwell Integration, the final step will be to enter your federation credentials for Cherwell into the system.

Completion Once all the steps are complete, there are a few things to review before taking off. These are simply some validation checks to make sure all the data from your environment is coming into the system accurately.

Credentials

Credentials are used to discover additional information within your environment. Credentials also allow a Configuration Item to gather information from your environment without loading or enabling additional agents and services. Depending on your environment, valid Credentials may be required. Use the Credentials Management page to add and update Credentials.

In order for FireScope to connect to or collect data from your infrastructure, an SNMP community string or username and password may be required.  This includes APIs such as VMware, NetApp, Cisco UCS, Amazon AWS and others. These credentials are also used by Discovery to collect details regarding a discovered asset, such as configuration information and potential Attributes for monitoring. To simplify configuration, all credential configuration is centralized in the Credentials section of the Configuration menu.  From here you can create or edit any Credentials that FireScope SDDM may need.

Note:  Credentials are Edge Device specific. This allows you to designate shared Credentials (such as SNMP) per environment with a dedicated Edge Device.

SNMP Credentials

SNMP credentials are utilized by the following:

CI/Attributes - SNMP attributes within a CI will utilize the SNMP credential linked to the CI to establish connection and access

Network Discovery Jobs - Network discovery jobs will utilize SNMP credentials on a 'first-match' basis. If you want to create and configure CIs with discovery profiles, order your SNMP credentials with the setting that can the most access first.NOTE: All credentials are associated to an Edge Device to better target multiple environments that may have different settings for community or authentication. Discovery job and CIs can only utilize credentials that have the same Edge Device.# Click on Configuration > Discovery > Credentials. Manage Credentials page will be displayed.

SNMP Credential Management Page1.png-782x132.png

style="color:#000000;">                                                                                                         

  1. Click on View next to SNMP credentials, SNMP Credentials Management page will be displayed.

Link=

  1. Click on the Create button (upper right hand corner), SNMP Credentials Management create form will be displayed.

Create SNMP Credential Management.png-793x238.png

  1. Edge Device: Select an Edge Device to designate the data collection or operation target.
  2. Name: Enter a descriptive name for this item.
  3. Description: Enter description
  4. Port: Enter port number
  5. SNMP Setting:

SNMP V1: #

      • Requirement: Device must be SNMPv1 compatible or have an SNMP Agent installed. This includes most networked assets.
      • Information: The SNMPv1 SMI specifies the use of a number of SMI-specific data types, which are divided into two categories:Simple data typesApplication-wide data types
      • Access Requirement: Community for e.g. most devices have a setting for public

Credentials SNMP V1.png-320x240.png

SNMP V2:  #

      • Requirement: Device must be SNMPv2 compatible or have an SNMP Agent installed.  
      • Information: The SNMPv2 SMI is described in RFC 2578. It makes certain additions and enhancements to the SNMPv1 SMI-specific data types, such as including bit strings, network addresses, and counters. Bit strings are defined only in SNMPv2 and comprise zero or more named bits that specify a value. Network addresses represent an address from a particular protocol family. SNMPv1 supports only 32-bit IP addresses, but SNMPv2 can support other types of addresses as well. Counters are non-negative integers that increase until they reach a maximum value and then return to zero. In SNMPv1, a 32-bit counter size is specified. In SNMPv2, 32-bit and 64-bit counters are defined.Additionally, SNMPv2 also specifies information modules, which specify a group of related definitions. Three types of SMI information modules exist: MIB modules, compliance statements, and capability statements.MIB modules contain definitions of interrelated managed objects.Compliance statements provide a systematic way to describe a group of managed objects that must be implemented for conformance to a standard.Capability statements are used to indicate the precise level of support that an agent claims with respect to a MIB group. An NMS can adjust its behavior toward agents according to the capabilities statements associated with each agent.
      • Access Requirement: Community for e.g. most devices have a setting for public

Credentials SNMP V2.png-320x240.png

SNMP V3: #

      • Requirement: Device must be SNMPv3 compatible or have an SNMP Agent installed.
      • Information: Essentially offers the same information as SNMPv2, with the addition of 3 important security features:
        • Message integrity to ensure that a packet has not been tampered with in transit.
        • Authentication to verify that the message is from a valid source.
        • Encryption of packets to prevent snooping by an unauthorized source.
      • Access Requirement: SNMPv3 has several variations of access control. You will need to provide some of the following values based on the type of authentication required by the device's settings.
        • security name
        • security level
        • authentication type
        • auth passphrase
        • privacy type
        • priv passphrase

Credentials SNMP V3.png-320x240.png

  1. Click on the Save button.

LDAP

FireScope SDDM has the ability to perform queries against LDAP servers such as Microsoft Active Directory, identifying user privilege escalation, changes in group policy and more.  In order to perform these queries, proper authentication information will need to be provided by adding an LDAP credential.

LDAP credentials allow to add LDAP connections which can be associated with a CI to collect data. LDAP credentials will need to be specified.

To Create LDAP credentials# Click on Configuration > Discovery > Credentials. Credential Management page will be displayed.

8053.SNMP Credential Management Page1.png-699x118.png

  1. Click on View next to LDAP credentials, LDAP credentials Management page will be displayed.

LDAP Credential Management 1.png-707x102.png

  1. Click on Create LDAP credentials, credentials Management create form will be displayed.

Create LDAP Credential Management.png-708x333.png

  1. Name: Enter a name which will be used to identify these credentials.
  2. Description: Enter helpful description that will help to understand these credentials.
  3. URL: Enter a path to an LDAP server. For e.g. Enter the path as LDAP://<server dns or IP>.Note: Do not put a trailing / at the end of the path.
  4. Port: Enter a port LDAP server will respond to. Mostly it is port 389
  5. Bind DN: Enter the container name of the account to be used. For e.g Bind DN: CN=Test
  6. Bind Password: Enter the password for the account.
  7. Base DN: Enter the entire container path for the account. For e.g. CN=Users,DC=firescope,DC=comIn the following example, the account to be used is “Test” and the full LDAP path to this account is CN=Test,CN=User,DC=firescope,DC=com.
  8. Click Save to complete the setup of the LDAP credentials.
     Notes:
    • Once a LDAP credential have been defined, a CI can be associated to a single LDAP credential, via the CI Form.
    • Now that you have working LDAP credentials attached to the CI, you can create the LDAP check attributes. Only attributes of CI’s associated to an LDAP credentials will be able to collect LDAP data.
    • Attributes will need to be created with a type of LDAP check. Attributes of CI’s associated to an LDAP connection will be able to collect LDAP data.Data can be viewed by clicking on data history icon

Net App Ontap Credentials

Net App Ontap Credentials are used to discover additional information within your environment. It also allows Configuration Item to gather information from your environment without loading or enabling additional agents and services. Depending on your environment, valid credentials may be required. Use the Credentials page to add and update credentials.Credentials are Edge device specific. This allows you to designate shared credentials (such as SNMP) per environment with a dedicated Edge device.

To Create NetApp ONTAP credentials# Click on Configuration > Discovery > Credentials. Credential Management page will be displayed.

8357.SNMP Credential Management Page1.png-747x126.png

  1. Click on View next to NetApp ONTAP credentials, NetApp ONTAP Credentials Management page will be displayed.

NetApp Ontap Credential Management.png-748x152.png

  1. Click on Create, NetApp ONTAP credentials Management create form will be displayed.

Create LDAP Credential Management.png-708x333.png

  1. Edge Device: Select an Edge Device to designate the data collection or operation target.
  2. Name: Enter a descriptive name for this item.
  3. Description: Enter description
  4. Server Type: Select Server Type from the drop down list.
  5. Transport Type: Select Server Type from the drop down list.
  6. Style: Select Server Type from the drop down list.
  7. Username: Enter User name.
  8. Password: Enter password.
  9. Click on the Save button.

VMware Virtual Center Credentials

VMware Virtual Center Credentials are used to discover additional information within your environment. To establish a connection to a Virtual Center or ESX server, we must first enter the connection settings, including account credentials for a valid user account on the VMWare server. We recommend creating an account that will only be used by FireScope SDDM.

To Create VMware Virtual Center Credentials# Click on Configuration > Discovery > Credentials. Credential Management page will be displayed.

6305.SNMP Credential Management Page1.png-764x129.png

  1. Click on View next to VMware Virtual Center Credentials, VMware Virtual Center Credentials Management page will be displayed.

VMware Credentials.png-745x205.png

  1. Click on the Create button (upper right hand corner)VMware Virtual Center Credentials Management create form will be displayed.

VMware Create Credentials.png-678x497.png

  1. Edge Device: Select an Edge Device to designate the data collection or operation target.
  2. Name: Enter a name which will be used to identify these credentials.
  3. Description: Enter helpful description that will help to understand these credentials.
  4. IP : Enter IP address
  5. Port: Enter a port Vmware server will respond to.
  6. Username: Enter the Username for the account.
  7. Password: Enter the password for the account.
  8. Click on the Save button.

WMI Credentials

Agentless WMI setup:

These steps are required to be performed on a Domain Controller by a Windows Admin in order for the WMI features to work. * Create a FireScope WMI Credential using a domain user that is a member of 'Domain Admins'

    • This grants access to the WMI CIMV2 namespace where device data is queried from. 
    • It's recommended that a dedicated WMI user be created (as member of 'Domain Admins') for this purpose. Create the dedicated user via Administrative Tools > Active Directory Users and Computers. For a visual reference to most of the remaining steps below, refer to the following instructional link: https://www.infrasightlabs.com/how-to-enable-winrm-on-windows-servers-clients 
  • Create the Group Policy that will enable WinRM services and open required WinRM firewall ports on each Windows devices in the domain 
    • Run Group Policy Management (via Administrative Tools or commandline gpmc.msc) 
    • Create an 'Enable WinRM' Group Policy object (GPO) under your domain then edit it. 
    • Enable 'Windows Remote Management' listeners 
    • Navigate through Computer Configuration > Policies > Administrative Templates: Policy definitions > Windows Components > Windows Remote Management (WinRM) >
  • WinRM Service. 
    • Edit 'Remote Server Management through WinRM' (or 'Allow automatic configuration of listeners') then select Enable and specify '*' for IPv4 and IPv6 filters.
    • Automatically start the 'Windows Remote Management (WS-Management)' service 
    • Navigate through Computer Configuration > Preferences > Control Panel Settings > Services. 
    • Create a new service with Service Name of WinRM (aka 'Windows Remote Management (WS-Management)'), Startup of Automatic, and Service Action of Start. 
    • Open firewall for WinRM traffic 
    • Navigate through Computer Configuration > Policies > Windows Settings > Security Settings > Windows Firewall with Advanced Security > Windows Firewall with Advanced Security > Inbound Rules. 
    • Add new Inbound rule of type Predefined: Windows Remote Management, click Next and check-mark only 'Windows Remote Management(HTTP-In)', then click Next and 'Allow the connection'. 
    • Add new Inbound rule of type Predefined: File and Printer Sharing, click Next and check-mark only 'File and Printer Sharing(Echo Request - ICMPv4-In)', then click Next and 'Allow the connection'. 
    • This GPO will take time to propagate from the Domain Controller to all Windows devices in the domain. To forcefully update individual Windows devices, type 'gpupdate /force' via DOS command line on each device.


Once the settings from above are complete access the WMI credentials form in FireScope:

Configuration :: WMI Credential Management 

WMI Credential Form.PNG-320x240.png

 

Then make sure to use this feature in your Network Discoveries:Configuration :: Network Discovery

WMI Network Discovery.PNG-640x480.png

Discovery

FireScope includes multiple discovery engines as a means of initially populating Configuration Items (CIs), identifying changes in infrastructure and augmenting configuration data from integration partners.  Each discovery engine is configured independently, enabling you to choose which engines are appropriate for your environment and to schedule ongoing scans at an appropriate frequency based on the rate of change in your environment.  For example, you may want Network discovery to run only once a week if you are rarely introducing new physical servers or devices, while VMware discovery may be scheduled on a daily basis if you are frequently activating and decommissioning VMs.  Additionally, if you are pulling CI data from a CMDB integration partner, there is an option to automatically run discovery against each CI brought over, which can be useful for augmenting the configuration data pulled over and to identify the available attributes for monitoring.

For best results, multiple discovery scans using all appropriate engines should be used.  Each discovery engine can be configured to either automatically create and profile detected systems, or to follow a manual method whereby discovery results are only captured.  If using the manual method, administrators will need to view the discovery results and select the specific CIs that they want to monitor with FireScope.

Note: Discovery is by nature a somewhat invasive process. ALWAYS get approval from your Network Administrator before running Discovery jobs.

With the exception of Service Insight, all discovery scans can be configured by navigating to the Discovery section of the Configuration menu.  You will need a minimum of Configuration Administrator permission to configure discovery.  Prior to using any discovery scans, please make sure that all appropriate credentials have been configured.

Pastedimage1464113134112v1.png-320x240.png

The following is a short description of the available discovery engines.  Configuration of each engine is discussed in this section of the user guide.* Discovery (Network) - This discovery engine is an NMap style network scan.  Initially, a range of IP addresses is scanned via ICMP to identify which addresses are currently in use.  This is followed by OS fingerprint discovery, SNMP discovery and a test of well known ports which can identify service applications such as Apache, MySQL, Active Directory and more.  These scans also check to see if a FireScope Agent has been deployed, which can further augment discovery results.

  • Service Insight (Dependency Discovery) - This discovery engine listens to aggregate network activity between systems, either looking for URL end-points for web-based applications or for specific application communications (e.g. Active Directory).  From these starting points, you can choose the ones you care to monitor and the discovery will follow transaction paths or downstream communication to identify all of the dependencies of these services.
  • Virtual Discovery (VMware) - Leveraging VMware's Engineering API, this discovery engine calls your vSphere or Vcenter instance and pulls down an inventory of your virtualized infrastructure, including physical hosts, VMs, data stores, datacenters and more.  
  • Network Topology - Using nearest neighbor and related commands, this discovery engine is designed to walk your network to identify what is plugged into what.  This helps the solution understand the physical dependencies within the infrastructure, such as which servers are connected to a given switch.

Clusters

You can create Clusters by running Load Balancer Discovery Job or you can create them manually. If  any new Clusters are discovered by the discovery job they will be added to the Cluster Information section as Pending. You can click on the check box next to the Pending cluster and click on the Approve Clusters button(bottom right corner of the page. The status of the newly found Clusters will change to Approved and upon approval Logical Group, Delegate CI(Cluster/VIP) and Cluster Member will be created. You can create the Clusters manually as well.

To Create Load Balancer Discovery Job

  1. Click on Service Management > Initial Settings > Manage Clusters. Manage Clusters page will be displayed.

Cluster 1.png-794x611.png

  1. Click on the Create button next to Load Balancer Discovery Job,  on the upper left hand corner. Load balancer and Cluster page will be displayed.

Load Balancer.png-799x968.png

  1. Select the Edge Device from the drop down box to designate the data collection.
  2. Fill in the Discovery section as below:Note:  FireScope uses a port-targeted discovery model. which means that FireScope will only probe for the ports you specifically enable as discovery checks. For the initial discovery job, it is recommended to set the Frequency to 1 hour (60 minutes); minimum 5 minutes.
     
    1. Scan Load Balancer: Clicking on this check box the Load Balancer will scan to discover Cluster dependencies.Note: To find Cluster dependencies be sure to add proper SNMP credentials for the Load Balancer.
    2. Description: Enter a descriptive name for this Load Balancer Scan.
    3. IP Range/ DNS to scan: Enter the Network IP addresses you wish to target for scanning. This can be a single IP, multiple IP's or a Range of addresses.Examples:Multiple IP's:192.168.0.1,192.168.0.2,192.168.0.3IP Ranges:192.168.0.1-254 (means 192.168.0.1 to 192.168.0.254)Note: Also supports CIDR notation (192.168.0.0/24). See http://www.subnet-calculator.com/cidr.php
    4. IP Exclusion List: Here you can specify a comma-separated list of targets to be excluded from the scan even if they are part of the overall network range you specify. The list you pass in uses normal IP range syntax, so it can include hostnames, CIDR netblocks, octet ranges, etc. Note:  IP Exclusion List applies to all Network Discovery and Topology Discovery jobs across all Edge Devices in this Account   
    5. Timeout: This defines how long (in minutes) the scan will run before automatically terminating.
    6. Frequency: This defines how often your scan job will be run.
  3. Discovery (Global) IP Exclusion List: Displays the Global IP Exclusion List. You can set the global IP exclusion list from Network Discovery.Note: Global IP Exclusion List applies to all Network Discovery and Topology Discovery jobs across all Edge Devices in this Account.
  4. Result Processing Options: This section determines what actions you want to take upon a completed discovery. There are two options:
    1. Option A:
      • Creates Discovery Results only, does not create Configuration Items and Attributes.
      • Selecting Update CI Inventory check box will activate the CI Inventory section.Note: This option affects existing CIs only.
    2. Option B:
      • Discovery results will be used to create Configuration Item
      • CI Inventory will be updated
      • Selecting Discovery Settings will create user selected Attributes.
         
  5. CI Inventory :
    Inventory for a CI's assets in terms of Storage, CPU, Interface, and Memory. This information can be populated with the inventory feature enabled from a discovery job or you can populate the list manually. On certain asset types, Macros can be used in associated Blueprints to dynamically create Attributes.
  6. Discovery Options: Including the following analysis options in the scan process will determine if various sub-portions of the discovery process will be invoked or not. 
    Note: Selecting additional scan options can result in clear and accurate identification of Host, Service the discovered host provide.may increase the overall time to complete scans. Disabling this options will speed up the discovery run.          These arguments are optional.
    1.  DNS Name Resolution: By selecting this option FireScope Discovery attempts to resolve discovered IP addresses to Fully Qualified DNS hostnames.
    2. OS Anaysis: FireScope Discovery will attempt to perform an Operating System analysis based on the ports it identifies as Open and Listening.
    3. RPC Analysis: When an open Remote Procedure Call service port is identified, Discovery will attempt to query it to find other open RPC services on the discovered host.
    4. Service Analysis: FireScope Discovery has the ability to identify open Network Services on discovered CIs. When an open TCP service port is identified, Discovery will attempt to query it and identify the Network Service name, and version for that Listening Port.
    5. Route Analysis: FireScope Discovery has the ability to determine the network location and distance of discovered IP CIs. This is done by tracing the route path to the discovered IP address.
    6. Well Known OS Ports: FireScope Discovery utilizes open TCP ports to assist in performing Operating System analysis and identification. While you can specify a list of ports to use to perform the Scan, FireScope also provides a list of 'well-known' Operating System ports. This list of well-known ports will be added to the scan to improve OS detection.View the full help for a list of currently well-known OS Ports included in this option.
    7. SNMP Data Collection: FireScope Discovery can identify and query SNMP enabled devices on your network. Enabling this option allows the Discovery engine to execute SNMP queries using the SNMP credentials supplied (including SNMPv3) in the order listed. This can result in a more accurate device and service identification. For more information on SNMP polling and community strings, please reference the FireScope Administration guide.
    8. NetApp OnTap: Connect to NetApp ONTAP with available credentials and create NetApp specific metrics.
    9. Scan Intensity: Define the number of process threads that will be used to execute the discovery scan. A higher number of threads will result in a faster scan, at the cost of increased network traffic from the FireScope Appliance. A lower number will result in a lower level of network traffic, but the scan will take longer to complete.
  7. Checks: This defines the specific probe that you wish FireScope to conduct. You define a probe based on the Service you check and the port. A given Job can include multiple checks.
  8. Status: A Job can be set to Active or Disabled status.
  9. Check the Verify check box and click on the Save button.

To Create Clusters Manually

  1. Click on Configuration > Clusters. Clusters page will be displayed.
  2. Click on the Create button next to Cluster Information. Configuration: Load Balancer & Cluster page will be displayed.

File:6521.Create Clusters.png-766x469.png

  1. Enter Name for this Cluster.
  2. Select the Cluster Type from the drop down box.
  3. Logical group will be created when you Save this cluster.
  4. Delegate CI: Select a CI to designate as this Logical Group's delegate. Note: This CI should be used to contain any grouped check Attributes based on this Logical Group and can be used with Logical Group Blueprint applications.
  5. Enter the appropriate Port.
  6. Cluster Members: Select the Configuration Items to add the members of the clusters.Note: Delegate CI cannot be a member CI

Network Discovery

Discoveries are essentially configured jobs of your network, whereby FireScope SDDM interrogates each asset it detects to:* Identify what type of device it is

  • Identify what operating system is running on it
  • Check for specific active portsEach job can be scheduled to run periodically to identify new assets.

Note: To accomplish the above task the device IP should be pingable . If the ping on a device is disabled the discovery will fail and not find any of the above information.

Create a Network Discovery Job

  1. Log in to FireScope SDDM as a FireScope or Account Administrator.
  2. Click on Configuration > Discovery > Network Discovery. The Network Discovery page will be displayed.

Network Discovery Page1.png-801x206.png

  1. Click on the Create button (top right corner). The Create Discovery page will be displayed.

8738.Create Network Discovery.png-800x970.png

  1. Edge Device: Select the Edge Device from the drop down box to designate the data collection.
  2. Discovery: Fill in the Discovery section as below:Notes:
    • FireScope uses a port-targeted discovery model. which means that FireScope will only probe for the ports you specifically enable as discovery checks.
    •  For the initial discovery job, it is recommended to set the Frequency to 1 hour (60 minutes); minimum 5 minutes.
      • Scan Load Balancer: Selecting this option allows the discovery to look inside the device for Cluster dependencies.Note:
        • To create Load Balancer CIs and Clusters make sure to select Option B.
        • To find Cluster dependencies make sure to add proper SNMP credentials for the Load Balancer.
        • Only one IP can be entered in the IP Range/ DNS to scan if this option is selected.
      • Description: Enter a descriptive name for this Discovery job.
      • IP Range/ DNS to scan: Enter the Network IP address you wish to target for scanning. Note: If you select the option to run a Load Balancer Discovery enter a single IP. For e.g. 192.168.0.1.The following Examples apply for Network Discovery only.Multiple IP's:192.168.0.1,192.168.0.2,192.168.0.3IP Ranges:192.168.0.1-254 (means 192.168.0.1 to 192.168.0.254)Note: Also supports CIDR notation (192.168.0.0/24). See http://www.subnet-calculator.com/cidr.php
      • IP Exclusion List: Here you can specify a comma-separated list of targets to be excluded from the scan even if they are part of the overall network range you specify. The list you pass in uses normal IP range syntax, so it can include hostnames, CIDR netblocks, octet ranges, etc. Note:  IP Exclusion List applies to all Network Discovery and Topology Discovery jobs across all Edge Devices in this Account   
      • Timeout: This defines how long (in minutes) the scan will run before automatically terminating.
      • Frequency: This defines how often the scan job will run.
  3. Discovery IP Exclusion List: Displays the IP Exclusion List. You can set the global IP exclusion list from Network Discovery.Note: Global IP Exclusion List applies to all Network Discovery and Topology Discovery jobs across all Edge Devices in this Account.
  4. Result Processing Options: This section determines what actions you want to take upon a completed discovery. There are two options:
    • Option A:
      • Creates Discovery Results only, does not create Configuration Items and Attributes.
      • Selecting Update CI Inventory check box will activate the CI Inventory section.Note: This option affects existing CIs only.
      • If option A is selected Load Balancer CIs and Clusters will not be created. This information will be displayed under Results, but not be displayed on Manage Cluster page(Configuration > Discovery > Manage Clusters).
    • Option B:
      • Discovery results will be used to create Configuration Item
      • CI Inventory will be updated
      • Selecting Discovery Settings will create user selected Attributes.
      • Only if option B is selected Load Balancer CIs and Clusters will be created. This information will be displayed under Results and Manage Cluster page(Configuration > Discovery > Manage Clusters)
  5. CI Inventory :
    Inventory for a CI's assets in terms of Storage, CPU, Interface, and Memory. This information can be populated with the inventory feature enabled from a discovery job or you can populate the list manually. On certain asset types, Macros can be used in associated Blueprints to dynamically create Attributes.
  6. Discovery Options: Including the following analysis options in the scan process will determine if various sub-portions of the discovery process will be invoked or not. 
    Note: Selecting additional scan options can result in clear and accurate identification of Host, Service the discovered host provide.may increase the overall time to complete scans. Disabling this options will speed up the discovery run.These arguments are optional.
    •  DNS Name Resolution: By selecting this option FireScope Discovery attempts to resolve discovered IP addresses to Fully Qualified DNS hostnames.
    • OS Anaysis: FireScope Discovery will attempt to perform an Operating System analysis based on the ports it identifies as Open and Listening.
    • RPC Analysis: When an open Remote Procedure Call service port is identified, Discovery will attempt to query it to find other open RPC services on the discovered host.
    • Service Analysis: FireScope Discovery has the ability to identify open Network Services on discovered CIs. When an open TCP service port is identified, Discovery will attempt to query it and identify the Network Service name, and version for that Listening Port.
    • Route Analysis: FireScope Discovery has the ability to determine the network location and distance of discovered IP CIs. This is done by tracing the route path to the discovered IP address.
    • Well Known OS Ports: FireScope Discovery utilizes open TCP ports to assist in performing Operating System analysis and identification. While you can specify a list of ports to use to perform the Scan, FireScope also provides a list of 'well-known' Operating System ports. This list of well-known ports will be added to the scan to improve OS detection.View the full help for a list of currently well-known OS Ports included in this option.
    • SNMP Data Collection: FireScope Discovery can identify and query SNMP enabled devices on your network. Enabling this option allows the Discovery engine to execute SNMP queries using the SNMP credentials supplied (including SNMPv3) in the order listed. This can result in a more accurate device and service identification. For more information on SNMP polling and community strings, please reference the FireScope Administration guide.
    • NetApp OnTap: Connect to NetApp ONTAP with available credentials and create NetApp specific metrics.
    • Scan Intensity: Define the number of process threads that will be used to execute the discovery scan. A higher number of threads will result in a faster scan, at the cost of increased network traffic from the FireScope Appliance. A lower number will result in a lower level of network traffic, but the scan will take longer to complete.
  7. Checks: This defines the specific probe that you wish FireScope to conduct. You define a probe based on the Service you check and the port. A given Job can include multiple checks.
  8. Status: A Job can be set to Active or Disabled status.
  9. Check the Verify check box and click on the Save button.

Note: For more information on the Network Discovery Job screen shots and fields, see Create a Network Discovery Job

Clone a Network Discovery Job

  1. Log in to FireScope as a FireScope or Account Administrator.
  2. Click Configuration > Discovery > Network Discovery. The Discovery page lists all the current Discovery Jobs for the selected Edge Device.
  3. In the Name column, click on the Network Discovery Job you want to clone. The Discovery page will be displayed.
  4. Click Clone (bottom of the page). The Create Discovery page will be displayed, duplicating the values of the original Discovery Job.
  5. Edit the form.
  6. Click on the Save button.

Edit a Network Discovery Job:

  1. Log in to FireScope as a FireScope or Account Administrator.
  2. Click Configuration > Discovery > Network Discovery. The Discovery page lists all the current Discovery Jobs for the selected Edge Device.Note: You can filter and sort the list using the column headers.
  3. In the Name column, click the Discovery Job you want to edit. The Discovery page will be displayed.
  4. Edit the form. For more information about the Discovery Job fields, see Creating a Discovery Job.
  5. Click on the Save button.

Enable or Disable a Discovery Job:

  1. Log in to FireScope as a FireScope or Account Administrator.
  2. Click Configuration > Discovery > Network Discovery. The Discovery page lists all the current Discovery Jobs for the selected Edge Device. Note: You can filter and sort the list using the column headers.
  3. In the Name column, check the box next to the Discovery Job you want to enable or disable.
  4. Click Enable selected or Disable selected (bottom right corner). A confirmation window will be displayed.
  5. Click on OK

Delete a Network Discovery Job:

  1. Log in to FireScope as a FireScope or Account Administrator.
  2. Click Configuration > Discovery > Network Discovery. The Discovery page lists all the current Discovery Jobs for the selected Edge Device.  You can filter and sort the list using the column headers.
  3. In the Name column, check the box next to the Discovery Job you want to delete.
  4. Click Delete selected (bottom right corner). A confirmation window will be displayed.
  5. Click on OK.

View Network Discovery Job Results:

  1. Log in to FireScope SDDM as a FireScope or Account Administrator.
  2. Click Configuration > Discovery > Network Discovery. The Discovery page lists all the current Discovery Jobs for the selected Edge Device.Note: You can filter and sort the list using the column headers.
  3. In the Last Scan Summary column, click Results for the Discovery Job you want to view. The Discovery Status page will be displayed.

 Applying a Discovery Profile

Choose to Apply Discovery Profiles and CIs, Attributes are created from a profile application dialog and dynamic auto-configuration process.

Pastedimage1464122647282v1.png-725x434.png

Discovery Exception

You can view information about any errors or exceptions that are found during a network discovery scan.# Click on Configuration > Discovery > Network Discovery. Network Discovery page will be displayed.

6646.Network Discovery Page1.png-805x207.png

  1. Click on View Exception button on top right hand corner or lower left hand corner. Network Discovery Exceptions page will be displayed.
  2. You can view Discovery Exceptions of all or single discovery job by selecting an option from Discovery Job drop down box in the upper right corner. Following results page will be displayed.

View Exceptions.jpg-800x95.jpg

Discovery Rules Settings

Discovery settings define how FireScope SDDM should respond when assets matching specific parameters are discovered. For example, for any asset running Windows 2003 Server that FireScope discovers, you want to automatically: It filters the results of all discovery jobs.* Add the CI to the Windows Servers Logical Group

  • Link the CI to the Windows and Windows Disks Blueprints
  • Create a CI

Create Discovery Settings:

  1. Log in to FireScope SDDM as a Firescope or Account  Administrator.
  2. Click Configuration > Discovery > Network Discovery. The Network Discovery page will be displayed.

6136.Network Discovery.png-703x119.png

  1. In the top right corner, click Discovery Settings (or from Menu: Configuration > Discovery > Discovery Rules). The Discovery Settings page will be displayed.

Network Discovery Settings.png-802x163.png

  1. Click on the Create button (top right corner). The Create Discovery Setting page will be displayed.

Discovery Rules.png-804x543.png

  1. Name: Enter a descriptive name for this Discovery Settings, that other users can easily recognize.
  2. Filter(s) and Procedure(s) for the Discovery Settings Section:
    1. Filters- Enter criteria to trigger the associated Discovery Job. Filters are applied against Network Discovery Results. Create your filters to match results.
      1. Click on Add Filter. The New filter section will be displayed.Note:For more information, see in the table below.

Discovery Rules Filters.png-472x205.png

      1. You can add multiple filters by clicking on Add Filter button. 
      2. Select OR if only one filter criterion is required to trigger the procedure .
      3. If all filter criteria are required to trigger the procedure use AND.
    1.  Procedures- Enter action(s) to be performed when the criteria are met. Set procedures to act on results matching the filters defined.
      1. Click on Add Procedure the New procedure section will be displayed.

Discovery Rules Procedure.png-476x109.png

      1. Select the action you want to take from the drop down list.
      2. Click on the Select button to select either blueprint, logical group or service group depending on your selection.
  1. Scope: Indicates if the Discovery Settings should be applied to all discovery jobs or to the selected one only.
    1. Click on the All button to apply to all network discovery jobs.

Discovery Rules Scope All.png-320x240.png

    1. Click on Select to select a particular network discovery job.

Discovery Rules Scope One.png-320x240.png

  1. Click on the Save button.

New Filter Options

The following table describes the Discovery Settings filter options.

Condition Example Looks at Description
Asset Type Switch Host Compares to the Asset Type of the asset found through Discovery.
CI Type Network Host Compares to the CI Type of the asset found through Discovery.
Comments like Public Applications Checks the descriptions of each application found through Discovery.
DNS foo.firescope.int Host Compares to the DNS of the asset found through Discovery.
IP Address <> 192.168.0.1 Host Compares to the IP address of each asset found through Discovery. Must be the complete IP address.
Listening Port 80 Applications Determines if there was a response from this port, which indicates a program is actively listening to this port. In this example, we're looking for active web servers. Use Listening Port in conjunction with the Port Status condition.
MAC Address Err:502 Host Compares to the MAC address of each asset found through Discovery. Must be the complete MAC address
Model Cisco 6509 Host Compares to the Model of the asset found through Discovery.
Network Distance 1 Host Number of network hops that separate the discovered asset from the FireScope appliance.
OS 1 Like Linux Host FireScope performs multiple tests to try to identify the operating system of the discovered asset. The most likely match is OS 1, followed by OS 2 as a secondary check.
OS 2 Not Like Windows Host FireScope performs multiple tests to try to identify the operating system of the discovered asset. The most likely match is OS 1, followed by OS 2 as a secondary check.
Port Status #NAME? Applications Checks the status of the listening port. Possible values include open, filtered, and closed. Use Port Status in conjunction with the Listening Port condition.
Product Name Like Apache Applications When checking ports during a Discovery Job, FireScope queries the name of the application.
Product Version Like 2.1.6 Applications After querying a discovered application for its name, FireScope also requests its version number.
Protocol #NAME? Applications This condition looks at what protocol was used for scanning a port. Possible values include tcp and udp. Should be used in combination with Port Status to filter only ports that have a listening application.
Serial SCA043703EU Host Compares to the Serial Num of the asset found through Discovery
Service Category #NAME? Applications Depending on the type of application that is discovered, it may return a category of service. Many possible outputs exist, depending on the vendor.


Edit Discovery Settings:

  1. Log in to FireScope SDDM as a FireScope or Account Administrator.
  2. Click Configuration > Discovery > Network Discovery > Discovery Settings button(or from Menu: Configuration > Discovery > Discovery Rules).. The Discovery Setting page will be displayed.
  3. In the Name column, click the Discovery Settings you want to edit. The Discovery Setting page will be displayed.
  4. Edit the form.
  5. Click on the Save button.


Note: You can filter and sort the list using the column headers.

Enabling or Disabling Discovery Settings# Log in to FireScope SDDM as a FireScope or Account Administrator.

  1. Click Configuration > Discovery > Network Discovery > Discovery Settings button(or from Menu: Configuration > Discovery > Discovery Rules).. The Discovery Setting page will be displayed.
  2. In the Name column,check the box next to the Discovery Settings you want to enable or disable.
  3. Click Enable selected or Disable selected (bottom right corner). A confirmation window will be displayed.
  4. Click on OK.

Deleting Discovery Setting

  1. Log in to FireScope SDDM as a FireScope or Account Administrator.
  2. Click Configuration > Discovery > Network Discovery > Discovery Settings button(or from Menu: Configuration > Discovery > Discovery Rules). The Discovery Setting page will be displayed
  3. In the Name column, click on the existing Discovery Setting you want to delete. Discovery Setting page will be displayed.
  4. Click on the Delete button on the bottom of the page. The Discovery setting is deleted. 

IP Exclusions

Discovery IP Exclusions is applied to all Network Discovery jobs across all Edge Devices in an account. Specify a comma-separated list of targets to be excluded from the scan even if they are part of the overall network range you specify. The list you pass uses normal IP range syntax, so it can include hostnames, CIDR netblocks, octet ranges, etc.

Create IP Exclusion

  1. Click on  IP Exclusions button on the discovery page. IP Exclusions page will be displayed.

IP Exclusion.png-716x119.png

  1. Enter the IP range you want to exclude.
  2. Click on the Save button.

SysObjectID Model Mapping

To enhance Network Discovery and CI Profile results map SNMP SysObjectIDs to Models.

Create SysObjectID Model Mappings# Click on SysObjectID Model Mappings button on the discovery network page. SysObjectID Model Mappings page will be displayed.

SysObjectID.png-800x148.png

  1. Click on the Create button (on the upper right hand corner). Create SysObjectID Model Mappings page will be displayed.

SysObjectID Create.png-735x301.png

  1. Enter System Object ID
  2. Select Manufacturer from the drop down list
  3. Select Asset Type from the drop down list
  4. Enter Model number.

To Edit

  1. Click on the SysObjectID on the existing SysObjectID Model Mappings.
  2. SysObjectID Model Mappings page will be displayed.

0876.SysObjectID Edit.png-728x407.png

  1. Make necessary changes and click on the Save button.

Topology Discovery

The Topology Discovery feature in SDDM enables you to detect and map your network environment.  It creates a complete view of your assets and their interconnections which can be helpful in keeping the network functioning effectively. It can also be helpful in detecting any network problems. This feature provides an option to scan only the specified IP. Topology Discovery utilizes SNMP credentials.

 Create Network Topology Discovery Job

  1. Log into FireScope SDDM as a Firescope or Account Administrator.
  2. Click on Configuration > Discovery > Topology Discovery. Topology page will be displayed.

Topology Discovery Page1.png-801x113.png

  1. To create Topology Discovery click on Create button on the right hand corner of the page. Topology page will be displayed.

Topology Discovery Create.png-797x395.png

  1. Edge Device: Select an Edge Device to designate the data collection or operation target.
  2. Description: Enter a descriptive name that can be understood by all users.
  3. Discovery: 
    1. Starting IP:  This is where the job will make the initial connection to the network. This IP has to be visible to the FireScope appliance. Note: Using a router as a starting IP will provide better results. The starting IP of the scan must be within the constraints for the scan to function correctly.
    2. Frequency: This defines how often your scan job will be run. Network Constraints
  4. Network Constraints:
    1. IP Constriction list: Enter Network IP addresses you wish to target for scanning. This can be a single IP, multiple IP's or a Range of addresses. Examples:Multiple IP's: 192.168.0.1,192.168.0.2,192.168.0.3IP Ranges:192.168.0.1-254 (means 192.168.0.1 to 192.168.0.254)192.168.0-14.1-254 (means 192.168.0.1 to 192.168.14.254)192.0-1.1-4.1-254 (means 192.0.1.1 to 192.1.4.254)191-192.0-1.1-4.1-254 (means 191.0.1.1 to 192.1.4.254)Also supports CIDR notation (192.168.0.0/24)See http://www.subnet-calculator.com/cidr.php
    2. IP Exclusion List: Specifies a comma-separated list of targets to be excluded from the scan even if they are part of the overall network range you specify. The list you pass uses normal IP range syntax, so it can include hostnames, CIDR netblocks, octet ranges, etc. Note: If specified, will exclude and filter the specified IPs from the result of the scan. Leave blank to allow ALL results found.
  5. Result Processing Options: This section determines what actions you want to take upon a completed discovery. There are two options:
    1. Option A:
      • Creates Discovery Results only, does not create Configuration Items and Attributes.
    2. Option B:
      • Topology Discovery results will be used to create Configuration Item
      • Create Discovery Scan: Discovery Profile selected Attributes will be created.
      • Add Service Dependencies: Topology discovered Network dependencies The Network dependencies that will be discovered will be added to existing approved Service Dependencies and available for approval.Network Device -> Network Host Network Device -> Network Neighbor   
  6. Status: Indicates if the Discovery Job is active or disabled. To set the status of the Topology Discovery Job select the option from the drop down list.
  7. Click on the check box I have verified the above steps have been checked.
  8. Click on the Save button.

Refer to Create Network Topology Discovery Job for screen shots

Edit a Network Topology Discovery Job # Log into FireScope SDDM as a Firescope or Account Administrator.

  1. Click on Configuration > Discovery > Topology Discovery. Topology page will be displayed.
  2. Click the name of the job you want to edit.
  3. Edit the form as appropriate and click on the Save button.

Delete a Network Topology Discovery Job# Log into FireScope SDDM as a Firescope or Account Administrator.

  1. Click on Configuration > Discovery > Topology Discovery. Topology page will be displayed.
  2. Click on the name of the job you want to delete. Topology page will be displayed.
  3. Click Delete. A confirmation window will be displayed.
  4. Click on OK.

Virtual Discovery

FireScope SDDM takes advantage of the Virtual Infrastructure Java API to communicate directly with VMWare Virtual Center, enabling direct access to all health metrics for the virtual center as well as the physical hosts and virtual machines associated with it. Using this process does not require an agent installation, nor any additional software. FireScope can discover VMware Assets by connecting to the VMWare Virtual Center API. Once a Virtual Center connection has been defined a Discovery Job is created.# Log into FireScope SDDM as a Firescope or Account Adminstrator.

  1. Click on Configuration > Discovery > Virtual Discovery.

Topology Discovery Page1.png-801x113.png

  1. Click on the Create button in the upper right hand corner. Virtual discovery page will be displayed.

Virtual Discovery.png-800x793.png

  1. Edge Device: Select an Edge Device to designate the data collection or operation target.
  2. Description: Enter a descriptive name that can be understood by all users.
  3. Virtual Environment Connection: Virtual Center Connections are used to discover Host and Guest information within your Virtual Environment (vCenter). Virtual Center Connections also allow a CI to gather Host and Guest information from your Virtual Environment (vCenter) without loading or enabling additional agents and services.
  4. Frequency: This defines how often your scan job will be run.
  5. Network Constraints: The Network IP addresses you wish to target for scanning. This can be a single IP, multiple IP's or a Range of addresses.Examples:Multiple IP's: 192.168.0.1,192.168.0.2,192.168.0.3IP Ranges: 192.168.0.1-254 (means 192.168.0.1 to 192.168.0.254)192.168.0-14.1-254 (means 192.168.0.1 to 192.168.14.254)192.0-1.1-4.1-254 (means 192.0.1.1 to 192.1.4.254)191-192.0-1.1-4.1-254 (means 191.0.1.1 to 192.1.4.254) Also supports CIDR notation (192.168.0.0/24) See http://www.subnet-calculator.com/cidr.php
  6. Result Processing Options: This section determines what actions you want to take upon a completed discovery. There are two options:
    • Option A:
      • Creates VMware Discovery Results only, does not create Configuration Items and Attributes.
      • Selecting Update CI Inventory check box will activate the CI Inventory section.Note: This option affects existing CIs only.
    • Option B:
      • Discovery results will be used to create Configuration Item
      • CI Inventory will be updated
      • VMware Blueprints: VMware Blueprint selected Attributes will be created.
      • Create Discovery Scan: Discovery Profile selected Attributes will be created.
      • Add Service Dependencies: Vmware  discovered Virtual dependencies will be added to the existing approved Service Dependencies and will be available for approval.
        • Host > Guest
        • Host > Storage Device
        • Guest > Storage Device
  7. CI Inventory: Inventory for a CI's assets in terms of Storage, CPU, Interface, and Memory. This information can be populated with the inventory feature enabled from a discovery job or you can populate the list manually. On certain asset types, Macros can be used in associated Blueprints to dynamically create Attributes.
    VM Virtual Center Attributes: [CI_VM_VIRTUAL_DATACENTER.NAME] [CI_VM_VIRTUAL_DATACENTER.CI_VM_DATASTORE.NAME]VM Host Attributes: [CI_VM_DATASTORE.NAME] [CI_VM_VMNIC.NAME]VM Guest Attributes: [CI_VM_VIRTUAL_NIC.NAME] [CI_VM_VIRTUAL_NIC.DEVICE_ID]
  8. Status: A Job can be set to Active or Disabled status.
  9. Check the Verify check box and click on the Save button.

Deleting a Job

When you delete a job, only the results will be affected. CIs created from this job will be left intact. Without the job results, the hierarchy view will no longer be available.

User Management

User Access Level_DDM_New

FireScope SDDM has three access levels which allows users the necessary accessibility for their assigned tasks.

Following are the access roles listed from least access to most access:

  • Service Supervisor
  • FireScope Administrator
  • Account Administrator

Service Supervisor

Service Supervisor is a Read Only user access level. This user does not have the privilege to create, edit, delete, or save anything from any page on My Services menu.

FireScope Administrator

FireScope Administrator have the ability  to edit settings that affects users, groups or properties that has impact on accessibility. Batch configuration functions such as Blueprint linkage and Migrate CIs requires this level of access. FireScope Administrators has access to all Service Groups, Logical Groups and CIs. They can also administer other users 'Overview and Reports..

Account Administrator

Global Settings that affects all configurations and evaluations within the account requires this level of access. Limit this user access level to those you wish to conduct global setting configurations only. Account Administrators have access to all Service Groups, Logical Groups and CIs. This level of access can also administer other users' Overview and Reports.

  Services Supervisor FireScope Administrator Account Administrator
My Services
Dashboard
Service Maps  √
Inventory √ 
Explore Network Traffic × √ 
Explore Network URL ×  √  √
Explore Service Entry Point ×  √  √
Network Topology  √  √  √
VMware Topology  √  √  √
VMware Explorer
Configuration
Run Set Up Wizard × √ 
Edge Devices × √ 
Edge Assignment Rules × √  √ 
Explore Network Traffic × √  √ 
Explore Network URL × √  √ 
Explore Service Entry Point × √  √ 
Services   
Service Group × √  √ 
Dependency Editor × √  √ 
Discovery   
Credentials × √  √ 
Network Discovery × √  √ 
Discovery Rules × √  √ 
Topology Discovery × √  √ 
Virtual Discovery × √  √ 
Inventory   
Configuration Item × √  √ 
CI Type × √  √ 
Attributes × √  √ 
Blueprints × √  √ 
Batch Blueprint Linkage × √  √ 
Value Map × √  √ 
Logical Group × √  √ 
Administration
Integration Overview × √  √ 
Cherwell Federation ×  √
Agent   
Agent Management ×
Agent Upgrades ×  √
Utilities   
Export CIs/Blueprints ×
Import Cis / Blueprints ×
Migrate Cis ×
User Management   
Users  × √   √
User Group ×
AD User Configuration ×
External Authentication ×
Report   
Audit Log ×
Edge Device Scorecard ×
System Messages ×
Config and Usage Statistics ×
 Administrative Notification  ×  √ √ 

Create User

To Create a SDDM User:

  1. Log in to FireScope SDDM as a FireScope or Account  Administrator.
  2. Click Administration > User Management > Users. The Users page will be displayed with list of the current Users, their access level, user group(s) and online status.

3286.Users.png-712x227.png

  1. Click on the Create button(on the upper, right side of the page). The Create User page will be displayed.

8311.Create Users.png-701x692.png

  1. Alias (Login Name):  Enter a user's login name (username). This entry must be unique.
  2. User Settings:
    1. Name: Enter user's name, this field is required for display.
    2. Surname: Enter user's last name, this field required for displays.
    3. Status: Shows the status of the user account.
    4. Password: Enter a login password.
    5. Confirm password: Enter a login password again to confirm password.
  3. User Locale:
    1. Language: Select a language to change the menu to your desired language.
    2. Timezone: Click on the Change button to change the Country and timezone.

Change Country TimeZone.png-494x313.png

    1. Date/Time Format: Click on Change button to change the time and date format.

Chage TimeandDate.png-491x172.png

  1. Contact Media:  This is a required entry. Notifications,alerts and reports all require a contact information to be associated with a user. (Email is the most affective type of contact media).
  2. User Access Level:
    1. User Access Level
    2. User Group:
  3. Application Setting:
    1. Default location: Default location in FireScope to load when this user logs in.
    2. Auto-logout: In seconds, how long the user can remain idle before the system automatically logs them out. 0 = never auto-logout
  4. Click on the Save button.    

Refer to Create User for Screen Shots    

To Update a SDDM User:#  Log in to FireScope SDDM as a FireScope or Account Administrator.

  1. Click Administration > User Management > Users. The Users page will be displayed with list of the current Users, their access level, user group(s) and online status.
  2. Click on user's Alias (Login Name). Edit User page will be displayed.
  3. Make necessary changes.
  4. Click on the Save button. 

To Delete a SDDM User:

Deleting a User consists some considerations.# If this user is Active Directory created, deleting this user will simply cause the user to be recreated in the next synchronization.

  1. Determine the reassignment of any objects that may belong to this user. For example, you may choose to reassign ownership and persist and pass control to another user.
  2. Below is the reassignment screen you will see after clicking delete on an individual user's configuration form. (not from the grid)

0871.Delete Users.png-667x301.png

  1. Click on the Submit button to confirm User deletion.

User Groups

User Groups are used to manage access for a group of Users. They are commonly used to represent a team within an organization that shares common responsibilities or tasks related to managing the IT assets.While User Group membership determines which assets are accessible to Users, determines the level of access rights (read-only, read-write) the user has to those assets.

User Groups linked to a Service Group - will allow users access to all Logical Groups, CIs and related elements (Attributes) under that Service Group & its Logical Groups.

User Groups linked to a Logical Group - will allow users access to all CIs and related elements (Attributes) under that Logical Group.

User Groups linked to a Blueprint Group - will allow users access to view and edit Blueprint Groups and their associated Blueprint elements.

Creating and Managing a User Group

 Note: Although Users can belong to more than one User Group, it is easier to manage permissions by NOT overlapping user and group memberships with complex Service and Logical group assignments.# Log in to FireScope SDDM as a FireScope or Account Administrator.

  1. Click Administration > User Management > User Groups. The User Groups page will be displayed with list of the current User Groups.

Users Group.png-703x174.png

  1. Click on the Create button. Create User Groups page will be displayed.

Create Users Group.png-699x298.png

  1. Group Name: Enter a name for your User Group.
  2. Users: Add users here by clicking on Add button. Existing Users page will be displayed.

Users List.png-320x240.png

    1. Click on the check box next User names and click on Select button in the top or bottom right hand corner.
  1. Service Group/Logical Group:
    1. User groups linked to a Service Group - will allow users access to all Logical Groups, CIs and related elements (attributes, event definitions, events, etc) under that Service Group & its Logical Groups.
    2. User groups linked to a Logical Group - will allow users access to all CIs and related elements (attributes, event definitions, events, etc) under that Logical
  2. Blueprints: User groups linked to a Blueprint Group will allow users access to view and edit Blueprint Groups and their associated Blueprint elements.
  3. Click on the Save button.

AD User Configuration

Firescope SDDM allows the user to configure access to Windows AD from a deployed Edge device which provides users a more secure method to access user information to setup accounts in SDDM cloud. The connection is assigned to a single Edge device which is already deployed within the user’s network and utilizes an already open connection between the Edge device and the SDDM cloud to deliver the user data.

Note: Make sure the AD account user you enter here has visibility to the users you wish to import.# Log in to FireScope SDDM as a Firescope or Account Administrator.

  1. Click Administration > User Management > AD User Configuration. The Users Configuration page will be displayed.

2158.AD User Config Form.png-735x615.png

  1. Edge Device: Click on Change Edge Device button to select an Edge Device to designate the data collection or operation target. Note: Changing the Edge device setting will require configuration update to move the access to your data from one Edge to another.
  2. Windows AD Connection:
    1. AD Server: Enter your internal AD server such as ad.company.com or 10.0.0.123.
    2. Port: Enter the Port number. Note: Default port is 389
    3. Domain: Your Domain, often the text following the @ in your email, such as company.com
    4. Account User: User used to find other users in AD. User must have permission to the provided Server, Domain, and User Group.Do not include your domain again ie text after (and including) the @ symbol
    5. Password: Click on Change button to change your password.
    6. Connection Method: Select a Connection method from the drop down list.Note: You must up load a SSL certificate to enable SSL connection.
    7. Click on Browse to select a SSL certificate.
  3. Import User:
    1. Status--Select the status(Enabled or Disable)from the drop down list.
    2. Mode--You can create active directory query filter and user assignment rules to process users as they are imported into Firescope DDM. 
      1. The Preview Results Only mode lets you review the results without actually creating or updating Users.
      2. You can change the Mode to Import Users in Results once you have the expected results.
    3. Frequency --You can schedule import configuration by entering frequency time in minutes.
    4. Run Once--Check the Run Once check box to run it only once.
    5. AD User Group --This is the actual location of the User. The full baseDN path the main user group 'OU=Demo Users,OU=Demo,DC=mycompany,DC=int'
    6. Query Filter: This is utilized to narrow the user list down to the ones you wish to import with this rule. Query filter to select users to import Fields sAMAccountName, mail, sn, givenName are all required for valid users.How-to guide on writing filters https://technet.microsoft.com/en-us/library/aa996205(v=exchg.65).aspx
      Note: Consult your security administrator and test the search filters with AD administrative tools before trying it in Firescope DDM.Examples: view msdn reference
Simple: '(&(objectCategory=person)(sAMAccountName=*)(mail=*)(sn=*)(givenName=*))'
Members of a group: '(&(objectCategory=person)(sAMAccountName=*)(mail=*)(sn=*)(givenName=*)(memberOf=CN=FireScope,CN=Users,DC=companyname,DC=int))'
Members of multiple groups: '(&(objectCategory=person)(sAMAccountName=*)(mail=*)(sn=*)(givenName=*)(|(memberOf=CN=IT,CN=Users,DC=companyname,DC=int)(memberOf=CN=Central,OU=SecurityGroups,DC=companyname,DC=int)))'
    1. User Access Level--You can select the user access level for the imported or updated user from the drop down list. Note: If the user is part of multiple rule results, the highest level will be granted.
    2. User Group--You can select the user group of which the imported or updated user will become a member. Note: This is additive only. When a user does NOT match a user group assignment, the update import will NOT remove the user from any group or groups.
    3. Last Scan Summary--Displays the record of updated and imported users. Click on the Results to see detailed view.
    4. Remove--You can delete the Rules by clicking on the X.
    5. Add More: Click on Add More button to add multiple rules.
  1. Click on Save button.

External Authentication

If you have SAML Identity Provider or Windows Active Directory deployed in your organization for user access management, you can utilize Firescope's External Authentication to use the same credentials as the organization's login credentials.

To Select a Method of Authentication: # Login in to Firescope SSDDM as an Firescope or Account Administrator.

  1. Click on Administrator > User Management> External Authentication. External Authentication page will be displayed.

7103.External Authentication.png-801x433.png

  1. Select the Authentication Method from the drop down list.

Authentication Methods

  1. Local Authentication OnlyThis is the default authentication. It authenticates against local users only. This method does not require any type of integration with other authentication sources or organizations within the company.Note: Enabling Local Authentication will disable Active Directory Authentication

8838.External Authentication Local.png-805x275.png

  1. Active Directory AuthenticationThis is a method that authenticates against local users and Windows Active Directory. This method requires Firescope cloud to have access to the Windows Active Directory to verify user credentials. It also requires configuration provided by Active Directory and users should be already imported through AD User Configuration. The Active Directory may be provided by a different organization within your company.

1004.External Authentication.png-815x442.png

  1. SAML Authentication This is a method that authenticates against local users and SAML. SAML authentication is a method to authenticate users against a remote service, know as a SAML Identity Provider (IdP), instead of authenticating against Firescope SDDM which is considered to be the SAML Service Provider (SP). SAML Identity Provider may be provided by a different organization within the company.Successful SAML authentication requires following:
    1. Firescope SDDM cloud to have access to your SAML Identity Provider.
    2. Configuration and exchange of SAML metatdata between Firescope SDDM and your SAML Identity Provider.
    3. Changes to the customer's authentication server (idP ie PingID) and to the customer’s account in Firescope SDDM (SP). Select the SAML Authentication method from the drop down list on External Authentication page.

SAML Authentication page will be displayed. This page has three sections which are explained below.

  1. Remote Identity Provider(IdP) - This information must be provided by your Remote Identity Provider. Coordinate SAML configuration with your Remote Identity Provider.

Remote IdentityProvider.jpg-765x835.jpg

    • Entity ID URL(Issuer): Identifier of the IdP entity. May be the IdP Metadata URL or another unique URL to identify the Issuer.
    • Single Sign on Service URL (SSO):  URL target of the IdP where the SP will send the Authentication Request Message
    • Log Out Service URL: URL where the SP will perform a simple non-SAML redirect.
    • X.509 Certificate: IdP public certificate used in verifying signed SAML responses
  1. Local Service Provider(SP) - SAML configuration must be provided to your Remote Identity Provider and must match your Remote Identity Provider configuration.Coordinate SAML configuration with your Remote Identity Provider. This information is provided by Firescope SDDM.

8666.Local Service Provider.png-626x592.png

  1. Options - This section has additional SAML configuration which must match your Remote Identity Provider configuration. Coordinate SAML configuration with your Remote Identity Provider.

OPtions.jpg-821x399.jpg

  1. Sign Requests/Responses
    1. Authn Requests Signed: The AuthnRequest messages sent by this SP will be signed
    2. Logout Request Signed: The logoutRequest messages sent by this SP will be signed
    3. Logout Response Signed: The logoutResponse messages sent by this SP will be signed
    4. Sign Metadata: The Metadata provided by this SP will be signed
    5. Messages Signed: Require the Response, LogoutRequest, and LogoutResponse received by this SP to be signed
    6. Assertions Signed: Require the Assertion elements received by this SP to be signed
  2. ADFS
    1. Lower Case URL- Encoding: Enable for ADFS compatibility on signature verification
  3. Authentication Context: SP specified user authentication mechanism to request the IdP to use for user authentication
  4. Signature Algorithm: Algorithm that will be used for signing.

Configuration Item

Configuration Items (CI) are any asset, devices, platform, or software on your network that FireScope SDDM will discover (e.g. servers, routers, VMs, applications). They can be grouped into Logical Group or Service Group. CIs contain Attributes which are the metrics or logs you want to track(e.g., Processor Utilization, Free Disk Space, log entries). Each CI can be connected with FireScope SDDM using an optional agent or through SNMP, Syslog, or other communication methods.

CI's Association with Credentials

Credentials allow a Configuration Item to gather information from your environment without loading or enabling additional agents and services. Depending on your environment, valid credentials may be required. Use the Manage Credentials page(Configuration  > Discovery > Credential) to add or update credentials.Credentials are Edge device specific. This allows you to designate shared credentials (such as SNMP) per environment with a dedicated Edge device.

Each discovered asset includes key elements:# The Configuration Item - The CI acts as a container that identifies the IP Address or FQDN of the asset.

  1. Attributes - Attributes are the individual metrics, logs, and operational states of the CI.

Please note that this section describes the manual process for creating an individual CI, and is rarely followed.  In most cases, CIs are created automatically using Discovery, Integration or the Configuration Web Service.  Additionally, attributes are ideally applied via Blueprints in any scenario where you have more than one of a given class of CI.

Create CI

Following are the steps to create CIs manually. # Log in to FireScope SDDM as a Firescope or Account Administrator.

  1. Click Configuration > Inventory > Configuration Items. The Configuration Items page will be displayed. 

CI Page 1.png-820x187.png

  1. Click on the Create button(in the top right corner). The Create Configuration Item page will be displayed.

5415.CI Create.png-798x1228.png

  1. Edge Device: Select an Edge Device to designate the data collection or operation target. Edge Device is the main connection point that is required for Firescope SDDM to collect data from this CI. This is server (or VM) that is connected to the Firescope SDDM cloud application but is local to your CIs that are monitored
  2. Settings:
    • Name: Enter a descriptive name for this item..
    • Status: Select the Status from the drop down list.
  3. Data Collection and Evaluation for this device: There are two ways to quickly configure your CI to collect data and evaluate for events.
    • Link to pre-defined blueprints: Click on Add Blueprint button to select blueprints to apply to this CI. Blueprints are already configured with attributes (data collection).  When you link a blueprint to a CI, that CI inherits all defined blueprint elements and can be managed via the linkage. This is a quick way to start collecting data with your configuration.
    • Scan the CI by IP/DNS and create configuration based on scan results. Selecting this option will set the system to run discovery on the IP/DNS - and create configuration base on results (applies profiles). Note: CI Scanning utilizes the discovery profiles feature and requires proper agent installation or SNMP authentication for results.
      • Blueprint linkage for CI Inventory: Click on Select to a blueprint. Blueprint linked to this CI will try to expand dynamic elements with appropriate macros.
  4. Connection Settings: This section defines how FireScope should connect to the Configuration Item; by IP Address or DNS Name.
    • Connect to: Select how Firescope should connect to the CI, from the drop down list.Note: IP address is faster since it doesn't require a DNS lookup process.
    • DNS Name: Enter fully qualified DNS address of the asset. This field is required only if you have selected DNS name from the Connect to list.
    • IP Address: Enter IP address of the asset. This field is required only if you have selected IP Address from the Connect to list.
    • Port: Enter the port the agent is listening on. This  field is required only if you are using the FireScope Agent, which by default uses port 8042.
  5. Credentials And Additional Connection Settings: These settings are required for some specific types of data collection which may need additional connection associations.
    • SNMP Credentials: SNMP access credentials allows attributes to connect to the SNMP device.
    • VMware Virtual Center Credential: VMware Virtual Center access credentials allows attributes to connect to the VMware device and determine data relationships.
    • NetApp ONTAP Credential: NetApp ONTAP access credentials allows attributes to connect to the NetApp device and determine data relationships.
    • LDAP Credential: To allow the CI to use the LDAP credentials, you need to link them. This is done from the CI itself. Edit the CI and scroll down to the Credentials and additional settings. Select the LDAP tab then select the appropriate credentials from the drop down. Linking CI to LDAP credentials allows attribute of this CI to connect to LDAP service.

2465.LDAP Association.png-797x147.png

  1. Groups:
    • Service Group - Grouping of CIs based on functionality or service provided by CIs. User groups linked to a Service Group will allow users access to all Logical Groups, CIs and related elements (attributes) under that Service Group & its Logical Groups.
    • Logical Group - Grouping of CIs based on location, type of hardware, or another common factor between CIs. User groups linked to a Logical Group will allow users access to all CIs and related elements (attributes) under that Logical Group.
  2. Profiles: This section contains additional information about this Configuration Item that might be helpful for other users or for asset tracking. Device type is the only required field in this section, all other fields are completely optional.
  3. Click on the Save button.

Clone CI

  1. Open an existing CI.
  2. Edit the form.
  3. Click on the Clone button (on the bottom of the page). The Create Configuration Item page will be displayed, duplicating the field values of the CI you chose.
  4. Click on the Save button.  

Edit CI

  1. Open an existing CI.
  2. Edit the form.
  3. Click on the Save button.

Activate or Disable CI

  1. Click Configuration > Inventory > Configuration Item. The Configuration Items page lists all the current CIs.Note: You can filter this display by Service Group or Logical Group using the global navigation. You can sort the information by clicking a column header.
  2. Check the box next to the CI you want to activate or disable.
  3. In the drop-down at the bottom right corner of the page, select Activate selected or Disable selected.
  4. Click on the Update button. A confirmation window will be displayed.Note:  Disabling a CI sets FireScope SDDM to no longer collect data from that CI, but all previously collected data will still be accessible.
  5. Click on the OK button.

Delete CI 

  1. Click Configuration > Inventory > Configuration Item. The Configuration Items page lists all the current CIs.Note: You can filter this display by Service Group or Logical Group using the global navigation. You can sort the information by clicking a column header.
  2. Check the box next to the CI you want to delete.
  3. In the drop-down at the bottom right corner of the page, select Delete selected.
  4. Click on the Update button. A confirmation window will be displayed.
  5.  Deleting a CI will not delete any data but will mark this device and its historical data for deletion during the next Housekeeping cycle. For information on Housekeeping timing, please see History Settings and Cleaning History, in the Ongoing Administrative Tasks section.
  6. Click on the OK button.

Batch Update CI Profiles

To Update CI properties:# Log in to FireScope SDDM with Firescope or Account privileges.

  1. Click Configuration > Inventory > Configuration Item. The Configuration Items page lists all the current CIs.Note: You can filter this display by Service Group or Logical Group using the global navigation. You can sort the information by clicking on column header.

" "

  1. Check the box next to the CI you want to update.
  2. From the drop-down at the bottom right corner of the page, select Update CI Profiles from the following options:
    1. Activate --Activate or Disable CI
    2. Disable --Activate or Disable CI
    3. Delete Delete CI
    4. Update CI Profiles (see details below)
    5. Add to Logical Group
    6. Link to Blueprint

Update CI Profiles

CI properties are populated by Discovery profiles but are not updated by Blueprint linkage. To edit several CIs at the same time,# Select the Check boxes next to the CIs you wish to update.

  1. Select Update CI Profiles action from drop down box (bottom right hand corner)

" "

  1. Click on the Update button. Batch update CI Profile form will be displayed.Note: Leaving a field blank will preserve the existing values per CI.

" "

  1. Make necessary changes to the form and click on the Update CI Profiles button.
  2. Selected CIs (at the end of the form) shows the existing values of the selected CIs prior to the batch update.

CI Type Definition

CI Types let you classify Configuration Items for reporting and other view filters. You can edit defined types or add new types to be used.

To create CI Type # Click on Configuration > Inventory > CI Type. CI Type page will be displayed.

" "

  1. Click on the Create button to create a new CI type. Create CI Type page will be displayed.

" "

  1. Name: Enter name for the CI Type.
  2. Description: Enter the description for the CI Type.
  3. Image: Select image by clicking on the Browse button.
  4. Click on the Save button.

To Update CI Type

  1. Click on the existing CI Type Name. CI Type form will be displayed.

" "

  1. Make the necessary changes to the CI Type.
  2. Click on the Save button.

Connections to Device API

Connections to Device API for Data Collection

Linking a CI to stored credentials will allow attributes within this CI to connect to the device and collect data. Depending on the type of attribute used (SNMP, LDAP, NetApp, etc), you must provide the right type of credential. For example, to use the VM attributes, such as "vm_guest_cpu_host_util" will require connectivity to the VMWare API to collect this metric. The CI must have the reference link to the VM connection credential.

All credentials can be managed from Configuration > Discovery > Credential.

SNMP CredentialSNMP access credentials allow attributes to connect to the SNMP enabled devices. User must provide community

LDAP ConnectionA LDAP access credentials allow attributes to connect to the LDAP service. User must provide login as well as binding information. Use with "ldap_check" attributes.

VMware Virtual Center CredentialA CI associated with a Virtual Center connection has the ability to gather Host and Guest information from your Virtual Environment (vCenter) without loading or enabling additional agents and services. This feature could also be used to gather capacity information across your virtual infrastructure. Virtual Center Infrastructure Client Name - used as the unique lookup to locate the associated virtual center host or guest. Use with VM Center, Host and Guest attributes.

NetApp ONTAP This access credentials allow attributes to connect directly to the NetApp device and determine data relationships. Use with NetApp Check attribute type. (Ex. "netapp_perf")

Migrate CI's

Prerequisite

Before migrating any CIs, make sure that the FireScope agents running on the CIs are configured to point to the new Edge device IP  address. This can be done by editing the Server property field in the agent configuration.

Migrate CI's

There may be times, either because of growth in your infrastructure or for performance tuning reasons, where you need to redistribute data collection for Configuration Items (CIs) across your Edge devices.  Firescope SDDM includes a mass-migration utility for these occasions.  It is important to note that CI GUIDs include the associated Edge device's GUID, and therefore moving a CI to a different Edge device requires re-creating the CI with a new GUID.  While this has no impact on integration, it does mean that the history of the CI will have to be recreated, which is why the migration capability includes options for the length of history to retain.

This migration capability lessens the load of an over tasked Edge device. * Consult your CMI administrator to view the Edge device scorecard for more detailed usage statistics.

  • Once you have deployed and registered a new Edge device, you can select the CIs to be relocated individually or by groups.
  • A practical method is to create a temporary logical group that contains the CIs and select that group for migration.
  • The grid listing will give you a good idea how your environment is currently balanced and if any concurrent migrations are in process.

To migrate CIs# Click on Administration > Utilities > Migrate CIs, Migrate CIs page will be displayed.

5008.Migrate CIs Page.png-796x247.png

  1. Click on the Create button, Create Migration CI Job page will be displayed.

Migrate CIs Create.png-791x398.png

  1. Migrate Form:  Select Edge Device from Migrate from drop down menu.
  2. Migrate To: Click on the Edge device to select it to migrate the CIs to.
  3. Select Configuration Items To Migrate: Select a type of item from drop down menu to migrate.
    1. Click on Select button, a Select (item type) page will be displayed.Select CI

Select Migrate CI.png-713x246.png

Select Logical Group

Select Migrate LG.png-714x299.png

    1. Click on the check box next to the item to select it, then click on the Select button.
  1. You will be redirected to the Create Migration CI Job page.
  2. Enter Days of CI History Data to Migrate: or No history (0 days) option, on the Create Migration CI Job page.
  3. Click on the Next button.

4527.Data History.png-914x237.png

  1. . Confirm Migration Job page will be displayed.

6574.Confirm Migrate CIs Create Job.png-921x478.png

  1. Click on the check box to confirm the migration and then click on the Execute button.

Data Collection

In order to ensure you are receiving the richest set of data possible, FireScope offers a variety of data collection types to choose from. You can select data collection methods on a host-by-host basis. For instance, data on network equipment can be collected through SNMP, while servers communicate through rich agents. Not all data collection methods offer the same range of data types, and each has its own set of limitations and prerequisites. The table below will guide you through the available collection methods to help you strategize the best deployment for your unique environment.


Method Requirements Additional Information
Agent Remote     A type of FireScope agent data access where agent sends data back to the Edge device periodically vs. utilizing the poller service from the Edge device.
Calculated Attribute   You can use this attribute to combine other attributes' values.
FireScope Agent Agent must be installed on device. Currently available for most operating systems, including Windows, Linux, Unix, BSD. This method offers the largest scope of information collection. It includes log data from any log file on the host machine as well as system performance data and direct database connectivity.See Installing an Agent]
LDAP Check Requires CI to have a link to LDAP credential Collect metrics using LDAP queries
Percentile Attribute   Value of other attributes at specified percentile for a specific time window in days. (information on percentile calculations)
TCP Check   Collects information by connecting via IP and Port.
NetApp Check   Requires CI to have a link to NetApp ONTAP credential Collect metrics directly from a NetApp Filer using ONTAP API
VM Guest Requires CI to have a link to VM credential Collects metrics regarding VM Guests
VM Host Requires CI to have a link to VM credential Collects metrics regarding VM Hosts
VM Virtual Center Requires CI to have a link to VM credential Collects metrics regarding VM Virtual centers
SNMP v1 Device must be SNMPv1 compatible or have an SNMP agent installed. This includes most networked assets. The SNMPv1 SMI specifies the use of a number of SMI-specific data types, which are divided into two categories:Simple data typesApplication-wide data types
SNMP v2 Device must be SNMPv2 compatible or have an SNMP agent installed. The SNMPv2 SMI is described in RFC 2578. It makes certain additions and enhancements to the SNMPv1 SMI-specific data types, such as including bit strings, network addresses, and counters. Bit strings are defined only in SNMPv2 and comprise zero or more named bits that specify a value. Network addresses represent an address from a particular protocol family. SNMPv1 supports only 32-bit IP addresses, but SNMPv2 can support other types of addresses as well. Counters are non-negative integers that increase until they reach a maximum value and then return to zero. In SNMPv1, a 32-bit counter size is specified. In SNMPv2, 32-bit and 64-bit counters are defined.Additionally, SNMPv2 also specifies information modules, which specify a group of related definitions. Three types of SMI information modules exist: MIB modules, compliance statements, and capability statements.MIB modules contain definitions of interrelated managed objects.Compliance statements provide a systematic way to describe a group of managed objects that must be implemented for conformance to a standard.Capability statements are used to indicate the precise level of support that an agent claims with respect to a MIB group. An NMS can adjust its behavior toward agents according to the capabilities statements associated with each agent.
SNMP v3 Device must be SNMPv3 compatible or have an SNMP agent installed. Essentially offers the same information as SNMPv2, with the addition of 3 important security features:Message integrity to ensure that a packet has not been tampered with in transit.Authentication to verify that the message is from a valid source.Encryption of packets to prevent snooping by an unauthorized source.

Value Translations

For UI displays of data, you can assign value translation to be associated with attributes. For example, 'Ping' values of 0 and 1 can be associated to display.

0 ⇒ Down 1 ⇒ Ok

Value translation are helpful to provide readable formats corresponding numeric status or codes. Often status values are dependent on individual vendor APIs and protocols. For example, for VMWare API, the following are some mappings:

VM Guest State reset  ⇒  Reset suspended  ⇒  Suspended poweredOn  ⇒  Powered On poweredOff  ⇒  Powered Off
VM Host State connected  ⇒  Connected disconnected  ⇒  Disconnected notResponding  ⇒  Not Responding
VM Tools Information toolsNotInstalled  ⇒  Not Installed toolsNotRunning  ⇒  Not Running toolsOld  ⇒  Out of Date toolsOk  ⇒  Ok

These values can be populated either manually by users, imported with CI definition XMLs, or results from discovery jobs.

Applying Translation to Attributes

When configuring an attribute, change the 'Show value' setting under Attribute Display Options.

Configuration> CIs> Attribute > Create New /Edit Existing

ATB Display OPtion.png-837x170.png

Data Collection Methods

In order to ensure you are receiving the richest set of system events and data possible, FireScope offers a variety of data collection types to choose from. You can select data collection methods on a host-by-host basis. For instance, data on network equipment can be collected through SNMP, while servers communicate through rich agents. Not all data collection methods offer the same range of data types, and each has its own set of limitations and prerequisites. The table below will guide you through the available collection methods to help you strategize the best deployment for your unique environment.


Method Requirements Additional Information
Agent Remote   A type of FireScope agent data access where agent sends data back to the Edge device periodically vs. utilizing the poller service from the Edge device.
Calculated Attribute   You can use this attribute to combine other attributes' values.
FireScope Agent Agent must be installed on device. Currently available for most operating systems, including Windows, Linux, Unix, BSD. This method offers the largest scope of information collection. It includes log data from any log file on the host machine as well as system performance data and direct database connectivity.
LDAP Check Requires CI to have a link to LDAP credential Collect metrics using LDAP queries
NetApp Check Requires CI to have a link to NetApp ONTAP credential Collect metrics directly from a NetApp Filer using ONTAP API
Percentile Attribute   Value of other attributes at specified percentile for a specific time window in days.
SNMP Trap   Collects messages forwarded to FireScope from SNMP devices
SNMP v1 Device must be SNMPv1 compatible or have an SNMP agent installed. This includes most networked assets. The SNMPv1 SMI specifies the use of a number of SMI-specific data types, which are divided into two categories:Simple data typesApplication-wide data types
SNMP v2 Device must be SNMPv2 compatible or have an SNMP agent installed. The SNMPv2 SMI is described in RFC 2578. It makes certain additions and enhancements to the SNMPv1 SMI-specific data types, such as including bit strings, network addresses, and counters. Bit strings are defined only in SNMPv2 and comprise zero or more named bits that specify a value. Network addresses represent an address from a particular protocol family. SNMPv1 supports only 32-bit IP addresses, but SNMPv2 can support other types of addresses as well. Counters are non-negative integers that increase until they reach a maximum value and then return to zero. In SNMPv1, a 32-bit counter size is specified. In SNMPv2, 32-bit and 64-bit counters are defined.Additionally, SNMPv2 also specifies information modules, which specify a group of related definitions. Three types of SMI information modules exist: MIB modules, compliance statements, and capability statements.MIB modules contain definitions of interrelated managed objects.Compliance statements provide a systematic way to describe a group of managed objects that must be implemented for conformance to a standard.Capability statements are used to indicate the precise level of support that an agent claims with respect to a MIB group. An NMS can adjust its behavior toward agents according to the capabilities statements associated with each agent.
SNMP v3 Device must be SNMPv3 compatible or have an SNMP agent installed. Essentially offers the same information as SNMPv2, with the addition of 3 important security features:Message integrity to ensure that a packet has not been tampered with in transit.Authentication to verify that the message is from a valid source.Encryption of packets to prevent snooping by an unauthorized source.
TCP Check   Collects information by connecting via IP and Port.
VM Guest Requires CI to have a link to VM credential Collects metrics regarding VM Guests
VM Host Requires CI to have a link to VM credential Collects metrics regarding VM Hosts
VM Virtual Center Requires CI to have a link to VM credential Collects metrics regarding VM Virtual centers

Attribute

An Attribute is a specific metric or log you wish to collect data for, such as CPU Load Average or Response Time and is associated with a Configuration Item (CI). An Attribute can refer to a metric obtained via any of FireScope SDDM data collection methods. Attributes can be configured as the following value types:

Value Type Description
0 Float Double e.g. 3.14
1 String Character (max size 1024) e.g. "Hello world"
2 Log Actual lines from a log attribute / Windows Event log attribute (Max size 65535)
3 Long Integer e.g. 2147483647
4 Text Very large "String" equivalent of a CLOB (Max size 65535)
9 JSON  (Max size 4096)e.g. {"first_name":"Bryan","company_name":"FireScope"}

The easiest way to add Attributes for a CI is to associate the CI with a Blueprint. Blueprints are pre-configured CIs of a specific type, such as Windows Server or Cisco 2600 and include a list of commonly used Attributes. You can associate more than one Blueprint with a CI.

Note: Use a Blueprint to save time when configuring multiple similar CIs,

To create an Attribute:

  1. Log in to FireScope SDDM as a Firescope or Account Administrator.
  2. Click on Configuration > Inventory > Attributes. The Attributes page displays the list of Attributes for the selected Configuration Item (In the Navigation bar).

0284.Attribute Page 1.png-789x242.png

  1. In Navigate or Search for a description, select the CI you want to create the Attribute for.
  2. Click on the Create button (in the top right corner). The Create Attribute page will be displayed.

8562.Attribute Create.png-799x437.png

  1. Configuration Item: A Configuration Item (CI) is any device, platform, or software that is required for the delivery of an IT service. Attributes are associated with a specific CI. Click on the Select button to select a CI
  2. Attribute Description:
    1. Description: Attributes are a specific metric or status indicator.  Enter a descriptive name for this item.
    2. Status: This field indicates whether FireScope is actively collecting data for the attribute. Not Supported indicates that there is a problem with the data being collected.
  3. Data Collection Settings: This section defines how FireScope should gather values for the attribute, either through the FireScope Agent, SNMP or other means. If you are using FireScope agent please make sure the selected operation is defined in the FireScope Agent's configuration. For SNMP, you must enter the credentials required to access the SNMP connection (port 161) of the device. The Update interval tells FireScope how often to check values. The Value field allows you to either collect the raw value or its rate of change over time.
    1. Type: This determines how FireScope SDDM should gather values for the Attribute. Depending on what you select, additional form fields may appear.  For information on each type click here.
    2. Operation: Select the operation for gathering data. For e.g. If you are using FireScope agent please make sure the selected operation is defined in the FireScope Agent's configuration. For SNMP, you must enter the credentials required to access the SNMP connection (port 161) of the device.
    3. Base Units: Select base unit type appended to the end of all values for this Attribute whenever they are displayed. For example, (%) Percent for processor utilization, (B) Bytes for file system size, and (Bps) Bytes Per Second for network performance.
    4. Use multiplier: In case you want to convert the value mathematically before storing, such as converting bits to bytes, select Custom multiplier. Type the number to multiply in the Custom multiplier field.
    5. Type of Information: Format of values that will be returned by this Attribute.
    6. Value: Option to find how much a value has changed since the last time this Attribute was queried. In this case, select Delta (speed per second) or Delta (simple change) to have FireScope SDDM only record these values. Select As is to record the actual value.
    7. Update interval (in sec): This field determines how often, in seconds, FireScope SDDM should retrieve or listen for new data.E.g. Enter 60 to check every minute, 3600 for once an hour, or 86400 for once a day.
    8. CI Profile Field: Name of a field (default or custom) to update for this CI's profile section. This feature is useful for selecting certain attributes as asset or CMDB information for a particular CI.
  4. Click on the Save button.

Refer to Create Attribute for screen shots

Edit an Attribute:

  1. In the Description column, click on the name of the Attribute you want to edit.
  2. If an Attribute is associated with a Blueprint, the Blueprint name precedes the Attribute name and not all fields are editable, such as the operation and type information. If you need to edit an Attribute associated with a Blueprint, select the Blueprint in the Configuration Field (step 3), and edit this Attribute.
  3. Edit the form.
  4. Click on the Save button.

Clone an Attribute:

  1. In the Description column, click on the name of the Attribute you want to clone.
  2. Edit the form.
  3. Click on the Save button.      

Delete Attribute

  1. In the Description column, check the box next to Attribute name you want to delete.
  2. From the drop-down in the bottom right corner of the page, select Delete selected.
  3. Click Update. A confirmation window will be displayed.Note: Deleting an Attribute will have a cascading delete effect. All elements that are based on this Attribute will be effected (for e.g.  Dashboards. Data collected by this Attribute will be lost for good.)

Delete Confirmation Window.png-647x178.png

  1. Click on the OK button. Attribute will be deleted.

Data Type

Type Information Additional Information
Numeric Float 1.4, 235.3333 Trend HistoryTrends are hourly and daily averages of numeric (float and integer) data stored separately from detailed data points. Each average entry also keeps track of maximum, minimum, average and number data points collected. This allows data to be stored for longer periods of time and still be usable for analysis.
Numeric Integer 1,3
Character  1024 Bytes
Text 65535 Bytes 
JSON {“dataname” : “metric1”“datavalue” : “123”}

Type of Attribute

Types of Attribute defines how FireScope SDDM gather values for an Attribute, it could be either through the FireScope Agent, SNMP or other means.

Agent remote

In the case of Agent Remote attributes, the Edge Device does not request the values from the Agent, instead the Agent periodically (as configured in the Agent configuration file) retrieves the list of currently active Agent Remote attributes from the Edge Device. After retrieving the list of Agent Remote attributes, the Agent periodically sends the values for those attributes back to the Edge Device.

Agent configuration file refers to either firescope_agentd_posix.xml or firescope_agentd_win.xml file

This functionality is configured with following two properties in the FireScope Agent configuration file.# Agent should know which Edge Device has the list of agent remote attributes. This is configured in the Server property by adding the IP address of the Edge Device as the first entry in the command delimited list.
<prop>      <key>Server</key>      <value>10.0.12.64,10.0.12.61,10.22.121</value>      <description>List of comma delimited IP addresses of FireScope servers. First entry is used for sending active checks.</description>      <flags>0</flags></prop>In the example above, the agent will only request a list of agent remote attributes from the edge device with the IP "10.0.12.64" because it is the first (or only) IP in the list.

  1. The actual CI name should be set as the value for Hostname property. (Please note that the Hostname value is Case Sensitive)
     <prop>      <key>Hostname</key>      <value>eas-cent67</value>      <description>Unique hostname. Required for active checks and sentinel checks. For active checks, this unique host name must be same as the corresponding CI name.</description      <flags>0</flags></prop>
    In order to make sure that everything is setup correctly, set the value of DebugLevel property as 5 in the Agent Configuration file. 
     <prop>      <key>DebugLevel</key>      <value>5</value>      <description>Debug level for FireScope Agent. 0 - none, 1 - critical, 2 - error (default), 3 - warnings, 4 - info, 5 - debug (max info)</description>      <flags>2</flags></prop>


     Verify following two items inside the Agent log file firescope_agentd.log # This debug line indicates that that the agent is requesting the list of Agent Remote attributes (Message sent: FSC_GET_ACTIVE_CHECKS) for the CI with the name "eas-cent67".|DEBUG |2016-02-03|11:49:17|Thread[ 1495]|[TcpSenderReceiver.cpp:250]| Message sent: FSC_GET_ACTIVE_CHECKS eas-cent67

  1. A few lines below the FSC_GET_ACTIVE_CHECKS line, you should see the list of agent remote attributes and their "operation" field displayed.|DEBUG  |2016-02-04|11:07:55|Thread[236223207096]|[TcpSenderReceiver.cpp:146]| Received:agent_cpu_util:60:0:56b26a42ef134456164f344eagent_check:60:0:56b26de3ef13445e384f305cIn this case two operation are received which means there are two Agent Remote attributes configured for this CI.


Below is an example along with the description of Agent Remote.

Operation Description Examples
windows_eventvwr(parm)return type: LogMicrosoft Windows ONLYType: Agent Remote**Remote Only Collects events from Microsoft Windows Eventlog subsystemParameters:Log name: application, security, system,Optional Filter: * filters can be constructed with basic AND structure only* ,Here are the only valid values for optional filter:Type, Source, Category, EventID, Domain, User, Computer, Message  Example using multiple filters with pipe '|' delimeters:,windows_eventvwr(security,Type:Infomation|Source:Microsoft Windows security|Category:12800|EventID:5156|Domain:firescope|User:N/A|Computer:N/A|Message:Junk) 
 






Cherwell Integration

CMDB Integration is a feature developed to set up and facilitate ongoing discovery and integration of your CMDB and FireScope SDDM in few easy steps. You can create CIs into Cherwell CMDB with linkage to actively monitored CIs in SDDM will provide an updated view to your IT assets. If you are also using Service Insight, discovered or defined services (as service groups) can also populate your CMDB with relevant dependency information between CIs and the services they support.

CMDB Preparation Prerequisite

Before you enable the CMDB integration feature in SDDM, review the data in your Cherwell configuration. SDDM provides customizable filtering rules that allow you to configure the CIs in SDDM successfully. These filtering rules can use common Attributes such as IP address, DNS domain, department, category, or any custom fields you enter to identify the CIs for proper configuration. Since CI synchronization and filtering are processed similarly to batch federation, it is a good idea to review the CMDB CIs and their Attributes prior to updating your filtering rules. For example, make sure all the CIs you intend to monitor have the correct IP address values in the CMDB. Once these CIs are synchronized into SDDM, the IP address, as well as some other Attributes, can only be updated through the CMDB.

Install mApp

In order for FireScope to integrate with Cherwell Service Management, the FireScope mApp must first be installed and configured in Cherwell.  The FireScope mApp makes the necessary modifications to Cherwell Service Management to support the ability to import CMDB information from FireScope.  After configuring Cherwell, make note of the user and system information that you setup below to configure the connectivity information in FireScope as part of the next step.

Prerequisites

  1. Cherwell Service Management version 8.00 or greater.
  2. Admin login credentials to Cherwell.
  3. Cherwell Service Management (CSM) Administrator Tool & desktop client
    • To download both visit: http://<cherwell-instance>/cherwellautodeploy/
  4. FireScope mApp Cherwell Integration plugin.
    • Download from your Firescope Instance. Administration > Integration > Integration Information.

7242.Integration Information.png-598x114.png

  1. FireScope SDDM with Admin credentials
  2. Since Cherwell is completely customizable, in order for FireScope to integrate properly a certain minimum set of configuration must be present:
    • Cherwell business objects and their minimum set of fields:
      • Configuration Item
    • Cherwell relationships:
      • CI links Downstream CIs
      • CI links Upstream CIs
      • Configuration Item Group Links Configuration Item Group

Backup

Perform a Cherwell backup before making any changes to the system. If the mApp install fails for any reason, the Cherwell System Restore Tool can be used to revert the system to this backup state.
# Navigate to Database > Export Data
  1. Choose export entire system and export all data, select an output file and press OK.

Users

A Cherwell user needs to be created for FireScope to use when connecting to Cherwell’s remote API. Since each system is unique, users should be set up on-site in conjunction with the Cherwell Administrator.  It is recommended to create a user with the security group IT Service Desk Manager to provide the appropriate permissions out of the box. To create a User, in the CSM Administrator Tool:# Navigate to Security > Edit Users > Create new user

  1. Create a user named Firescope as pictured below and Save.
  2. Enter the user & password on the Cherwell CMDB page in FireScope SDDM.

 

Pastedimage1465580733614v1.png-450x337.png

Rest API Configuration

A client token for FireScope must be generated in the CSM Admin Tool:
# Navigate to Security > Edit REST API client settings
  1. Create a Rest client named fireScope as pictured below and save.
    • Note the token lifespan can be changed depending upon security needs.
  2. Enter the client key on the Cherwell CMDB connection pages in FireScope SDDM.

Pastedimage1465580733622v2.png-538x521.png

==== Mergeable Application ==== File:Example.ogg

  1. Now we can apply the FireScope mApp in the CSM Administrator Tool:
  2. Navigate to mApps > Apply a mApp
  3. Open the FireScope mApp file.
  4. Ensure CMDB Integration is enabled in the wizard. Incident Integration is not supported with SDDM, so it can be unchecked.
  5. Progress through the install wizard without changing any other defaults until it finishes.
  6. On the Blueprint page, confirm changes if needed and choose Publish Blueprint.
  7. Leave the default options and click Publish.
  8. Select a file to store a rollback Blueprint.
  9. It will scan for errors and if no errors are found click OK to complete.

ServiceNow Integration

This section describes the required ServiceNow plugins and roles necessary for the integration to function properly:# Activate the following plugins with the help of ServiceNow instance administrator

    • Integration - Common Components (com.snc.integration.common)
    • ECC Queue Retry Policy (com.glideapp.ecc_retry_policy)
    • JSON Web Service (com.glide.processor.json)Note: The JSON Web Service plugin is deprecated in the Dublin releaseand replaced by the JSONv2 processor, which is active by default onDublin instances.
  1. Import the integration update set. If necessary, download the update set from the FireScope's Integration Information page (Administration > Integration Overview).
  2. FireScope recommends creating a dedicated ServiceNow user for this integration.
  3. Configure this user for the GMT Time Zone and include the roles needed per integration (u_fsc_cmdb). These roles will be created by the update set.

CMDB Outbound to SeviceNow

Outbound - Create CIs into ServiceNow CMDB with linkage to actively monitored CIs in SDDM will provide the 360 view to your IT assets. Use filtering and mapping rules to select and target your CMDB.   # Enable connectivity between SDDM and your ServFiceNow instance

  1. Select CIs and Service Groups for synchronization.
  2. Create filter and mapping rules to create CIs into common CMDB data type definitions in ServiceNow.
  3. Review and commit from your outbound staging view.

Before You Begin

Before you enable the CMDB integration feature in SDDM, review the data in your ServiceNow configuration. SDDM provides customizable filtering rules that allow you to configure the CIs in SDDM successfully. These filtering rules can use common Attributes such as IP address, DNS domain, department, category, or any custom fields you enter to identify the CIs for proper configuration. Since CI synchronization and filtering are processed similarly to batch federation, it is a good idea to review the CMDB CIs and their Attributes prior to updating your filtering rules. For example, make sure all the CIs you intend to monitor have the correct IP address values in the CMDB. Once these CIs are synchronized into SDDM, the IP address, as well as some other Attributes, can only be updated through the CMDB. 

Review this checklist above prior to configuring your integration and predetermine your CI mapping and data collection methods available to your SDDM. Verify permissions required for ServiceNow access as well as your device access for performance monitoring.

CI Configuration

Once your CMDB integration is enabled and active, you will find your CMDB CIs created, linked, and fully functional in SDDM. To maintain configuration control from a single source, you can only update (and delete) the main properties of these CIs (name, IP Address, Serial Number, Contact, etc.) in CMDB. Continuous synchronization will update SDDM accordingly.

Other than the main CI settings, you can configure the CI just like any other CI in SDDM. For example, if you did not use integration rules to apply Blueprints to CIs, you can still change Blueprint association from within SDDM to manage data collection. You can also take advantage of features such as Virtual Center Discovery where SDDM will automatically associate the virtual infrastructure found with CIs from your CMDB.

Throughout SDDM, you will find specialized displays and links associated with linked CIs that will display live data from CMDB. Utilize your CMDB management views in SDDM to view configuration and performance reports for the integrated CIs.

SDDM uses a CI’s IP (or DNS) as the unique key for matching an existing CI in SDDM to create an association to a CI from CMDB.

Service Groups

With the Business Service link enabled, SDDM creates, maintains, and mirrors Business Services from CMDB as Service Groups in SDDM.

You cannot edit or delete these Service Groups from SDDM, because their memberships are controlled by the relationships defined for the linked services in CMDB. However, you can create Policies and eventually SLAs in SDDM for these Service Groups to monitor and measure actual performance and availability metrics.

Configuring connection cettings to ServiceNow CMDB

FireScope SDDM requires network connectivity to your ServiceNow instance to fetch the data necessary to perform synchronization and live data views.

Before You Begin

You must update your security settings to allow all outbound communications through to your ServiceNow environment. All of the following IPs must have network access to your ServiceNow instance:* SDDM App server

  • SDDM Web servers
  • Any future servers enabled for your SDDM deployment

Authenticated accounts in ServiceNow must have access to all CIs (to be synchronized), including and extending CIs from the base type of cmdb_ci. For more information, see Configuring the ServiceNow Instance. Business service synchronization requires access to the cmdb_ci_service data type (listed as Business Services in your ServiceNow application) and the relationships forming the members of that service.

To configure connection settings to the ServiceNow CMDB:# Log in to FireScope SDDM as a FireScope or Account Administrator.

  1. Click Administration > ServiceNow Federation>  The ServiceNow CMDB Management page will be displayed.   

File:DDM SN CMDB Management.png-802x263.png

  1. In the left-hand menu, click on Integration > CMDB Connection. The connection settings page will be displayed. 

File:DDM SN CMDB Connection.png-793x404.png

  1. Connection: Enter the URL for ServiceNow Instance.
  2. Authentication: Enter the username and password
  3. Browser Quick Link URL: Provide the URL to your ServiceNow instance to open a new browser view of the CI by ID.For example, enter "https://instancename/nav_to.do?uri=cmdb_ci.do?sys_id="We will add the CI sys_id to the link to view a specific CI.See http://wiki.servicenow.com/index.php?Title=Navigating_by_URL for more information.Note: You will have to authenticate with CMDB to view the browser page.
  4. Summary Fields to Display: Enter a list (comma separated) of field identifiers, for a summary view of the CI to be deployed in FireScope.Leave empty to NOT get summary information from your ServiceNow instance.See http://wiki.servicenow.com/index.php?Title=JSON_Web_Service for information on how to access and display default and custom fields from a CI.
  5. Click Save.