Skip navigation
1 2 3 Previous Next


125 posts
Nick Smith

Forward your log

Posted by Nick Smith Employee Sep 5, 2019
Share This:

Just a quick note on syslog forwarding from the Discovery appliance.


While the Discovery appliance (physical or virtual) is based on a fairly standard CentOS build, we are careful to control the packages and configurations to ensure the OS layer is reliable and predictable for the application. Thus although it is tempting for an experienced Linux administrator to want to configure things to their liking, this urge should be avoided, and limited to only those things that are explicitly documented to avoid problems in future, and potentially voiding support.


One often-requested configuration was to forward OS syslogs to a remote syslog collector. Since we hadn't officially described it in the docs, it wasn't officially supported. I am please to say we now have, here.


It's very simple to setup, and now if your organisation's policies require/recommend it, you can do so while being fully with the appliance support rules.

Share This:

As part of Premier Support, I was recently on-site at a customer for a few days, doing some "mini consultancy" work, mainly looking at extending Network Device discovery. Here, I want to make some notes to highlight some defects/surprising behaviour, and some of the things I was able to help the customer with.


Standard Network Device discovery


Many customers deploy SNMP credentials to discover Network Devices, and are quite happy with the coverage of supported devices, and/or the turnaround of adding new ones in monthly TKU updates after submitting a new device capture. Typically, Discovery is used for basic inventory recognition (being synced to CMDB) and importantly the discovery of the connection between a switch and the Host nodes it is connected to. However, the customer I was working with wanted to dig deeper into the data...


Problems and Gaps Identified


No Linkage between interfaces and IPs


In contrast to Host nodes, the interfaces and IPs of a Network Devices are not shown in a unified table. Instead they are displayed separately, and by default there is no connection in the UI or data model between an IP and the interface it is connected to. It turns out that if you turn on virtual interface discovery (see Managing network device virtual interface discovery), a side effect is that you do get a link from IP to interface and vice-versa. I logged defect DRUD1-25944 for this.


Further, I my customer wanted a more unified UI for the network interface table, like we provide for Hosts. DRUD1-272124 is logged for this. In the meantime, I was able to provide my own "hotfix" to the core code to get a just-acceptable display.


Incomplete documentation


We document how to enable virtual interfaces: Managing network device virtual interface discovery, however IMHO this document is lacking in several ways. It only mentions how it controls virtual interface discovery. It doesn't mention interface-IP linkage as a side effect. Why does it have to be controlled on the command line, not a UI option? Why would you not want it on by default - are there any downsides? If yes, what are they? I created docs defect DRUD1-26743 to improve this.


Not all network interfaces discovered


By turning on virtual interface discovery, more interfaces are discovered (see above). However, core code maintains a whitelist of "interesting" interface types:


0   # unknown

6   # ethernet csmacd

7   # iso88023 csmacd

8   # iso88024TokenBus

9   # iso88025TokenRing

15  # fddi

62  # fastEther

69  # fastEtherFX

71  # ieee80211

117 # gigabitEthernet

54  # propMultiplexor

161 # IEEE 802.3ad Link Aggregate


and drops any that don't match this list. This list was added a long time ago and is no longer appropriate IMHO; this was logged as defect DRUD1-26655, planned for fix in FF release, tentatively targetted for 2010-02. As part of Premier Support, I was able to provide the customer a temporary update to remove the filter until then.


Cisco firmware image file not discovered


A simple custom pattern was written to extract this from OID and populate the Network Device node, by calling the discovery.snmpGet() function. RFE DRDC1-13530 was logged to request this OOTB, and this Idea (feel free to vote on it) was raised on request of Engineering.

Interface statuses not discovered


A custom pattern was written to extract interface status from OID using the discovery.snmpGetTable() function and populate two new attributes:


Chassis and cards are only in Directly Discovered Data

As part of core discovery, we create DiscoveredCard and DiscoveredChassis nodes, but these are not visible from the main Network Device page. Also - ultimately, information will need to be consumed in the CMDB, and it is not recommended to attempt to write a sync mapping directly from DDD. So, I wrote a custom pattern to copy the data from the DDD into a couple of lists of Detail nodes, for each type, and created links from the cards to their corresponding containing Chassis:

This has been logged as an improvement, DRUD1-26654 with a tentative fix date targetted around 2019-11.


DiscoveredCard nodes missing descriptions


While looking at the data for the above point it was found that most DiscoveredCard nodes have no description. We think there is more data available in the MIB than we are pulling; this was logged as improvement DRDC1-13628.


Protocol Data


My customer was interested in extracting specific entries for different network protocols that may be configured: BGP, OSPF, and the Cisco-specific EIGRP. It was fairly simple matter to write a custom pattern to pull entries from the 3 SNMP tables and create 3 lists of Detail nodes that corresponded to these entries.


Future Work


This additional data that is now in Discovery needs to be populated into the CMDB, so I shall need to write some custom sync mappings.

Share This:



The BMC Discovery documentation looks a little different today. We have applied a new presentation layer for the content. It provides:

  • A responsive design to handle mobile and desktop users.
  • A version picker on all pages, in a drop down above the page tree. This replaces the original versions banner that we had for many years in BMC Discovery.
  • A table of contents on the right hand side of each page that stays visible when you scroll.
  • "Next page" and "previous page" navigation.
  • "Was this page helpful" buttons on every page.


One of my personal favorites is the improved look of tables.


Do please continue to comment on the documentation, like or dislike pages, and let us know how we can improve it.


Thanks, Duncan.

Greg DeaKyne

July TKU Released

Posted by Greg DeaKyne Employee Jul 3, 2019
Share This:

Greetings Community!


This past Monday, if you are subscribed to TKU release announcements, you saw that July is our first month of our new cadence for TKU release.  As a reminder to the timing changes, the TKU and OSU releases wll be made available on EPD on the first Wednesday of the month.  SaaS customers on BMC Helix Discovery will have the latest TKU applied to their Development environment on the first Wednesday of the month and their Production environment on the second Wednesday of the month.


We have a lot of exciting new content to announce and the details can be found on the July 2019 TKU release page.  Highlights include several new patterns for software products, enhancements to existing software patterns, and general bug fixes.  In this latest TKU release, we have included 29 new network device definitions.


If you are discovering cloud resources, we have introduced a new cloud inventory capability with essential information about those cloud services and in the July TKU we have started with roughly 15 new AWS products.  In addition, we are still focused on providing deeper discovery on patterns for cloud services and we are now making that available for Amazon ElasticSearch and Amazon Elastic Container Services for Kubernetes (EKS).


The July TKU is certainly packed with a lot of good additions to the Discovery portfolio.  We look forward to your feedback on what is advancing the impact of your Discovery data and what is missing and key that we can include in future TKU updates.


Greg DeaKyne

Product Manager, BMC Discovery

Share This:

Greetings Community!  Greg here, Product Manager for Discovery (intro post from April).


We have recently released a new Distributed Storage model for Discovery via the May TKU (Release Notes).  The Distributed Storage Model is a set of multiple physical systems where storage capacity and computing power are grouped together to behave as one single storage system (cluster).  We have this new model available across multiple storage systems from vendors such as EMC, NetApp, & Nimble.  For more information on the Distributed Storage model, the new dedicated page on these technologies can be found here.





After you've had a chance to try out the May Storage TKU with some of these storage systems, we'd love to hear your feedback on how it's improving the discovery of your datacenter.  Feel free to post below and let us know your thoughts!

Share This:

When importing root node keys from a large environment, tw_root_node_key_import may run for many hours before completing. If it is not run using 'screen', the session may timeout, and the import may fail without error or notification. As a result, not all of the root node keys may be imported.


BMC now recommends to run "screen" before running tw_root_node_key_import to prevent this session timeout failure. See

Share This:

I would like to take this opportunity to introduce myself to this very active and engaging community.  My name is Greg DeaKyne.  I was born and raised in Indiana and escaped the cold winters for sunny Charleston, South Carolina almost 8 years ago.  When I’m away from the keyboard, I’m staying busy running around town with my two daughters (4 & 6) between ballet practice, gymnastics, guitar practice, soccer practice, and hopefully a few trips to the beach.  Before kids, I used to spend my free time on the golf course, but my game has gotten pretty rusty over the past 6 years. 


I started using BMC software as a customer over 10 years ago but will be frank with you that I haven’t had the opportunity to touch it in a few years. I led the team that rolled out ADDM, CMDB, BladeLogic, and Atrium Orchestrator.  We were utilizing the toolset during a transformation of our IT teams as we integrated many acquisitions, datacenter consolidation, increased security posture, and enabled front line support via tools and automation.


I have spent the majority of the past 15 years leading multiple IT teams delivering many global SaaS offerings across multiple colo, managed service, and public cloud environments.  I was managing teams responsible for all aspects of the datacenter including compute, storage, database, operating system, application, and networking. 


I have seen the power that Discovery can provide any size organization and I look forward to working with you all (y’all for my Charleston neighbors) as we improve this product through one of the most active communities at BMC.


Today is the start of my third week at BMC and so you will start to see me interacting more in the coming weeks as I continue to learn more about what we are currently working on and sharing with you what the future of BMC Helix Discovery will be.



Share This:

The December OSU updates many packages, and upgrades the operating system to CentOS 7.6. Included in the upgrade to 7.6  is an update to the sudo package.


The change in sudo includes: “PAM account management modules are now run even when no password is required.” [See the Red Hat documentation for more information]


For some processes in BMC Discovery, the tideway user uses sudo to run certain system level programs. Where user passwords expire, the changed processing of the PAM modules would request users to change the password, which in turn would have caused automated sudo usage to fail. This would be particularly problematic for customers that have strict expiry policies (STIG) on the appliance command line users.


The update to sudo-1.8.23-3.el7 (and only sudo) has been excluded from the December OSU while the we determine the full extent of the changes required.


Update: 8th April 2019. The April OSU will now contain any updates to sudo.

From the Aprill 2019 OSU, Discovery will utilise the module in the PAM sudo stack against a specific list of users (pam_localuser).

Share This:

Hi Everyone!


Our community expertise and interaction is our strength and we want to make sure we are capturing the wealth of knowledge our customers obtain while using our products.

Screen Shot 2018-11-20 at 17.27.26.png

You can now provide comments and feedback on Discovery knowledge articles.

Share This:

Hello Discovery community!


If you have been browsing and are following BMC social media you will notice a lot of buzz around Helix Discovery.  Marketing and sales were too excited to wait and are shouting out the availability of Helix Discovery.  The cat is out of the bag on the worst kept secret in the industry   I would like to officially announce the launch of BMC Helix Discovery, our cloud native service offering.  More technical details to come in the coming weeks as well as a technical deep dive in early December.


I encourage you to take a look at the new web page and marketing content here:


Helix Discovery - BMC Software


Worth noting, the on-premise version, "BMC Discovery" is alive and well, there is no plans to deprecate this offering and we see many valid use cases for customers choosing to continue to use the on-premise version.  We intend to align functionality and features between the two solutions.  For example capabilities like TPL pattern development and application modeling will be the same in both SaaS and on-premise.  Please feel free to post any questions you may have, we look forward to your comments.



Share This:

Greetings Community,


We have released a patch update across all our supported versions of BMC Discovery to address important defects, including security fixes.


The files are available for download on the BMC Electronic Product Distribution (EPD) site and we encourage you to patch your environment at your earliest opportunity.


Follow the links below to release notes on the various patches:


In addition, in 11.3 patch 1, Discovery now provides capabilities that help administrators address the personal data protection and privacy requirements associated with the General Data Protection Regulation (GDPR). The GDPR is a set of rules and principles governing the handling of personal data of individuals located in the European Union (EU). Find out more here.


We strongly recommend that you upgrade to version 11.3 Patch 1 if you are on any previous versions of BMC Discovery 10.0, 10.1, 10.2, 11.0, 11.1 or 11.2 For details about the upgrade procedure, see the Upgrading BMC Discovery page.

Share This:

For several years, Discovery has had an integration with RSA SecureID for 2 factor authentication to the appliance. However, at 11.3 it has been deprecated, and I cannot recommend its use because:


  • It has only ever been tested with Authentication Agent V7.1 for Apache
  • This version is old and no longer supported by the vendor
  • It is not supported on the current appliance OS
  • BMC has no RSA infrastructure to perform regression or other tests.


In the 11.3 docs we instead recommend RSSO. Unfortunately, it is not possible to use RSSO (it was in ASSO but the feature was not carried over to RSSO). I have logged a defect to get the docs updated, but it means anyone currently using the integration will have to think about how they can move off this mechanism.


If you are currently using this integration, or would want to in the future if there was a fully supported implementation, please contact me directly. I want to collate responses and pass to Product Management.

Share This:

Details of a critical vulnerability in the dhcp clients shipped on RHEL, and CentOS, 6.x and 7.x have been released and designated CVE-2018-1111. This affects all currently supported versions of the Discovery appliance. We have decided to bring the release of the May OSU forward to accommodate and will release ASAP. We strongly recommend that customers update, particularly in environments that use DHCP.


CVE details:


Red Hat security errata:




The vulnerability allows a malicious DHCP server to manipulate a NetworkManager integration script (shipped with the dhcp clients) to run arbitrary commands as root when the interface in question has DHCP enabled and is managed by NetworkManager.


The 6.x May OSU contains updates for the kernel (CVE-2018-8897), the dhcp client update and a timezone update.

The 7.x May OSU is substantial, and moves the base OS from CentOS 7.4 to 7.5 – and includes the kernel and dhcp client updates listed above.


Update: 22nd May 2018
The OSU should now be available on EPD. For those interested, updates for CVE-2018-3639 (Spectre/Meltdown variant) are *not* included in this update. We will shortly release the May monthly OSU which will contain those fixes.


Update: 23rd May 2018

Please note, I refer to the May OSU in the blog post and then, in the update, say "we will shortly release the May monthly OSU". We chose to bring the May OSU forward but then the Spectre/Meltdown variants were announced and patches made available. There is another May OSU coming (e.g. 6.18.05.xx where xx is later than the 16th) that contains these fixes (and one or two other updates) but will be released at the "usual" time in tandem with the TKN.


Apologies for the confusion

Share This:

Hello Everyone,


I am pleased to announce BMC Discovery 11.3 is now generally available.  This release is a true testament to our ability to introduce features and content that align with the ever changing new technologies introduced in the market while also having an ear to the ideas coming directly from customers.


A discovery webinar on What's New with BMC Discovery 11.3 is scheduled for April 5, 2018 where we will go into detail on the features briefly explained in the next section.  Below is a link to register to the webinar, more details on the What's New webinar can be found at the end of this post.


Register now


Below is a brief guide on some of the major features implemented in version 11.3:



BMC Discovery 11.3 - What's New


Container Infrastructure Discovery

BMC Discovery 11.3 expands discovery capabilities to container management solutions like Kubernetes, OpenShift, and CloudFoundry and their supporting compute on public cloud, private cloud, traditional datacenter, and hyper-converged infrastructure such as Nutanix.  Container management software has previously been discovered and modeled as Software Instances using TKU patterns. The introduction of container discovery with BMC Discovery 11.3 extends this to discover the containers that the management software is controlling. Discovery of containers is triggered by the creation or update of an SI representing the container management software, and then additional patterns query the container management software to determine the containers it is running.


Related Idea:  Support of MultiCloud - OpenShift Discovery



Direct REST API Discovery

With BMC Discovery 11.3 we will begin to introduce content that is driven by direct discovery through REST APIs.  This will address the trends we are seeing with major storage and network infrastructure vendors to provide more discovery and dependency mapping information via their REST APIs.  An example of a storage device that can only be discovered by using direct REST API calls is Nimble storage devices.


When a Nimble storage device is discovered as part of a discovery scan, a Storage System node is created. TKU patterns then trigger to deeply discover the details of the storage system. For custom extensions, you can write a pattern which triggers on the storage system representing the Nimble device, and the pattern can then query the device using its REST API using the enhanced discovery.restfulGet TPL function.


The 11.3 release ships with a new credential type to enable you to discover Nimble storage devices using their REST APIs. Further new credential types will be provided in future knowledge updates without requiring a new product release.



Model Changes

The following major changes have been made to the BMC Discovery model:


Software Container

On upgrade to BMC Discovery 11.3, existing Detail and Virtual Machine nodes that represent containers are converted to the new Software Container node kind.


Hardware Container

The new Hardware Container node represents a single physical device which contains multiple hosts, network devices and other components. For example, a blade enclosure which is discovered via a management controller, or a hyper-converged device containing compute and storage. The Host Container node is used to represent a computer that is logically partitioned into a number of hosts, as opposed to containing physically separate devices. On upgrade to BMC Discovery 11.3, existing HostContainer nodes that were used to represent physical devices containing hosts, network devices and other components are converted to the new Hardware Container node kind.


Related Ideas:

Discovery of Nutanix serial number via vCenter API

Nutanix Prism Software - Need TKU Pattern



Remedyforce CMDB Sync

CMDB synchronization is now extended to BMC Remedyforce with simple UI-based configuration in BMC Discovery.  With the enhanced integration between Remedyforce and BMC Discovery, devices, components, services and relationships that are discovered in BMC Discovery can be automatically imported into and synchronized with Remedyforce CMDB. This integration no longer requires Pentaho. The configuration is done within the solutions and the data mappings and transfers are achieved with APIs.



CentOS 7 Migration Options

The OS has been updated to CentOS 7 for new installs, and remains CentOS 6 for upgrades. An easy backup/restore option is available to migrate appliances to CentOS 7.


The replacement of earlier OS versions with CentOS 7 ensures continued support for the appliance OS during its lifetime, and provides support for newer hardware where you choose to install on hardware. It also provides SMB 2 support, and Apache Web Server version 2.4.



Additional Features Introduced from Community Ideas

Stacked switches

BMC Discovery 11.3 now fully discovers stacked switches. Previous versions discovered stacked switches, but were unable to differentiate the stack master and members. Stacked switches now have the attribute stack to indicate whether it is part of a stacked switch, and the stack master has the attribute stack_master. Network device node pages for stacked switches also provide a list of, and links to other members of the stack. For more information, see Viewing a network device.

Discovery of stacked and virtual switches

Virtual network devices

BMC Discovery 11.3 now fully discovers virtual network devices. Previous versions could identify the network device, but not that it was virtual. Virtual network devices now the attribute virtual to indicate whether it is virtual. Network device node pages for virtual network devices also show and link to the virtual machine containing the device. For more information, see Viewing a network device.

ADDM: Discover and Sync IsVirtual flag for Network Devices


On CentOS 7 appliances, the open source open-vm-tools utility replaces VMware's VMware Tools. This is in line with VMware's recommendation that open-vm-tools be used on Linux hosts in preference to VMware Tools.

add vmtools installation to the gui



More Information

BMC Discovery version 11.3 files are now available for download at the BMC Electronic Product Distribution (EPD) site.

Read more in the Release Notes


Discovery Webinar:  What's New with BMC Discovery 11.3

Please join us as we share our knowledge on the newest feature to come to BMC Discovery 11.3


For this session we will focus on the following topics:


  • Overview of v11.3 Themes
  • Deep Dive into What's New with v11.3
  • Q&A


Register now


Date and Time:

Thursday, April 5, 2018 10:00 am, Central Time Zone (Chicago, GMT-06:00)

Thursday, April 5, 2018 11:00 am, Eastern Time Zone (New York, GMT-05:00)

Thursday, April 5, 2018 8:00 am, Pacific Time Zone (San Francisco, GMT-08:00)

Thursday, April 5, 2018 4:00 pm, Europe Time (Paris, GMT+01:00)

Thursday, April 5, 2018 3:00 pm, UK Time (London, GMT)


Duration: 1 hour


If you cannot attend at that time, a link to watch the recording will be sent after the event.

Share This:

I saw Tool in 2007 at Brixton Academy; great show. Somewhat less enjoyable (depending on your musical taste, I suppose) is having to install VMware Tools on VMware-deployed appliances. We document the procedure here.


So far, so good. Unfortunately, whenever a new kernel is installed (product version upgrade or OSU) VMware tools needs the modules recompiled for the new kernel. After you have rebooted, you will see a red baseline icon like this:



which you can click through, and observe the warning that it's not running:


However, you are not given any information as to why, and you may miss this completely if you are not in the habit of monitoring and correcting all major baseline events. So for the moment, you will just have to keep in mind that you should re-run the


install script after an OSU upgrade. Note: you can use the "-d" flag to take all the defaults without being prompted.


For reference, we have DRUD1-22356 to try and make the user experience better in this regard.

Filter Blog

By date:
By tag: