Skip navigation
1 2 3 4 5 Previous Next

Discovery / ADDM

120 posts
Share:|

Security is top of mind for most IT professionals these days.  It seems as though not a day goes by without news of yet another data breach, or hack attempt.  BMC Discovery data is critical in helping you understand where your weak points are and whether business applications are running on vulnerable systems.  Security vulnerabilities pose one threat to the business but it doesn’t stop there.  BMC Discovery data easily helps you identify other key risk areas:

 

  • Understanding where out of support, or soon to be out of support software or operating systems exist.
  • Reduce version sprawl
  • Locate servers that are running out of storage capacity
  • Eliminate gaps in anti-virus or automation agent coverage by finding systems missing key software
  • Know what you don't know is in your environment

 

In this session we will go through how to gather the information from BMC Discovery to enable you to manage out security, operational, and business risk.

 

We will host a Q&A session with a panel of experts and encourage the community to be prepared with questions.

 

Register now

 

Once your registration is approved, you will receive a confirmation email message with instructions on how to join the event.

 

Date and Time:

 

Tuesday, March 28, 2017 11:00 am, Eastern Daylight Time (New York, GMT-04:00)

Tuesday, March 28, 2017 8:00 am, Pacific Daylight Time (San Francisco, GMT-07:00)

Tuesday, March 28, 2017 5:00 pm, Europe Summer Time (Paris, GMT+02:00)

Tuesday, March 28, 2017 4:00 pm, GMT Summer Time (London, GMT+01:00)

 

Duration: 1 hour

 

If you cannot attend at that time, a link to watch the recording will be sent after the event.

Share:|

With the changes coming in v11.1 patch 3 to review suggested logic and the powerful exclusion rule enhancements to Start Anywhere Application Mapping (SAAM) included in v11.1 we would like to provide a refresher on SAAM and describe the various scenarios where the various exclusion rules best apply.  We will also explain how the dynamic nature of models built with SAAM work and when the review suggested state gets triggered.

 

In this session we will provide:

 

  • Refresher on SAAM
  • When to use exclusion rules
  • How to work with models in the review suggested state

 

We will host a Q&A session with a panel of experts and encourage the community to be prepared with questions.

 

Register now

 

Once your registration is approved, you will receive a confirmation email message with instructions on how to join the event.

 

Date and Time:

Tuesday, February 28, 2017 11:00 am, Eastern Standard Time (New York, GMT-05:00)

Tuesday, February 28, 2017 10:00 am, Central Standard Time (Chicago, GMT-06:00)

Tuesday, February 28, 2017 8:00 am, Pacific Standard Time (Los Angeles, GMT-08:00)

Tuesday, February 28, 2017 5:00 pm, Europe Time (Paris, GMT+01:00)

Tuesday, February 28, 2017 4:00 pm, GMT Time (London, GMT)

 

Duration: 1 hour

 

If you cannot attend at that time, a link to watch the recording will be sent after the event.

Share:|

Happy holiday season Community!

 

We have released 11.0 patch 3, addressing a number of important issues (the list of issues addressed can be found in the product documentation).

 

You can download this patch from here.

 

Of particular note:

  • Some customers experienced significant growth in their data store under certain circumstances and this has been traced and fixed.
  • Where an external CI with no kind is promoted to shared or contained is synchronized, its key is updated incorrectly. This has been fixed. When upgrading, you will see some churn in the CMDB as CIs with incorrect keys are deleted and replaced by CIs with correctly generated keys. This is most frequently seen for BMC_SoftwareServer CIs that are shared between other BMC_SoftwareServer CIs.

 

We strongly recommend that you upgrade to version 11.0 Patch 3 if you are running version 11.0, or consider upgrading to 11.1.

Please refer to the Upgrading Discovery page in our docs.

Share:|

Hi there,

 

a few eagle-eyed and eager individuals amongst you have noticed that 11.1 patch 2 binaries have just become available on EPD. 

 

Well, yes, 11.1 patch 2 is now available.  This patch resolves three issues (see the release notes for more details), but in particular it addresses the Manual Pattern execution bug that others have mentioned in the community.

 

As with all other BMC Discovery patches, applying 11.1 patch 2 is just a normal upgrade.

 

Thank you for your time.

 

The BMC Discovery team.

Share:|

Hi there,

 

in this earlier blog post, we made you aware of a 11.1 post upgrade scenario that had been identified in relation to disabled CMDB Sync connections.  A simple workaround was available.  At the time we stated that the BMC Discovery team would be updating the product to fix the issue and replace what was available on EPD.


Well, this has now happened.  If you go to EPD you will now only be able to download version 11.1.00.1.

 

Version 11.1.00.1 addresses two issues

 

  • DRUD1-19185: A disabled CMDB sync connection pre-upgrade can lead to MarkedAsDeleted CIs post upgrade
  • DRUD1-19202: Trying to set RPC queue can cause a technical difficulties page

 

Whether you have already downloaded and applied 11.1 or have yet to start that process we would recommend that you download and use 11.1.00.1.

 

Thank you for your time.

 

The BMC Discovery Team

Share:|

Dear All,

 

Thank you to all who have been trying out version 11.1 after the release on the 11th of November.

 

A post upgrade scenario has since been identified that we want to raise to your immediate attention, as it may impact you and there is a simple workaround.

 

Problem: If you have a CMDB Sync connection that is in a Disabled state before upgrading (see Figure 1 below), then after upgrading to version 11.1.00.0 you will end up with no sync mappings loaded until the next Discovery Services restart.

 

DisabledSync.PNG

Figure 1 - A disabled CMDB Sync connection, denoted by the grey bar.

 

 

Until this restart has happened the following symptoms will be seen

  1. Continuous Synchronisation will not happen
  2. A Re-Sync would result in all CIs being marked as deleted in the Discovery dataset
  3. CMDB Sync Filters will not be available
  4. The CMDB Sync Action menu will not be available from root nodes

 

Workaround: Simply restarting the Appliance Services from the "Administration -> Control" page (or Cluster Services if using a Cluster) will rectify the situation, and avoid the consequences enumerated above.

 

Restart.PNG

Figure 2 - Services restart button on the Administration -> Control page. Will say "Restart Cluster Services" on a cluster.

 

 

The team will shortly be replacing the binaries on EPD with a patched version (11.1.00.1) that prevents this situation, but for now the above workaround should be used.

 

Thank you for your time.

 

The BMC Discovery Team

Share:|

Hello Everyone,

 

I am pleased to announce BMC Discovery 11.1 is now generally available.  I would like to thank everyone who provided input and feedback to shape the enhancements we introduced into this release.  We approached many customer driven efforts in this release based on direct input from those in this community and the various pre-release activities.  We look forward to continued partnership as we continue to transform BMC Discovery to meet the needs of your digital services environment.

 

A discovery webinar on What's New with BMC Discovery 11.1 is scheduled for November 22, 2016 where we will go into detail on the features briefly explained in the next section.  Below is a link to register to the webinar, more details on the What's New webinar can be found at the end of this post.

 

Register now

 

Below is a brief guide on some of the major features implemented in version 11.1:

 

BMC Discovery 11.1 - What's New

 

Start anywhere application modeling

SAAMv2.PNG

It is now easier to manage and explore the data, with the ability to extend the view with additional related nodes. To aid situations where there is a large collection of interconnected data, there are several new tools:

 

  • A localized Software focus that shows only software and connections for selected Hosts
  • User-defined rules to avoid following relationships from specified types of nodes
  • User-defined rules to prevent display of selected types of nodes altogether
  • An easy way to prevent creation of selected Candidate Software Instances

 

It is also now easier to manage the nodes that have been removed from an application model:

 

  • The system automatically trims the removed nodes to keep only the ones that are directly connected to nodes present in the model
  • Removed nodes are grouped by time of removal, and can be restored in bulk
  • It is easy to restore the removed nodes that are related to a selected node

 

Related Idea:

 

REST API

BMC Discovery provides an open platform through a RESTful API that enables other systems to take advantage of its rich discovery data, and to drive discovery configuration.  You can now automate many common management tasks via the REST API. Some of the tasks you can accomplish using the REST API are:

      • Initiate a scan
      • Retrieve data
      • Upload new TKUs
      • Manage credentials
      • Allow registered event sources to POST an event to BMC Discovery

 

Related Idea:

 

Event  driven model updates

In this release we offer event-driven updates to react to infrastructure and software changes as they occur.  You can now define generic event sources which are collectors for defined events. Once the event source is configured, you can use the REST API to POST an event to the event source.  When an event is received, you can use them to trigger patterns to perform tasks.   We have included a configurable event-based integration with VMWare to poll your discovered vCenters for events.  When events, such as those representing the moving or renaming of a VM are received, they trigger TKU patterns to perform scans on the affected machines and automatically update the BMC Discovery model.

Related Idea:

 

CyberArk Enterprise Password Vault Integration

BMC Discovery enables security operations to leverage CyberArk’s credential vault management system. This integration allows for credentials to be stored and managed in a trusted location outside of BMC Discovery. You can benefit from shorter time to value as those credentials are already present in the CyberArk vault when Discovery is configured.  The integration requires the CyberArk Application Identity Manager version 9.6, though the version of the CyberArk Vault can be earlier.

Related Ideas:

 

CMDB sync and resync performance improvements

The performance of CMDB synchronization has been greatly improved. It can now exploit multiple processors more effectively by running several concurrent workers in parallel. Use the Concurrent Workers parameter to tune your CMDB Sync to maximize throughput and reduce synchronization times.  If a CMDB resynchronization is interrupted for any reason, you can now resume processing where it left off. Resynchronization also benefits from the concurrent workers performance improvements described above.

 

You can now choose one of the following resynchronization types:

 

  • One step resync
  • Incremental resync

 

Other Enhancements

The following additional enhancements have been introduced in version 11.1:

 

  • BMC Discovery can now integrate with Remedy Single Sign-On (Remedy SSO) for user authentication.
    • Please note:  The minimum supported version of Remedy SSO is 9.1.01.
  • Performance graphs are now cluster aware
  • vCenter support and modeling improvements
  • Consolidation is now cluster aware

 

More Information

BMC Discovery version 11.1 files are now available for download at the BMC Electronic Product Distribution (EPD) site.

Read more in the Release Notes

 

Discovery Webinar:  What's New with BMC Discovery 11.1

Please join us as we share our knowledge on the newest feature to come to BMC Discovery 11.1

 

For this session we will focus on the following topics:

 

  • Overview of v11.1 Themes
  • Deep Dive into What's New with v11.1
  • Q&A

Register now

 

Date and Time:

Tuesday, November 22, 2016 11:00 am, Eastern Daylight Time (New York, GMT-04:00)

Tuesday, November 22, 2016 8:00 am, Pacific Daylight Time (San Francisco, GMT-07:00)

Tuesday, November 22, 2016 4:00 pm, Europe Time (Paris, GMT+01:00)

Tuesday, November 22, 2016 3:00 pm, UK Time (London, GMT)

 

Duration: 1 hour

 

If you cannot attend at that time, a link to watch the recording will be sent after the event.

Share:|

It is now de rigueur for high impact new security vulnerabilities to come with a memorable name, and an eye catching icon.

 

So, enter Linux's Dirty COW vulnerability, aka CVE-2016-5195. It has already started appearing on mainstream media.

 

I expect an official statement will be made form Discovery Engineering, but it seems like this is a kernel bug leading to a local privilege escalation - based on Red Hat's report. Note that, due to the appliance nature of Discovery - you should only have a very limited set of local OS users anyhow: only root and tideway are provided as interactive users. Since the tideway account has pretty much the same power as root on the appliance, I suggest this vulnerability is of much lower concern than normally it would.

 

However, it does provide timely reminder to regularly review Discovery's Operating System Updates. - where we pull in relevant patches from Red Hat and package them in easy-to-apply monthly (usually) bundles.

 

Now, you may have other non-Discovery Linux systems in your environment where a privilege escalation would be far more critical. You might start looking at your data:

 

search Host where os_type matches 'Linux' show hostname, os, kernel

Share:|

Helping you leverage BMC Discovery to address your challenges with cloud deployments is a top priority for our product development and is a broad topic representing many strategies and technologies which fall into this segment.

BMC product management is conducting a survey in an effort to ensure we get a good understanding of your cloud adoption and how you see BMC Discovery positively contributing through a comprehensive roadmap.

 

This confidential 10 question survey will only take a few moments of your time, simply click on this button to participate.

survey.jpg

The survey will be open until November 23rd, 2016.

 

Thanks for your help!

 

The BMC Discovery Team

Share:|

On December 31st, 2016 there will be a (positive) leap second. If you happen to be on holiday over that period - woohoo! An extra second of holiday for free. If you're working, make sure you claim that extra second back

 

Very simply, a leap second is an adjustment of, well, a second so that atomic clocks do not differ from Earth's rotational time by more than 0.9 seconds. There are a large number of resources on the internet describing what a leap second is and why it's necessary so I won't bore you with more detail than that but some of the references below may help if you're interested.

 

What do you need to do to avoid potential issues this may cause to the Discovery appliance? Simple - keep up to date with OSUs and/or make sure you're connected to an NTP server (up to date and configured to handle the leap second).

 

Having time synced with an NTP server has 2 options. Either the server will just 'step' the time and the client updates time immediately or you can choose to 'slew' the time which means slowly apply the difference between server and client. By default, ntp configured through the Discovery UI sets the former option. Admittedly this wasn't a conscious decision, but rather it's the default setting. Without slewing, you may see an extra second (23:59:60) in any logs/output. If your system is slewed, minute (small ) changes will be introduced so that the time will stay within about 128ms of 'normal' time but you are unlikely to see the odd time output. During the June 2015 leap second, no issues were reported against ADDM/Discovery that were due to the leap second with the default setting. I don't know of any customers who configured the ntp client to slew, but I also know of no issues raised if this was set.

 

If you do not have NTP configured then either you will have to manually adjust the time after the leap second or, if your OSU is up to date, this will be accounted for by Red Hat updates. Red Hat have recently (30th September 2016) released updates to RHEL >=5 to add the December leap second to tzdata packages. These missed the September OSU but will be in the October OSU. We will release an RHEL 5 OSU in October. This will include all RHEL 5 updates since the last issued 5.x OSU. Similar to NTP configured systems, no issues were raised against ADDM/Discovery for the June 2015 leap second if the latest OSU had been applied.

 

There are numerous bugs in the early RHEL 6.x releases (6.0-6.3) related to leap seconds. The OSU updated the system to RHEL 6.4 in the March 2013 OSU, ideally you have updated since then 6.4 doesn't take into account the December 2016 leap second, but it does prevent some of the issues seen by systems after leap seconds occur (high CPU usage, system hangs, etc...). Other issues have been discovered (e.g. slew mode in ntp adjusting time immediately on detection of a leap second) since then. These have been fixed in later versions but most of these did not cause severe issues and rather issues with sorting or triggers.

 

Red hat suggest the following command to check if your ntp server is going to issue the leap second. Running this in on or after the 1st December 2016 should show a leap second is being issued:

ntpq -c "lassoc" -c "mrv &1 &999 leap,srcadr,stratum"

 

the output will look something like:

[root@host ~]$ ntpq -c "lassoc" -c "mrv &1 &999 leap,srcadr,stratum"

 

ind assid status  conf reach auth condition  last_event cnt

===========================================================

  1 37228  963a   yes   yes  none  sys.peer    sys_peer  3

srcadr=lon-switch.bmc.com, leap=00, stratum=2

If you have "leap=01" rather than "00", the leap second will be accounted for.

 

Red Hat have released a "Leap Second Issue Detector" (https://access.redhat.com/labs/leapsecond/) script. You will need a Red Hat account.

 

References (some may require Red Hat login):

IERS notification of leap second (https://datacenter.iers.org/eop/-/somos/5Rgv/latest/16)

Resolve Leap Second issues in Red Hat Enterprise Linux (https://access.redhat.com/articles/15145)

Interesting graph showing millisecond offset (http://tycho.usno.navy.mil/leapsec.html)

Previously issued Red Hat workarounds (https://access.redhat.com/articles/199563)

Simulate a ntp leap second (https://access.redhat.com/solutions/1333383)

Share:|

Please join Sentry Software and BMC as we provide a deep dive into Storage Discovery.

 

For this session we will focus on the following topics:

 

  • Installation and troubleshooting
  • Storage discovery prerequisites
  • Host side linking prerequisites

 

We will host a Q&A session with a panel of experts and encourage the community to be prepared with questions.

 

Register now

 

Once your registration is approved, you will receive a confirmation email message with instructions on how to join the event.

 

Date and Time:

Thursday, October 6, 2016 11:00 am, Eastern Daylight Time (New York, GMT-04:00)

Thursday, October 6, 2016 8:00 am, Pacific Daylight Time (San Francisco, GMT-07:00)

Thursday, October 6, 2016 4:00 pm, Europe Time (Paris, GMT+01:00)

Thursday, October 6, 2016 3:00 pm, UK Time (London, GMT)

 

Duration: 1 hour

 

If you cannot attend at that time, a link to watch the recording will be sent after the event.

Share:|

We are pleased to announce that as of the July 2016 TKU update there is a new feature available for Extended Data Pack (EDP) customers which provides NVD linking functionality in BMC Discovery to show CPE identities for discovered hosts and software instances.

 

The NIST National Vulnerability Database (NVD) maintains lists of products and vulnerabilities:

- CPE is used to normalize product names

- Common Vulnerabilities and Exposures (CVE) are assigned to vulnerabilities and the CVEs relate to a CPE

 

This CPE identifier can be used by security operations to identify dependencies associated to vulnerabilities identified using vulnerability management solutions.

 

For more details on this feature please go to the following BMC Configipedia page:

 

National Vulnerability Dababase

 

Take Care,

 

Antonio

 

**Editted to include CVE definition links

CVEs are assigned to vulnerabilities and the CVEs relate to a CPE

Share:|

Dear BMC Discovery Community,Bz_ZzYDCcAEZhJZ.jpg

 

BMC Engage 2016 is approaching fast. Speakers are heads down, putting the finishing touches on their presentations. We are planning lots of activity for you at Engage. You don’t want to miss it!


If that is not done yet, you can still register.

 

Here are suggestions that relate to BMC Discovery:

 

 

  • Table Talks / Birds of a Feather – Join us for lunch and chat with other Discovery experts

Wednesday and Thursday in the main dining area. Look for the BMC Discovery tables.

 

  • Evening with Engineers - Always a fun and lively event!

Wednesday 7:00-10:00 pm

 

  • 1:1 meetings with the BMC Discovery team

Contact Antonio Vargas to schedule a meeting

 

  • Sessions and labs

Explore the session catalog to view the full list of sessions. Some suggestions:

and register to our labs:

 

As you can see, it’s going to be a very busy 4 days of education and socializing!

 

Looking forward to seeing you at BMC Engage



Share:|

This is a frequent Support problem.

 

This blog addresses 3 cases:

 

1) I am running low on space on my datastore disk

 

2) I am out of space on my datastore disk

 

3) I am out of space in /usr  and my datastore is part of /usr  (i.e. we never created a new disk for the datastore)

 

 

FAQ:

1) Can I remove files from my datastore disk to reduce the space?
    NO.  Absolutely not.  You will corrupt your datastore by trying this option.

 

2) Can I remove files from the /usr partition to clear space?
    Yes, see this blog:    ADDM out of disk space in /usr

 

 

Solutions for each problem:

 

1) I am running low on space on my datastore disk

 

You have options because you still have some space, so your services have not been shut down (yet).

 

Options for solution:

 

a) You could compact your datastore:
    You use tw_ds_offline_compact command.  Instructions for ADDM 11 are here:

   tw_ds_offline_compact - BMC Discovery 11.0 - BMC Documentation 

 

    This may or may not improve discovery performance.

 

    A compact may take a long time, such as "over the weekend".  The larger your datastore, the longer it will take.

 

    You may not have enough space to perform the compact, but the tw_ds_offline_compact utility will tell you that at the beginning of its run.

 

b) You can move your datastore to a new disk:

     Instructions:

     First, you need a new disk large enough to contain the entire existing datastore + plenty of space for growth.

     You can not extend the disk where your datastore is.

 

     After you add a new disk, the Administration->Disk Configuration page will become useful, and will allow you to move the disk to the new datastore with the click of a button.

 

c) Compacting the datastore, and then moving it to a larger disk is probably the best choice.

 

2) I am out of space on my datastore disk

 

You do not have options because your services are shut down at this point.

There is no GUI to move your datastore, and there is no space to perform a compact.

 

So, your only option is this:

You must move your datastore to a new disk:

    Instructions:

    First, you need a new disk large enough to contain the entire existing datastore + plenty of space for growth.

    You can not extend the disk where your datastore is.

 

    After you add a new disk, you can try using the undocumented command tw_disk_utils to move your datastore.

     If you do this, you will see some good help for tw_disk_utils:

 

     cd /usr/tideway/bin

     tw_disk_utils --help

 

     After you add new disk, you can use "fdisk -l" to list the new disk so you know how it is named.

 

    There is a helpful Knowledge Article about this:  000082640

 

     Probably best to open a ticket with Support for this operation.

 

     After you move your datastore to new disk, you could run a compact.  (See item 1a above).

 

3) I am out of space in /usr  and my datastore is in /usr (i.e. we never created a new disk for the datastore)

 

    First, see this blog:  ADDM out of disk space in /usr

 

     Using those steps, you should be able to at least get your services started.

     Then, you can follow the steps for problem #1.

 

FAQ:

a)  QUESTION:  I had 200gig available for ADDM partitions, but after the install, ADDM only takes 50gig.  How can I get my datastore to use that other 150gig?  

     ANSWER: You can't, sorry.

 

b)  QUESTION:  Can I extend my datastore partition?

      ANSWER:  Not recommended

 

c)  QUESTION:  I really don't want to add a new disk.  What can I do?   

     ANSWER:  You really need to add a new disk.

 

See these related Knowledge Article(s):

 

000094102 - ADDM: The appliance has shut down because available disk space is low

Share:|

IMG_8338 (2).jpgCome meet key BMC Discovery users from around the world at Engage 2016! Sign up to collaborate and network with fellow Discovery / ADDM professionals. You won’t want to miss this event!

 

Global BMC Discovery User Group

September 6, 2016 from 2:30pm to 5:30pm

 

We are hosting this special Discovery event because we believe networking is one of the top benefits of Engage. Meet with other Discovery users, share your experiences, and help shape the future of the product. We will also provide you with valuable insights into the latest and upcoming product functionality. Meet all the key product team to share your experience and feedback.

 

The Discovery User Group is from 2:30pm to 5:30pm, right before the Welcome Reception.

If your travel plan does not allow for you to be with us the whole time, no worries, feel free to join when you can.

 

Agenda highlights include:

  • Latest Discovery Product Updates – hear from Product Management and see the latest functionality
  • Product feedback session – what are your challenges? Requests? Likes and dislikes?
  • Shaping your User Community – your chance to have your say about User Groups, on-line community, webinars etc
  • Plus GLOBAL networking opportunities

 

Looking forward to seeing you at BMC Engage 2016!

Register now to the Global BMC Discovery User Group

 

Raphael Chauvel

Sr Director, Product Management

Filter Blog

By date:
By tag: