Share:|

Many users are upgrading or migrating to the newer versions of TrueSight, but with any move, comes lots of history and in some cases, lots of policies which have been created. What do you do with all those policies? The thought of having to recreate them from version to version is not something BMC wanted to have customers be concerned about, so BMC created a script to export and import the monitoring policies.

 

The idea is that we export and import the policies and that will help save time and effort in the long run. The process starts on the TrueSight Presentation Server where there is a cmapolicymigration script for both Windows and Linux. The script is used to pull the policies from one TSPS server and creates a data file to import into the new TSPS server.

While it seems simple, there’s always a few things you need to watch out for. So here’s quick overview of the process and then I’ll mention some of the known issues and common problems we have seen with attempts to export and import policies over time.

 

To export policy files

  1. On the Presentation Server host, go to the bin directory that contains the policy migration command:
    • Windows: CD /D "%TRUESIGHTPSERVER_HOME%\truesightpserver\bin"
    • Linux: cd $TRUESIGHTPSERVER_HOME/truesightpserver/bin
  2. From the bin directory, run one of the following commands:
  • Windows: CD /D "%TRUESIGHTPSERVER_HOME%\truesightpserver\bin"
  • Linux: cd $TRUESIGHTPSERVER_HOME/truesightpserver/bin

 

     From the bin directory, run one of the following commands:

  • Windows: cmapolicymigration.bat export options attributes
  • Linux:cmapolicymigration.sh export options attributes

 

Export options and attributes

 

all                                 - Exports all policies Note: Do not use the all and -p options together.

-d outputDirectory        - Target directory for the exported policy data files. When not specified, the current directory is assumed.

-n newName                - New name for the exported policy. You cannot use this option when exporting all policies.

-p policyName             - Name of the policy to be exported. If the new policy name contains spaces, enclose it with \" \" . Do not use the all and -p options together.

Export examples

cmapolicymigration.bat export all -d "C:\Policies"

cmapolicymigration.bat export –p Policy1  –n Policy2 -d "C:\Policies"

 

 

To import policy files

  1. On the Presentation Server host, go to the bin directory that contains the policy migration command:
    • Windows: CD /D "%TRUESIGHTPSERVER_HOME%\truesightpserver\bin"
    • Linux: cd $TRUESIGHTPSERVER_HOME/truesightpserver/bin
  2. From the bin directory, run one of the following commands:
    • Windows: cmapolicymigration.bat import options attributes
    • Linux: cmapolicymigration.sh import options attributes

 

Import options

-d inputDirectory        - Location of policy data files to import.  When not specified, the current directory is assumed
-f                               - Overwrites the current policy

Import examples

cmapolicymigration.bat import -d "C:\Policies"
cmapolicymigration.bat import -f -d "C:\Policies"

 

You can choose to export all the policies or just specific policies, it’s up to you. Here’s a sample command for exporting all policies and importing them

"Export all Policies in TrueSight Presentation Server"
CD /D "%TRUESIGHTPSERVER_HOME%\truesightpserver\bin"
cmapolicymigration.bat export all -d d:\ExportedPolicies

"Import all Policies in TrueSight Presentation Server"
CD /D "%TRUESIGHTPSERVER_HOME%\truesightpserver\bin"
cmapolicymigration.bat import -d d:\ExportedPolicies

 

Interested in reading more about exporting/importing policies? Please refer to the links below

ProactiveNet 9.6

TrueSight 10.1

TrueSight  10.5

TrueSight 10.7

TrueSight 11.0

 

We have seen a few cases from customers where there are issues with the export/import, both or even being able to edit the policies once they are imported. While a helpful feature, it does have some technical difficulties from time to time.

 

Most of the cases we have seen involving the exporting of policies have been either environment factors – permissions, path variables, etc. and the rest have been due to the various issues with certificates and attempting to export/import into two different target repositories.

 

Here are few of the major causes for export/import failure between TSPS servers. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

1. Invalid Solution or Solution is not present in repository.

2. Source Machine and Target machine has different repository.

3. User does not have adequate permissions.

4. Integration Service is not configured or you are using a different Integration Server

5. Cluster is not present.

6. Custom certificates are not imported to the proper directories

7. Product path variables are not set correctly – for example BMC_PROACTIVENET_HOME may not be set properly.

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

Please be sure to double check the reasons for failure above, but if you continue to have issues, please do not hesitate to contact Support for assistance.

 

When there are issues, the first step is to check for any errors, either via the GUI or in the datamigrator.log. This is the log where the data migration details are stored. It is located in the pw/pronto/lib/DataMigrator/logs/ directory. There are debug options to enable as well to help troubleshoot issues, so you may want to enable debug before sending. See Knowledge Article 000080595 for details. Then check the list above to see if any of these criteria apply and then attempt to correct the environment. If that fails, open a ticket with Support.

 

Support has created Knowledge Articles for the more common problems and how-to requests we have seen, they include the following: (added in order of frequency of use)

++++++++++++++++++++++++++++++++++++++++

000102510 - How to migrate BPPM 9.6 CMA policies to TS 10.0 CMA policies?

Here are the steps to export a CMA BPPM 9.6 policy and import it into CMA TS for any user

 

1) Export the policy from BPPM, this will create a .mo file with the policy defined in a json format
2) Open the .mo file in a editor
3) At the bottom of each policy is a section which includes the following field names: name, id, type, agentSelectionCriteria, tenant, precedence, description, enabled
4) Add the following three new fields to the policy json record: shared, associatedUserGroup, owner. Change the owner field to an ldap user
"shared" : false,
"associatedUserGroup" : "Administrators",
"owner" : "admin",
4a) Where
owner - Username to which the ownership of this policy belongs to.
associatedUserGroup - This should be one of the groups associated with owner.
shared - this is to indicate if the policy is shared with other users from the above group.
5) In the policy make sure the values for tenant (name, id) point to the correct SSO realm. In my test policy it looks like the following
"tenant" : {
"name" : "BmcRealm",
"id" : "BmcRealm"
},
6) Here is a sample of the policy section after the changes
"precedence" : 100
"name" : "Policy name",
"id" : "b1f2ae2e-6b69-5aa2-1234-8a4dee93d18d",
"shared" : true,
"associatedUserGroup" : "Administrators",
"owner" : "jdoe",
"type" : "monitoring",
"enabled" : false,
"description" : "",
"tenant" : {
"name" : "BmcRealm",
"id" : "BmcRealm"
},
"precedence" : 100,
"agentSelectionCriteria" : "agentName STARTS_WITH \"server_name\" "

7) Copy this file to the TS server
8) In a command window go to the following directory /truesightpserver/bin
9) Invoke the following command. Note: just use the directory do not specify a file, the utility will import all .mo files in the directory
cmapolicymigration.bat import -d <Directory location for the exported policy files>

++++++++++++++++++++++++++++++++++++++++

 

000099053 - The cmapolicymigration script is not exporting any policies.
The cmapolicymigration script is not exporting any policies. The pw\pronto\lib\DataMigrator\logs\datamigrator.log shows the following exception:

ERROR 05 Aug 2014 11:49:2510804 [main] com.bmc.sas.dm.PEExporter ERROR_IN_EXPORTING_DATA Error in exporting data nulljava.lang.RuntimeException: Unable to convert response to java object
at
com.bmc.bppm.wsclient.impl.BPPMServerConnUsingSAPService.convertToJava(BPPMServerConnUsingSAPService.java:627)

….
Solution:

This can occur if there is a monitoring configuration policy has an integration service entry defined. Modify the policy so that the IS entry just says --select-- and then rerun the cmapolicymigration script:

1) Open the CMA console.

2) Edit your policies. (e.g. Policies -> Monitoring -> All -> Select a policy -> Edit)

3) Go to the "Agent Configuration" screen.

4) If an IS is specified, click on the drop down menu and change it to "--select--".

5) Repeat the process on the remainder of your policies.

6) Perform the cmapolicymigration script.

7) Revert your IS/policy changes.

 

++++++++++++++++++++++++++++++++++++++++

000080595 - Using cmapolicymigration.sh to export then import a policy does not work.

Try to restart the BPPM server and see if this enabled the export/import to complete successfully.
If this does not work please do following to enable debug:
1) Delete the pw/pronto/lib/DataMigrator/logs/datamigrator.log file

2) Edit pw/pronto/lib/DataMigrator/conf/datamigrator_log4j.properties and change this section:

  log4j.logger.com.bmc.sas.dm=DEBUG,datamigrator
  log4j.logger.org.apache=ERROR,datamigrator
  log4j.logger.com.bmc.bppm.service=ERROR,datamigrator
  log4j.logger.httpclient=ERROR,datamigrator

  to:

log4j.logger.com.bmc.sas.dm=DEBUG,datamigrator
log4j.logger.org.apache=DEBUG,datamigrator
  log4j.logger.com.bmc.bppm.service=DEBUG,datamigrator
  log4j.logger.httpclient=DEBUG,datamigrator

3) Run the cmapolicymigration.sh to reproduce the problem

4) Send the file pw/pronto/lib/DataMigrator/logs/datamigrator.log along with the exported policy file to BMC Support for review.

1. pw/pronto/lib/DataMigrator/logs/datamigrator.log
2.<server_install_dir>\truesightpserver\modules\tomcat\logs directory
3. <server_install_dir>\truesightpserver\logs directory

++++++++++++++++++++++++++++++++++++++++

 

000139815 - The cmapolicymigration script is not exporting any policies and the following error is reported - Connection has been shutdown: javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException: PKIX path building failed

The call is not reaching TSPS and is failing because of a certificate issue

Solution          

The recommendation is to import the custom/or self-signed certificate into the truesightpserver/modules/jre directory and verify that the JAVA home variable is set properly.

Sometimes we see that the cmapolicymigration.bat does not export any policy and there are no output errors in the datamigration.log. When that happens, the likely culprit is the TS certificates. If you have added any custom certificates or certificates which are modified in loginvault.ks then the same should be imported in the JRE cacerts (truesightpserver/modules/jre)

The custom certificates need to be imported into loginvault.ks, pnjserver.ks and cacerts on Both TSIM and TSPS servers. There should be a minimum of 3 certificates - root, intermediateCA and truesightserver, as documented here

https://docs.bmc.com/docs/TSOperations/110/installing/implementing-private-certificates-in-truesight-operations-management/implementing-private-certificates-in-the-truesight-presentation-server

You should be able to use the keytool list command that is documented to see what is missing and then move forward from there and according to the documentation.

 

++++++++++++++++++++++++++++++++++++++++

000031540 - How to identify which policy is failing to export when using cmapolicymigration script with "all" option?

When running command:

cmapolicymigration.bat export -d D:\exportCMA all

in the command prompt window it will be listed the policies being exported as in below example, but if a policy in CMA has some problem, the above export command will not report any error in the command prompt window, it will be only reported in the datamigrator.log file generated under BMC_PROACTIVENET_HOME\pw\pronto\lib\DataMigrator\logs directory and the expected policy files under specified directory won't be created.

Policy 'TAG_POLICY_HOSTS_MAD' exported successfully
Policy 'MON_POL_AIX_GBL' exported successfully
Policy 'MON_POL_PATROLAGENT-WINDOWS_GBL' exported successfully
Policy 'MON_POL_WINDOWS_GBL' exported successfully

How can I know the policy name failing to export?

Cause

The cmapolicymigration tool will print in the command prompt the policies which exported successfully, but if a problem is found with one of the policies the export process will stop creating the output export policy files, and no reference to the policy name will be given in the screen, only in the datamigrator.log file will we see errors like the ones below:

+++

DEBUG 11 May 2015 15:17:478161 [main] com.bmc.sas.dm.wsclient.BPPMClientWrapper  Invoking operation unifiedadmin/Policy/5b60ae2e-b8de-4eb9-938c-41e2d90e134d/list HTTP Request GET

DEBUG 11 May 2015 15:17:478161 [main] com.bmc.sas.dm.wsclient.BPPMClientWrapper  request params :idType=id

DEBUG 11 May 2015 15:17:478161 [main] com.bmc.sas.dm.wsclient.BPPMClientWrapper  body :null URL: unifiedadmin/Policy/5b60ae2e-b8de-4eb9-938c-41e2d90e134d/list

ERROR 11 May 2015 15:17:489174 [main] com.bmc.sas.dm.wsclient.BPPMClientWrapper  BMC_DM6E Exception:Error while executing web service request with URL unifiedadmin/Policy/5b60ae2e-b8de-4eb9-938c-41e2d90e134d/list

com.bmc.bppm.wsclient.exception.ServerException: Call to Server failed : Response Status: 500 Message returned from server:

+++

Solution

1. To identify the policy name that failed to export and produced the tool to stop working, analyze the datamigrator.log file to get the id of the policy failing. Search for string similar to "BMC_DM6E Exception:Error while executing web service request" like in below message:


ERROR 11 May 2015 15:17:489174 [main] com.bmc.sas.dm.wsclient.BPPMClientWrapper BMC_DM6E Exception:Error while executing web service request with URL unifiedadmin/Policy/5b60ae2e-b8de-4eb9-938c-41e2d90e134d/list

com.bmc.bppm.wsclient.exception.ServerException: Call to Server failed : Response Status: 500 Message returned from server:

 

2. Take the policy ID from the error message. This is the long value between "/Policy/" and "/list", that is, 5b60ae2e-b8de-4eb9-938c-41e2d90e134d

3. Execute below SQL statement in your BPPM server to get the name of the Policy assiociated to that ID (value of the oname column):

runjava scripts.runsqli "select * from pepolicy where id ='5b60ae2e-b8de-4eb9-938c-41e2d90e134d'"

4. Trying to export only this particular policy name with the cmapolicymigration tool from the command line should also fail.

The reasons for the policy to fail during export are difficult to say at this stage but below are some recommended steps:

a. Edit the policy from CMA console and review every configuration section to ensure nothing got wrong or corrupted (for instance, if Single Integration Service value is set, ensure only one ISN name is provided in the value field).

b. A restart of BPPM server to sync up data within BPPM DB may help.

c. If restarting is not possible or it doesn't fix it, deleting the specific policy and recreating it again may also help to ensure the policy is properly created.

 

++++++++++++++++++++++++++++++++++++++++

000147721 - Not able to edit the Infrastructure Policy on TSPS after importing it using cmapolicymigration utility

We have imported Infrastructure Policy TS-Self-Monitoring-JVM from Extended Repository on TSPS.
Policy is imported using below command:

  1. cmapolicymigration.bat import -d "C:\Program Files\BMCSoftware\TrueSightPServer\truesightpserver\modules\cma\pproxy\depot_directory\bmc_products\SamplePolicies\ksm\1.0.00"

    In Infrastructure Policy tab, we can see that Policy has been created, however we are unable to copy or edit it.

Cause: Tenant for Extended Repository is the bmcrealm. Whereas currently the admin user logged in TSPS with tenant as *.

 

Solution:

 

Please change the following entry in "TS-Self-Monitoring-JVM.mo file" present in "C:\Program Files\BMCSoftware\TrueSightPServer\truesightpserver\modules\cma\pproxy\depot_directory\bmc_products\SamplePolicies\ksm\1.0.00"

*******

 

  "tenant" : {

    "name" : "*",

    "id" : "*"

  },

***

then try to import it with -f option

 

  1. cmapolicymigration.bat import -f "C:\Program Files\BMCSoftware\TrueSightPServer\truesightpserver\modules\cma\pproxy\depot_directory\bmc_products\SamplePolicies\ksm\1.0.00"

 

This may be applicable to other policies so the realm modifications should be made accordingly.

++++++++++++++++++++++++++++++++++++++++

 

These were the more common issue we have seen and many of them are environment specific so it is going to take time and effort to investigate to get to the root cause of an export/import issue. If you do experience these issues, please do not hesitate to contact Support for assistance.

 

Are there any export/import features you would like to see? Please share your comments here as we would love to hear your input.

 

 

 

AMIGO.jpg

 

 

The BMC Assisted MIGration Offering, or AMIGO, is a program designed to assist our customers in planning and preparing for product upgrades from an older, to a newer supported version.  By engaging with BMC Technical Support Analysts, you will be provided with materials containing guidelines and best practices to aid in compiling your own upgrade plan. An upgrade expert will then review your plan, and offer advice and suggestions to ensure success through proper planning and testing.

The AMIGO program consists of a Starter Phase and a Review Phase.  Each phase is initiated by opening a support case, and ends when the case is closed.

In the Starter Phase, an AMIGO Starter case is opened.  Reference material will be provided and a call with a Technical Support Analyst will take place to discuss the details of your upgrade, and address any questions you may have.  The AMIGO Starter case will be closed, and the next step will be for you to prepare a documented upgrade plan.

In the Review Phase, an AMIGO Review case is opened preferably two weeks prior to a set upgrade date.  A call will be scheduled with an upgrade expert to review your detailed plan, providing feedback and recommendations, along with answers to any outstanding questions.  As needed, a follow up discussion with a Technical Support Analyst may take place for feedback after the upgrade is performed.

The AMIGO program includes:

» A “Question and Answer” session before you upgrade

» A review of your upgrade plan with Customer Support

» An upgrade checklist

» Helpful tips and tricks for upgrade success from previous customer upgrades

» A follow-up session with Customer Support to let them know how it went. This will help BMC to enhance the process.

 

To get started, please review the details here:

https://docs.bmc.com/docs/TSOperations/110/amigo-checklist-for-truesight-operations-management-724138985.html?src=search

 

Then open a BMC Support issue containing your environment information (product, version, OS, etc.) and the planned date of the installation, if known. We will contact you promptly, and work with you to ensure a successful and timely outcome.

Computer.png

!!!NEW CONTENT!!!

Here are a few new Knowledge Articles added over the last month:

 

000149329 BPPM - Customized mail event footer with hyperlink to view more details is not correct, how can this be modified?

 

000148990 Which PATROL Agent versions are compatible with BPPM 9.6

 

000149448 TSPS fails to connect to Remedy SSO during silent installation

 

000149060 How to get a Patrol Agent availability report

 

000148952 "Downloads will not be populated" seen on TSIM 10.7 installation when TSIMAgent & TSIMAdmin directories are not copied to TSIM ServerApplying 10.7 Fix Pack 2 to TSIM server installed with warning

 

000149514 After RSSO and LDAP integration users fail to login to TSPS with error - You are not authorized to use this system

 

000148609 If RSSO is reinstalled, how do the internal users/groups get recreated for TSPS

 

000148215 Cannot add some slots to Table View in TSPS

 

000148758 Can you change the version number of a KM in a policy?

 

000148760 Does ProactiveNet require partitioning, Real Application Clusters, OLAP, Real Application Testing, Data Mining, or spatial?

 

 

Looking for a previous blog posting? Find it here: BMC TrueSight Pulse Blogs