Have you had the need to make mass changes to policies or update passwords? If so, it can be a time consuming process. BMC has developed a tool which helps manage policies within TrueSight Presentation Server 10.x+
The TrueSight Operations Management Auto Policy Generator is here to make policy management easier. The TrueSight Auto Policy Generator allows users to setup monitoring of their IT using policies. Data is collected used PATROL agent and KMs. Policies are used to push monitoring configuration to the different PATROL agents.
In an environment where many PATROL agents reside for monitoring large (and changing) amount of monitored system, multiple policies are required to cover all aspects of IT.
In some cases, it is possible monitored systems are provisioned or removed on a daily basis. For that policies need to change changes as well. This is where the TrueSight Operations Management Automatic Policy Generator (APG) comes to the rescue!
This tool helps users setup new policies or helps in making changes across existing policies.
The interface used with it is command line based, to allow automation of the process, thus removing the need for human interaction (in regard to these changes).
APG, allows the user a specific set of operations:
a. Create new policy based on a text based template
b. Change value of specific fields within existing policies (e.g. replacing the password)
c. Update policies to add or remove monitoring of different systems (servers, applications, services).
It utilizes existing interface used by the cmapolicymigration utility. APG, manipulates the monitors section of policy. It does not set thresholds, target agents or any of the other settings of a policy.
The APG supports 5 different commands:
|export||Generating properties file(s) based on a monitoring policy.|
|update||Applying a policy change based on provided properties file(s) to an existing or new monitoring policy|
|list||Generate a list of existing monitor policies|
|encrypt||Utility command used to help user generate encrypted strings for passwords consumed by the policies.|
|upgrade||Special command for upgrading a specific monitor policy from one version of a KM to the next. Upgrade command is migrating existing .policy definition to one belonging to a new version of the same KM. This is however limited and assumes the policy set of definition has not changed.|
Why would you want to use it? It is a great time save, makes changing hundreds of policies a breeze.
Well just this week Support case helped a few customers asking how hundreds of policies could easily be modified to change the credentials used to access the servers for monitoring. So if you have the need to change the authentication details on policies easily, you can use the Auto Policy Generator to do that.
Here are a few of the use cases for working with the TSOM APG
- Update passwords: We need to change the password of a given policy to a new on
- Add more monitor solution environments for any Knowledge Module
- Upgrade monitor solution
- Oracle instance monitoring use case
The tool is easy to install and setup:
Make sure to install it with TSPS v10.7 or higher
Open a command line Windows for running the APG manually.
1. Extract the tool: APG.zip on the Windows server running TSPS.
2. Validate that the environment variable called TRUESIGHTPSERVER_HOME is configure, if this not configured please configure the environment variable called TS_HOME and point it to the i
1. Extract the tool: APG.tar inside $TSPS_HOME/truesightpserver/modules directory.
Alternatively, if you plan to install AGS in a different location then make sure the environment variable TS_HOME, points to the location of TSPS installation. (example: TS_HOME=”/opt/bmc/TrueSightPServer/truesightpserver” && export TS_HOME)
Where can I get this awesome time saver you ask? The TSOM Auto Policy Generator is available on BMC's FTP site
There are various versions and revisions with 1.0-rev-10 being the latest
The TrueSight Operations Management APG does not create new policies. It can modify existing or create modified copies of existing policies. It only works the section of setting definitions for the ‘Monitoring’ tab. Other aspects of the policy (agent thresholds, Server thresholds, Filtering etc.) are all ignored.
There are easy to use commands to help with each of the use cases mentioned above:
Supported command usage:
1. apg.bat/sh export -op <policy name> [-pl <property_location>] [ -port <local default application port> ] [ -protocol <HTTP | HTTPs> ]
a -op <policy name> - Name of the policy to export and a properties file, this field is mandatory, if you need to export more than one policy you can use the `, ` sign.
b. -pl <property_location> - Location where the km properties files are saved base on the export policy, when left blank <output directory> is used.
c. -port <local default application port> - may be required when used with TSPS where all communication is routed via a load balancing system
d. -protocol <HTTP|HTTPS> - may be required when used with TSPS where all communication is routed via a load balancing system
Use case: this command will export any configure policy into properties file, for each monitoring solution that is configure in the policy a properties file will be created. The properties file will hold all the current configuration of a given monitor solution. Based on this properties file you will able to add more monitor solution environments, update any value of any given key.
2. apg.bat/sh encrypt [ -p <password> ]
Use case: This command is to encrypt ant plain text password to one that you can use in your new properties file. -p <password> - will generate an encrypted string for the plain text provided in <password>
If -p is NOT provided them ‘Password:’ prompt is used allowing the user to securely type the password to generate the encrypted string.
3. apg.bat/sh update [-enable] [-key <key_property>] [-np <new_policyname>] -op <origin_policyname> [-overwrite] -pl <property_location> [ -port <local default application port> ] [ -protocol <HTTP | HTTPs> ]
e. -enable - If set policy will be enable after successful update.
f. -key <key_property> - New key property to update the properties file, multi key can be use with ',' sign. Key can be full or partial. when fully described then only that key will change e.g. tctgjskit</>GJS_SETUP</>EnvList</>oldGeneric</>hostname The key can also be partial, being the last word only, in this case ‘hostname’. Then that is used then all properties within the file ending with ‘hostname’ will be changed to have the new value.
g. -np <new policy name> - Name of the new policy that will be created in TSPS. Enclose policy name with " " if name contains spaces, if left blank origin_policyname name will be used. h. -op <origin policyname> - Name of the origin policy (Enclose policy name with " " if name contains spaces).
i. -overwrite – When used, the policy will be overwritten and only be create base on the KM properties file. NOTICE: overwrite will also remove from policy configuration of monitor types not defined within the provided .properties file(s).
j. -pl <property location> - Location where the update km properties file is located -port <local default application port> - may be required when used with TSPS where all communication is routed via a load balancing system
k. -protocol <HTTP|HTTPS> - may be required when used with TSPS where all communication is routed via a load balancing system
Use case: With this command you can update any given policy or new policy with the changes you made for the properties file, you can create a new policy base on a template policy by using the -np flag, you can decide that the policy will be enable after a successfully import by using the -enable flag.
4. apg.bat/sh upgrade [-enable] [-np <new_policyname> ] -op <origin_policyname> [-overwrite] -pl <property_location> [ -port <local default application port> ] [ -protocol <HTTP | HTTPs> ]
a. -enable - If set policy will be enable after successful update.
b. -np <new policy name> - Name of the new policy that will be created in TSPS. Enclose policy name with " " if name contains spaces, if left blank origin_policyname name will be used. c. -op <origin policyname> - Name of the origin policy (Enclose policy name with " " if name contains spaces).
d. -overwrite – When used, the policy will be overwritten and only be create base on the KM properties file.
e. -pl <property location> - Location where the update km properties file is located
f. -port <local default application port> - may be required when used with TSPS where all communication is routed via a load balancing system
g. -protocol <HTTP|HTTPS> - may be required when used with TSPS where all communication is routed via a load balancing system
Use case: With this command you can upgrade monitor solution policy, if TSPS repository hold newer monitor solution the tool will try to upgrade the monitor solution and invoke a report to the output.
5. apg.bat/sh list [-port <TrueSight presentation server port>] [-host <TrueSight presentation server host/address>] [-protocol https|http]
Use case: generate a list of policies existing on the local TrueSight Presentation Server. notice that using this command on a Presentation Server routed via a load balancing system may require to use the below flags in order to properly get the data.
a. -host <host> - TSPS host name , if left blank, 'localhost' will be used
b. -password <password> - TSPS password, if left blank default will be used
c. -protocol <https|http> - Protocol used for connection with TrueSight Presentation Server, either http (unsecured) or https (secured & default) is accepted.
d. -tenant <tenant> - TSPS tenant name , if left blank default (BmcRealm) will be used
e. -user <user> - TSPS username , if left blank default (admin) will be used
f. -port <number> - this allow the command to connect to a none default port of the local
TrueSight Presentation Server so to get the list of available monitoring policies.
If you have any questions or need additional assistance, please contact Support.
**************** NEW EOL DATE ANNOUNCED - Important Note to BPPM 9.x, 8.x user****************
BMC understands the situation with COVID and how it has impacted many of our customers. We therefore want to give all customers on BPPM 8.x or 9.x ample time to plan their migration to TrueSight Operations Management.
Here is the official notice in case you did not receive it:
BMC will continue to provide Limited Support for the current generally available versions of these products as defined at the Product End of Life section of BMC’s Product Support Policy until the end of support date of December 31, 2021. As per this policy, BMC will continue to develop hot fixes for problems of high technical impact; however, this solution is considered functionally stabilized, and therefore, will not receive further enhancements during this period.
Effective today until the end of support date listed above, BMC will continue to provide customers with active support contracts access to BMC Customer Support as described in this letter. You can continue to interact with BMC Customer Support just like you do today to receive such support.
Prior to the end of support date, customers with an active support contract have the option to migrate their ProactiveNet licenses to the replacement offerings.
If you have any questions regarding this transition, please contact your BMC Account Manager at 1-855-834-7487 and press Option 1 for Sales, or BMC Customer Support at 1-800-537-1813. To receive updated information as it becomes available, please subscribe to our Proactive Alerts for ProactiveNet and TrueSight products from our BMC Support Central site.
Ron Coleman Director, Product Management
Please reach out to your BMC Account Manager to discuss migration plans and options. If you are not familiar with who your Accoun Manager is, please reach out to Support for assistance as well. We want to ensure a smooth transition for all users of BPPM.
Have you been putting off an upgrade? 11.3.03 is the latest and 11.3.04 is right around the corner – Fall 2020
The BMC Assisted MIGration Offering, or AMIGO, is a program designed to assist our customers in planning and preparing for product upgrades from an older, to a newer supported version. By engaging with BMC Technical Support Analysts, you will be provided with materials containing guidelines and best practices to aid in compiling your own upgrade plan. An upgrade expert will then review your plan and offer advice and suggestions to ensure success through proper planning and testing.
The AMIGO program consists of a Starter Phase and a Review Phase. Each phase is initiated by opening a support case and ends when the case is closed.
In the Starter Phase, an AMIGO Starter case is opened. Reference material will be provided and a call with a Technical Support Analyst will take place to discuss the details of your upgrade and address any questions you may have. The AMIGO Starter case will be closed, and the next step will be for you to prepare a documented upgrade plan.
In the Review Phase, an AMIGO Review case is opened preferably two weeks prior to a set upgrade date. A call will be scheduled with an upgrade expert to review your detailed plan, providing feedback and recommendations, along with answers to any outstanding questions. As needed, a follow up discussion with a Technical Support Analyst may take place for feedback after the upgrade is performed.
The AMIGO program includes:
» A “Question and Answer” session before you upgrade
» A review of your upgrade plan with Customer Support
» An upgrade checklist
» Helpful tips and tricks for upgrade success from previous customer upgrades
» A follow-up session with Customer Support to let them know how it went. This will help BMC to enhance the process.
To get started, please review the details here:
Then open a BMC Support issue containing your environment information (product, version, OS, etc.) and the planned date of the installation, if known. We will contact you promptly, and work with you to ensure a successful and timely outcome.
New TrueSight knowledge articles added to the BMC Knowledge Base over the last month:
000370358 Procedure to synchronize the TrueSight Infrastructure Management secondary cell database server with the primary cell
000370727 With ProactiveNet Cell, is there a limitation on maximum value for Internal ID (data_handle and event_handle slots)?
000370791 How to disable Menu commands on the Integration Service and PATROL Agent devices under Managed Devices page in the TrueSight Presentation Server Console
000370810 TrueSight Presentation Server (TSPS) 11.3.03 - Custom KM successfully imports into the repository, but the KM does not show any where under Global, Server Threshold, or Monitoring Solutions
000370845 We are not able to see events generated by remote port monitoring with a non-admin user even though the corresponding permissions has been given on TrueSight Presentation Server
000371142 "BMC-IMC810355E - Setting Connection status FAIL" seen repeatedly in the TrueSight Presentation Server 11.3.x cellservice.log file
000371172 "Map Not found" error seen in TrueSight Infrastructure Management 11.x Web services log
000371204 How to get the TrueSight Infrastructure Management 11.x "pw certificate create" command to not add unwanted FQDN to CSR when unwanted FQDN was not specified
Was the information in this blog post helpful? What would you like to see more of? Please let us know... we want to hear from you!