1 of 1 people found this helpful
Bbsa is really good at tracking scripted and command line interactions. If you can only use the console bbsa can’t really help much there.
Is this a COTS application or a custom one? is there a command line or scripted interface? What specifically do they need to do w/ this application?
To highlight Bill’s points, BBSA is an automation tool for automating repeatable tasks. For example, if they need to login and use a machine to use excel to enter some data, then that is not a use case for BladeLogic. But, if they need to login to a system to get a certain dataset from an application (like a data export, or version information) , then perhaps that is something that could be scripted via an API interface to that application.
Hi Bill, thank you for your quick answer.
The fact is that we are facing with a 2000+ servers environment, so they are pretty sure that this cases will appear (problably both COTS and custom applications). Unfortunately, I haven't an example of a specific application.
I've read that there are some ways to configure system logs and the audit them from BBSA. So, assuming that there is no way to control the access to a windows console application from BBSA, our choice should be to implement a rigorous tracking log on the remote server. Is that right?
You can apply RBAC on custom commands so at least from BL its restricted.
When machines are accessed then it is down to the security event log to provide audit trail and domain/user access controls for access.
yes - for commands that are not going through bbsa you need to rely on the OS level logging that is available to track what you want to track.