objects€reducing€the€mysteries - cdn.ymaws.com · a€word€about€keys€pathcrc€hash...
TRANSCRIPT
Title: Configuration Management:Objects Reducing The MysteriesSession #: 331Speaker: Mike ElderCompany: net.works
Who is net.Works, Corp?Technology Services Firm
• Founded in 1997 –Providing High End Security& WAN services to Financial Institutions andUtility Companies
• 1999 –Started Implementing RadiaConfiguration Management Solutions forNovadigm
• 2004 –Became HPOV Gold/Elite Partner
• Service Areas: HPOV ConfigurationManagement
• NDW staffs the largest group of Certified HPConfiguration Management Engineers
Agenda
• Definitions (5 Minutes)• Objectives (5 Minutes)• Process Flows (5 Minutes)• Tools Used (5 Minutes)• Examples (30 Minutes)• Questions (5 Minutes)
What Is CM Objects?
• Proprietary file types used withinconfiguration change management thatprovide methods for internal CM variables,doing file differencing, and data repositories.
• Contains the .EDM prefix• Utilizes special programs to read/write/update
Definitions
What Are File Inventory Audits WithinCM?
• Policies on the AUDIT domain that allow forhardware, software, and custom inventorycollections
• File Audits• Wbem Audits• Hardware
Definitions
What Is CM Distribution Model?
Nutshell Overview:
DEVICERIMDB
RCS
Definitions
AdditionalComponents:
RIS
Proxy Servers
Queuing
Reporting
What Is CM Distribution Model? (2)
• CM resolution process from RCS• If difference create new object (with deltas)• Send data to tiered RCS• Send to reporting server (RRS)• Update RIM (add, delete, updates) using SQL
Definitions
Definition
Custom collections is anything beyond the standardRadia audits. For example: if there is a script that iscurrently extracting data in a specific format, onecould use this logic to schedule this script, create acsv file, create a radia object, and transfer this objectvia radia’s “rimdiff” command. The rimdiff willautomatically create the table and all data itemswithin the rim DB. In addition, it will utilize the “rimdiff”to transfer only the “deltas” of any changes madeafter the first initial pass
Definitions
Objectives Of Presentation
• Allows end user to do their own custom audits• Utilize the CM distribution model towards local (push)
logic of custom data audits• To convert simple file (csv,xml) files to WBEMAUDT
formatted CM objects• Run RIMDIFF interactively towards immediate real
time RIM updates• Utilize RIM DB as a central repository and reporting
tool
Objective
RimDiff
QMessaging
Reporting
Process Flows
1. Create a simple input file using anyprogram, script, or tool that is currently inplace
2. Update the above file to a CM object in theWBEMAUDT format
3. Send the object using standard CMtransport
4. Utilize custom or CM reporting tools
rim.cfg FILE Setup
• WBEM_AUTOCREATE 1• DB_AUTOCREATE 1
Parameters Of RIMDIFF Logic
• Utilizes same logic as standard radia webem Audits• Auto generates the rim tables if configured• Can pass the “varchar” lengths {default 128}• Sends only the deltas after first pass• Does autodeletes {updates}• Must specify keys that are unique for each record• If nokeys then the entire record is used for RIM
update hash
Positives Of Custom RimDiff Distributions
• Only deltas sent to DB• No need for ODBC user passwords• Queuing is already established• Infrastructure already setup via CM• Data converted to OBJECTS• Compression• Provides the ability for the customer to control the
data audit (files)• Centralization of data
Negatives Of Custom RIMDIFF Logic
• Security for RIM DB tables (auto generated)• Limited documentation• Troubleshooting Complexities• Default varchar 128
Unless one updates the wbem_schema.tclin the rim.tkd on the RIS
A Word about Keys PATHCRC Hash
Assume 3 keys and a key item has changed:NAME!, WDEVICEID!, WSIZE!,wfreespace are used to create the unique
PATHCRC hash.
EXAMPLE of DATA:
.. server1,A,10001,555 PATHCRC HASH = 1937222 (old record)
.. server1,A,10002 ,555 PATHCRC HASH = 1937223 (new record)
When the diff runs it will say: PATHCRC HASH 1927222 no longer exists..so delete it.
The new PATCHCRC HASH 1937223 is an add so add it
Rather then updating one specific field, the entire record gets processes.One Delete, and One add
NonKeys DATACRC HASHAssume 3 keys and a nonkey item has changed:
NAME!, WDEVICEID!, WSIZE!, wfreespace, nnmserver
EXAMPLE:
PATHCRC=193332.. server1,A,10001,555,xyz.com DATACRC HASH = 1937222.. server1,A,10001 ,555,xyz1.com DATACRC HASH = 1937223
When the rimdiff runs it will say: We have and update as the DATACRChas changed. Update the data for PATHCRC 193332
So only the data gets updated
Logistics of Custom Audit program• Program does a dir/ls ndw*.csv• Windows: \usr\radia
Unix: /var/opt/radia• Uses file name as table name. Currently must start with NDW and use
a csv prefix: NDW_contacts.CSV
• First record is a header must start with a #
• Details records must match header field counts
• Keys are unique, must end with ! on the header record Max of 3 keys
• The table user will be based on DSN RIS setup
• If no keys specified entire record is hashed into a key
Data Format#hostname!,primary_contact,secondary_contact,location,status,commentsrcsclient,mike elder,sam smith,4up building 21,gold,testboxrcsclient1,mike elder,bill blass,3up,silver,testing datarcsclient2,mike elder,bill blass,3up,silver,testing keystestbox,charle,bill,3up,silver,sap
WEBMAUDIT OBJECT
DB Entry DB View autogenerated
Other Uses:
• Brute force password attemptsLogin attempts more then X amount of times
• Top 10 largest files and or directories• Modified registry entries within X amount of time• Authentication failures of ftp services• Any current data collection scripts
Tools Used
• TCL• CM Client Modules• RIMDIFF• radconct• All these are already installed with the CM
(radia) client!
Sample Scenarios:
• Simple nvdobj editor• The contact file• Invalid password process
Backing Out
1) Remove the table from RIM2) Delete the sql on RIS
\integrationserver\sql\webem\[name].sql3) Stop Restart RIS
net stop httpdnet start httpd
4) Rerun rimdiff to recreate the table