• Loading...
This documentation refers to a previously released version of BMC Atrium Discovery (other versions).

Using Scanner Files

Skip to end of metadata
Go to start of metadata
Space Search

Searching TWF 7.3

Table of Contents

A scanner file is used to simulate discovery of a system that is unreachable, or you are not permitted to scan. A scanner file is a plain text file created by running the standard discovery commands on the host in question and saving the output. Note that just the standard discovery commands are run on the host, no information that is discovered by patterns is available.

Scanner files are read from the $TIDEWAY/var/scanner directory. Discovery checks periodically for new scanner files; this period is configurable.

Creating a scanner file

To create a scanner file:

  1. From the Discovery section of the Administration tab, select Platforms. The Discovery Platforms page is displayed.
  2. Click the operating system link corresponding to the host for which you are creating the scanning file. For Windows hosts, click the Shell Scripts link in the Windows Discovery section. The commands for the operating system are displayed. This example uses the Linux operating system.

  3. Click the Download host script link (called Linux.sh in this case) and save the file to the local machine. Change the file permissions to make it executable.
  4. Copy the file to the remote host. In this example the SCP utility is used to copy the files between the local host teabag and the remote host teaspoon: 
    tideway@teabag:~$ scp linux.sh tideway@teaspoon:linux.sh
tideway@teaspoon's password:
linux.sh                                      100%   19KB  18.9KB/s   00:00
tideway@teabag:~$
  5. Log into the remote host and run the script piping the output into a text file: 
    tideway@teabag:~$ ssh teaspoon
tideway@teaspoon's password: 
Linux teaspoon 2.6.18-6-686 #1 SMP Sat Dec 27 09:31:05 UTC 2008 i686
...
tideway@teaspoon:~$
tideway@teaspoon:~$ ./linux.sh > teaspoon.txt
tideway@teaspoon:~$ more teaspoon.txt 
FORMAT Linux
--- START device_info
hostname: teaspoon
fqdn: teaspoon
dns_domain:  tideway.com
domain:
os: Debian Linux lenny/sid
--- END device_info
--- START host_info
kernel: 2.6.25-2-amd64
num_logical_processors: 2
cores_per_processor: 2
...
tideway@teaspoon:~$
  6. Copy the output text file to your local host. 
    tideway@teaspoon:~$
tideway@teaspoon:~$ scp teaspoon.txt tideway@teabag:linux.txt
tideway@teabag's password:
teaspoon.txt                                      100%  265KB 264.7KB/s   00:00
tideway@teaspoon:~$
  7. The output file is now copied to your local host.

Loading a scanner file onto the appliance

Once you have created and copied the output file to your local host, you can now copy it to the appliance. In this example, the appliance is called appliance and the local host is called teabag. When loading scanner files onto the appliance you should use the upload user. The upload user was created for this purpose, has a home directory which is the default location for uploading scanner files, and has limited access to the appliance. See The upload user for information on enabling this user.

  1. Copy the output file to the appliance. In this example the SCP utility is used: 
    dtweed@teabag:~$ scp teaspoon.txt upload@appliance:~/linux.teaspoon.txt
upload@appliance's password:
teaspoon.txt                                      100%   265KB 262.7KB/s   00:00
dtweed@teabag:~$

When you load a scanner file onto the appliance, its name must be unique otherwise it may get overwritten by another scanner file being uploaded at the same time, so it is helpful to use a naming scheme that enables you to correlate scanner files and created hosts. The only rule on naming is that you do not use a name starting with . or ending with .ignore; if you do then that file is ignored. These filenames are used for internal purposes.

Using Scanner Files with Consolidating Appliances
If you are using scanner files with consolidating appliances, you should upload the scanner files to the consolidating appliance, rather than the scanning appliance. If you do this then the hosts created are correctly identified as "Read from scanner file", not simply "Retrieved by scanning appliance".

Hosts created from Scanner Files

Once you have loaded a scanner file, and the IP address of that host has been scanned, either by a manual scan, or a scan triggered when Discovery polls for and finds a new scanner file, you will then see the host in the Tideway Foundation UI. When the scanner file is used, Discovery creates non-expiring pool data (a .no-expiry file is created in the pool data directory $TIDEWAY/var/pool/192/168/1/100/.no-expiry where the IP address is 192.168.1.100). The pool data is used for each subsequent discovery until the scanner file is updated.

Repeated scans of that IP address yield identical results until the scanner file is updated or the pool data deleted. If the pool data exists, Discovery never attempts to scan the actual IP address on the network. To scan the IP address on the network, delete the pool data directory. To continue the example from above, use the command rm -rf $TIDEWAY/var/pool/192/168/1/100 to remove the pool data.

On the DiscoveryAccess, the Discovery Details section the Data Source field states "Read from scanner file".
Labels:
None
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.