You can define rules to help you create objects in the MDB. These rules are used by the classification engine that is used by Classic Discovery and Continuous Discovery to help you expand and customize the classification and discovery of objects.
You can write object creation rules to perform the following tasks:
You can write object creation rules that support the following methods of classification. You can combine these methods using logical ANDs and ORs to classify an object as exactly as possible.
You define these rules in configuration files, methods.xml and classifyrule.xml, that are used by the Discovery process to classify the object before it is added to the MDB. Classification rule files are in XML format and reside in the \Config subdirectory on the Discovery agent.
By tuning the priority and timeout properties, you can configure the system for optimal classification performance. You should give the most successful rule in your environment the highest priority. By default, the highest priority rule is Generic SNMP. However, if you have very few native SNMP installs in an environment, you should give a different rule the highest priority. For example, if you have many CA NSM agents installed, the SNMPAgentOID rule results in the best performance.
Uses a certain port and community string for classification. You can customize your rule files by adding a new general method to the methods.xml file or by changing the existing SNMPGeneric string. All pattern matches for the results of SNMP queries are specified in the classifyrule.xml file. Review the classifyrule.xml file for more information about how to classify by evaluating SNMP query results.
Attempts to establish a Telnet session, and returns the Telnet login screen if successful. In the classification methods, this screen can then be matched with a default pattern. The Telnet method could also be described as “screen scraping” of the Telnet login screen. Default classification rules are supplied for all major operating system vendors. In many environments, these login screens are standardized. You can modify the Telnet classification rules by entering your own pattern matches if you have specialized login screens. Telnet methods specify a state computer that usually consists of establishing the connection and then waiting for the amount specified in the timeout parameter. After the timeout is reached, the connection can be closed.
Socket type methods scan ports of a computer to retrieve a port map that can be used to identify what type of device was discovered on the network. The desired port combination can be defined in the classifyrule.xml file (see this file for examples). In the port combination, you can specify whether a port should be found at all. For example, the absence of a Telnet port may signify that the device could be a Windows computer. You can now combine this rule with the NetBios port scan (SocketWindows_NetBios method) to describe the port layout of the computer so that the computer can be classified as correctly as possible. You can configure port scans for TCP/IP or UDP. You can specify pattern matches in the classification rule in the classifyrule.xml file if you know the byte pattern.
Specifies the first six bytes of a MAC address in the filter of a classification rule.
Queries a computer using the HTTP protocol and returns the response. The response is matched with a byte pattern in the classifyrule.xml file. Default methods are provided by Discovery.
Attempts to establish an SMTP session with a mail server. The SMTP method is very similar to the Telnet and FTP methods. You can customize this method to fit different types of mail servers. The default method supplied by the default Discovery configuration files works for Microsoft Exchange Mail servers.
Attempts to establish an FTP session with the computer and returns the FTP login screen. The FTP method is very similar to the Telnet method.
|
Copyright © 2010 CA.
All rights reserved.
|
|