Use the following procedure to configure the Asset Collector for a typical environment.
To configure the Asset Collector for a typical environment
The New Configuration Policy dialog appears.
The new configuration policy appears in the tree view.
All of the Asset Collector policies appear on the Asset Collector pane.
By default, the AssetCollectorCollect collection folder is created in the DSM installation directory.
This value is left unchanged in this scenario, as the inventory that will be generated is from a manually created inventory file.
Note: If, however, you had an automated task creating the inventory files, you could change this value to reflect this. For example, suppose you have a tool that lets you create inventory files based on handheld devices in your enterprise. If this tool delivers its inventory file output to the AssetCollectorCollect collection folder, then you could specify the default origin as "Handheld Inventory Collector." The default origin and trust level are only used when the inventory file does not contain an entry for origin or trust.
Because the source of the inventory is a manually created inventory file, the inventory entered could become outdated easily. A trust level of 5 is not used because of the reasons stated (data could become invalid).
Note: It is up to the DSM administrator to determine what trust level is used.
By default, the AssetCollectorBAK working folder is created in the DSM installation directory.
By default, the AssetCollectorOutput output folder is created in the DSM installation directory.
A value of True specifies that the selected collection folder can be scanned for subfolders with new inventory files.
Note: This setting has no effect if the collection folder has no subfolders.
This policy specifies the name of the server to which inventory files are uploaded and registered. In most cases, the Asset Collector is installed on a scalability server, so that the inventory can be delivered to the local machine.
A value of False indicates that all files, digitally signed and unsigned, are processed. A value of True indicates that the Asset Collector only processes files that have valid and trusted digital signatures.
Note: For more information about sealing and unsealing policies, see the Configuration Policy section of the DSM Explorer Help.
This applies the policy to the target computer you want to configure with this policy.
The Asset Collector is configured for this scenario.
Tenancy lets you manage the asset information collected from various sources within the same MDB. The collected asset information is imported into the MDB in such a way that the tenancy membership of the asset is maintained and managed within the same MDB.
CA ITCM is not multi-tenant capable. CA ITCM, however, can collect external inventory files and store any tenant information which can be used by other multi-tenant capable CA Products.
Asset Collector uses the collection folders to receive inventory files. You can configure the collection folders to associate tenants with individual collection folders.
The tenancies are defined in the ca_tenant MDB table. Defining a tenancy on a collection folder lets the engine populate a new column named tenant_id on the ca_asset table in the MDB. The column tenant_number from the ca_tenant table is used to configure the Asset Collector.
Note: CA ITCM cannot populate the ca_tenant table, although other CA products such as CA Service Desk Manager or CA IT Asset Manager can populate it. So, when you define tenants with CA Service Desk Manager or some other CA product, specify a tenancy number for each tenant. Asset Collector uses this tenancy number to differentiate between tenants.
By default, the CA ITCM database is not configured to perform tenancy collection. You must enable a number of database triggers for the MDB to maintain the tenancy columns in the database.
Execute the following statement to enable the triggers:
For Oracle database:
execute sp_enableTenantTriggers(1);
commit;
Note: You must execute the command as mdbadmin and not the ca_itrm user on Oracle.
For Microsoft SQL Server database:
exec sp_enableTenantTriggers 1
Note: You must execute the command in the MDB namespace.
You can change your session to MDB namespace by executing the following command:
use mdb;
You can manage the asset information collected from various sources within the same MDB by configuring the Asset Collector configuration folders.
You can configure the Asset Collector configuration folders by specifying:
Note: You cannot configure one collection folder for multiple tenants.
To configure collection folders for tenancy collection
The policy is unsealed.
The Asset Collector policies appear on the Asset Collector pane.
The Modify Setting dialog appears.
Note: The tenancy number column is optional. A value specified in this column has to match with an entry in the ca_tenancy column of the ca_tenancy table in the MDB.
The policy is sealed.
The policy is applied to the scalability server.
You can specify rules for processing the inventory files collected from multiple tenants. The rules can be based on one of the two attributes (trust level and collection time) of the inventory files.
There are two modes of operation:
Processes the inventory file based on the trust level.
An inventory file with trust level equal to or greater than the trust level of the previous inventory file propagates to the scalability server.
Processes the inventory file based on the collect time.
An inventory file with collect time higher than the collect time of the previous inventory file propagates to the scalability server.
To prevent resubmission of inventory records taken on the same day, define the same day window configuration in seconds so that any inventory file having a collection time within the same day window is not processed.
If you set the same day window to zero, the check is not performed, and all inventories with a subsequent collection time are processed.
Note: If you do not want to define processing rules for every tenant, you can define default-processing rules for the following configurations:
You can specify rules for processing the inventory files collected from multiple tenants. To accept or reject an inventory file, configure rules based on trust level or collection time.
To configure rules for processing inventory files
The policy is unsealed.
The Asset Collector policies appear on the Asset Collector pane.
The Modify Setting dialog appears.
The following fields are not self-explanatory:
Specifies the tenant number.
The tenant number here must match a tenant number defined in the collection folders table, and hence the tenant_number column of the ca_tenant table.
Specifies if trust mode or collection time is used to process the inventory files. Set the value to TRUE to use trust level or FALSE to use collection time to process the inventory files.
Specifies the collection time window in seconds. Any inventory file that has a collection time within the same day window is not processed.
To disable same day window, set the value to zero.
Note: You must define only one set of processing rules for each tenant.
Click OK.
The policy is sealed.
The policy is applied to the scalability server.
Note: If you do not want to define processing rules for each tenant, or if you have configuration folders without a tenant number, define the following processing rules in the Asset Collector configuration section:
Defining the default rules results in the same behavior as the tenant processing rules, but are applied when the tenant specified does not have a rule defined, or the asset submitted does not have a tenant associated.
Using the Origin to Trust level mapping, you can define a trust level for an asset from a particular origin. Defining a trust level is useful when you are collecting inventory information from multiple origins. The mapping is used when the collected asset file does not have a trust level defined.
To configure origin to trust level mapping
The policy is unsealed.
The Asset Collector policies appear on the Asset Collector pane.
The Modify Setting dialog appears.
Note: Do not define multiple trust levels for the same origin. However, you can use the same trust level for multiple origins.
Click OK.
The policy is sealed.
The policy is applied to the scalability server.
You can specify a tenant number if you have other CA products like CA Service Desk Manager which require tenant classification for a CA ITCM agent. You can associate a tenant with a CA ITCM agent by specifying a tenant number in the configuration policy of the scalability server.
A scalability server can support only a single tenant. If you want to collect agents for different tenants, you must use a different scalability server for each tenant.
The tenant number is defined in the ca_tenant table by CA Service Desk Manager or CA IT Asset Manager.
You must configure the tenant number that will be used for assets that are registered through a scalability server and is applied only when tenant number is not provided by the Asset Collector.
To configure a tenant number on the scalability server
The policy is unsealed.
The Common Server policies appear on the Common Server pane.
The Setting Properties dialog appears.
Note: The tenant number that is applied must match a tenant number in the ca_tenant table.
The policy is sealed.
The policy is applied to the scalability server.
You can configure the Asset Collector to accept only the inventory files that have a valid time stamp in the xml inventory unsigned files (.xiu), and reject inventory files that have a collect time in the future. You can configure same day tolerance to define future date to assist processing of inventory files from different time zones.
To configure rejection of inventory files having a future collect time
The policy is unsealed.
The Asset Collector policies appear on the Asset Collector pane.
Specifies whether inventory files without a collect time are allowed.
Set the value to TRUE to allow inventory files without a collect time in the xml.
Defines the tolerance in seconds that is applied to the current time to define a future date.
Any inventory file having a collect time in the future will be checked against the future data.
Specifies whether to reject inventory files with collection time exceeding future date.
Set the value to TRUE to reject files that have collection time beyond the future date tolerance.
The policy is sealed.
The policy is applied to the scalability server.
When the Asset Collector processes inventory files, the following results are possible:
Asset Collector lets you define post-processing actions on above events.
If the inventory file is rejected or it contains an error, you can configure Asset Collector to delete the file, copy the file to the output folder, or rename the file with a .error extension.
If the inventory file is accepted, you can configure Asset Collector to delete the file or copy the file to the output folder.
To configure post processing actions
The policy is unsealed.
The Asset Collector policies appear on the Asset Collector pane.
Specifies the action on the rejected inventory file.
Set the value of the parameter to 0, 1, or 2 to delete the file, move the file to the output folder, or rename the file with a .error extension respectively.
Specifies the action on the processed inventory file.
Set the value of the parameter to 0 or 1 to delete the file, or to move the file to the output folder respectively.
Specifies the action on the inventory file that contains an error.
Set the value of the parameter to 0, 1, or 2 to delete the file, move the file to the output folder, or rename the file with a .error extension respectively.
The policy is sealed.
The policy is applied to the scalability server.
You can generate audit information in the MDB for enhanced traceability and reporting.
You can configure the Asset Collector to generate audit records. These records are written into the CA_AC_AUDIT_LOG table in the MDB.
Asset Collector maintains an internal cache of audit events and sends them to the scalability server when certain thresholds in terms of size or age are reached.
You can customize the threshold values to match your environment.
To configure Asset Collector auditing
The policy is unsealed.
The policy expands.
The Asset Collector policies appear on the Asset Collector pane.
Defines the maximum age in seconds that the audit log queue must reach before it sends the audit log to the scalability server for inclusion in the MDB.
Defines the polling period in seconds. The polling period is used to check the audit log queue and age by the audit component.
Defines the maximum number of items allowed in the audit log queue before it is sent to the scalability server for inclusion in the MDB.
The policy is sealed.
The policy is applied to the scalability server.
You can configure the events that generate an audit record from the configuration section of the Asset Collector.
To configure Asset Collector auditing events
The policy is unsealed.
The policy expands.
The configurable audit events appear.
Specifies if an audit record is created for each successfully processed inventory file.
Specifies if an audit record is created when an inventory file is rejected because the collect time specified in the file appears to be a time in the future.
Specifies if an audit record is created when an inventory file is rejected because the collect time in the inventory file is older than a previous submission for the same asset.
Specifies if an audit record is created when an inventory file is rejected because its collection time falls within the same day window of a previously processed asset.
Specifies if an audit record is created when an inventory file is rejected because a key value in the file is missing.
The policy is sealed.
The policy is applied to the scalability server.
The Asset Collector collection audit items are written to the CA_AC_AUDIT_LOG table. This table has the following columns:
|
Name |
Description |
|---|---|
|
Asset Name |
Defines the host name of the asset. |
|
MAC Address |
Defines the MAC address if available. |
|
Scalability Server |
Defines the scalability server that the Asset Collector reports to. |
|
Origin |
Defines the origin of the asset. |
|
Tenant Number |
Specifies the tenant identifier of the asset. |
|
State |
Specifies if the asset is accepted (0) or rejected (1). |
|
Event Code |
Specifies the Event Code for asset rejection. |
|
Details |
Indicates the reason for asset rejection. |
The Event Code column of the CA_AC_AUDIT_LOG table shows the following possible event codes:
|
Event Code |
Reason |
Description |
|---|---|---|
|
0 |
Not applicable |
Specifies that the asset is accepted. The value is set to zero for asset accepted events. |
|
1 |
Older collection time |
Specifies that the asset is rejected because of a lower collection time than the last accepted inventory file for the same asset. |
|
2 |
Lower trust level |
Specifies that the asset is rejected because of a lower trust level than the last accepted inventory file for the same asset having trust mode enabled. |
|
3 |
Same day as last submission |
Specifies that the asset is rejected because its collection time falls within the same day tolerance of the last accepted inventory file for the same asset. |
|
4 |
Future collect time |
Specifies that the asset is rejected because its collection time represents a time in the future. |
|
5 |
Missing values |
Specifies that the asset is rejected because some key data fields are missing. |
You can manage the size of the CA_AC_AUDIT_LOG table by purging the old records. You can purge old records by configuring values in the configuration section of Asset Collector.
To configure purging of old records
The policy is unsealed.
The Asset Collector policies appear on the Asset Collector pane.
Specifies the time in days before the audit records are purged.
To prevent purging, set the value to zero.
Specifies the age in days, after which the audit records are purged.
The policy is sealed.
The policy is applied to the domain manager.
|
Copyright © 2013 CA.
All rights reserved.
|
|