Managing Configuration Items › Configuration Audit and Control Facility (CACF) › Planning and Implementing Change Verification › Determine the Scope of Rogue Changes to the Attribute

Determine the Scope of Rogue Changes to the Attribute

You want to determine the scope of rogue changes to the IP Address attribute. Knowing the scope of rogue changes helps you understand the impact of rogue changes on your organization. For example, based on your previous analysis using the Log Only option, you want to create Incidents whenever a change occurs to IP Address to CIs that begin with "test" located in NY without a Change Order. Communicate with Change Managers in your organization to ignore new Incidents that this process creates.

Follow these steps:

1. Complete the following initial implementation actions:
   • Define Implementation in Progress as a managed change state and enable the Implementation State option.
   • Define Verification in Progress as a managed changes state and disable the Promote Change Order After Verification option.
   • Define IP Address (alarm_id) as a Managed Attribute if not already defined.
2. Create a verification policy named Policy2.1 with the following information:
   • Enter 3001 as the Sequence.
   • Enter a description about this policy. For example, you enter Rogue inserts and rogue updates will cause Incidents to be created. All other changes will not be impeded.
   • Select Rogue Inserts and Rogue Updates as the alignments.
   • Select IP Address from the Managed Attribute drop-down list.
   • Enter test* as the CI Name and NY as the Location and an asterisk for all other Patterns.
   • Select Allow Attribute Update, Yes to Create Incident, and an Incident Template from the actions.
3. Click Save.

   After you complete this phase, CACF creates Incidents for all computers in NY. You discover the following information after reviewing the Incidents:

   • Several MDRs report different IP addresses for the same CI.
   • Some MDRs are authoritative, other MDRs are not authoritative.
   • Some CIs should not be managed based on Location, Family, Name, Service Type, and so on.
4. The Change Manager meets with other IT Managers to review the CMDB, CI detail forms, verification logs, and filtering by attribute name to see the rogue data.
5. Your organization decides to update the CI filter in Policy 2.1 to manage Priority 1 Servers only.