Configuring the BMC Discovery connector

This topic provides an overview of and instructions to configure the BMC Discovery connector and to create a service account using REST APIs. 

Overview

BMC Discovery connector establishes connection with BMC Discovery (on-premises only) to find all the assets in a network. BMC discovery obtains information about the assets even if they are not enrolled in the endpoint manager, TrueSight Server Automation. As an administrator, when you integrate BMC Helix Automation Console and TrueSight Automation Console with BMC Discovery, you can identify which assets in your environment are not included in vulnerability scans. These are blind spots, and they represent potential security risks. The blind spot assets appear on the Discovered Assets page. You must ensure that the discovered assets are scanned for missing patches and vulnerabilities.

In BMC Helix Automation Console (SaaS) and TrueSight Automation Console (on-premises) version 20.02, you can configure the connector and create a service account for BMC Discovery by using REST APIs only. 

This topic describes the URL, method, and sample configuration for only configuring the connector. For more information about the supported connector API calls see, Using REST API

Configuring connector for TrueSight Automation Console

For TrueSight Automation Console (on-premises), the connector is available as a container after the installation is complete.  

To use this REST API, you must first create an authorized session with administrator credentials. For more information, see, Using REST API.  

POST/api/v1/connectors

Request body parameters

NameDescriptionRequired
nameSpecifies the name of the connector.Yes
descriptionSpecifies the optional description for the connector.No
hostSpecifies the host name or IP address of the host where BMC Discovery server is installed.Yes
portSpecifies the port where BMC Discovery server is installed.Yes
type

Specifies the type of connector.

Valid value: DISCOVERY

Yes
propertiesContains the properties to connect to the BMC Discovery serverYes
username

Specifies the username required to login to the BMC Discovery server.

Ensure that this is a valid user in BMC Discovery.

Yes
password

Specifies the password, in plain text, which is encrypted by the application in the request.

Yes

Sample request JSON

{
    "description": "connector for Discovery",
    "name": "Discovery-Connector",
    "host": "<hostname>",
    "port": 443,
    "admin_role": "admin",
    "protocol": "https",
    "type": "DISCOVERY",
    "properties": {
       "username": "<discovery-user>",
       "password": "<password>"
    }
}


Sample response JSON

{
    "connector_id": "8a5aafe3-fa9b-4d73-8c94-6ee477a28103",
    "name": "Discovery-Connector",
    "description": "connector for Discovery",
    "admin_role": "admin",
    "host": "<hostname>",
    "port": 443,
    "protocol": "https",
    "type": "DISCOVERY",
    "properties": {
        "username": "<discovery-user>",
        "password": "VSVu1gc+EpJ7SI5NI33o87OhklK+O2KhSGMPP+2xmXTIP926zdL7W5+XpA=="
    },
    "worker_id": "discovery-connector"
}


Responses

CodeDescription
200OK

401

Unauthorized

500

Internal Server Error

Configuring connector for BMC Helix Automation Console

In a BMC Helix Automation Console environment, you must first configure the connector, and then download the connector file, and then run it in your environment. 

  1. Create an authorized session with administrator credentials by using the POST /api/v1/sessions API call.
    See Using REST API.
  2. Configure the connector by using the POST /api/v1/connectors REST API call. 
  3. Download the connector file using the REST API call: https://<serverName>/api/v1/connectors/download/{type}
    For more information, see Using REST API.
  4. Extract the discovery_connector.zip file on an internet-enabled server (inbound and outbound). 
    The host where the connector is installed must be accessible to BMC Discovery.

  5. On the BMC Discovery server, go to the hosts file and add the following:

    Hosts file location

    - Windows: C:\Windows\System32\drivers\etc\hosts

    - Linux: /etc/hosts

    <connector-ip>  discovery.connector.bmc.com

    Note

    If you choose to use DNS, you must register the connector server in the DNS as discovery.connector.bmc.com. No other name is currently supported.

  6. On the server where the connector.zip is extracted, go to the connector location, and run the following command to install and start the connector: 
    • Windows: run.bat
    • Linux: run.sh

    BMC Discovery connector starts running successfully. 

Creating a service account for BMC Discovery

After configuring a connector, create a service account by using this REST API call. 

POST/api/v1/config/service-accounts

Request body parameters

NameDescriptionRequired
connector_nameSpecifies the name of the BMC Discovery connector.Yes
connector_type

Specifies the type of the connector.

Valid value: DISCOVERY

Yes
delay_in_refresh_cycles

Specifies the time interval, in minutes, after which the data should be refreshed.

Default is 60 minutes.

Yes
credential_type

Specifies the type of credential.

Valid value: DATA_REFRESH

Yes
user_name

Specifies the user name to be used to connect with BMC Discovery.

This must be the same user as configured in the connector.

Yes
passwordSpecifies the password, in plain text, which is encrypted by the application in the request. Yes

Sample JSON request

{
  "connector_name": "<connector-name>",
  "connector_type": "DISCOVERY",
  "delay_in_refresh_cycles": 6,
  "profiles": [
    {
      "credential_type": "DATA_REFRESH",
      "user_name": "<discovery-user>",
      "password": "<password>"
    }
  ]
}

Responses

CodeDescription
200OK

401

Unauthorized

500

Internal Server Error

Where to go next?

Now that you have successfully configured the connector and added a service account, based on the data refresh cycle configured in the service account, the assets appear in Automation Console, under Assets > Discovered Assets page. To view discovered assets, see, Working with assets.

Was this page helpful? Yes No Submitting... Thank you

Comments