Closed-loop compliance and audit for servers
This use case involves automatically creating incidents and change requests if noncompliant servers are detected, or if deviations from a master server configuration are detected. The server auditing and server compliance capabilities in BMC Server Automation involve:
- Detecting discrepancies between specific servers or component configurations against a baseline server or configuration
- Monitoring and detecting compliance violations between specific servers or component configurations against specific rules related to operations, security, and governance
Continuous Compliance for Server Automation integrates the remediation of discrepancies and compliance violations in BMC Server Automation to the change management processes facilitated by BMC Remedy ITSM management system.
This topic includes the following sections:
Tracking the remediation of compliance violations
This use case automates the processes associated with remediating compliance violations detected in the configuration of servers and targets managed by the BMC Server Automation system by:
- Detecting and obtaining compliance violations with the configuration of target servers
- Creating incidents and change tickets for those inconsistent servers
- Creating and executing a remediation package to resolve the compliance violation, after the change ticket is approved
- Verifying that the violation is resolved. If the violation is not resolved, the incident is escalated
Overview of the tracking remediation of server compliance violations use case
The following table describes the overall process of the use case:
Task | Description |
|---|---|
Step 1: Detect violations | Detecting and obtaining compliance violations with the configuration of target servers. To prevent unauthorized or unwanted changes in server configurations, the BMC Server Automation operator runs a Compliance job periodically that compares each server configuration against certain rules and policies (for example, operational or regulatory policies). The Compliance job produces a list of consistent and inconsistent servers. |
Step 2: Create tickets | Creating incidents and change tickets for those inconsistent servers. The BMC Server Automation operator configured the job to send an SNMP alert to notify BMC Atrium Orchestrator of these compliance violations. BMC Atrium Orchestrator interacts with BMC Remedy ITSM to open incident and change tickets. |
Step 3: Resolve the compliance violation | After the change tickets are approved in BMC Remedy ITSM, BMC Atrium Orchestrator creates and executes a remediation job in BMC Server Automation. |
Step 4: Verifying that the violation is resolved | The Compliance Job is executed again after closure of the change request, to check if the remediation attempt was successful. |
Considerations for the tracking remediation of server compliance violations use case
This workflow has the following restrictions for Multiple Job Support:
Allows one Compliance Job with a given name in BMC Server Automation server
Although the BMC Server Automation server allows you to create jobs with identical names in different folders, BMC Continuous Compliance for Server Automation solution supports only one job with a given name in a BMC Server Automation server.Example
If a given BMC Server Automation server has a Compliance Job with fully qualified name of /jobFolder/complianceJob, there cannot be another Compliance Job with the same name in any other folder on that BMC Server Automation server.Allows one component template with a given name in a BMC Server Automation server
Although the BMC Server Automation server allows you to create component templates with identical names in different folders, BMC Continuous Compliance for Server Automation solution supports only one component template with a given name in a BMC Server Automation server.Example
If a given BMC Server Automation server has a component template with fully qualified name of /templateFolder/aComponentTemplate, there cannot be another component template with the same name in any other folder on the same BMC Server Automation server.
Tracking remediation of audit discrepancies
This use case automates the processes associated with remediating audit discrepancies detected in the configuration of servers and targets managed by the BMC Server Automation system by:
- Detecting and obtain audit discrepancies or inconsistencies with the configuration of target servers and creates an incident /change/task ticket for every inconsistent target in the Audit Job (Audit Job found inconsistency).
- Creating a single incident ticket for all the failed target servers in the Audit Job.
- Creating incidents and change tickets for the audit discrepancies per server.
- Creating and execute a remediation job to resolve the audit discrepancy, after the change ticket is approved.
- Verifying that the discrepancy is resolved. If the discrepancy is:
- Resolved, the incident is closed
- Not resolved, the corresponding incident is escalated
Overview of the tracking remediation of server audit discrepancies use case
The following table describes the overall process of the use case:
Task | Description |
|---|---|
Step 1: Detect discrepancies | Detect and obtain audit discrepancies or inconsistencies with the configuration of target servers. To ensure that there are no unauthorized changes in server configuration, the BMC Server Automation operator runs an Audit job periodically that compares each server configuration with one or more baseline server configurations. Any detected differences in the configurations are treated as audit discrepancies in BMC Server Automation. |
Step 2: Create tickets | Create a single incident ticket for all the failed target servers in the Audit Job, and creating incidents and change tickets for the audit discrepancies per server. The BMC Server Automation operator configured the job to send an SNMP alert to notify BMC Atrium Orchestrator of these audit discrepancies. BMC Atrium Orchestrator interacts with BMC Remedy ITSM to open incident and change tickets. |
Step 3: Resolve the audit discrepancies | After the change tickets are approved in BMC Remedy ITSM, BMC Atrium Orchestrator creates and executes a remediation job in BMC Server Automation. |
Step 4: Verifying that the violation is resolved | The Audit Job is executed again after closure of the change request, to check if the remediation attempt was successful. |
Considerations for the tracking remediation of server audit discrepancies use case
This use case has the following restrictions for BMC Server Automation Multiple Job Support:
There can only be one job with a given name on the BMC Server Automation server.
The BMC Continuous Compliance for Server Automation solution supports only one job with a given name in a BMC Server Automation server, even though the BMC Server Automation server allows you to create jobs with identical names in different folders.Example
If a given BMC Server Automation server has an Audit Job with the fully qualified name of /jobFolder/auditJob, another Audit Job with the same name cannot exist in any other folder on that BMC Server Automation server.There can only be one component template with a given name in the BMC Server Automation server.
Although the BMC Server Automation server allows you to create component templates with identical names in different folders, BMC Continuous Compliance for Server Automation solution supports only one component template with a given name on a BMC Server Automation server.Example
If a given BMC Server Automation server has a component template with the fully qualified name of /templateFolder/aComponentTemplate, another component template with the same name cannot exist in any other folder on that BMC Server Automation server.
Where to go from here
You can also execute the Documenting operator-initiated changes for servers and Incident enrichment for servers use cases
Comments
Log in or register to comment.