Configuring the TrueSight Server Automation connector

TrueSight Server Automation connector is used to establish a connection between Automation Console and the TrueSight Server Automation Application Server. Automation Console sends notifications for jobs such as updating catalogs, and running patching jobs to the connector, which sends it to the TrueSight Server Automation. The connector ensures that even if the application server is in an air-gapped environment, communication between Automation Console and the application server is uninterrupted. 

By default, the connector establishes a connection over the HTTPS protocol using out-of-the-box self-signed certificates. To ensure seamless communication, you must provide the connector information in the hosts file on Server Automation server as mentioned below:

Hosts file location and connector name

- Windows: C:\Windows\System32\drivers\etc\hosts

- Linux: /etc/hosts

<IPaddress of the server where the connector is installed>  tssa.connector.bmc.com

You create a service account and specify the data refresh interval while configuring the connector. The Data Refresh capability monitors jobs that affect the status of the missing patches and managed assets and regularly updates the job data in Automation Console. This service account is also used for change automation while obtaining approvals from BMC Remedy IT Service Management. 

If you have multiple Application Servers (MAS) set up in your TrueSight Server Automation environment, in case of failure of one of the instances, you can edit the connector configuration and specify a different TrueSight Server Automation server. 

Important

When you edit the connector configuration, ensure that the server belongs to the Load Balancer setup or the Disaster Recovery setup in the same environment as the existing connector host. If you specify a new server outside of the Load Balancer setup or the Disaster Recovery setup, the existing data is duplicated leading to confusion and mismanagement.

Before you begin

Before running the connector, ensure that the connector is installed and run on Windows and Linux operating systems that match the following criteria:

  • AdoptOpenJDK Runtime Environment 17 is installed on the connector host.

  • Port requirements:

    Port

    Protocol

    Source

    Destination

    Inbound /outbound

    443

    HTTPS

    Connector

    HAC SaaS and Internet

    Outbound

    9843 OR <Customer configured port>

    HTTPS

    Connector

    TSSA Application Server 

    Outbound

    443

    HTTPS

    TSSA Application Server

    Connector

    Inbound

    • Connector's Outbound port 443 should be opened for ifm url mentioned in creds.json available in <connectorDirectory>/config/ folder. e.g.
      "endpoints": {       
              "ifm": "https://<url>"
          }

To configure the Server Automation connector for BMC Helix Automation Console

To configure the connector, do these steps: 

  1. Login to BMC Helix Automation Console.
  2. Go to the briefcase menu on the top right and click Connectors > Add a Connector.
  3. From the on-premises connectors, select the Server Automation connector, and click Configure
  4. On the Add a connector page, provide the following details: 
    1. Enter a name.
    2. In the Application Server Configuration area, enter the host name, port, and the Server Automation administrator role name. 

      Can I provide a different TrueSight Server Automation host details while editing the connector?

      Yes, in case of failure of the existing Application Server, you can specify another Application Server only if it belongs to a multiple Application Servers (MAS) set up.

    3. In the Service Account Profile area, enter the username, password, role, and the authentication method for the service account. 
      This account is used to log on to BMC Helix Automation Console with a Server Automation user profile. 
      After entering the password, click Save.
    4. In the TSSA properties, enter the TSSA properties separated by a comma. These properties will be managed as Managed Asset Tags in the Automation Console. For more information on Managed Asset Tags see, Importing Server Automation asset properties as managed tags.

      Important

      • The tags specified here will override the tags specified in the CSV, if they already exist. The latest data import takes precedence and overrides the existing tags. The import could be through a CSV file or by the tags that are specified while configuring the TSSA connector.
      • TSSA properties that are entered on the TSSA connector page should only be of the simple property type such as a string, an integer, a decimal, or a boolean value defined in Server Automation. Additionally, their default values should also be plain strings, without being selected by a macro.


    5. In the Collection Mode area, specify the data collection interval. 
      By default, the time interval is 60 minutes. Minimum acceptable is 5 minutes and maximum is 10080 minutes.
  5. Click Continue and download the connector zip file on a local host. 
  6. On the server where the connector file is extracted, go to the connector location, and run the following command to install and start the connector: 
    • Windows: run.bat
    • Linux: run.sh

    The connector starts running successfully. You can view the connector status on the Connectors page in BMC Helix Automation Console.

  7. (Optional) To configure the TrueSight Server Automation connector as a service, do these steps:
    1. Make sure bsa-connector.xml file is available in folder where connector zip file is unzipped.
    2. Run the bsa-connector.exe install command. 
    3. A new service with the name of “BMC Server Automation Connector” will be created on the host and can be used as any other available service.

Can I configure a connector with any other user profile?

Yes. All users who have appropriate permissions can configure connectors in BMC Helix Automation Console. However, different users cannot configure separate instances of the same connector.

All Server Automation users who have appropriate permissions, can view the connectors that are currently configured and running in their environment on the Connectors page.

To import Server Automation asset properties as Managed Asset Tags into BMC Helix Automation Console

As a security compliance analyst, you can import Truesight Server Automation asset properties by specifying values in the TSSA properties field, while configuring the Truesight Server Automation connector. Upon successful connector sync operation, BMC Helix Automation Console loads all the specified TSSA properties as Managed Asset Tags along with the asset metadata.

Bu using the Managed Asset Tag filter in Advance filters in the Patch dashboard and Managed Assets page, you can filter the imported  Truesight Server Automation asset data based on their properties such as supplier name, system environment, customer, location, and so on to generate a customized reports for respective stakeholders to perform remediation actions.

To enable debug mode

BMC recommends that you do not modify any other configuration files available in the /config directory. However, you can enable the debug mode on the connector to obtain detailed logging information.

Do this:

  1. Press CTRL+C twice to stop the connector.
  2. Go to <ConnectorLocation>/config, open the log4j.properties file, and change the logging option to debug.

    #
    #Logging related Properties
    logging.level.com.bmc.dem.bsaconnector=DEBUG
  3. Start the connector.

Where to go next?

Log in to Automation Console with the appropriate credentials to successfully verify the connector installation. See Accessing and navigating the Automation Console interface

Was this page helpful? Yes No Submitting... Thank you

Comments