Important

   

Starting version 8.9.03, BMC Network Automation is renamed to TrueSight Network Automation. This space contains information about BMC Network Automation 8.9.02 and previous versions. For TrueSight Network Automation 8.9.03 and later releases, see the TrueSight Network Automation documentation.

Managing policies

A policy is a set of conditions that, when met, causes the BMC Network Automation system to perform a set of actions. When a policy executes, BMC Network Automation creates a job containing the policy actions.

The following table contains tasks and information for managing policies by using BMC Network Automation, and provides links to the applicable topics:

Using task
For more information
Benefit
Add a new policy

Adding or editing a policy

Add a policy to enable BMC Network Automation to create a job with the specified policy actions.

Add a new condition or edit an existing one

Adding or editing conditions

Add a condition in a policy to enable BMC Network Automation to take specific actions.

Add, edit, or copy keywords for policy conditions

Adding or editing keywords

Add, edit, or copy keywords to policy conditions to detect receipt of specific events, configuration discrepancies or configuration changes.

Access and view the list of policies

Viewing the policies listing

View and then customize policies to support your network environment and IT practices.
View the list of policy conditions

Viewing the conditions listing

View and then customize conditions that are used in policies.
View the list of policy condition keywords

Viewing the keywords listing

View and then customize keywords that are used by policy conditions.
Suppress multiple notifications (or auto-remediations)

Suppressing multiple policy executions

Define a policy that executes its actions when no prior compliance violations have been logged in the past minute.

Policies automate network change and configuration tasks such as:

  • Detecting and archiving configuration changes made by external users (that is, Auto Archive).
  • Scheduling a weekly snapshot.
  • Scheduling delivery of reports (for example, Change Summary, Compliance Summary).
  • Notifying users or systems when a configuration change or a compliance violation event is detected.
    For example, when a a compliance violation event is logged, the Send Compliance Violation Notification policy can be configured to send a notification (for example, SNMP, email, Remedy ticket). Use the following methods to limit when compliance violation notifications are sent:
    • On the Policy Details tab, you can limit when notifications should be sent if a violation is detected.
    • On the Policy Condition page, you can limit the notifications to a filtered set of devices.
    • On the Policy Keyword page, you can limit the notifications by severity (for example, Critical and Major only), event type, and search string value.
  • Auto-remediate critical compliance violations.
  Click here to view the predefined policies that are shipped with BMC Network Automation.


Policy Name

Description

Condition(s)

Action

Auto Archive

Detects configuration changes made external to the system.

Received an external syslog or Check Point change event.

Performs a Snapshot Span action on the triggering device.

Deploy to Active Request Failed Notification

A Deploy to Active span action failed.

The system logged a Deploy to Active failure event to the Event Log.

Updates the action to send an email and/or SNMP notification.

Multiple Severity (0/1) w/Change in Past

Correlates potential cause of multiple high severity events to recent device configuration changes.

A device has generated over 10 high severity events within the past 2 days and a device configuration change has occurred within the last 2 days.

Updates the action to send an email and/or SNMP notification.

Multiple Severity (0/1) w/OS Change in Past

Correlates potential cause of multiple high severity events to a recent OS version upgrade.

A device has generated over 10 high severity events within the past 2 days and an OS version change has occurred within the last 2 days.

Updates the action to send an email or SNMP notification.

Remediate Req Failed Notification

A Deploy to Active action with the Remediate option failed.

The system logged a Remediate failure event to the Event Log.

Updates the action to send an email and/or SNMP notification.

Send Change Notification

Sends a notification when a configuration change is detected.

A device's configuration has changed.

Updates the action to send an email or SNMP notification.

Send Compliance Violation Notification

Send a notification when a device is non-compliant with assigned Rules.

Any violation to one or more rule set(s) was detected.

A compliance violation notification is sent.

Send Discrepancies Cleared Notification

Sends a notification when all discrepancies have been cleared for a device.

All configuration discrepancies have been cleared, including running vs. startup, running vs. trusted running, and startup vs. trusted startup.

For SNMP notification, updates the action to set the Trap Type field to All Discrepancies Cleared.

Send Discrepancy Notification

Send a notification when an unauthorized or unplanned configuration change is detected.

A difference between trusted and current configuration or running and startup configuration exists.

Updates the action to send an email and/or send a trap.

Send External Change Task Update Failed Notification Sends an email notification when the Change Task Close update cannot be made in an external system after a job completes. The External Change Task Close task fails. Updates the action to send an email. You can change the recipients of the email.
Send Hardware Change Notification Sends a notification whenever a hardware change has been detected during a Snapshot job. A hardware change has been made prior to the start of the Snapshot job. Updates the action to send an email or SNMP notification.

Send Violations Cleared Notification

Sends a notification indicating all compliance violations have been cleared for a device.

All compliance violations have been cleared on the current configuration for the device.

Updates the action to set the Trap Type field to All Compliance Violations Cleared.

Severity (0/1) Event w/Change in Past 48

Correlates potential cause of a high severity event to a recent configuration change.

A device has generated a high severity event and a configuration change has occurred within the past 48 hours.

Updates the action to send an email or SNMP notification.

Snapshot Request Failed Notification

A snapshot span action failed.

The system logged a snapshot failure event to the Event Log.

Updates the action to send an email and/or SNMP notification.

Weekly Archive

Schedule a weekly snapshot of the Default realm.

It is Sunday at 2:00 am.

Performs a weekly Snapshot action every Sunday at 2:00am for the Default realm.

Was this page helpful? Yes No Submitting... Thank you

Comments