×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')

Important

   

Starting version 8.9.03, BMC Network Automation is renamed to TrueSight Network Automation. This space contains information about BMC Network Automation 8.9.02 and previous versions. For TrueSight Network Automation 8.9.03 and later releases, see the TrueSight Network Automation documentation.
BMC Network Automation 8.9 ... Using Managing configuration compliance

Testing rules

Before you enable a rule set, you should test each rule to ensure that the rule set will function as expected. This topic describes the rule test methods that BMC recommends.

The first method for testing your rules is to use the Compliance Summary Report and its Failed and View Trace links. See the View Trace example in the Viewing a Compliance Summary report page.

The Failed link shows the current configuration compared with the compliant configuration. The compliant configuration contains the additions and deletions that BMC Network Automation made according to the rule. Review the changes to verify that they are done in the correct location.

The View Trace shows exactly how BMC Network Automation applies the rule to the configuration. Review the Corrections section towards the bottom and verify that the corrections are what you expect and where you expect them; closely examine the blocks to ensure that the corrections made to the blocks were actually made inside those blocks. Use the line coloring in the report to help you understand where the system located the domain(s) of interest and any matching subject lines.

As a final test, create a job that performs a Remediate action, which remediates with the new rule set. Use the Preview icon in the Actions list to display the script preview page, and click through the devices. Review the incremental or full merge script, especially when multiple rules are involved, since they can interact in unexpected ways. Some basic conflicts between corrections are reported to you here (for example, rule 1 adds a line, which rule 2 then removes). You can discard the job once the preview is complete, or save it as draft, if you need to rework the rules and re-test them.

When all rules are functioning correctly, follow these steps to perform an initial compliance check:

  1. Enable the rule set, as seen in Viewing the rule sets listing.
  2. Submit a Refresh Device Status span action with Compliance Violation Status checked. The refresh performs a compliance check on the current configurations. See Refreshing the status of a device.

Thereafter, BMC Network Automation performs a compliance audit when it detects a change in any configuration. Compliance violations are displayed on the Dashboard and logged to the Event Log. You can also view compliance violations from the Compliance Summary report, or by running a Compliance Status action in a job.

Was this page helpful? Yes No Submitting... Thank you
Last modified by Sulekha Gulati on Apr 18, 2017
rule_set rules testing best_practices recommendations

Comments

Log in or register to comment.

Exporting rules
Managing policies
© Copyright 2013 - 2017 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.