Before you enable a rule set, you should test each rule to ensure that the rule set will function as expected. This topic describes the rule test methods that BMC recommends.
The first method for testing your rules is to use the Compliance Summary Report and its Failed and View Trace links. See the View Trace example in page.
The Failed link shows the current configuration compared with the compliant configuration. The compliant configuration contains the additions and deletions that BMC Network Automation made according to the rule. Review the changes to verify that they are done in the correct location.
The View Trace shows exactly how BMC Network Automation applies the rule to the configuration. Review the Corrections section towards the bottom and verify that the corrections are what you expect and where you expect them; closely examine the blocks to ensure that the corrections made to the blocks were actually made inside those blocks. Use the line coloring in the report to help you understand where the system located the domain(s) of interest and any matching subject lines.
As a final test, create a job that performs a Remediate action, which remediates with the new rule set. Use the icon in the Actions list to display the script preview page, and click through the devices. Review the incremental or full merge script, especially when multiple rules are involved, since they can interact in unexpected ways. Some basic conflicts between corrections are reported to you here (for example, rule 1 adds a line, which rule 2 then removes). You can discard the job once the preview is complete, or save it as draft, if you need to rework the rules and re-test them.
When all rules are functioning correctly, follow these steps to perform an initial compliance check:
- Enable the rule set, as seen in Viewing the rule sets listing.
- Submit a Refresh Device Status span action with Compliance Violation Status checked. The refresh performs a compliance check on the current configurations. See Refreshing the status of a device.
Thereafter, BMC Network Automation performs a compliance audit when it detects a change in any configuration. Compliance violations are displayed on the Dashboard and logged to the Event Log. You can also view compliance violations from the Compliance Summary report, or by running a Compliance Status action in a job.