Walkthrough: Audit a single configuration item
This topic walks you through the process of creating an Audit Job in BMC Server Automation (BSA). It includes the following sections:
The video at right demonstrates the process of creating an Audit Job.
This topic is intended for systems administrators with knowledge of server and infrastructure management, but who are new to BSA.
The goal for this topic is to perform an automated check of a server to determine if its configuration matches a standard configuration.
What is an Audit Job?
Audit Jobs allow you to specify a standard configuration and compare servers.
After running an Audit Job, you can view its results and quickly identify discrepancies. When you identify problems, you can bundle changes into a BLPackage and deploy them to a server so its configuration matches the standard. Audits can perform a security function by quickly identifying unauthorized changes to server configurations.
What does this walkthrough show?
This walkthrough compares two live servers with similar characteristics. One server has the correct configuration. It functions as the reference server, also known as the master server. The walkthrough determines whether the second server has a matching configuration.
What do I need to do before I get started?
You should make sure that you have the BSA Console installed on your workstation, and that you have the appropriate level of permissions to browse servers and run Audit Jobs.
For this walkthrough, you log on as BLAdmin, the default superuser for BSA. Note that in live deployments, BMC recommends you grant access based on roles with a narrower set of permissions.
How to audit a single configuration item
Using the BSA Console, open the Servers folder and navigate to the master server. The master server is configured correctly. It can provide the basis for any audits you perform on similar servers.
In this example, the master server is named vw-sjc-bsm-dv21. It resides in this folder structure: Servers/Compliance Control.
Right-click the master server and select Browse.
A tab opens at right. It shows the many categories of information that are available in real time through live browsing.
In this example, we compare multiple configuration objects. One is the user called Guest.
In the list of configuration objects at right, expand Local Users, select Guest, and then select Audit.
The Audit Job wizard opens.
Click Next. The Server Objects panel of the wizard appears.
Currently the Audit Job is only considering the user Guest, as shown in the Server Objects list. In the following steps we add two more configuration settings to the audit.
In this step you identify settings for the Guest user that you want to audit.
Select the target servers that should be compared to the master server. You can select any combination of servers, server groups, and smart server groups. This allows you to compare the configuration of the master server to many targets. In this example, we select only one target named vw-sjc-bsm-dv14.
On the Schedules panel, select Execute job now and click Finish. The Audit Job runs immediately.
You have many options for scheduling jobs. For this example, we run the job immediately..
|11||To monitor progress of a job, look at the Tasks in Progress View at bottom right. It provides details about the jobs currently executing. It also lets you cancel jobs in progress.|
|12||In the Jobs folder, select the Audit Job you just created, right-click, and select Show Results. Results appear in a tab at right.|
Expand the job results, expand Object View, and select its contents.
The results of an Audit Job can always be viewed from two perspectives. The Object View shows the configuration objects included in the audit and counts how many servers are consistent and inconsistent with the master. Red text denotes any server objects that inconsistent on target servers.
In this example, the Guest account is inconsistent.
|14||Expand Server View and select the server being audited. This example again shows inconsistencies for the Guest account.|
Expand the target server and click on the Guest object.
This view shows detailed results. You can see that on the target, the Guest account is enabled (Account Disabled = False) while on the master server, the account is disabled. This is a potential security problem.
Wrapping it up
This walkthrough has demonstrated how you can set up an Audit Job to define a standard configuration and automatically determine whether other servers match that standard.
Where to go from here
Using Audit Job results, you can create a BLPackage that contains correct configuration settings and deploy them to any servers that do not meet your organizational standards.