Policy precedence best practices

Policy precedence is the priority of a policy and ranges from 0 to 999. A lower number indicates a higher priority. Policy precedence controls the configuration applied to the PATROL Agents and Infrastructure Management servers when there are conflicting or overlapping configurations defined between two or more policies.

The following sections in this topic describe how precedence is applied and best practices regarding usage of precedence values.

Policy precedence behavior

  • Policies are applied on PATROL Agents based on the Agent Selection Criteria that is defined during policy creation.
  • If two policies attempt to manage the same variable, such as /AgentSetup/historyRetentionPeriod, the PATROL Agent resolves the conflict by evaluating the precedence of the involved policies. Consider the following examples:

 

Example: with conflict

Example: without conflict

Scenario details

Policy A:

Precedence number - 099

Includes configuration for the amount of history the Agent should retain.

/AgentSetup/historyRetentionPeriod - 7 (retention in days)

Policy A:

Precedence number - 699

Includes configuration for monitoring the following Microsoft Windows services:

  • Windows Update Service
  • Windows Time
  • Windows Firewall

Policy B:

Precedence number - 070

Includes configuration for the amount of history the Agent should retain.

/AgentSetup/historyRetentionPeriod - 1 (retention in days)

Policy B:

Precedence number - 499

Includes configuration for monitoring the following Microsoft Windows services:

  • Windows Event Logs
  • Windows Worldwide Publishing
When policies A and B are applied to a PATROL Agent

The Agent resolves the conflict that is related to the /AgentSetup/historyRetentionPeriod variable by evaluating the precedence values of the policies.

Because the precedence value of Policy B (070) is lower than that of Policy A (099), the variable value of Policy B, that is 1, is applied to the Agent.

Remember the rule: Lower the number, higher the precedence.

The Agent is configured according to the union of policy A and policy B because there are no conflicts. All the Windows services configured in policy A and policy B are monitored.

Policy naming guidelines

To easily track the configurations that are applied to PATROL Agents and to know the order in which the precedence is being applied, you must keep the policies organized.

BMC recommends that you organize policies according to the precedence numbers when creating and editing policies.

Consider the following options as examples for organizing policies:

1) Use policy precedence number in policy name

To enable easy sorting of policies, include the precedence number of a policy as a prefix in the policy naming, as per the following format: <precedence number>_<policyname>.

For example:

  • 099_Basic_Event_Propagation_ALL_AGENTS
  • 599_Standard_Windows_OS_Monitoring

2) Use policy sorting information in policy name

To enable easy searching of policies, include policy-specific information in the policy naming. For example, you can easily you can easily find all Windows policies if the policies are named as follows.

  • Windows2012_Service_Monitoring
  • Windows2012_Standard_Monitoring
  • Windows2008_SQLSrv_Monitoring

Policy precedence values

BMC recommends that you define a precedence numbering system. Related policies can then be grouped according to the numeric ranges of the precedence numbers. Consider the following chart as an example.

Assign precedence numbers starting with the highest number in the range and then continue assignment in the descending order. By doing so, you can leave the lower numbers in the range for specific use cases.

Precedence range

Applicable for

Additional information

001 – 049

Temporary policy overrides

Use for a short term for specific policies until a complete policy is developed.

050 – 099

Policies for low-level behavior management in Agents

Use for policies that you always want to enforce. For example, Agent tuning, event propagation.

100 – 299

Polices that are specific to a logical group of servers

Use for policies such as vCenter monitoring, Exchange Servers, Oracle Servers, Location Related Servers or Services, Agent tuning overrides, and so on.

300 – 499

Specific platform variance policies

Use for policies such as Remote OS monitoring, Windows 2008 monitoring, Linux 6.7 monitoring, Specific Windows services, Specific UNIX processes, and so on.

500 – 699

Standard platform policies

Apply as a standard to large groups of Agents. For example, All Windows, all Linux, and so on.

700 – 899

Other platform policies

Use for examples such as Storage, Network, SNMP, PING, AWS, Azure, and so on.

950 – 999

Prepackaged policies

Reserved for the BMC prepackaged policies. You get these policies when you import the Infrastructure Management PATROL repository.

Was this page helpful? Yes No Submitting... Thank you

Comments