Device type header XML element reference
This topic describes all of the XML elements allowed in the header part of a device type adapter.
By convention, any of the elements whose name ends in Info
contain commentary information, which is used only for display purpose in the Device Adapter Capabilities report. These fields do not affect any processing.
The default value for a true/false flag is false unless indicated otherwise. The default value for any string element is null or empty.
Tag | Description |
---|---|
<guid> | (Required) A globally unique ID (GUID) Run the create_guid.sh or create_guid.bat script in the BCAN_HOME\tools directory to generate a new GUID for use here. |
<name> | (Required) Name of the device type, up to 255 characters in length This name appears on the GUI and must be unique across all device types. BMC recommends that you include the name of the vendor in the name of the device type, to help identify the device type in the GUI. |
<vendor> | (Required) GUID of the vendor to which this device type belongs |
<supportedModelInfo> | The equipment model numbers or names that this device type supports |
<supportedModelInfo> | The operating system versions that this device type supports |
<imageNamePrefix> | String prepended to the discovered operating system image name, to help identify the images uniquely among a list of all the images in the system. |
<managerGuid> | GUID of the device type that acts as a managing system to devices of this type. That is, if some operations are performed directly on the device while other operations must pass through a parent managing device, then fill in this GUID. For example, a Cisco Nexus device may be managed by a Cisco VNMC Virtual Appliance. |
<managerRequired> | true or false to indicate if a device of this type must include the selection of a manager. That is, when true, the device edit page requires the Manager field to be filled in. When false, the Manager field is optional. |
<managerBackup> | true or false to indicate if a configuration backup or snapshot should be done via the manager after making changes directly to the device. That is, changes might not be reflected on the device directly, but appear in its manager instead. |
<alwaysUseDiff> |
If templates that are pushed to this type of device can contain snippets or small parts of the full configuration, then this flag should be set to false to generate better side-by-side difference reports. If templates pushed to the device must contain a complete configuration, then set this flag to true, again to generate better difference reports. |
<ignoreBlanks> | true or false to indicate if configurations from a device of this type are whitespace neutral, where spaces and tabs are completely insignificant and the device is prone to injecting random whitespace (causing spurious differences). Setting this to true can eliminate spurious changes and discrepancies. |
<sortEntireConfig> | true or false to indicate if the lines in every configuration obtained from a device of this type should be sorted, where ordering of lines has no significance at all and the device is prone to re-order lines randomly (causing spurious differences). When true, the system sorts the lines alphabetically before comparing a new configuration to an existing one, and storing new configurations. |
<defaultMergeCommandGuid> | GUID of the <deviceCommand > or <httpDeviceCommand> used to push scripts that are not associated with any trail into the device's running or active configuration. Templates and target configurations have no trail associated with them, so this <deviceCommand > or <httpDeviceCommand> is used to deploy such scripts. |
<defaultRestoreCommandGuid> | GUID of the <deviceCommand > or <httpDeviceCommand> used to push scripts that are not associated with any trail into the device's startup or stored configuration. Templates and target configurations have no trail associated with them, so this <deviceCommand > or <httpDeviceCommand> is used to deploy such scripts. |
<supportsTelnetAccess> |
Default value is true. |
<supportsSsh2Access> | true or false to indicate if devices can be accessed by version 2 of the SSH protocol. When true, only <interaction > elements should be used in device commands to send CLI commands and read responses. |
<supportsInteractiveSshAuth> | true or false to indicate if, upon accessing the device using SSH, it prompts for user name and password. Normally, the user name and password are provided in the SSH protocol during connection negotiations, but some devices require them to be entered in response to interactive prompts after the SSH connection is established. |
<supportsHttps11Access> | true or false to indicate if devices can be accessed via version 1.1 of the HTTPS protocol. When true, only <httpInteraction > elements should be used in device commands to send requests and process replies. |
<supportsHttps10Access> | true or false to indicate if devices can be accessed via version 1.0 of the HTTPS protocol. When true, only <httpInteraction > elements should be used in device commands to send requests and process replies. |
<supportsHttp11Access> | true or false to indicate if devices can be accessed via version 1.1 of the HTTP protocol. When true, only <httpInteraction > elements should be used in device commands to send requests and process replies. |
<supportsHttp10Access> | true or false to indicate if devices can be accessed via version 1.0 of the HTTP protocol. When true, only <httpInteraction > elements should be used in device commands to send requests and process replies. |
<supportsWebServiceAccess> | true or false to indicate if devices can be accessed via a custom protocol. This is for BMC internal use only. |
<sshPseudoTty> | String containing the name of a pseudo terminal to use in SSH connections. Some types of devices require a pseudo terminal to make interactions work. If you are able to send commands but fail to read any responses, a pseudo terminal may fix the issue. Some commonly recognized pseudo terminals are |
<telnetPseudoTty> | String containing the name of a pseudo terminal to be used in Telnet connections. Some types of devices require a pseudo terminal to make interactions work. If you are able to send commands but fail to read any responses, a pseudo terminal might fix the issue. Some commonly recognized pseudo terminals are |
<sshTerminalWidth> | Number indicating the width of the terminal to use in SSH connections, defaulting to 80 Most devices allow the terminal width to be set to unlimited, which should be done explicitly during the login |
<telnetTerminalWidth> | Number indicating the width of the terminal to use in Telnet connections, defaulting to 80 Most devices allow the terminal width to be set to unlimited, which should be done explicitly during the login |
<enableFIPSModeForSsh> |
If set to true, all devices of this type must be configured to use FIPS mode, so that both the client (TrueSight Network Automation device agent) and server (device) sides of the SSH connection are in agreement. For more information about FIPS mode, see Configuring enhanced security. |
<supportsTunneledTransfer> |
When true, you must implement the tunneled support in the applicable |
<transferredFilenameExtension> | When using file transfer, specifies the filename extension for temporary files sent to or received from the device Normally, temporary files are named with a .tmp extension, but some devices only produce or allow files named with a specific extension (such as .zip). This extension replaces normal .tmp extension. You should include the dot to make it a true extension. Note that this does not apply to operating system image files, but only to configuration files. |
<stripFilenameExtensionFromCmds> |
When false, the complete filename is used. When true, only the base name (without the extension) is used. |
<supportsTftpTransfer> |
Default value is true. |
<supportsFtpTransfer> | true or false to indicate if the FTP protocol is supported to send and receive files |
<supportsScpTransfer> | true or false to indicate if the SCP protocol is supported to send and receive files |
<rebootsAfterRestore> |
When true, this tells the system to wait for the reboot to complete and to re-login before taking the trailing configuration snapshot(s) which reflect the deployed changes. |
<rebootSleepSeconds> | Number of seconds to wait to allow the device to reboot. Once the system issues the reboot (or more precisely, completes the interactions in the reboot |
<securitySleepSeconds> | Number of seconds to wait after a device is rebooted to allow its operating system to accept logins. Some devices, during their boot process, start their telnet or SSH server processes, such that TrueSight Network Automation may succeed in connecting to those services, but the device is not yet ready to process login or authentication requests. To prevent the post-reboot connection/login sequence from failing because the device is not quite ready, this sleep value can be increased. |
<promptsUnsavedChanges> |
This setting affects the GUI only. It helps validate the selected Reboot Options in the Reboot and Deploy OS Image actions. |
<kickAtResponseTimeout> | String to send to the device when the device seems to be stuck waiting for input and has not emitted any response. If the system sends a command and does not receive a response within a timeout, the entire action can be flagged as failed. There are rare instances where sending certain commands can cause the device to go off processing and it misses reading a trailing carriage return or a line feed. The device acts as if the system neglected to send it the complete end-of-line sequence. Using this element, you can have the system send out another end-of-line sequence or a control-C or whatever will trigger the device back into its normal CLI processing without causing any error. You may specify non-printable characters using |
<supportsMultipleSecurityContexts> |
When true, the system augments the device edit page to allow you to specify security context fields, and those selections are passed into the XML processing as properties (which can be used to switch contexts and the like). |
<supportsConfigPerSecurityContext> | true or false to indicate that each security context (or other virtual component) maintains a separate configuration |
<virtualMachine> | true or false to indicate if a device of this type might be (but does not have to be) a virtual machine |
<requiresTunnelingForContainerMerge> | true or false to indicate that tunneled mode is always to be used to deploy scripts for the purpose of CLM container management, regardless of the device's transfer mode |
<requiresTunnelingForUserContexts> | true or false to indicate that tunneled mode is always to be used to deploy scripts to user-defined security contexts, regardless of the device's transfer mode. |
<supportsTunnelMergeForConfigurationFile> |
When true, indicates that configurations contain line-by-line commands that can be understood by the device individually when pushed in tunneled mode. When false, configurations cannot be deployed in tunneled mode, but templates can be (presuming a different syntax is used in templates versus configurations). Default value is true. |
<creatorSecurityContextName> | String containing the name of the security context (or other virtual component) where other contexts can be created This is relevant only to CLM container management. |
<supportsForwardImageDeletion> |
Set this to true when the image management is done in discrete steps, one of which is to delete the current image to make space for the new image. |
<supportsSerialTerminalServerManagement> |
When true, the system uses the device security profile Managed By Terminal Server setting to pass the extra credentials as properties into the XML code. When you connect to the console port via terminal server, only tunneled mode can be used. You should implement tunneled snapshot as a minimum to make such a connection useful. Image management is not possible while implementing tunneled snapshot. |
<imageArchiveFilename> | String containing a regular expression that matches an operating system image filename where the file contains an archive-style of image Some devices support deployment of an image bundled into a tar archive, which requires the use of different commands. The filename of the image being deployed is used to control which commands are issued, based on whether the filename matches this element or not. The |
<illegalPortTypeNameCharacters> | String containing one or more characters, enclosed in square brackets, that are not allowed to be used in port type names in the CLM container management environment The system automatically removes any such characters from port type names. |
<preserveFilenameOnImageLoad> |
Normally, the system deploys files using its own temporary filenames. But a device might reject files whose names do not conform to its operating system image file naming conventions, so setting this to true uses the filename of the file that was loaded into the system (either into the OS image library or into the Deploy OS Image action). |
<imageMustFitInFreeSpace> |
The system always checks for fit into total size, but this element adds a check on free size. This element should be set to true only for device types that have a distinct file-copy step that precedes the image-installation step. (Most devices combine download and install into a single command that does its own file management, where a check on total size is sufficient). Device type also needs to have fully-implemented discover-image-details that reports the used, free, and total space, or this flag has no effect. |
<imageLoaderClassName> | String containing the full class name of the Java code that performs the operating system image management functions. This effectively limits user implementation of image management, since only the factory-installed Java code is available for reference here. However, if a device supports the installation of an image through a single command that downloads, validates, and installs an image file, then you might be able to use the class |
| String containing the name of a filesystem where operating system image files can reside When deploying an operating system image, the selected Target Image Filesystem must be one of the listed values, or Default is also acceptable. |
| Defines what operating system image files are supported by the device, especially when multiple files make up the running image. Leave this element out when devices of this type manage their images as a single file, or when the command to deploy an image file does not vary based on the contents of the file. When multiple files are supported and must be identified to the device in the image deployment commands (as they are in Cisco Nexus), then define multiple
|
<hardwareInventoryClassName> | String containing the full class name of the Java code that performs the hardware inventory management functions This element effectively limits user implementation of hardware inventory management, since only the factory-installed Java code is available for reference here. |
<supportsSyslogAutoArchiveTriggerInfo> | true or false to indicate if a device of this type is capable of emitting syslog messages that indicate a configuration change has occurred, which can thus trigger the Auto Archive policy (to take snapshots of the latest configurations containing the changes) |
<passwordEncryptionFunctionInfo> | String containing what functions (to be used in the This documentation helps you develop rules that verify passwords are set to expected values, where those values are encrypted. |
<templateFormattingInfo> | String containing instructions to help you create acceptable templates Use a |
<generalInfo> | String containing general notes, caveats, quirks, or anything else special about this type of device that might affect how users manage them Use a |
<containerVfwClassName> | String containing the full class name of the Java code that performs virtual firewall functions in CLM container management This element effectively limits user implementation of virtual firewall management, since only the factory-installed Java code is available for reference here. |
| String containing an SNMP OID that maps to a device of this type (usually the Used when importing devices from an external system that is aware of the device's OID, to assign this device type to the imported device. The
|
| Specifies that devices of this type support snapshot (and optionally deploy) of the specified configuration The
|
| String containing a regular expression that matches configuration lines that should be treated as comments Comments are ignored when looking for changes, so comments cause no discrepancies to be flagged, nor do they cause new configurations to be added to the trail of previous versions of the configuration. The
|
| Specifies that multiple consecutive lines of a configuration be treated as comments, delimited by begin and end lines. The
|
| String that should be ignored when it appears at the start of a configuration line Used when comparing a configuration against a template, to generate more usable difference reports (for example, to align set and clear versions of the same parameters). |
| String containing a regular expression that matches command lines in a configuration that should be sorted prior to the configuration being checked for changes or discrepancies, where ordering of lines has no significance at all and the device is prone to re-order lines randomly (causing spurious differences) The system pulls out all the lines that match, sorts them, and then re-inserts them into the configuration in the new order. The scope of the sorting is limited to the lines that match one Sorting of blocks and negated lists is limited to device types that support Smart Merge, which is not user-extensible. The
|
| Specifies command line parameters or arguments that should be sorted within the line prior to the configuration being checked for changes or discrepancies, where the order of the parameters is not relevant and the device is prone to re-order those parameters randomly. The parameters must be separated by a space. The <
|
| Specifies how text in a configuration or a template should be altered. This element applies only to ASCII configurations (not to binary ones). For both
|
| String containing a regular expression (case-insensitive) that identifies a command line that contains sensitive data The system exposes sensitive data only to users with the sensitive data right. Sensitive data is found in configurations, templates, rules, transcripts, and reports. In the regular expression, use parentheses around the sensitive parts of the command; the system masks these parts of the line when displayed to a non-privileged user. |
| Defines a re-usable <response > block; the name attribute is required. If there are many <interaction> or <httpInteraction> elements where some or all of the responses are the same, you might put those common responses into a re-usable block, name the block, then use the block by name via the <responseBlockReference> element (in place of duplicating the responses). |
| Defines a re-usable <error> block; the name attribute is required. If there are many <interaction> or <httpInteraction> elements where some or all of the errors are the same, you might put those common errors into a re-usable block, name the block, then use the block by name via the <errorBlockReference> element (in place of duplicating the errors). |
Avoiding discrepancies due to updated text processor in version 8.9.02
The indentation through the delegateClassName
attribute introduces some discrepancies when comparing configuration files generated after version 8.9.02 against those generated before. If you want to avoid discrepancies, revert to the text processor included in earlier versions, as follows.
Cisco ACI device adapter changes
<configProcessors>
<textProcessor fileTransfer="true" incoming="true" replace="" search="200\x00a"/>
<textProcessor fileTransfer="true" incoming="true" replace=">\x00d\x00a<" search="><"/>
</configProcessors>
<configProcessors>
<textProcessor fileTransfer="true" incoming="true" replace="" search="200\x00a"/>
<textProcessor delegateClassName="com.bmc.bcan.agent.shared.imported.network.devices.XMLTextProcessor" fileTransfer="true" incoming="true"/>
<textProcessor fileTransfer="true" incoming="true" replace="" search="(?m)^[ \t]*\r?\n"/>
<!-- strip out blank lines, since XMLTextProcessor inserts some that pollute the block sorting -->
</configProcessors>
Cisco ACI - Tenant device adapter changes
<configProcessors>
<textProcessor incoming="true" replace="" search="200\x00a" tunneledTransfer="true"/>
<textProcessor incoming="true" replace=">\x00d\x00a<" search="><" tunneledTransfer="true"/>
<!-- replace "><" with ">\n<" for incoming tunneled transfer -->
</configProcessors>
<configProcessors>
<textProcessor incoming="true" replace="" search="200\x00a" tunneledTransfer="true"/>
<textProcessor delegateClassName="com.bmc.bcan.agent.shared.imported.network.devices.XMLTextProcessor" incoming="true" tunneledTransfer="true"/>
<textProcessor fileTransfer="true" incoming="true" replace="" search="(?m)^[ \t]*\r?\n"/>
<!-- strip out blank lines, since XMLTextProcessor inserts some that pollute the block sorting -->
</configProcessors>
VMware vShield Edge device adapter changes
<configProcessors>
<textProcessor incoming="true" replace="" search="200\x00a" tunneledTransfer="true"/>
<!-- replace 200 with empty for incoming tunneled transfer -->
<textProcessor incoming="true" replace=">\x00d\x00a<" search="><" tunneledTransfer="true"/>
<!-- replace "><" with ">\n<" for incoming tunneled transfer -->
</configProcessors>
<configProcessors>
<textProcessor incoming="true" replace="" search="200\x00a" tunneledTransfer="true"/>
<!-- replace 200 with empty for incoming tunneled transfer -->
<textProcessor delegateClassName="com.bmc.bcan.agent.shared.imported.network.devices.XMLTextProcessor" incoming="true" tunneledTransfer="true"/>
<!-- format XML for incoming tunneled transfer -->
</configProcessors>
VMware vShield App device adapter changes
<configProcessors>
<textProcessor incoming="true" replace="" search="200\x00a" tunneledTransfer="true"/>
<!-- replace 200 with empty for incoming tunneled transfer -->
<textProcessor incoming="true" replace=">\x00d\x00a<" search="><" tunneledTransfer="true"/>
<!-- replace "><" with ">\n<" for incoming tunneled transfer -->
</configProcessors>
<configProcessors>
<textProcessor incoming="true" replace="" search="200\x00a" tunneledTransfer="true"/>
<!-- replace 200 with empty for incoming tunneled transfer -->
<textProcessor delegateClassName="com.bmc.bcan.agent.shared.imported.network.devices.XMLTextProcessor" incoming="true" tunneledTransfer="true"/>
<!-- format XML for incoming tunneled transfer -->
</configProcessors>
VMware NSX Distributed Firewall device adapter changes
<configProcessors>
<textProcessor incoming="true" replace="" search="200\x00a" tunneledTransfer="true"/>
<!-- replace 200 with empty for incoming tunneled transfer -->
<textProcessor incoming="true" replace=">\x00d\x00a<" search="><" tunneledTransfer="true"/>
<!-- replace "><" with ">\n<" for incoming tunneled transfer -->
</configProcessors>
<configProcessors>
<textProcessor incoming="true" replace="" search="200\x00a" tunneledTransfer="true"/>
<!-- replace 200 with empty for incoming tunneled transfer -->
<textProcessor delegateClassName="com.bmc.bcan.agent.shared.imported.network.devices.XMLTextProcessor" incoming="true" tunneledTransfer="true"/>
<!-- format XML for incoming tunneled transfer -->
</configProcessors>
VMware NSX Edge device adapter changes
<configProcessors>
<textProcessor incoming="true" replace="" search="200\x00a" tunneledTransfer="true"/>
<!-- replace 200 with empty for incoming tunneled transfer -->
<textProcessor incoming="true" replace=">\x00d\x00a<" search="><" tunneledTransfer="true"/>
<!-- replace "><" with ">\n<" for incoming tunneled transfer -->
</configProcessors>
<configProcessors>
<textProcessor incoming="true" replace="" search="200\x00a" tunneledTransfer="true"/>
<!-- replace 200 with empty for incoming tunneled transfer -->
<textProcessor delegateClassName="com.bmc.bcan.agent.shared.imported.network.devices.XMLTextProcessor" incoming="true" tunneledTransfer="true"/>
<!-- format XML for incoming tunneled transfer -->
</configProcessors>
VMware NSX Manager adapter changes
<configProcessors>
<textProcessor incoming="true" replace="" search="200\x00a" tunneledTransfer="true"/>
<!-- replace 200 with empty for incoming tunneled transfer -->
<textProcessor incoming="true" replace=">\x00d\x00a<" search="><" tunneledTransfer="true"/>
<!-- replace "><" with ">\n<" for incoming tunneled transfer -->
</configProcessors>
<configProcessors>
<textProcessor incoming="true" replace="" search="200\x00a" tunneledTransfer="true"/>
<!-- replace 200 with empty for incoming tunneled transfer -->
<textProcessor delegateClassName="com.bmc.bcan.agent.shared.imported.network.devices.XMLTextProcessor" incoming="true" tunneledTransfer="true"/>
<!-- format XML for incoming tunneled transfer -->
</configProcessors>
Comments
Log in or register to comment.