BMC Configuration Drift Management is built on the BMC AR System and is a consumer of the configuration data that is discovered by your discovery applications and stored in your BMC CMDB.
Using the configuration management data in your BMC CMDB, BMC Drift Management focuses on the auditing, verification, and management of infrastructure changes in your data center IT environment. The auditing activities provided by Drift Management assist you in keeping your data center operationally compliant with the business rules of your IT environment.
Drift Management also integrates with other BMC applications, such as BMC Change Management and BMC Incident Management, to provide the initial steps toward the automation of data center operations. Integration with BMC Change Management plays an important role in the automation of these operations by linking changes in the data center environment to approved change requests. Integration with Change Management and BMC Incident Management also facilitates quick resolution of infrastructure changes by manually or automatically creating incident requests, or by manually creating change requests from Drift Management.
Drift Management architectural overview
See the following video for an overview on BMC Configuration Drift Management. This video is recorded using the earlier version of BMC Atrium Core and is valid for BMC Atrium Core 9.1.
What is drift?
Simply stated, a drift is a change in your IT environment. Drift is the difference between the current physical state of your IT environment and the expected or correct state of your environment. At a more granular level, a drift is a change in a configuration item (CI), a CI attribute, or a relationship as defined in your BMC Atrium Configuration Management Database (CMDB).
A drift is caused by adding, removing, or modifying CIs, CI attributes, or relationships between CIs.
BMC assumes you are familiar with basic configuration management and BMC CMDB concepts such as CIs and the BMC Asset dataset. For more information, see Related documentation.
BMC CMDB represents the correct or current states of your data center configuration items. Sometimes, however, real-world issues appear in the form of new releases, upgrades, new equipment, and unauthorized changes. After using your discovery mechanism to scan your environment and to update BMC CMDB, use Drift Management to monitor and detect changes in the state of your CIs.
Drift Management is a consumer of, and works entirely from, the data in BMC CMDB. Drift Management is not a discovery tool, instead it relies upon a discovery application to update BMC CMDB.
Drift Management and ITIL
Drift Management supports the verification and audit activities of configuration management as defined by the IT Infrastructure Library ® (ITIL ® ).
According to ITIL, periodic audits of your IT environment should be conducted to verify that the BMC CMDB is up to date. The reverse is also true. Periodic audits of your physical environment should be conducted to verify that the physical environment has the correct and approved CIs as defined in BMC CMDB.
For example, suppose you want to verify that all security servers have the same CIs and configuration attributes. With Drift Management, you can establish a baseline using a known security server that is in your BMC CMDB and that has the appropriate configuration. You can then compare all other security servers (target servers) with the baseline to detect whether any changes (drift) have occurred. The drift might be due to the addition, removal, or modification of CIs or attributes on your target servers.
With Drift Management, you can perform the audit and verification process as needed or on a regular audit schedule. For example, you might want to audit the servers most critical to your business on a daily or weekly basis and the less critical servers on a monthly basis. If drift is detected, Drift Management enables you to take corrective action (after proper research for the root cause) either by using a change request or by correcting the target computer using an incident request.
ITIL recommends that you perform a configuration audit in your IT environment at the following times:
- Shortly after implementation of a new Configuration Management system
- Before and after major changes to the IT infrastructure
- Before a software release or installation
- At random intervals
- At regular intervals
- When all is back to normal after a disaster recovery
- When any unauthorized CIs are detected
Basic Drift concepts
You detect drift by creating and running a comparison job. A comparison job compares a baseline set of CIs and a target set of CIs in BMC CMDB and identifies differences between the sets.
A baseline is a set of CIs and their associated attributes, having a known state, used as the basis for comparison. You can view a baseline within Drift Management as a saved BMC CMDB query that identifies the CIs that you want to use as your baseline CIs
A target is a set of CIs that you compare with the baseline. These CIs are the items in your IT environment, as they currently exist, that you want to audit to verify that they are at the correct state of configuration.
The source dataset is the location of the CIs that you want to use for your baseline or target.
A snapshot is a copy of a subset of CIs from a source dataset to another dataset (the destination dataset).
You can create multiple (daily or monthly) snapshots of a particular set of CIs and use these snapshots to determine whether the configuration of the CIs has changed.
A qualification set is a query used to select the specific CIs that you want to use in your baselines, targets, or snapshot jobs. A qualification set is required when you create a snapshot, a baseline, or a target.
|An include set defines CI attributes that you want to include in a comparison job to determine whether the CI attribute value has changed or is not set at the correct value. An include set can provide greater granularity during comparison because of its variety of comparison operators (EQ, GT, LT, LE, and so on) and the ability to specify attribute values (for example, a standard value) to compare against. Using an include set is optional.
|An exclude set defines CI attributes that you want to exclude or ignore when doing a comparison. Using an exclude set is optional.
Data from a discovery application is reconciled by the BMC CMDB reconciliation engine and placed in the BMC Asset dataset. This discovered data is then used by Drift Management.
Drift Management workflow
The workflow is as follows:
- A snapshot of the initial state of the dataset is captured by the snapshot job and is used as a baseline for comparison later.
- Later, Discovery updates the dataset with CIs that may have changed and this is used as the target for comparison with the baseline.
- The comparison job compares the baseline snapshot to the target dataset.
- The output of the comparison job can be either used for change management or incident management depending on the use case.
The data on the compared CIs can also be used by a comparison service.
The list of detected CIs can be either displayed or exported to the drift report.
- Comparison of the current state of BMC CMDB with a snapshot
You want to determine whether drift has occurred over a period of time. You make a snapshot of BMC CMDB at a given point in time (this becomes your baseline) and later (a day, a week, or a month, for example) compare the current state (your target) with the baseline.
For more information about using Drift Management for this scenario, see Getting Started. The Getting Started helps you to become familiar with the Drift Management workflow when creating a comparison job.
- Comparison with a standard (for compliance)
You compare the state of BMC CMDB with a baseline to ensure that the physical state is not drifting from the declared standard.
This scenario is commonly called the golden server or golden CI. Within BMC CMDB, you have the CIs for a crucial business service (for example, security) configured exactly as needed. The golden CIs are the baseline with which the other security servers (targets) are compared to verify that they are configured to match the declared standard (the baseline).
A golden CI is configured exactly as needed and is used as a basis of comparison with your target CIs.
- Comparison between a test dataset and BMC CMDB
You want to define a test or sandbox dataset on top of another dataset to determine the impact of potential modifications in the test dataset on BMC CMDB. In this scenario, BMC CMDB is the baseline and the test dataset is the target. The comparison uses the BMC CMDB API to view the equivalent of a merge between the two datasets.