Standalone Windows scanning tool

In certain applications, computer and server assets are located on systems that typically cannot be reached by the BMC Atrium Discovery appliance, either because of network security or because the systems are on an isolated network.

The standalone Windows scanning tool enables you to perform discovery on these standalone systems. It enables you to run BMC Atrium Discovery from a USB drive inserted into the target Windows host and to inventory all assets on that system. The tool gathers data from Windows computers that are not connected to a network, and creates scanner files with the discovered data.

The standalone Windows scanning tool compliments the equivalent UNIX scanner scripts.

This functionality does not permit interactive running of patterns to gather the full depth of data that a Windows proxy provides; however, it enables BMC Atrium Discovery to contain data about hosts that would otherwise be unreachable and to synchronize this information to BMC Atrium CMDB. After the tool is run on the target host, the collected data must be manually uploaded to the appliance.

Warning

The standalone Windows scanner can be used to manually collect a limited set of information from a Windows host. The scanner is designed to be used solely on isolated systems or networks. It is NOT equivalent to a Windows proxy, because it will only collect basic host, process and package information that can be obtained by WMI queries, not additional data such as NIC registry information (for NIC discovery).

Accessing and downloading the tool

The Windows scanning tool is a .zip archive file that can be extracted onto the target system or onto some form of removable storage (such as a USB drive). The .zip archive file contains everything you need to scan the Windows system; no connection to a BMC Atrium Discovery appliance is required.
To access and download the file:

  1. From the Discovery tab, click Tools.
  2. In the Standalone Windows Scanner area of the Discovery Tools page, click the Download link at the bottom of the page.
    This diagram illustrates where to download the standalone Windows scanning tool from the Discovery Tools page.
  3. Extract the .zip file to a directory on a writable a USB flash drive or similar removable media.

Using the tool

The standalone Windows scanning tool runs as a portable console application directly from an external flash drive.
To use the tool:

  1. Insert the USB flash drive into the host system and explore the contents.
  2. If necessary, change the command options. (For example, it is recommended that you select the target IP address, if known, to avoid the possibility of overlapping IPs).
  3. Double-click the tw_windows_scanner.exe file.
    A command window opens, and the tool begins collecting data.
    The following example output illustrates what informational messages the tool displays during data collection:

    U:> tw_windows_scanner
    Output file is results\192.168.1.1.scan
    Collecting Host Information ... DONE
    Collecting Interface Information ... DONE
    Collecting Process Information ... DONE
    Collecting Service Information ... DONE
    Collecting File System Information ... DONE
    Collecting Package Information ... DONE
    

Changing the command options

By default, the scan files are named based on the IP address of the Windows system (the lowest selected by the tool, after it ignores the localhost 127.0.0.1 address). The system will not overwrite existing scan files unless you change the options shown in the following table.

Command Option

Description

--id XXX

Sets the name of the scan file to results\XXX.scan. Scanner files are automatically named based on the host's first listed IP address. If you do not set the file name using this option, you might inadvertently generate the same result file from two computers.

--target IPADDR

Sets the IP address to be scanned. For more information, see Changing the IP address to be scanned.

-x, --overwrite

Specifies to overwrite any existing scan file.

-q, --quiet

Specifies to not display informational messages

--wmi-timeout

Specifies to alter the WMI timeout (the default is 2 minutes)

Changing the IP address to be scanned

In certain cases, the IP address of the Windows system (the lowest selected by the tool, after it ignores the localhost 127.0.0.1 address) might not be correct (for example, a VPN connection). Although these occurrences are uncommon, the tool will display an error message and exit. To help prevent these occurrences, it might be necessary to explicitly specify the IP address you want to use. To do so, run the tool and use the --target IPADDR option to set the target system.

It is also possible to scan other sytems using this option, as long as your user account has the required privileges (which are typically Administrator privileges). Setting the IP address to a specific target is especially useful for scanning an isolated subnet, because you would only need to insert the tool into one computer to collect data from them all.

Uploading the data to the appliance

After you have collected the data, upload it to the appliance. To do this, you use the SCP utility to transfer the files to the appliance as the upload user. For more information on uploading scanner files to an appliance, see Loading a scanner file onto the appliance.

After the data is uploaded, it is processed by BMC Atrium Discovery. For more information about scanner files, see Using scanner files.

Was this page helpful? Yes No Submitting... Thank you

Comments

  1. Nikola Vukovljak

    The link to 'Changing the IP address to be scanned' is incorrect, it leads to an empty page

    Dec 20, 2011 09:54
    1. Duncan Tweed

      It was a broken internal link. Now fixed.

      Dec 20, 2011 10:06
  2. Mark Smith

    Does this executable run from a network share as well or does it require a USB connection. I am asking this based on Virtual hosts that are not accessible via the Appliance

    Mar 18, 2013 07:37