Adding database credentials

To perform a full discovery of databases, you need the credentials to log in to the database and a set of queries of discover the database content. The credentials and queries are contained in the Database Credential Group. When you activate a Database Pattern (a pattern of sql_discovery type) that aims for deeper database discovery, the corresponding Database Credential Group is created. This group includes the following elements:

  • Credential—Contains the information (for example, database credentials, driver, IP address) to create a connection from BMC Discovery to the target database. 

  • Query—The SQL query that is passed to the target database to extract the required information. The query is supplied by the pattern.

The following topics are covered in this section:


Deep database discovery

Any JDBC Driver that is activated on the Administration > JDBC Drivers page can be used to create database connections from patterns and query the database using these connections, if it is properly authenticated.

The Technology Knowledge Update shipped with BMC Discovery provides patterns for deep discovery of the following databases:

  • IBM DB2—Mainframe only
  • IBM Information Management System (IMS)—Mainframe only
  • Microsoft SQL Server
  • MySQL
  • Oracle
  • Sybase

Before you begin adding database credentials

  • You should use a single credential for each target database. A single database credential can be used for multiple connections to a database. A single database credential can be used for connections to multiple databases.
  • Ensure that you understand how database credentials are used in BMC Discovery.
    For more information, see Discovering database content.
  • Ensure that necessary patterns are activated. 
    Database credentials are bound to the patterns that include sql_discovery definition (for an example, see Database credentials definition in a pattern). No one general database pattern covers any database discovery, so you might want to activate the patterns based on the types of databases you expect to discover.

To add database credentials

  1. From the main menu, click Manage > Credentials.

    The Device Credentials page is displayed.

  2. Click the Databases tab.

    The database credential groups are listed. Every group corresponds to the particular pattern with an sql_discovery definition. The definition contains queries from that definition and credential for database connection created by BMC Discovery users.

  3. Click the database name link in the table and click Credentials.
  4. On the top-right corner of the page, click Create.
    The Create Credentials page is displayed.
  5. In the Name field, specify a name for the database credential.

  6. Check the Enabled box to enable the credential.
    You can edit your credentials at any time or disable a given credential.
  7. In the Description field, specify a description for the credential.
  8. In the Username field, specify a username for the credential.
  9. In the Password field, specify a password for the credential.
  10. From the Database Driver list, select the appropriate driver for the database.

    The page expands to display additional fields. You can manage existing JDBC drivers on the Administration > JDBC Drivers page. For more information about the additional fields, see Additional database-specific fields.

  11. To add credentials for a specific range of database endpoints, enter the required IP addresses in the text box displayed below.
    The Match All check box is unchecked by default.

     Expand for more information on supported IP address types:
    • If you do not need to limit the credentials use to specific IP addresses (for example, when you do not have a complete list of hosts with databases), select Match All.

    • To use these credentials only for particular IP addresses, deselect Match All and enter the endpoint IP addresses as a comma-separated list of values that will be used to determine if this credential is suitable for a particular IP address.

    They can be:

    • IPv4 address—For example 192.168.1.100.

    • IPv4 range—For example 192.168.1.100-105192.168.1.100/24, or 192.168.1.\*.

    • IPv6 address—For example fda8:7554:2721:a8b3::3.

    • IPv6 network prefix—For example fda8:7554:2721:a8b3::/64

    The following address types cannot be specified

    • IPv6 link local addresses (prefix fe80::/64)
    • IPv6 multicast addresses (prefix ff00::/8)
    • IPv4 multicast addresses (224.0.0.0 to 239.255.255.255

    As you enter text, the UI divides it into pills (discrete editable units) when you enter a space or a comma. According to the text entered, the pill is formatted to represent one of the previous types or is presented as invalid.

    Invalid pills are labeled with a question mark. You can also paste a list of IP addresses or ranges into this field. If any pills are invalid, a message stating the number of invalid pills is displayed above the range field. Clicking the link applies a filter that shows only invalid pills, which you can then edit or delete. The filter can be removed by clicking clear in the Showing n of n label below the Range field. There is no paste option on the context-sensitive (right-click) menu.

    Warning: Do not paste a comma-separated list of IP address information into the Range field in Firefox. Doing so can crash the browser. You can use a space-separated list with no problems.

    • To edit a pill, click the pill body and edit the text.
    • To delete a pill, click the X icon to the right of the pill, or click to edit and delete all of the text.
    • To view the unformatted source text, click the source toggle switch. The source view is useful for copying to a text editor or spreadsheet. Click the source toggle switch again to see the formatted pill view. Underneath the entry field is a filter box. Enter text in the filter box to only show matching pills.
    (info) Pills are not supported in Opera.

  12. To save your database credentials, click Apply.
  13. To exit the page without saving the changes, click Cancel.

Additional database-specific details

The following table lists the information to provide for the various credential types that you can create.

Database driverParameterDescription
Microsoft SQL Server PortThe port number to use to connect to the database. If you leave the Match Regular Expression check box clear, any port supplied by the pattern will be used to connect to the database. If the check box is selected, any port supplied that matches the regular expression will be used to connect to the database. Select the default value check box and specify a value to be used if none is specified by a pattern.
 Database Instance NameThe database instance name (Microsoft SQL Server). If you leave the Match Regular Expression check box clear, the connection will be made to any database whose name is supplied by the pattern. If the check box is selected, the connection will be made to any database whose name matches the regular expression. Select the default value check box and specify a value to be used if none is specified by a pattern.
 Additional JDBC ParametersAny additional JDBC parameters to use when making the connection. Select the default value check box and specify a value to be used if none is specified by a pattern. These are specified as key=value pairs in a semicolon-separated list.
Oracle database version 8iPortThe port number to use to connect to the database. If you leave the Match Regular Expression check box clear, any port supplied by the pattern will be used to connect to the database. If the check box is selected, any port supplied that matches the regular expression will be used to connect to the database. Select the default value check box and specify a value to be used if none is specified by a pattern.
 Service nameThe Oracle service name, an alias to an instance, or multiple instances in, for example, a clustered environment. If you leave the Match Regular Expression check box clear, the connection will be made to any database whose service name is supplied by the pattern. If the check box is selected, the connection will be made to any database whose service name matches the regular expression. Select the default value check box and specify a value to be used if none is specified by a pattern.
Oracle database versions from 9i to 11gPortThe port number to use to connect to the database. If you leave the Match Regular Expression check box clear, any port supplied by the pattern will be used to connect to the database. If the check box is selected, any port supplied that matches the regular expression will be used to connect to the database. Select the default value check box and specify a value to be used if none is specified by a pattern.
 System ID (SID)The Oracle System ID, or instance running on the Oracle host. If you leave the Match Regular Expression check box clear, the connection will be made to any database whose SID supplied by the pattern. If the check box is selected, the connection will be made to any database whose SID matches the regular expression. Select the default value check box and specify a value to be used if none is specified by a pattern.
Sybase database or PostgreSQL database version 7.2 and higherDatabaseThe database name. If you leave the Match Regular Expression check box clear, the connection will be made to any database whose name is supplied by the pattern. If the check box is selected, the connection will be made to any database whose name matches the regular expression. Select the default value check box and specify a value to be used if none is specified by a pattern.
 PortThe port number to use to connect to the database. If you leave the Match Regular Expression check box clear, any port supplied by the pattern will be used to connect to the database. If the check box is selected, any port supplied that matches the regular expression will be used to connect to the database. Select the default value check box and specify a value to be used if none is specified by a pattern.
 Additional JDBC ParametersAny additional JDBC parameters to use when making the connection. Select the default value check box and specify a value to be used if none is specified by a pattern. These are specified as key=value pairs in a semicolon separated list.
Informix databasesDatabase NameThe database name (Informix). If you leave the Match Regular Expression check box clear, the connection will be made to any database whose name is supplied by the pattern. If the check box is selected, the connection will be made to any database whose name matches the regular expression. Select the default value check box and specify a value to be used if none is specified by a pattern.
 Server NameThe name of the Informix server as it appears in the sqlhosts file. If you leave the Match Regular Expression check box clear, the connection will be made to any server name supplied by the pattern. If the check box is selected, the connection will be made to any database whose name matches the regular expression. Select the default value check box and specify a value to be used if none is specified by a pattern.

Database credentials definition in a pattern 

This is the definitions section of the MySQL_AB.MySQL_RDBMS_Extended.DatabasesAndTables pattern. 

definitions MySQLDetails 2.0
    """Queries for MySQL to recover detailed content information"""
    // provides the description text for the Credential Group

    type := sql_discovery;   // sql_discovery places the credential group in the Databases
    group := "MySQL RDBMS";        // tab with the heading MySQL RDBMS. The group also populates the 
                             // Name field.

    define showDatabases     // defines a query called showDatabases
        """Return a list of defined databases"""
        // provides the description text for the showDatabases query

        // the query
        query := "SHOW DATABASES";  
    end define;

    define showTables        // defines a query called showTables
        """Return a list of defined tables within the given database"""
        // provides the description text for the showTable query

        // the query
        query := "SELECT table_name FROM information_schema.tables WHERE table_schema = %db_name%"; 
        parameters := db_name;
    end define;
end definitions;

Sample Queries

Description

Query

Obtaining a list of schemas

SELECT username FROM all_users ORDER BY username

Obtaining a list of tables within a schema

SELECT table_name FROM all_tables WHERE owner = %schema%

Obtaining a list of tablespaces

SELECT * FROM dba_tablespaces

Obtaining a list of datafiles within a tablespace

SELECT * FROM DBA_DATA_FILES WHERE TABLESPACE_NAME = %tablespace_name%

Related topics

Was this page helpful? Yes No Submitting... Thank you

Comments