BMC Helix Discovery scan use case

This use case describes the end-to-end flow of the tasks that you must perform to view the results of your first scan with BMC Helix Discovery.

Scenario

Consider a scenario where as a new administrator or a user with appropriate privileges, you are yet unfamiliar with the intricacies of detecting and scanning all the resources in your IT environment. You may also be unaware of the full potential of using The Pattern Language (TPL) to enhance your search and scan. However, you want to get started with using BMC Helix Discovery and observe tangible, initial results of discovering your IT resources.

Benefits

Performing your first end-to-end scan of the IT environment using BMC Helix Discovery enables you to:

Acquaint yourself with the types of credentials that you can store in the BMC Discovery Outpost and how the credentials are secured in the vault
Understand the potential of the BMC Discovery Outpost and how you can exploit its features to get the best scan results
Understand the types of scans available, how they can be scheduled, and their comparative benefits specific to your organization
Study the results of the first scan and decide the level of details that you actually need to fulfill audit compliance

Workflow

The following table describes the tasks that you must perform in the specified sequence and the reference to the procedure:

Task	Action	Reference
1	Complete the BMC registration to get the welcome email and log in to the BMC Helix Discovery service. You can skip this task if you are already logged into the BMC Helix Discovery service.	Logging into the BMC Helix Discovery service for the first time
2	Download and install the BMC Discovery Outpost.	Downloading and installing a BMC Discovery Outpost
3	Register the BMC Discovery Outpost and the BMC Helix Discovery service with each other.	Registering an Outpost with the BMC Helix Discovery service
4	Add credentials in the BMC Discovery Outpost for a target, such as a host, to enable the scan to discover the host.	Adding a credential for a target
5	Configure the scan parameters and perform a scan.	Performing a BMC Helix Discovery scan

For a detailed video of the end-to-end process, see the following video (05:58).

https://youtu.be/fYA-gI6K4WE

For information on improving your scan results, see the following video (02:04):

https://youtu.be/YXxIMzgW2Co

To add a credential for a target in your IT environment

To discover a target in your IT environment, such as a host, you must add a credential with which to access that host. For example, this procedure shows how to add an SSH credential.

From the BMC Discovery Outpost UI, click Manage > Credentials.
The Manage Credentials page displays.
Click Add, and from the Host section, select SSH. Enter the details of the Discovery account you are using for Unix hosts.
Click Apply.

The credential is now added to the Outpost. The Outpost uses the credential when you specify discovery targets or ranges from the BMC Helix Discovery UI.

Click here to know more about credentials

Credentials are stored only on the BMC Discovery Outpost application software that is installed and runs on a Windows computer in your data center. Credentials are never sent out of your environment to BMC Helix Discovery.

When you attempt to manage credentials in BMC Helix Discovery, the request is sent to the applicable BMC Discovery Outpost. If you have permissions to configure credentials, you are automatically logged into the Outpost as your current user. You are logged in as an authenticated service user who has permissions to view and modify credentials. Any management of the Outpost is undertaken using the Outpost's local Administrator, which you configure when you install the Outpost.

To perform a scan

To discover your IT infrastructure, you must perform a scan of the endpoints that you are interested in. In this example, we'll scan a single endpoint, though, in practice, you'll scan many endpoints, ranges, cloud providers, and so on.

In the BMC Helix Discovery service UI, select Manage > Discovery.
The Manage Discovery page is displayed.
If Discovery is not running, click START ALL SCANS else click Add New Run.
The Add a New Run dialog is displayed:
For a detailed description of the fields and how to configure them, see Performing a discovery run.
To start the discovery run, click OK.

When the discovery run is complete and the host is discovered, the Success total is updated and links to the list of discovered devices, or if only one device is present, it links to the device page.
Click the updated Success total to see the discovered device; in this case, a host.

Where to go from here

The following topics contain information on more advanced configuration options:

Use start anywhere application modeling, a quick and easy approach to application modeling, which enables you to choose any entry points into an application, and begin modeling from there.
To avoid exposing credentials in the information about discovered processes (for example, the command used to launch the process), learn how to mask sensitive data.
To examine or modify discovery commands, follow the guidelines provided in Managing the discovery platform scripts.
Some commands return more information when they are launched with the superuser credentials. You can authorize log-on with the privileged credentials for such commands by adding privileged execution to the related discovery script.
To improve discovery you can monitor the success rate of the credentials, troubleshoot access issues, and see discovery conditions for information on potential access issues.

To allow BMC Helix Discovery connect with the required level of access to the discovered systems in your network, see
Configuring credentials.
To learn about the ports and protocols BMC Helix Discovery uses to scan your IT environment, see Network ports used for discovery communications.