Setting up a CMDB synchronization connection
Before you begin
Before you can synchronize from BMC Helix Discovery to any instance of a supported CMDB, you must have prepared that CMDB. To learn more, see one of the following topics:
CMDB sync for on-premises CMDB
It is possible to set up a CMDB sync connection from BMC Helix Discovery to an on-premises installation of CMDB using REST APIs. However, you must consider the following factors before planning to implement it:
- BMC Helix Discoverymust be able to make HTTPS requests to an address on the public internet. The address must route through to CMDB’s REST API.
- The most likely way to meet the requirement is to expose CMDB's REST API as a service on an internet-facing load balancer.
- It would be appropriate to register a DNS name for CMDB's REST API, and configure the load balancer to dispatch the requests using the Host header. This minimizes the impact of IP scanners that encounter CMDB's REST API.
- The exact steps to fulfil this requirement depend on how your network is configured and how you control and protect external access to internal systems. These factors are outside of BMC's control and do not involve any BMC products. Your network and security administrators must be involved in this task. They must understand the requirements and the consequences of such a connection.
In a BMC Helix Discovery environment, a connection from an "egress" address is used only for outgoing connections. There are three addresses that can be used for egress from a region, and the same three addresses are used by all BMC Helix Discovery instances in that region. Currently, these IPs are:
Region | IP addresses |
---|---|
AWS – US Oregon |
|
AWS – EU Ireland |
|
If additional regions are added, these IPs may be expanded upon. If your connection is using a load balancer, these IPs must be allowed.
To set up the CMDB connection for synchronization
- Log in to BMC Helix Discovery.
- From the main menu, click the Administration
icon.
The Administration page displays. - From the Model section, click CMDB Sync.
If no CMDB Sync has been configured, a banner displays stating that no CMDB Sync connections are configured. - Click Add CMDB Connection to add and configure a new connection.
- Enter the required details on the Add CMDB Connection page. For more information about the connection details, see Connection details.
- Click Test Connection to verify that the new connection can be reached and the credentials are valid. Testing the connection also retrieves the list of companies from the CMDB for connections other than Remedyforce.
The following image shows configuration settings for a Remedy CMDB (REST API) connection type.
The following image shows a successful connection to a Remedyforce CMDB.
The following image shows creating a connection to a ServiceNow CMDB.
Connection details
Enter the following details on the Add CMDB Connection page.
Connection name
Field | Description |
---|---|
Name | The name of the CMDB Sync connection |
Connection Type | The access mechanism to use to connect to the CMDB (for supported versions see, CMDB-synchronization):
Select the mechanism to use for the connection. The UI refreshes to provide the correct options for your selected access mechanism. |
Username | The user name of the CMDB user that is at least a member of a group having the CMDB Data Change All role. If in doubt, create a dedicated discovery user with the same profile as the standard CMDB Demo user. At a minimum, the CMDB Demo user permissions are required for multitenancy to work. A user cannot connect to the CMDB from a second IP address within 4 hours of their last activity at the first IP address. For a failover scenario, you could also create a second discovery user to connect from the failover appliance. ℹ️ The Multitenancy option is not available when synchronizing to Remedyforce or ServiceNow CMDBs. |
Password | The password of the CMDB user (or blank if the user has no password) |
Options based on a connection type
Options for Remedy CMDB (REST API)
Field | Description |
---|---|
REST API URL | The complete URL for the CMDB REST API, including protocol and (if non-standard) the port. For example, https://cmdb.example.com:8443/ |
CMDB Service Sync Although CMDB sync primarily synchronizes data from BMC Helix Discovery into BMC Helix CMDB, in specific circumstances, business service CIs can optionally be synchronized in reverse. This import can take place if the following conditions are true:
In these circumstances, CMDB service sync imports the BMC_BusinessService CIs into BMC Helix Discovery. This import creates corresponding BusinessService or TechnicalService nodes based on the ServiceType attribute in BMC Helix CMDB. Any BMC_BusinessService CIs in BMC Helix CMDB that do not depend on BMC_Application CIs that originally came from BMC Helix Discovery are not imported. | |
CMDB Service Sync | Select this check box to import relevant Business and Technical Services from BMC Helix CMDB. This option gives visibility to Business and Technical services in BMC Helix Discovery. Note: The Input Dataset ID, Update Interval, and Attribute Mapping Table are available only if this check box is enabled. |
Input Dataset ID | The ID of the dataset used for BMC Helix CMDB data. The default is BMC.ASSET. |
Update Interval | Select the frequency at which the sync data is refreshed. The following options are available:
To discontinue any subsequent syncs, select Never. |
(Optional) Attribute Mapping Table | You can enter a fully-scoped name of a mapping table, for example, Example.ServiceMapping, into the mapping table field to customize the BMC Helix CMDB attributes that are mapped to BMC Helix Discovery attributes. The default attribute mapping table is as follows: "Name" -> "name"; "ShortDescription" -> "short_name"; "MarketVersion" -> "product_version"; "Model" -> "type"; "VersionNumber" -> "version"; You can also specify a customized TPL model to display additional BMC Helix CMDB attributes. If you specify a custom table, it replaces the default. You must include a Name attribute. The other attributes in the default table are optional. An example of the customized attribute mapping table is as follows: tpl 1.22 module Example; table ServiceMapping 1.0 "Name" -> "name" "ShortDescription" -> "short_name"; "ServiceLifeCycle" -> "service_life_cycle"; end table;
|
Options for Remedyforce
Field | Description |
---|---|
Production Environment | Select the check box if you are synchronizing to a Remedyforce production environment. For production environments, the system uses https://login.salesforce.com/ for the connection and security verification. This is the default. Deselect the check box if you are synchronizing to a test environment. For test environments, the system uses https://test.salesforce.com/ for the connection and security verification. |
Consumer Key | Enter the consumer key that you obtained from the Connected App. For more information about obtaining the consumer key, see Integrating-Remedyforce-with-BMC-Discovery. |
Consumer Secret | Enter the consumer secret that you obtained from the Connected App. For more information about obtaining the consumer secret, see Integrating-Remedyforce-with-BMC-Discovery . |
Source Name | Enter a label for the source of the data. Previously when synchronizing to Remedyforce, this has been the static text "BMC Discovery". You can now enter any value you require. The default value is BMC Discovery. |
Options for ServiceNow CMDB
Field | Description |
---|---|
REST API URL | The complete URL for the ServiceNow CMDB. For example https://acme.service-now.com/ |
Client ID | Client ID should be the Client ID from the OAuth API Endpoint in ServiceNow, see Preparing-ServiceNow-CMDB-for-synchronization. |
Client Secret | Client Secret should be the Client Secret from the OAuth API Endpoint in ServiceNow, see Preparing-ServiceNow-CMDB-for-synchronization. |
Create missing reference values | Select the check box for the system to add missing references when inserting data into ServiceNow. For example, a reference to a manufacturer that does not currently exist in the ServiceNow data. |
Source Name | Source name should be the value of discovery_source setup in the cmdb_ci choice list in ServiceNow, see Preparing-ServiceNow-CMDB-for-synchronization. |
Common options
Field | Description | ||||||||
---|---|---|---|---|---|---|---|---|---|
Continuous Sync | Select the check box to enable continuous sync for this CMDB connection. During continuous CMDB synchronization, whenever BMC Helix Discovery finishes scanning a device, it is added to the synchronization queue. Similarly, whenever a device node is removed due to aging, it is also queued for synchronization, meaning that the deletion is propagated into the CMDB. In this way, the CMDB stays completely synchronized with BMC Helix Discovery. | ||||||||
Batch Size | Enables you to configure the batch size used for batch operations. If you experience timeouts during a batched operation, most likely during a resync, these may be prevented by setting it to a lower value. You can set the batch size to anything between 1 and 1000. The default is 100. | ||||||||
Concurrent Workers | Enables you to specify the number of workers used by the CMDB sync process. You can set the number of workers from 1 to 20. The default is 1. The best practice is to start from the default and gradually increase the number up to when sync rate keeps up with discovery rate. | ||||||||
Output Dataset ID | The ID of the dataset used for Discovery data. The default is BMC.ADDM. The Dataset ID option is not available for connections to Remedyforce or ServiceNow CMDB. | ||||||||
Data Model | The data model for your CMDB. Different versions of the CMDB have different data models, so the data from BMC Helix Discovery must be transformed differently according to the CMDB version. Select the correct data model from the menu. If you select an incorrect value, you might encounter errors during synchronization.
| ||||||||
Multitenancy | Multitenancy support. Selecting this check box enables you to choose a default company name from the drop-down list to assign to a discovery run during an initial scan. The list of companies is not populated until one connection has been successfully tested, or you click Get Companies (which also tests the connection). This section is always displayed. However, if another connection exists, instead of the multitenancy configuration options, a message stating Configure multitenancy from the overview page is displayed along with a link to the CMDB Sync page. ℹ️ The Multitenancy option is not available when synchronizing to Remedyforce or ServiceNow CMDBs. |