Setting up a CMDB synchronization connection

This topic provides instructions for configuring synchronization from BMC Helix Discovery to one or more instances of BMC Helix ITSM CMDB, BMC Helix Remedyforce CMDB, and ServiceNow CMDB.

Before you begin

Before you can synchronize from BMC Helix Discovery to any instance of a supported CMDB, you must have prepared that CMDB. To learn more, see one of the following topics:

Note

For a Remedyforce CMDB, you do not have to prepare the CMDB, though you do have to create a connected application in Remedyforce. See the Remedyforce documentation for more information.

CMDB sync for on-premises CMDB

It is possible to set up a CMDB sync connection from BMC Helix Discovery to an on-premises installation of CMDB using REST APIs. However, you must consider the following factors before planning to implement it:

BMC Helix Discoverymust be able to make HTTPS requests to an address on the public internet. The address must route through to CMDB’s REST API.
The most likely way to meet the requirement is to expose CMDB's REST API as a service on an internet-facing load balancer.
It would be appropriate to register a DNS name for CMDB's REST API, and configure the load balancer to dispatch the requests using the Host header. This minimizes the impact of IP scanners that encounter CMDB's REST API.
The exact steps to fulfil this requirement depend on how your network is configured and how you control and protect external access to internal systems. These factors are outside of BMC's control and do not involve any BMC products. Your network and security administrators must be involved in this task. They must understand the requirements and the consequences of such a connection.

In a BMC Helix Discovery environment, a connection from an "egress" address is used only for outgoing connections. There are three addresses that can be used for egress from a region, and the same three addresses are used by all BMC Helix Discovery instances in that region. Currently, these IPs are:

Region	IP addresses
AWS – US Oregon	35.164.114.121 52.35.159.71 54.149.156.206
AWS – EU Ireland	18.202.189.207 52.51.186.132 63.34.23.103

If additional regions are added, these IPs may be expanded upon. If your connection is using a load balancer, these IPs must be allowed.

To set up the CMDB connection for synchronization

Log in to BMC Helix Discovery.
From the main menu, click the Administration icon.
The Administration page displays.
From the Model section, click CMDB Sync.
If no CMDB Sync has been configured, a banner displays stating that no CMDB Sync connections are configured.
Click Add CMDB Connection to add and configure a new connection.
Enter the required details on the Add CMDB Connection page. For more information about the connection details, see Connection details.
Click Test Connection to verify that the new connection can be reached and the credentials are valid. Testing the connection also retrieves the list of companies from the CMDB for connections other than Remedyforce.

The following image shows configuration settings for a Remedy CMDB (REST API) connection type.

Remedy CMDB.png

The following image shows a successful connection to a Remedyforce CMDB.

The following image shows creating a connection to a ServiceNow CMDB.

Connection details

Enter the following details on the Add CMDB Connection page.

Connection name

Field	Description
Name	The name of the CMDB Sync connection
Connection Type	The access mechanism to use to connect to the CMDB (for supported versions see, CMDB-synchronization): Remedy CMDB (REST API) Remedyforce – Requires BMC Helix Remedyforce 20.19.02 or later. ServiceNow – Only shown if you are licensed for Sync for ServiceNow CMDB. No Export – No export is performed. This is a useful setting if, for example, you are writing syncmappings, and you want to construct a shadow copy of the CMDB data, but don't want to write it to an actual CMDB. Select the mechanism to use for the connection. The UI refreshes to provide the correct options for your selected access mechanism.
Username	The user name of the CMDB user that is at least a member of a group having the CMDB Data Change All role. If in doubt, create a dedicated discovery user with the same profile as the standard CMDB Demo user. At a minimum, the CMDB Demo user permissions are required for multitenancy to work. A user cannot connect to the CMDB from a second IP address within 4 hours of their last activity at the first IP address. For a failover scenario, you could also create a second discovery user to connect from the failover appliance. ℹ️ The Multitenancy option is not available when synchronizing to Remedyforce or ServiceNow CMDBs.
Password	The password of the CMDB user (or blank if the user has no password)

Options based on a connection type

Options for Remedy CMDB (REST API)

Field	Description
REST API URL	The complete URL for the CMDB REST API, including protocol and (if non-standard) the port. For example, https://cmdb.example.com:8443/
CMDB Service Sync Although CMDB sync primarily synchronizes data from BMC Helix Discovery into BMC Helix CMDB, in specific circumstances, business service CIs can optionally be synchronized in reverse. This import can take place if the following conditions are true: BusinessApplicationInstance nodes have been created in BMC Helix Discovery (by using SAM, CAM, or TPL). Normal outgoing CMDB sync has created corresponding BMC_Application CIs in the import dataset in BMC Helix CMDB. The BMC_Application CIs have been reconciled into the BMC.ASSET dataset. BMC_BusinessService CIs have been created in the BMC.ASSET dataset in BMC Helix CMDB, with BMC_Dependency relationships to those BMC_Application CIs. (Optional) More BMC_BusinessService CIs have been created in BMC Helix CMDB with BMC_Dependency relationships to the BMC_BusinessService CIs with already existing connections to BMC_Application CIs. In these circumstances, CMDB service sync imports the BMC_BusinessService CIs into BMC Helix Discovery. This import creates corresponding BusinessService or TechnicalService nodes based on the ServiceType attribute in BMC Helix CMDB. Any BMC_BusinessService CIs in BMC Helix CMDB that do not depend on BMC_Application CIs that originally came from BMC Helix Discovery are not imported.
CMDB Service Sync	Select this check box to import relevant Business and Technical Services from BMC Helix CMDB. This option gives visibility to Business and Technical services in BMC Helix Discovery. Note: The Input Dataset ID, Update Interval, and Attribute Mapping Table are available only if this check box is enabled.
Input Dataset ID	The ID of the dataset used for BMC Helix CMDB data. The default is BMC.ASSET.
Update Interval	Select the frequency at which the sync data is refreshed. The following options are available: 1 hour 2 hours 4 hours 8 hours 12 hours 24 hours To discontinue any subsequent syncs, select Never.
(Optional) Attribute Mapping Table	You can enter a fully-scoped name of a mapping table, for example, Example.ServiceMapping, into the mapping table field to customize the BMC Helix CMDB attributes that are mapped to BMC Helix Discovery attributes. The default attribute mapping table is as follows: "Name" -> "name"; "ShortDescription" -> "short_name"; "MarketVersion" -> "product_version"; "Model" -> "type"; "VersionNumber" -> "version"; You can also specify a customized TPL model to display additional BMC Helix CMDB attributes. If you specify a custom table, it replaces the default. You must include a Name attribute. The other attributes in the default table are optional. An example of the customized attribute mapping table is as follows: tpl 1.22 module Example; table ServiceMapping 1.0 "Name" -> "name" "ShortDescription" -> "short_name"; "ServiceLifeCycle" -> "service_life_cycle"; end table;

Options for Remedyforce

Field	Description
Production Environment	Select the check box if you are synchronizing to a Remedyforce production environment. For production environments, the system uses https://login.salesforce.com/ for the connection and security verification. This is the default. Deselect the check box if you are synchronizing to a test environment. For test environments, the system uses https://test.salesforce.com/ for the connection and security verification.
Consumer Key	Enter the consumer key that you obtained from the Connected App. For more information about obtaining the consumer key, see Integrating-Remedyforce-with-BMC-Discovery.
Consumer Secret	Enter the consumer secret that you obtained from the Connected App. For more information about obtaining the consumer secret, see Integrating-Remedyforce-with-BMC-Discovery .
Source Name	Enter a label for the source of the data. Previously when synchronizing to Remedyforce, this has been the static text "BMC Discovery". You can now enter any value you require. The default value is BMC Discovery.

Options for ServiceNow CMDB

Field	Description
REST API URL	The complete URL for the ServiceNow CMDB. For example https://acme.service-now.com/
Client ID	Client ID should be the Client ID from the OAuth API Endpoint in ServiceNow, see Preparing-ServiceNow-CMDB-for-synchronization.
Client Secret	Client Secret should be the Client Secret from the OAuth API Endpoint in ServiceNow, see Preparing-ServiceNow-CMDB-for-synchronization.
Create missing reference values	Select the check box for the system to add missing references when inserting data into ServiceNow. For example, a reference to a manufacturer that does not currently exist in the ServiceNow data.
Source Name	Source name should be the value of discovery_source setup in the cmdb_ci choice list in ServiceNow, see Preparing-ServiceNow-CMDB-for-synchronization.

Common options

Field

Description

Continuous Sync

Select the check box to enable continuous sync for this CMDB connection.

During continuous CMDB synchronization, whenever BMC Helix Discovery finishes scanning a device, it is added to the synchronization queue. Similarly, whenever a device node is removed due to aging, it is also queued for synchronization, meaning that the deletion is propagated into the CMDB. In this way, the CMDB stays completely synchronized with BMC Helix Discovery.

Batch Size

Enables you to configure the batch size used for batch operations. If you experience timeouts during a batched operation, most likely during a resync, these may be prevented by setting it to a lower value. You can set the batch size to anything between 1 and 1000. The default is 100.

Concurrent Workers

Enables you to specify the number of workers used by the CMDB sync process. You can set the number of workers from 1 to 20. The default is 1.

The best practice is to start from the default and gradually increase the number up to when sync rate keeps up with discovery rate.

Output Dataset ID

The ID of the dataset used for Discovery data. The default is BMC.ADDM.

The Dataset ID option is not available for connections to Remedyforce or ServiceNow CMDB.

Data Model

The data model for your CMDB. Different versions of the CMDB have different data models, so the data from BMC Helix Discovery must be transformed differently according to the CMDB version.
The preferred value for Data Model is Standard impact population.

Select the correct data model from the menu. If you select an incorrect value, you might encounter errors during synchronization.

Data model value	Effect
Standard impact population	HasImpact and ImpactDirection attributes are set as appropriate.
No impact details	No impact details are set by BMC Helix Discovery . They may be set by Impact Normalization in the CMDB for connections other than Remedyforce.
ServiceNow	Used for connections to a ServiceNow CMDB

Multitenancy

Multitenancy support. Selecting this check box enables you to choose a default company name from the drop-down list to assign to a discovery run during an initial scan. The list of companies is not populated until one connection has been successfully tested, or you click Get Companies (which also tests the connection).

This section is always displayed. However, if another connection exists, instead of the multitenancy configuration options, a message stating Configure multitenancy from the overview page is displayed along with a link to the CMDB Sync page.

ℹ️ The Multitenancy option is not available when synchronizing to Remedyforce or ServiceNow CMDBs.