A scanner file is a plain text file that is used to simulate the discovery of a system that is unreachable, or one that you are not permitted to scan. You create a scanner file by running the standard discovery commands on a host and saving the output. Only the standard discovery commands are run on the host; information that is discovered by patterns is not available.
Scanning Windows targets
For Windows targets, you cannot download discovery commands. To discover Windows targets you must use the Standalone Windows scanning tool.
Process for using scanner files
The process for using scanner files is:
- Create a scanner file.
- Download the *.sh file from the BMC Atrium Discovery user interface.
- Copy the file to the remote host.
- Run and capture the output to a file.
- Load the scanner file onto the appliance.
- Using the SCP utility, upload the results file to the appliance as the
uploaduser.
- Using the SCP utility, upload the results file to the appliance as the
Creating a scanner file
To create a scanner file:
- From the Discovery section of the Administration tab, select Platforms.
- Click the operating system link corresponding to the host for which you are creating the scanning file.
The commands for the operating system are displayed. The following example illustrates creating a scanner file using the Linux operating system.
- Click Download host script (named Linux.sh, in this example) and save the file to the local computer as an executable.
- Copy the file to the remote host.
In the following example, the SCP utility is used to copy the files between the local hostteabagand the remote hostteaspoon:
tideway@teabag:~$ scp linux.sh tideway@teaspoon:linux.sh tideway@teaspoon's password: linux.sh 100% 19KB 18.9KB/s 00:00 tideway@teabag:~$
- Log on to the remote host and run the script, piping the output into a text file:
tideway@teabag:~$ ssh teaspoon tideway@teaspoon's password: Linux teaspoon 2.6.18-6-686 #1 SMP Sat Dec 27 09:31:05 UTC 2008 i686 ... tideway@teaspoon:~$ tideway@teaspoon:~$ ./linux.sh > teaspoon.txt tideway@teaspoon:~$ more teaspoon.txt FORMAT Linux --- START device_info hostname: teaspoon fqdn: teaspoon dns_domain: tideway.com domain: os: Debian Linux lenny/sid --- END device_info --- START host_info kernel: 2.6.25-2-amd64 num_logical_processors: 2 cores_per_processor: 2 ... tideway@teaspoon:~$
- Copy the output text file to your local host.
The output file is copied to your local host.
tideway@teaspoon:~$ tideway@teaspoon:~$ scp teaspoon.txt tideway@teabag:linux.txt tideway@teabag's password: teaspoon.txt 100% 265KB 264.7KB/s 00:00 tideway@teaspoon:~$
Loading the scanner file onto the appliance
After you have created and copied the output file to your local host, you can copy it to the appliance. In this example, the appliance is called appliance, and the local host is called teabag. When loading scanner files onto the appliance, use the upload user, because it has a home directory that is the default location for uploading scanner files, and it has limited access to the appliance. See The upload user for information on enabling this user.
- Ensure the file has the group read permission set:
dtweed@teabag:~$ chmod 640 teaspoon.txt dtweed@teabag:~$
- Copy the output file to the appliance. In this example, the SCP utility is used:
dtweed@teabag:~$ scp -p teaspoon.txt upload@appliance:~/linux.teaspoon.txt upload@appliance's password: teaspoon.txt 100% 265KB 262.7KB/s 00:00 dtweed@teabag:~$
When you load a scanner file onto the appliance, its name must be unique; otherwise, it might get overwritten by another scanner file being uploaded at the same time. For this reason, it is helpful to use a naming scheme that enables you to correlate scanner files and created hosts. Do not use a name starting with . or ending with .ignore. If you do, that file will be ignored. File names are used only for internal purposes.
Using scanner files with consolidating appliances
If you are using scanner files with consolidating appliances, upload the scanner files to the consolidating appliance, rather than to the scanning appliance. Doing so correctly identifies the hosts as "Read from scanner file", rather than as "Retrieved by scanning appliance".
After a scanner file is loaded, you can look at the results of the discovery and view the host, as shown in the following illustration.
On the DiscoveryAccess page, in the Data Source field of the Discovery Details section "Read from scanner file" is displayed. This is shown in the following illustration.
Considerations when using scanner files
BMC Atrium Discovery initiates a scan of the IP address automatically. You do not need to initiate a scan manually. However, depending on how you set the Scanner File Polling Interval option, it may take up to an hour after the file is copied to the appliance for the scan to initiate. Scanner files are read from the $TIDEWAY/var/scanner directory periodically based on this setting. For more information on setting this option, see Scanning settings.
When scanner files are used, BMC Atrium Discovery creates non-expiring pool data by creating a .no-expiry file
in the pool data directory $TIDEWAY/var/pool/192/168/1/100/.no-expiry, where the IP address is
192.168.1.100). The pool data will always be used for each subsequent discovery and return identical results until the scanner file is updated, or until the pool data is deleted.
Note
- Hosts discovered by scanner files never age.
- BMC Atrium Discovery does not handle overlapping IP ranges. Data provided in scanner files must not use IP addresses that overlap with other scanner files, or addresses scanned directly by BMC Atrium Discovery. Using the Windows scanning tool might increase the likelihood of ranges overlapping; however, the tool enables you to select a specific IP to avoid one you have already selected. For more information, see Standalone Windows scanning tool.
Overview
Content Tools
Apps
Reporter Replacement
com.bmc.atlassian.bmc-util-plugin-2.section.label
Tasks