Page tree

Skip to end of metadata
Go to start of metadata
Product Name
Atrium Discovery and Dependency Mapping
Publisher Page
Search and Discovery Software
TKU 2020-Jun-1
Publisher Link

Product Description

Starting from version 11.0 BMC Atrium Discovery and Dependency Mapping becomes BMC Discovery and BMC ADDM Cluster is renamed into BMC Discovery Cluster.


BMC Discovery (BMC Atrium Discovery or BMC ADDM ) automatically discovers physical and virtual IT assets and applications — and the relationships between them.

This page describes BMC Atrium Discovery product based on Tideway Foundation technology. BMC's legacy Atrium Discovery product is described here.

Known Versions

Tideway Foundation

  • 5.10
  • 6.0
  • 6.1
  • 6.2
  • 6.3
  • 7.0
  • 7.0.1
  • 7.0.2
  • 7.1
  • 7.1.1
  • 7.1.5
  • 7.2
  • 7.3

BMC Atrium Discovery

  • 8.0
  • 8.1
  • 8.2
  • 8.3
  • 9.0
  • 10.0
  • 11.0
  • 11.1
  • 11.2
  • 11.3
  • 12.0

Software Pattern Summary

Product ComponentOS TypeVersioningPattern Depth
FoundationSecurity Package, ActiveInstance-based
ADDMProxy Active, WMI Query, PackageInstance-based

Platforms Supported by the Pattern

The pattern identifies BMC Discovery on Linux only

The pattern identifies the BMC Discovery Proxy on Windows only


Software Instance Triggers

PatternTrigger NodeAttributeConditionArgument

regex " \bpython$



regex " /usr/tideway/python/security/main\.pyc?



regex " (?i)\btw_svc_adslave\.exe$



regex " (?i)\btw_svc_credslave\.exe$



regex " (?i)\btw_svc_credproxy\.exe$



regex " (?i)\btw_svc_adproxy\.exe$



regex " (?i)\btw_svc_proxy\.exe$


type='BMC Atrium Discovery and Dependency Mapping'
type='BMC Discovery'

Software Instance type attributes created

The patterns in this module will set the following value for the type attribute on a SI:


 Pattern NameSI typeDiscovery/ADDM Version
FoundationSecurityBMC DiscoveryAll ADDM/Discovery versions
Tideway Foundation
ADDMProxyBMC Discovery Proxy
BMC Atrium Discovery and Dependency Mapping Proxy
ADDMClusterBMC Discovery ClusterBMC ADDM 10.2 and before
BMC ADDM Cluster

Other Node types created

The patterns will also create the following additional nodes:

 Pattern NameNodeNode typeDiscovery/ADDM Version
ADDMClusterSoftwareClusterBMC Discovery ClusterBMC Discovery 11.x
BMC ADDM Cluster

Simple Identification Mappings

The following processes are given simple identification mappings

BMC Discovery ActiveDirectory Discovery Slave


BBMC Discovery Credential Discovery Slave


BMC Discovery Credential Discovery Slave


BMC Discovery Workgroup Discovery Slave


BMC Discovery Discovery Slave Worker Process


BMC Discovery Windows Active Directory Proxy


BMC Discovery Windows Credential Proxy


BMC DiscoveryWindows Proxy Worker Process


BMC Discovery Proxy Manager


BMC Discovery UI Service



BMC Discovery Audit Service



BMC Discovery DataStore Service



BMC Discovery Discovery Service



BMC Discovery Model Service



BMC Discovery Notification Service



BMC Discovery Reasoning Service



BMC Discovery Search Service



BMC Discovery Security Service



BMC Discovery Taxonomy Service



BMC Discovery Transaction Service



BMC Discovery Lifecycle Management Service



BMC Discovery Report Service



BMC Discovery Option Service



BMC Discovery Free Space Monitoring Service



BMC Discovery Topology Service


\bgeneric_watchdog.pyc? --service tw_svc_topology

BMC Discovery EDM Manager



BMC Discovery CMDB Exporter Service


\bgeneric_watchdog.pyc? --service tw_svc_cmdbsync_exporter

BMC Discovery CMDB Transformer Service



BMC Discovery SQL Provider Service



BMC Discovery CMDB Exporter Service



BMC Discovery Cluster Manager Service



BMC Discovery API Service



BMC Discovery Integrations Service




BMC Discovery Mainframe Service



BMC Discovery Outpost


BMC Discovery Outpost Worker Process


Software Instance Type

The BMC Atrium Discovery and Dependency Mapping is referred to as "Tideway Foundation" for versions prior to 8.0

The BMC Atrium Discovery and Dependency Mapping Proxy is referred to as "BMC Atrium Discovery and Dependency Mapping Slave" for versions prior to 8.3

Starting from version 11.0 BMC Atrium Discovery and Dependency Mapping becomes 'BMC Discovery'


Version information for the product is currently collected using the following methods sorted by the product components:


Active versioning

This method is deployed if the pattern triggers on tw_svc_proxy.exe (modern versions of ADDM use tw_svc_proxy.exe as a trigger process, versions prior to 8.2.3 use other triggers and active versioning is not available)

The pattern obtains the install_root by parsing the trigger process with the following regular expression:

  • ^(?i)(.+)\\tw_svc_proxy\.exe$

The pattern then attempts to run the following command and parses the output with the following regular expression

  • Command: "<install root>\\tw_proxy_control" -v

  • Regular expression for version: Atrium Discovery Version (\d+(?:\.\d+)*)

  • Regular expression for build number: Release (\d+)

WMI Versioning

If the path to the trigger process is fully qualified, the pattern attempts to obtain version information from the trigger process using a WMI query

Package Versioning

The Proxy pattern attempts to obtain information from the version field or the name field of packages matching the following regular expression:

  • (?i)^BMC Atrium Discovery Proxy

    (for proxies of version 8.2.3 and later)

  • (?i)^BMC Atrium Discovery <proxy type>

    (for earlier proxies)

The first package returned that contains a version is used to assign it. If build number is available it is added to the full version of the product.

Atrium Discovery

Package Versioning

The Atrium Discovery pattern attempts to obtain information from the version field of packages matching the following regular expression

  • (?i)^tideway$

The first package returned that contains a version is used to assign it. If build number is available it is added to the full version of the product.

Active versioning

The pattern launches the following command for ADDM version 9.0 and above: '/usr/tideway/bin/tw_config_dump'
Then versioning infomation is fetched with help of xpath function:

  • /config/product/version/text()

Application Model Produced by Software Pattern

Software Pattern Model

BMC Atrium Discovery and Dependency Mapping consists of the main discovery server and proxies that are used for discovering windows hosts.

The main discovery server has type "BMC Atrium Discovery and Dependency Mapping". This consists of several related components, the pattern uses the security component as the trigger and creates related process links to the other components. As only one instance can exist on a host, a key of type and host key is used.

BMC ADDM discovery servers may be configured in consolidation with other appliances(after version 9.0). In this case Consolidator appliance may collect the information from linked Scanners.

BMC ADDM Clusters may be created from a number of standalone BMC ADDM discovery servers(after version 10.0).

BMC Discovery Clusters may be created from a number of standalone BMC Discovery discovery servers(after version 11.0).

Modern BMC Discovery Proxies can run many instances on the same host, all of which have the same trigger process tw_svc_proxy.exe. A Software Instance is therefore created for each proxy name with a key based on proxy name, type and host key. If we cannot identify any proxy names, a grouped software instance is created with the default key group of type and host key.

Legacy BMC ADDM Proxies (prior to version 8.3.2) could only have one instance per host. The pattern therefore creates an instance based Software Instance with the key based on Software Instance type (which contains proxy type) and host key.

Note that proxies prior to version 8.3 were referred to as "slaves". The type is therefore "BMC Atrium Discovery and Dependency Mapping <type> Proxy" for version 8.3 and later, and "BMC Atrium Discovery and Dependency Mapping <type> Slave" for versions 8.2 and earlier.

Pattern Trigger

FoundationSecurity pattern triggers on python process and '/usr/tideway/python/security/main\.pyc?'

in arguments line.

Pattern module for ADDM Proxy triggers on either of Windows processes: tw_svc_adslave.exe, tw_svc_credslave.exe, tw_svc_credproxy.exe, tw_svc_adproxy.exe, tw_svc_proxy.exe.

SI Depth

FoundationSecurity SI key is based on type and host key. The ADDMProxy pattern creates an instance-based Software Instance, which key being based on proxy name, SI type and host key.

Additional Attributes



The pattern only attempts to obtain proxy instances for modern versions of ADDM, version 8.2.3 and later

The pattern obtains a list of names of proxies running on a host by listing the following registry directory


    (for 32 bit hosts)

  • HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\BMC Software\\

    (for 64 bit hosts)

Proxy Type

For modern versions of ADDM the proxy type is obtained from the following registry key:

For legacy versions of ADDM (prior to 8.3.2) the proxy type is obtained from the trigger process.

  • An Active Directory Proxy has a trigger process tw_svc_adproxy.exe or tw_svc_adslave.exe
  • A Credential Proxy has trigger process tw_svc_credproxy.exe or tw_svc_credslave.exe


Port information is extracted for the proxy only

For modern proxies the port information is extracted from the following registry key

For legacy proxies port information is obtained from one of the following registry keys


    (from 8.2 Active Directory proxies)


    (from 8.2 Credential proxies)


    (from 8.2 Active Directory proxies, known as slaves)


    (from 8.2 Credential proxies, known as slaves)
    (slightly different registry keys are used on 64 bit machines)

For legacy proxies the resulting registry key must be parsed with the following regular expression to obtain the port

  • --port\s*(\d+)

Atrium Discovery

All additional attributes for Atrium Discovery are extracted from the active command output.
The following table shows their names and xpath expressions which are used to obtain them:

AttributeAttribute name in the SIxpath expression
ADDM buildbuild


ADDM Appliance nameappliance_name


ADDM Appliance IDappliance_uuid


ADDM Coordinator IDscoordinator_uuids


Proxy addressproxy_host_ip


Proxy portproxy_port


CMDB host addresscmdb_host


Consolidation Appliance ID



Scanning Appliance IDsscanning_app_ids


ADDM Cluster IDcluster_uuid


ADDM Cluster namecluster_name


If Consolidation or Scanning Appliance IDs as well as the Cluster ID were found the correspondent 'consolidation_appliance', 'scanning_appliance'' and 'clustered' SI attributes are set to 'true'. 'coordinator' attribute is set to 'true' if local Appliance ID is in list of 'coordinator_uuids'.


If 'proxy_host_ip' and 'proxy_port' were extracted FoundationSecurity pattern searches and relates respective Proxies with the BMC Discovery SI they communicate using Client-Server Communication link (BMC Discovery SI is a client).
If cmdb_host is found the pattern creates Client-Server Communication link with the BMC Discovery SIs where CMDB SIs have server role.
The Dependency link is created between Consolidation and Scanning appliances if current BMC Discovery SI is detected as Consolidation one and its id is equal to 'consolidation_id' attribute of the Scanning appliance.

Link with Scanning appliances is created only if the current Consolidator is standalone appliance or it has coordinator role in the BMC Discovery Cluster.


Testing to ensure correct identification and model creation were performed via scanning of live installations of the product running on physical and virtual appliances.

Open Issues

Created By: Rebecca Shalfield (27 November 2007)
Reviewed By: Luke Stedman (29 November 2007)
Updated By: Nikola Vukovljak (10 February 2010)
Updated By: Rebecca Shalfield (9 March 2010)
Updated By: Chris Blake (20 September 2010)
Updated By: Neha Kabra (6 February 2012)
Reviewed By: Alex Kashkevich (08 February 2012)
Updated By: Chris Blake (3 July 2012)
Updated By: Alex Kashkevich (22 July 2013)
Updated By: Alex Kashkevich (22 April 2014)
Reviewed By: Rebecca Shalfield (22 May 2014)

Updated By: Alex Kashkevich (23 June 2014)
Reviewed By: Dmytro Ostapchuk (26 June 2014)