×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')

Unsupported content

 

This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.
BMC Decision Support for Server Automation 8.9 ... Using Working with views using Open schema

Compliance domain

The Compliance domain provides overview and detailed information about the compliance data.

You can use this information to build your own custom Compliance reports using your own reporting tool.

This topic contains the following sections:

Compliance domain entity-relationship diagram (ERD)

The following figure provides the ERD for the Compliance domain. It shows the relationships between the dimension, fact, bridge, and generic tables.

To view the detailed expressions that allow you to join tables, you can download the Compliance BDSSA BI Reporting Model Schema Definition.html file.

Tip

To understand the relationships between tables, click the ERD image below and then click the magnifying glass icon to zoom in to the image.

Tables in the Compliance domain

The following tables comprise the Compliance domain:

  • Dimension tables - Describe the properties of an object that are subject to change. These tables are prefixed with D_, for example, D_JOB.
  • Bridge tables - Are used to link two tables. These tables are prefixed with B_, for example, B_COMP_RULE_CR_GROUP.
  • Fact tables - Contain factual information that remains constant and is required for reporting. These tables are prefixed with F_, for example, F_JOB_RUN.
  • Generic tables - Are used in BMC Server Automation. These tables are not prefixed with any alphabet, for example, OBJECT_OVERFLOW_DETAIL.

Dimension tables

Table Name/DescriptionERD

D_BLGROUP

Contains information about the folder group where the job is stored, such as the group name, the group type (Server, Job, Depot), the fully qualified path to the group, and the parent group details.

Note: D_BLGROUP is referenced in the ERD as D_SMART_BLGROUP.

D_COMPLIANCE_RULE

Contains information about compliance rules such as name, description, template ID, rule string, and the dates on which the rule was created or modified.

D_COMPONENT

Contains information about components such as name, description, template ID, server ID, and the dates on which the component was created or modified.

Note: F_COMPONENT_EXCEPTION  is also referenced in the ERD as F_DCOMPONENT_EXCEPTION.

D_COMPONENT_EXCEPTION

Contains information about component exceptions such as name, description, comments, and the dates on which the component exception was created or modified.

Note: F_COMPONENT_EXCEPTION  is also referenced in the ERD as F_DCOMPONENT_EXCEPTION.

D_JOB

Contains job details such as the name, description, and type of job, and the dates on which the job was created or modified.

D_SCAP_COLLECTION

Contains information about SCAP collections such as the SCAP collection file name, depot object ID, and the dates on which the collection was created or modified.

D_SCAP_DATA_STREAM

Contains information about SCAP data streams such as the data stream file name, use case, depot object ID, and the dates on which the SCAP data stream was created or modified.

D_SERVER

Contains device details for the job, such as the name and description of a server, the OS release/version, and so on.

Note: F_COMPONENT_EXCEPTION  is also referenced in the ERD as F_DCOMPONENT_EXCEPTION.

D_TEMPLATE

Contains template details (such as name and description), type (audit, snapshot, compliance), dates (create, modified), and so on.

 Note:

F_COMPONENT_EXCEPTION is also referenced in the ERD as F_DCOMPONENT_EXCEPTION.

BL_SITE is also referenced in the ERD as TEMPLATE_BL_SITE.

D_XCCDF_BENCHMARK

Contains "The Extensible Configuration Checklist Description Format (XCCDF)" benchmark details, benchmark title, description of a benchmark, file name, whether it is part of data stream, dates (create, modified), and so on.

Note: BL_SITE is also referenced in the ERD as BENCHMARK_BL_SITE.

D_XCCDF_GROUP

Contains XCCDF group details, group title, description of a group, group weight, if it has a parent group, dates (create, modified), and so on.

D_XCCDF_RULES

Contains information about the XCCDF rules, such as the title, descriptions, rule weight, rule identifier, dates (create, modified), and so on.

 Bridge tables

Table Name/DescriptionERD

B_COMP_RULE_CR_GROUP

Contains details specific to compliance rules and rule groups such as compliance rule ID and rule group ID.

Fact tables

Table Name/DescriptionERD

F_COMPLIANCE_RULE_RESULT

Contains details for the compliance result for applied rules such as the result itself (Consistent, Inconsistent, Consistent exception, Unknown), and run start/end time.

F_COMPLIANCE_SERVER_SUMMARY

Contains details for the compliance result for servers, such as the result itself (Non compliant, Compliant with exception, Unknown,  Compliant), the number of rules checked, and compliant percentage.

F_COMPLIANCE_SUMMARY

Contains details for the compliance result for all the servers, such as the result itself (Non compliant, Compliant, Unknown), the number of rules checked, how many attempted servers, and run start/end time.

F_COMPONENT_EXCEPTION

Contains the ID's for other tables, such as component, template, asset collector, server, job, compliance rule, job run, and run start/end time.

Note: F_COMPONENT_EXCEPTION is also referenced in the ERD as F_DCOMPONENT_EXCEPTION.

F_JOB_RUN

Contains details for the job run such as the job type and the status of the run (Completed, Error, Warning, or Cancelled).

Note: F_COMPONENT_EXCEPTION is also referenced in the ERD as F_DCOMPONENT_EXCEPTION.

F_SCAP_RULE_RESULT

Contains details for the SCAP result for applied rules, such as the result itself (Unknown, Pass, Fail, Error, Not applicable, Not checked, Not selected), and run start/end time.

F_SCAP_SERVER_SUMMARY

Contains details for the SCAP results for servers such as rules passed, rules failed, unknown rules, rules error, rules not applicable, and rules not checked.

F_SCAP_SUMMARY

Contains details for the compliance result for all the servers, such as the results itself (Non compliant, Compliant), the number of rules checked, how many attempted servers, and run start/end time.

 Generic tables

Table Name/DescriptionERD

OBJECT_OVERFLOW_DETAIL

Contains data when specific string data type columns contain a string more than 2000 characters. For example, if a compliance rule string is 3000 characters, 1000 characters are stored in this table and compliance rule table has an is_overflow value of 1 and contains an object overflow ID. 

Built-in Compliance views 

BMC Decision Support for Server Automation provides the following built-in views.

Recommendation

BMC recommends that you apply appropriate filters (such as date duration or bl_site_id) while querying the views. You can also apply other filters based on your requirements. Filtering the data improves performance by decreasing the amount of data being fetched, thereby minimizing the time required to process the views.

View Name/DescriptionColumns in the viewExample

VO_COMPLIANCE_SUMMARY_SERVER

Summarizes the compliance results
for policies for a server over
a selected time interval.

BL_SITE_ID
SERVER_ID
SERVER_HIST_ID
SERVER_NAME
TEMPLATE_NAME
JOB_NAME
JOB_ID
JOB_HIST_ID
JOB_RUN_START_TIME
JOB_RUN_END_TIME
RULES_COMPLIANT
RULES_NON_COMPLIANT
RULES_COMPLIANT_WITH_
EXCEPTIONS
RULES_INDETERMINATE
TOTAL
COMPLIANCE_PERCENTAGE

Select * from
vo_compliance_summary_server
where job_run_start_time
between "01/01/2015" and
"31/12/2015" and
bl_site_id = 1

VO_COMPLIANCE_DETAIL

Provides detailed information for the
compliance rules for a policy on the
server over a selected time interval.

BL_SITE_ID
TEMPLATE_NAME
TEMPLATE_HIST_ID
JOB_NAME
JOB_HIST_ID
JOB_RUN_HIST_ID
ROLE_HIST_ID
USER_HIST_ID
JOB_RUN_START_TIME
JOB_RUN_END_TIME
RULE_NAME
RULE_HIST_ID
RULE_DEFINITION
RULE_GROUP_NAME
SERVER_NAME
SERVER_HIST_ID
COMPLIANCE_RULE_
RESULT_HIST_ID
RULE_STATUS
RULES_COMPLIANT
RULES_NON_COMPLIANT
RULES_COMPLIANT_WITH_
EXCEPTION
RULES_INDETERMINATE
TOTALRULESCHECKED

Select * from
vo_compliance_detail where
job_run_start_time between
"01/01/2015" and
"31/12/2015"
and bl_site_id = 1

VO_COMPLIANCE_DETAIL_EXCEPTION

Provides detailed information for the
compliance rules having exceptions
for a policy over a selected time interval.

BL_SITE_ID
TEMPLATE_NAME
TEMPLATE_HIST_ID
SERVER_NAME
SERVER_HIST_ID
JOB_NAME
JOB_HIST_ID
JOB_RUN_HIST_ID
ROLE_HIST_ID
USER_HIST_ID
JOB_RUN_START_TIME
JOB_RUN_END_TIME
RULE_NAME
RULE_DEFINITION
RULE_GROUP_NAME
EXCEPTION_NAME
EXPIRATION_DATE

Select * from 
vo_compliance_detail_exception 
where job_run_start_time 
between
"<User_Input_Date_Start_Range>" 
and 
"<User_Input_Date_End_Range>"
and bl_site_id = 1

Where to go from here

Job Activity domain

Patch Management domain

Role Based Access Control (RBAC) domain

This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.

Last modified by Ranu Ganguly on May 28, 2018

Comments

Log in or register to comment.

Role Based Access Control (RBAC) domain
Administering
© Copyright 2013 - 2017 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.