This topic describes the typical tasks that you perform while auditing compliance for components or server objects through TrueSight Server Automation.
Overview of the audit process
After running an Audit Job, you can view its results and quickly identify discrepancies between component configurations. When you identify discrepancies, you can bundle changes into a BLPackage and deploy the changes to a server so its configuration matches the standard configuration. Audits can also perform a security function by quickly identifying unauthorized changes to server configurations.
Audit Jobs require you to identify a master — that is, a server with a standard configuration that is used as the basis of comparison. The procedure for identifying a master depends on how you define an Audit Job:
- If you define an Audit Job by selecting live server objects, you must select either a server and a live server object on that server or a server-object-based snapshot as the master.
If you define an Audit Job by selecting one or more component templates, you must select one or more components or component-based snapshots that act as a master.You can also select a server as a master, in which case the Audit Job performs automatic component discovery and generates components for use in the Audit Job.
After running an Audit Job, you might need to change the master (for example, in the case of an organization-wide policy change) and run the Audit Job against a new master. In such a case, the job is considered a new Audit Job and all Audit Options are re-set to default.
However, if your Audit Job is based on a master snapshot, changing the master is not usually recommended or necessary. For example, if you want to compare your server with a snapshot of a master server over a period of time, you do not need to switch the master snapshot between Audit Job runs, as the master snapshot in the Audit Job comes with all its change tracking results.
Remember that the purpose of an Audit Job is to compare to a standard, gold configuration. If you are interested in comparing configuration changes over time, run a Snapshot Job and view its change tracking results.
Auditing components or server objects using TrueSight Server Automation.
The following table provides links to topics that are associated with auditing:
|Creating Audit Jobs|
Audit Jobs allows you to compare components, server objects, server-object-based snapshots, or component-based snapshots to determine whether their configurations match a standard configuration. You can base audits on components or server objects. Performing an audit based on components requires you to identify a master — that is, one or more components or component-based snapshots that act as a master. This topic walks you through the process of creating an Audit Job.
|Modifying Audit Jobs||The procedure for modifying Audit Jobs has minor differences from the procedure for creating new Audit Jobs. This topic highlights those differences.|
|Audit Job results|
Audit results compare the master (which can be a server object, component, component-based snapshot, or server-object-based snapshot ) to other hosts, including hosts in other snapshots. This topic explains how to interpret the results.
|Packaging audit results||Audit Job results can be used to create a BLPackage containing the differences — or delta — between a target server and a master configuration. For each target server, you can package the delta for a particular component or server object or for all components and server objects included in the audit. This topic describes how to package Audit Job results.|
|Using audit results to synchronize servers||Audit Job results can be used to synchronize the configuration of audited servers to match the configuration of the master. Depending on how you initiate the procedure, you can generate one BLPackage and one Deploy Job to synchronize one server, or you can synchronize multiple servers simultaneously. When you synchronize multiple servers, TrueSight Server Automation analyzes the material required to synchronize each server and optimizes by creating only one BLPackage or software package for each server requiring a unique collection of files or applications. This topic explains how to use the results of an Audit Job to synchronize servers.|
|Grouping noncompliant servers|
Audit Job results let you group servers with configurations that do not comply with an audit.
After grouping noncompliant servers, you can easily create a server group and then run jobs on that server group. For example, you can perform additional audits on the group or deploy server objects to all servers in the group. This topic explains how to group servers with configurations that do not comply with an audit.
|Exporting results of an audit or snapshot||When viewing Snapshot or Audit Job results, you can export the results to an HTML or CSV format. For snapshots, you can export both snapshot and change tracking results.This topic explains the export process.|
The following video presents a demonstration of an audit of server objects: