21.02 enhancements


Review the TrueSight Orchestration Content 21.02 enhancements for features that will benefit your organization and to understand changes that might impact your users.

Content compatibility with applications

The following application adapters and Operations Actions Management Modules are certified with these application versions:

Adapter/Module name

Application version

BMC Remedy AR System adapter

BMC Remedy Action Request (AR) System 20.02

BMC Atrium CMDB adapter

BMC Configuration Management Database (CMDB) 20.02

Microsoft Active Directory adapter

Microsoft Active Directory 2016

Microsoft System Center Configuration Manager adapter

Microsoft System Center Configuration Manager 1906

VMware Infrastructure adapter

VMware vSphere 7.x

Operations Actions Management Modules:

  • Change Management module
  • Configuration Management module
  • Task Management module
  • Incident Management module
  • Work Order Management module

BMC Remedy IT Service Management 20.02

For the list of supported versions, see Supported-application-versions-for-the-application-adapters


Enhancements in the Vulnerability Management module

The Vulnerability Management module includes the following updates.

Ability to specify multiple Tenable servers in the Vulnerability Management module

You can now configure up to 15 instances in the BMC-SA-Vulnerability_Scan_Configuration module. The Vulnerability Management module automates the process of downloading the vulnerability scan files from the Tenable Nessus vulnerability assessment tool and imports them into BMC Helix Automation Console (SaaS) or TrueSight Automation Console (on-premises). To allow downloading scan files from a particular instance, you must enable the action for each instance in the module configuration. 

For details, see Configuring-content-for-the-Vulnerability-Management-module

Support for key-based-authentication

You can now specify a secret key and an access key in the BMC-SA-Vulnerability_Scan_Configuration module for authenticating a Tenable application. By using the EnablePasswordAuthentication flag in the module, you can choose whether to use key-based authentication or password-based authentication. 

For details, see Configuring-content-for-the-Vulnerability-Management-module.





Tenable Config OPtions.png

New workflow for retrieving vulnerability records from Tenable

A new workflow for retrieving vulnerability records from Tenable in a JSON format is available in the Vulnerability Management module. 

For more information, see Workflows-in-the-Vulnerability-Management-module


Application adapter enhancements

In this release, the application adapters include the following enhancements: 

Support for Amazon Web Services Session Token in the Amazon EC2 REST adapter

The Amazon EC2 REST adapter now supports AWS session token, using which a super user can create temporary sessions for certain roles with a temporary session token. A new parameter, <session-token> is added to the adapter configuration and all the requests supported by the adapter. The session token also contains a temporary access and a secret key. 

For more information, see Configuring-the-Amazon-EC2-REST-adapter

Support for connection timeout in the BMC TrueSight Operations Manager adapter

By using the new <Max-wait-for-connection> parameter in the adapter configuration, you can specify the time period after which the connections in the connection pool trying to connect to the cell expire. By default, the connection times out after 20 seconds and an error message is displayed in the adapter response. 

For more information, see Configuring-the-BMC-TrueSight-Operations-Manager-adapter

Base adapter enhancements

In this release, the base adapters include the following enhancements:

Support for PATCH method in the HTTP and REST adapters

The HTTP and REST adapters now support the PATCH method. Using the PATCH method, you can make updates to an existing resource. 

For details, see HTTP-adapter-request-and-response-for-the-PATCH-action and REST-adapter-request-and-response-for-the-PATCH-action

Masking of command strings in the Command Line and SSH adapters

You can now mask command strings in the adapter response, which might contain sensitive data such as passwords. By using the mask-command-string element in the adapter request, the entire command string in the adapter response gets masked. This ability is available for the Command Line and SSH adapters only. 

For details about masking commands, see Adapter-requests-and-responses-for-the-Command-Line-adapter and Adapter-request-and-response-for-the-SSH-adapter

Suppress row-related information in the SQL monitor adapter events

The SQL monitor adapter generates events based on a specified query or a procedure, which contains additional details about rows and columns (such as row number and row count) about the records.

Sometimes, if the SQL monitor adapter is enabled on more than one peer, the same query retrieves different records when executed on different peers. In this case, the query is unique, but a few records might be the same in both the events. You can now use a new <suppress-row-info> parameter while configuring the SQL monitor adapter to suppress the elements related to rows from the SQL monitor adapter event.

For details, see Configuring-the-SQL-monitor-adapter.

Support for private-key based-authentication in SFTP adapter

The SFTP adapter now supports key-based authentication in the adapter requests and the adapter module.

In earlier versions, you could specify the  <private-key-file> element in the SFTP adapter configuration only. Now, you can use this element in the SFTP adapter module and all adapter requests. 

For details, see SFTP-adapter-module or Adapter-requests-and-responses-for-the-SFTP-adapter

Support for using pseudo terminals in the SSH-based adapters

The SSH-based adapters now support enabling a pseudo terminal when invoking SSH connections. You can specify the <use-psuedo-terminal> element in the adapter configuration or in the adapter requests. However, you can use the element only if the requests or connections do not contain any prompt elements. This capability is available in the SCP, SFTP, and SSH adapters.

For more information, see Configuring-the-SFTP-adapter, Configuring-the-SCP-adapter, and Configuring-the-SSH-adapter

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*