This topic describes the steps to configure the AutoPilot-OA-Credentials_Store module and lists the configuration items included in the module.
Use this topic to understand the module configuration items and the configuration items that you must update to use the runbook. See the Update required column to understand whether to update the values.
The Credentials Store module contains encrypted passwords for all target servers. Credentials for TrueSight Orchestration, TrueSight Presentation Server, and BMC Remedy IT Service Management are stored in the BMC-SA-Event_Orchestration_Configuration module. Assuming that in an organization, each component type (OS type) can have its own set of credentials, definitions for storing UNIX and Windows Credentials are provided in the module out-of-the-box.
- On the Grid Manager, click Manage > Modules and click the AutoPilot-OA-Credentials_Store module.
- Expand the configuration tree until you can navigate to the configuration item that you want to modify.
- Click the configuration item that you want to modify, edit the value, and click OK to save changes.
- After successfully configuring the module, click the Modules tab and from the Modules in Repository list, select the module and click Activate. Module with the updated changes is successfully activated on the grid.
Use this section to understand the module configuration items and the configuration items that you must update to use the runbook.
| | |
|---|
Event Orchestration > Credentials | Stores the credentials for the operating systems. New in 20.19.02 DatabaseCredentials: Specifies the secure credentials for the database. New in 20.19.02 DatacenterCredentials: Specifies the secure credentials for the data center. New in 20.19.02 PatrolAgentCredentails: Specifies the secure credentials for the PATROL Agent. New in 20.19.02 UnixOracleCredentials: Specifies the secure credentials for Oracle for UNIX-based operating systems. New in 20.19.02 WindowsOracleCredentails: Specifies the secure credentials for Oracle for Windows operating system. - WindowsCredentials: Specify the password for hosts using Windows operating system, in a secure manner.
- UnixCredentials: Specify the password for hosts using Unix operating system, in a secure manner.
| |
ComponentType
ToOSMappings | Contains the mappings for target host systems to operating systems for the out-of-box service down and host down use cases in an XML format. <mappings>
<!-- mapping for service down -->
<component-type name="NT_SERVICES">windows</component-type>
<component-type name="NUK_Process">unix</component-type>
<!-- mapping for disk space full-->
<component-type name="NT_LOGICAL_DISKS">windows</component-type>
<component-type name="NUK_FileSystem">unix</component-type>
<!-- mapping for host down -->
<component-type name="NT_REMOTE_HOST">windows</component-type>
<component-type name="NUK_LINUX_REMOTE_HOSTS">unix</component-type>
<!-- mapping for database down -->
<component-type name="KOE_INSTANCE">oracle</component-type>
<component-type name="KOE_INST_LISTENER">oracle</component-type>
</mappings> | Conditional; required if adding a custom use case |
Event Orchestration > InfrastructureMappings | Contains the mappings between targets and credentials in an XML format. In addition, the mappings contain the settings for adapter invocation mechanism and the options to be passed to the adapter request and the command options.
Click here to view the default Infrastructure Mappings
<mappings>
<datacenters>
<datacenter name="default">
<domains>
<domain name="*">
<component type="patrol" name="*">
<username>patrol</username>
<password-configuration-name>UnixCredentials</password-configuration-name>
<invocation-mechanism>ssh</invocation-mechanism>
<adapter-options />
<command-options />
</component>
<component type="patrol" name="p1.acme.com">
<username>patrol</username>
<password-configuration-name>UnixCredentials</password-configuration-name>
<invocation-mechanism>ssh</invocation-mechanism>
<adapter-options />
<command-options />
</component>
<component type="unix" os-type="unix" name="*">
<username>root</username>
<password-configuration-name>UnixCredentials</password-configuration-name>
<invocation-mechanism>ssh</invocation-mechanism>
<ping-mechanism>command-line</ping-mechanism>
<adapter-options>
<character-set>utf-8</character-set>
</adapter-options>
<command-options />
</component>
<component type="unix" os-type="unix" name="u1.acme.come">
<username>root</username>
<password-configuration-name>UnixCredentials</password-configuration-name>
<invocation-mechanism>ssh</invocation-mechanism>
<ping-mechanism>command-line</ping-mechanism>
<adapter-options>
<character-set>utf-8</character-set>
</adapter-options>
<command-options />
</component>
<component type="oracle" os-type="unix" name="*">
<username>oracle</username>
<password-configuration-name>UnixOracleCredentials</password-configuration-name>
<invocation-mechanism>ssh</invocation-mechanism>
<ping-mechanism>command-line</ping-mechanism>
<adapter-options>
<character-set>utf-8</character-set>
</adapter-options>
<command-options>
<prompt>$</prompt>
</command-options>
</component>
<component type="windows" os-type="windows" name="*">
<username>Administrator</username>
<password-configuration-name>WindowsCredentials</password-configuration-name>
<invocation-mechanism>windows-command</invocation-mechanism>
<ping-mechanism>command-line</ping-mechanism>
<adapter-options />
<command-options>
<timeout>120</timeout>
</command-options>
</component>
<component type="windows" os-type="windows" name="w1.acme.com">
<username>Administrator</username>
<password-configuration-name>WindowsCredentials</password-configuration-name>
<invocation-mechanism>windows-command</invocation-mechanism>
<ping-mechanism>command-line</ping-mechanism>
<adapter-options />
<command-options />
</component>
<component type="oracle" os-type="windows" name="*">
<username>Administrator</username>
<password-configuration-name>WindowsOracleCredentials</password-configuration-name>
<invocation-mechanism>windows-command</invocation-mechanism>
<ping-mechanism>command-line</ping-mechanism>
<adapter-options />
<command-options />
</component>
<component type="database" name="oradb1">
<url />
<username>sys</username>
<password-configuration-name>DatabaseCredentials</password-configuration-name>
<invocation-mechanism>sql</invocation-mechanism>
</component>
</domain>
<domain name="acme.com">
<component type="patrol" name="*">
<username>patrol</username>
<password-configuration-name>UnixCredentials</password-configuration-name>
<invocation-mechanism>ssh</invocation-mechanism>
<adapter-options />
<command-options />
</component>
<component type="patrol" name="p2.acme.com">
<username>patrol</username>
<password-configuration-name>WindowsCredentials</password-configuration-name>
<invocation-mechanism>windows-command</invocation-mechanism>
<adapter-options />
<command-options />
</component>
<component type="unix" os-type="unix" name="*">
<username>root</username>
<password-configuration-name>UnixCredentials</password-configuration-name>
<invocation-mechanism>ssh</invocation-mechanism>
<ping-mechanism>command-line</ping-mechanism>
<adapter-options>
<character-set>utf-8</character-set>
</adapter-options>
<command-options />
</component>
<component type="unix" os-type="unix" name="u1.acme.com">
<username>root</username>
<password-configuration-name>UnixCredentials</password-configuration-name>
<invocation-mechanism>ssh</invocation-mechanism>
<ping-mechanism>command-line</ping-mechanism>
<adapter-options>
<character-set>utf-8</character-set>
</adapter-options>
<command-options />
</component>
<component type="windows" os-type="windows" name="*">
<username>Administrator</username>
<password-configuration-name>WindowsCredentials</password-configuration-name>
<invocation-mechanism>windows-command</invocation-mechanism>
<ping-mechanism>command-line</ping-mechanism>
<adapter-options />
<command-options>
<timeout>120</timeout>
</command-options>
</component>
<component type="windows" os-type="windows" name="w2.acme.com">
<username>Administrator</username>
<password-configuration-name>WindowsCredentials</password-configuration-name>
<invocation-mechanism>windows-command</invocation-mechanism>
<ping-mechanism>command-line</ping-mechanism>
<adapter-options />
<command-options />
</component>
<component type="database" name="oradb1.acme.com">
<url />
<username>sys</username>
<password-configuration-name>DatabaseCredentials</password-configuration-name>
<invocation-mechanism>sql</invocation-mechanism>
</component>
</domain>
</domains>
</datacenter>
</datacenters>
</mappings> You can update the Infrastructure Mappings based on your requirement. Infrastructure Mappings include information for the following elements: <datacenters>: Specifies the root node that contains information about the datacenter. Includes the <datacenter> element, which contains all the information related to a datacenter. Currently, more than one datacenter is not supported as the event data does not contain information to distinguish between different data centers. <datacenter name="default"> - <domains>: Contains the <domain> child elements for specifying more than one domain. Out-of-the-box, a "*" domain is specified.
- <domain name= "*">: Specifies the domain name where the event occurs. If no domain information is available in the event, a default domain named "*" is used.
<domain name= "acme.com">: Specifies a placeholder for a domain in your environment. WarningNote If event data and target host information does not contain information related to a domain, then, an attempt will be made to extract component information from the default "*" domain. <component>: Contains mapping information for a target. Component can have two attributes:
type: Specifies the component type, whether it is a windows host or a Unix host.
name: Specifies the name of the host. If host name is not known, specify "*". Example: <component type="windows" name="*"> <component> contains the following child elements: - <username>: Specifies the username required to log on to the component.
- <password>: Specifies the password that matches the username.
- <invocation-mechanism>: Specifies the ways to invoke workflows. For example, if the component is a Windows computer, you can use windows-command as the invocation mechanism. The Command Line adapter is used. For Unix, the SSH adapter is used to invoke the workflows.
- <ping-mechanism>: Specifies the mechanism to perform typical ping operations. Typically, a ping command can be performed from the local peer by using a command line adapter.
- <adapter-options>: Contains a comma-separated list of options to be passed to the adapter based on the adapter invocation mechanism. For example: use-ssl=true, use-unsigned-certificates=true.
- <command-options>: Contains a comma-separated list of options to be passed to the command.
| |
