Configuration compliance

This topic contains a scenario in which out-of-compliance CI configurations are detected, and incidents or change requests are logged to bring them into compliance.

• • Products involved
  • Prerequisites
  • Technical use case

Prerequisites

• Products (such as BMC BladeLogic Network Automation and BMC BladeLogic Server Automation) have been configured to send SNMP traps to BMC Atrium Orchestrator.
• Snapshot jobs have been run to establish a baseline for audits.
• The baseline system is used to generate templates for audit jobs and to send SNMP events if the audit fails.
• For BMC BladeLogic Server Automation, the following adapters are installed:
  • BMC Atrium Orchestrator SNMP adapter
  • BMC BladeLogic Server Automation adapter
  • BMC Remedy AR System adapter
  • Web Services adapter
  • File adapter
• BMC BladeLogic Integration with Atrium is installed.
• A BMC Remedy ITSM user exists with permissions to create, update, and close change and incident tickets and read assets in BMC Asset Management.
• Server identities, hardware information, impact relationships, related CIs, and business service definitions are migrated into the BMC BladeLogic Server Automation dataset and reconciled into the production dataset.
• The Closed Loop Server Audit RBA-to-BladeLogic workflow is configured to monitor SNMP events that will be sent from BladeLogic and will create incidents and change requests.

Technical use case

1. After an audit is run on the system, an out-of-compliance condition is created (for example, BMC BladeLogic Server Automation creates a compliance job) and an SNMP trap is sent to BMC Atrium Orchestrator.
2. The BMC Atrium Orchestrator audit workflow creates an incident updated with the new information describing the discrepancies.
3. The BMC Atrium Orchestrator audit creates a change request and the incident created by the workflow is related to the change request.
    A change task is also created with work notes that list relevant information regarding the audit, such as target server information, and a description of what is out of compliance.
4. A CI from BMC Asset Management is related to the change request.
5. The change request is approved either manually or automatically, based on impact and priority.
6. BMC BladeLogic Server Automation creates a remediation package job and remediation job.
7. BMC BladeLogic Server Automation reconfigures the system to reach compliance.
8. After the change ticket and its tasks have been closed, the audit workflow in BMC Atrium Orchestrator closes the incident. The change is completed and task and incident are closed.