Upgrade to remove ads
ServiceNow Discovery - Fundamentals
Terms in this set (137)
Network Discovery discovers the internal IP networks and subnets within your organization;
Cloud discovery finds resources in AWS and Azure clouds, and then populates the CMDB with the relevant CIs and relationships. Two types: Service account cloud discovery & Cloud application discovery;
Discovery can find applications on host machines without the need to discover the host first. Two type: Standard serverless discovery & Host-based serverless discovery;
Discocery Dashboard displays
The Discovery Dashboard displays:
1 The current progress of the actively running schedules.
2 Discovered devices, by category and time discovered.
3 Errors that occurred during a schedule that has run.
4 Credentials that were either not required or unused by a schedule
The Discovery status provides a summary of a Discovery launched from a schedule. You can also cancel a Discovery that is in progress from the status form
Discovery status reference lists
* Discovery Log: classification failures, CMDB updates, and authentication failures
* ECC queue entried: connected flow of probe and sensor activity, actual XML payload.
* Device history: summary of all the devices scanned during discovery, and what action sensors took on the CMDB
includes devices on which one port responded to the scan, but no ports are open
classification failures, CMDB updates, and authentication failures
Discovery Pattern Log
includes Horizontal Discovery log records, which display information about discoveries that were performed with patterns. A horizontal discovery log record is created for an entire horizontal discovery run, which includes the results of all the operations specified in the pattern.
Why use Discovery status?
to see a summary of a Discovery, access the ECC queue (shows probe and sensor activity), as well as the actual XML payload
Why use Discovery dashboard?
to monitor ongoing Discovery operations
Why use Discovery CI schedule manager?
to access a report of all discovered devices, see any errors that might have occurred, and view discovery trends. This manager interface shows data for Configuration Item type discoveries.
What are the steps for: MID Server auto selection
1 appropriate IP range configured
2 ALL application and appropriate IP range configured
3 more then 1, then first that is Up else random
4 none are up, default MID Server specified for the Discovery application
5 no default MID Server, then default MID Server specified for the ALL application, assuming it is up.
6 If no default MID Server is specified, cycles through the previous steps and looks for MID Servers with the status of Paused or Upgrading
Auto select steps for MID Server clusters in load balanced
1 first MID Server in the cluster that it finds with the status of Up
2 more up, random select one else Paused or Upgrading
Auto select steps for MID Server clusters in fail over
1 MID Server with the lowest Order value that also has the status of Up
2 else Paused or Upgrading
Where can you set the Shazzam batch size?
on the Discovery schedule
What is the default batch size for Shazzam?
When not to use MID server clusters?
JDBC data sources
When can you get duplicated discovery data ,using a MID server?
When a fail over MID server starts it is always begins with first ECC entry
What are capabilities?
MID Server capabilities define the specific functions of a MID Server within an IP address range
What capabilities are available?
Where to validate Discovery results?
Accessing the ECC queue, analyzing the XML payload, and checking the Discovery log
What happens when you cancel an active Discovery?
Existing sensor jobs that have started processing are immediately terminated.
The existing sensor jobs that are in a Ready state, but have not started processing, are deleted from the system
When to run Network discovery?
intended for organizations that do not have complete knowledge of the IP addresses available
What is the result of Network discover?
All IP addresses using netwerk routers. No CMDB uodates
Trouble shooting high level subjects are?
Probes, sensors, proces classifiers
Under which account does the MID server run?
Local Admin account
If there are no working creditials for a device, which creditials are used?
MID Server service account
Credentials for SHH are for...
Unix/Linux. Support for SS pasword and private key
Credentials for SNMP are for ...
Network and printer devices. Support SNMP v2/3
Credentials for Windows are for ...
Credentials for VMWare vCenter are for ...
VMware vCenter on Windows machine
Credentials for CIM are for ...
CIM servers based on Common Information Model
Credentials for AWS are for ...
Amzon EC2 Web Services. Cloud management
Where are credentials stored?
On instance in table Credentials
How will MID Server receive credentials?
creditals are decrypted with fixed key
re-encrypted with Web Service key
credtials encryptes on instance SSL
credentials de-crypted on MID server SLL
credentials de-crypted MID server with Web Servicekey
What is Credential Affinity?
It is a table that holds correct credential found for a CI.
What could be the problem if Windows authentication fails in Classify?
Powershell not properly configured
Windows credentials not properly set
When will you see 2 log entries for credential failure?
Powershell is corectly enabled but :
Windows Service Credential and
are not correct
When will Windows Services Credentials be used
mid.powershell.local_mid_service_credential_fallback is set to true.
what is the default value for mid.powershell.local_mid_service_credential_fallback?
Unix and Linux credentials are used in protocol?
What privileges are needed for SSH?
root or sudo (credential to execute priviledge commands)
What paremeter needs to be set to use sudo?
must_sudo = True
Default is False
Where configure sudo?
/etc/sudoers file using visudo command
How to test SSH credentials?
From MID server using PuTTY
Which table is used to view the Device History?
What needs to be enabled to use external storage credentials?
Discovery External Credential Storage plugin
What are the requirements for discovering SQL Server?
On SQL server
- Remote Registry Service enable
- Powershell v2
- Add Windows user
On MID server
- Microsoft SQL Servcer management lib SMO,
What credentials are needed to discover VMware?
: vCenter application
: to interogate ESX Servers
CIM credentials are used for?
Probe CIM server to discover Staorage servers
DAS, NAS and SAN
What protocol is used to discover devices as switches, rouer, printers?
Only the default read community string needed
If ACLs then MID Server IP must be added
What is a behavior?
It controls which protocol is to be used when dicovering a device during Port Scan Phase
What is Discovery Functionality?
defines what each MID Server in the behaviour must do as defined by the Functionality Definition
What is Functionality Definition?
defines which protocols to detect
How to use a behaviour in Discovery schedule?
Select for MID server: Use behaviour.
What is the default protocol used when classifying in Shazzem probe?
What does the value column in the ECC indicate?
Value = Input --> Sensor record
Value = Output --> Probe record
What can you find in the Shazzam XML Payload?
If no data is returned on Port Scan Phase. What could be a reason?
- Firewalls prevent connection
- IP ranges not corectly defined
- Incorrect Behaviour deployed (SSH only used on Window)
Classifiers not accurate
How are devices Classified in Classification phase?
Computers by OS
Network devices by functionality
How enable to show the list of classifiers used?
glide.discovery.debug.classification = true
What could cause duplicated CI's?
Discovery running and an import and reconciliation and required fields are not correct.
Where can you set indentifiers for CI?
Discovery Definition > CI indentification > Indentifiers
CI Class Manager
Will Discovery change the Class of a CI?
Yes, if the CI is in a other class (caused by import).
Where can you check to see what indentification rules are used?
Discovery log. Shows them in order used.
What other optional platform features can be used to prevent datasources for overwriting attributes?
Reconcilliation and Datasource Precedence
Spicifies atributes a datasource is allowed to update
The order in which a daatasources are allowed to write over data. Lower order has higher priority.
Which Encryption ServiceNow uses to store credential in Discover_credential table?
3 DES Encryption
What is MID Server default thread limit?
Custom parsing strategies are?
Where can you find what classifiers were used and in which order?
Node Log File Browser
What can you set in Discovery Configuration Console?
Choose what discovery data is populated in CMDB
Swith of Unix Servers, will disable SSH Probe
There are two methods for Horizontal Exploration Phase. Which?
: Probes and Sensors
What to check when trouble shooting Identification Phase?
Duplicate records created
Reconciliation Defintions/Datasource Precedence
What to check when trouble shooting Exploration Phase and information is not returned as expected?
Trigger probes or custum probe/pattern not configured correctly
What to check when trouble shooting Exploration Phase and XML payload does not show up on form?
Custom sensor not scripted correctly
In Exploration phase trouble shooting you can alse check?
What will be created if duplicated CI are found?
Deplicate Tasks (under Indentification/Reconcilliation)
On what port does SSH run?
On what port does WMI run?
On what port does SNMP run?
How to validate permission from MID Server?
a. Putty for SSH
b. Webmtest for WMI
c. iReasoning for SNMP
We should have same capabilities for all MID Server in cluster?
How many CI Identifier we can have per CI class?
Steps to extend discovery using Probe & Sensors.
a. Create Probe (Under Discovery Definition)
b. Create Sensor (Attach previously created Probe to this sensor)
c. Associate new Probe to server (Under Ci Classifier)
Can we pass multiple commands while creating new Probe?
Yes! We can but need to select "multiprobe" as probe type.
How many type of horizontal discovery pattern are available?
Used to target Server or Host.
Used to target application running on servers or Hosts (Can be identify by running process or TCP Connection).
Which phase do we need to use for the Horizontal Probe on Infrastructure Discovery Patterns
Horizontal Discovery Vs Vertical Discovery (Top - Down)
Infrastructure pattern can only be used by Horizontal Discovery
Application pattern can be used by Horizontal and Vertical Discovery
When does Application Depency Mapping (ADM) happen?
During Exploration Phase
What does Depency Mapping create?
application and host
application and application
What is the goal of Proces Classification?
Tracks services such as DB Servers.
Difference between divice classification and proces classification?
Proces classification creates relationships
What is the default name of an application crearted by Discovery?
<procesClassifierName>@<name of CI>
Where can you customize the name creating of applications?
On classification script
Why use a Porcess Handler?
If restarted processes have changing parameters.
Makes sure that no dupicated Application CI occur.
What does a Process Handler do?
make sure that data is the same after restarts of preoces.
Uses a script.
Can you have multiple Process Handlers per class?
What is a requirement for MID servers in Load Balance Cluster?
Have the same capabitlties
What is achieved with Shazzam cluster support?
It enables Shazzam to be process among multiple MIS Servers ia a cluster. Preformance.
In a fail over cluster a MID Server stops. What will happen?
NExt highest MID server takes over
MID server check ECC queue for job Processing or Ready
In what way can you extend Discovery?
- Classifiy new applications to extend ADM
- Classify new devices that are not classified in base line
Probes & Sensors
- Run new commands to collect more details from Unix, windows and SNMP devices
- Create pattern queries that parse returned data to gather CI attributes
For what protcal can you write new probes?
WMI, SNMP, SSH
Where do you write the propbe commands for SSH?
ECC queue name
What can Sensors do?
Parse result returned from Probe
Trigger other probes
What is the criteria for a Probe to be triggered?
Where a Horizontal Discovery Probes added?
In a Classifiers list of Trigger probes
In which phase is the Horizontal Probe on Infrastructure Discovery Patterns fired?
Infrastructure patterns can only be used by Discovery? T/F
An Pplication patern can be used for..
horizontal and vertical discovery
Top-down and Horizontal Discovery
The Pattern Designer has 3 columns, what are they?
Left: Create, edit and view steps
Middle: Select and define operations
Right: View and interact with temp variables available after eacht patern step
What the operation choices in Pattern Design?
What temporary variables are alway defautl availablein Pattern Design?
in Infrastructure Discovery Pattern
in Application Discovery Patterns
The CI Type specified during creation of the Discovery Pattersn in available as variable. When is this variable table filled?
During Classification stage
When the pattern is completed during discovery what happens to the data in the table vaiable of CI Type?
It is written to CMDB if names match or are transformed to field name.
When will a current version of pattern run?
When will a step in the Discovery pattern be checked against a target?
When Debug is activated
What is needed to an Infrastructure pattern?
A host IP
What is needed to test an Application Pattern?
What is SNMP MIB?
Management Information Base: is a collection of information organized hierarchically.
These are accessed using a protocol such as SNMP. There are two types of MIBs:
What SNMP OID
Object Identifiers. OIDs uniquely identify managed objects in a MIB hierarchy.
What other way is there to find OIDs and their respons?
Within Classification Probes used to fire Infrastracture Patterns
In the Horizontal Discovery patern there are two sections called...
: Used to indentify CI
: used to extend the identifiaction without changing baseline patterns and saved as shared library
If you want to re-use a pattern step, what should be done?
Create a Shared library
What choices are there for Pattern Steps?
How can you find a PID?
Discovery Pattern Log
Running Processes tab on the CI
RDP to Windows host > Task Manager
When will application debuggin not work for a Host CI?
If Status is set to Absent
CMDB Health Dashboard metrics displays
- Required fields
- Recommended fields
- Audit: Disered state -Certification filters and Templates
- Stalenss: default 60 days
Business rules created for discovery can be found in Discovery Definition. What is a best practice for naming them
Start with "Discovery"
MID server cummunicates using ..... on ..... (port ....)
Default poll time for MID server is?
What should be unique when installing more MID servers?
Wrapper display name
What is a Heartbeat probe?
Send by ServiceNow every 5 minutes to to check server status.
What is the frequency that MID server checks for updatees
What are the states of output messages in ECC Queue?
YOU MIGHT ALSO LIKE...
Cloud Essentials Certification Test
Chapter 7 - Network Evolution
OTHER SETS BY THIS CREATOR
Splunk part 2
Splunk part 1
ServiceNow - ITSM
ServiceNow ITSM Module 1 copied
THIS SET IS OFTEN IN FOLDERS WITH...
ServiceNow Discovery - Basics
ServiceNow Certified Implementation Specialist - D…
ServiceNow Discovery - Fundamentals