Skip to main content

Creating a New Discovery Instance

About This Task

Access to the target integration device is required for discovery to occur.

After you configure and subscribe to the integration instance, IPM adjusts the appropriate Wisdom Pack license count to reflect additional license consumption.

Prerequisites

To perform this task, the user must meet the following requirements:

  • Ensure that all items identified in Installation Prerequisites have been met.

  • Have the following information available for integration configuration. These are needed so IPM can connect to and collect metrics from the target integration device:

    Warning

    This integration does not support device connection through a proxy.

    The following fields apply to all devices:

    • Name - A name which identifies this configuration from other configurations of the same type.

    • Poll Interval - The interval (in minutes) at which data is collected from the target devices.

    • Monitoring Level - Determines if all devices in this configuration should poll for metrics and entity changes, just entity changes, or do nothing.

    The following fields apply to each device entry:

    • Hostname/IP - The fully qualified domain name or IP address of the Windows host.

    • Use HTTPS - If checked, use HTTPS instead of HTTP when communicating with the Windows host. *

    • Ignore Certificate Error - If checked, disables the validation of the HTTPS certificate. This is not recommended as it prevents validation that the correct host is responding. *

    • WinRM Port ( Use Port 5986 for HTTPS) - The WinRM port number used to connect to the Windows host. Use 5985 for HTTP and 5986 for HTTPS.

    • WinRM Certificate File - The WinRM certificate to use to validate the remote host. This is required only with HTTPS/strict certificate validation. *

      • Self-signed certificates can be automatically fetched from the target device using these fields:

        • Hostname/IP

        • WinRM Port ( Use Port 5986 for HTTPS)

    • TLS Name - The TLS Name of the Windows host. This is required only if the HostName/IP do not match the common name in the HTTPS certificate. *

    • Transport

    • Use Hostname/IP as Key *

    • Collect Netstat Data - If checked, netstat data will be collected and modeled as conversations. *

    • Username - The username to use when connecting to the Windows host.

    • Password - The password to use (for the specified username) when connecting to the Windows host.

    * Required Field

  • If you intend to use credential sets when configuring devices, the credential sets must already have been created.

Steps

  1. From the Settings page, click Integrations in the Probes and Integrations section.

    image15.png
  2. Click View for the licensed integration you want to configure.

    • If this is an initial configuration: You are directed to the New Integration page to configure the first integration.

    • If there are existing configurations: The Integration page opens, displaying a list of all existing licensed and unlicensed configurations.

  3. Click New.

    scrn-vwi-generic-integ-list-new.png

    The New Integration page displays.

  4. Enter a Name for the configuration and click Next.

    Each configuration must have a unique name, to avoid save errors. If you are using more than one IPM integration, it is recommended that a naming convention be used to ensure unique configuration names for each integration.

    vwi-scrn-integ-config-new-name.png

    A second configuration page displays.

    vwi-scrn-pure1-config.png

    Note: Each integration has slightly different configuration pages. Shown above is a generic representation of a New Integration page.

  5. Select a Poll Interval.

    When selecting the poll interval, note that metric collection automatically begins when the first poll interval is reached.

  6. Select a Monitoring Level: Discovery and Metric Collection (the default), Discovery Only, or Disabled. For new configurations, the default is the best choice. More information about each choice follows.

    • Discovery and Metric Collection (default) - for each polling interval, discovery and metrics will be collected, and licenses will be consumed.

    • Discovery Only - for each polling interval, discovery and metrics will be collected, but the metric data will be discarded. Licenses will not be consumed. Please note that this option will not lead to less load on the target system(s).

    • Disabled - all communication with the target system(s) will cease and licenses will not be consumed.

  7. In the Devices area, add the configurations.

    • To add one configuration at a time, click Add.

      You must select a credential set or enter a name/IP address, username, and password.

    • To add multiple configurations at one time, click Import, select a CSV file to upload, and then select how the file content should impact existing records.

      You can Replace, Merge, or Add records.

      Warning

      If you select Replace, the entire contents currently in the table are deleted and replaced. This deletion cannot be undone.

      See Using a CSV File for Configuration for details about using a configuration file.

  8. Complete the device connection details and then click Save.

  9. Click Save on the Configuration page.

    If properly configured, the hosts are subscribed when the first metrics data is collected, based on the polling interval. You can verify subscription from the Integration page, that lists integration configuration instances.

SSL Certificate Handling

This integration requires a secure connection to the target device, which can be achieved automatically if the device has a certificate that has been signed by a root certificate authority. If this is the case, you may complete the form and click the Next button to proceed to the next page of the configuration.

If your device does not have a properly signed certificate, you may associate a certificate (for example, a self-signed certificate) with the device using one of the two following methods.

  1. Automatically fetch the certificate from the target system. A valid IP address and port number are required.

  2. Upload the certificate from your local system. Please note: at this time, certificates must be in PEM (plain text) format.

The first page of an integration configuration might look something like this:

vwi-scrn-tls-1.png

Note

SSL Certificate might called something different depending on the integration being configured. The Subject, Issued By, and Expires On fields are initially blank, which means that there is currently no stored certificate. This is also the case when connecting to a system with a certificate issued by a root certificate authority.

Some integrations with per-device configurations, the SSL certificate controls are seen when adding a new device. The functionality of the control is the same regardless.

Using Verify to Automatically Fetch a Certificate

Clicking on the Verify button will trigger an action that will automatically fetch the certificate from the target system. There are two cases:

  1. If the fetched certificate has been signed by a valid root certificate authority you will see a popup window with the details of the certificate as shown below. Press OK to continue configuration. Note: properly signed certificates will not be stored locally and the Subject, Issued By, and Expires On fields will remain empty. Fill in the Name and authentication fields and click the Next button in the upper right hand corner of the screen.

    vwi-scrn-tls-verify-1.png
  2. If the fetched certificate is, for example, a self-signed certificate, you will see a popup window with the details of the certificate as shown below. You may either Accept and Trust the retrieved certificate or you may Cancel. If you accept, the Subject, Issued By, and Expires On fields will be updated with a summary of the issuing authority and you may continue configuring the integration. Fill in the Name and authentication fields and click the Next button in the upper right hand corner of the screen.

    vwi-scrn-tls-verify-2.png

Uploading a Certificate

Clicking on the Browse... button will prompt you to upload a certificate from your local system. Once uploaded, you'll see a popup window with the details of the certificate as shown below. You may either Accept and Trust the retrieved certificate or you may Cancel. If you accept, the Subject, Issued By, and Expires On fields will be updated with a summary of the issuing authority and you may continue configuring the integration. Fill in the Name and authentication fields and click the Next button in the upper right hand corner of the screen.

vwi-scrn-tls-browse-1.png

It's a good idea to validate the uploaded certificate by clicking on the Verify button.

Viewing the Locally Stored Copy of a Certificate

Click on the View button to display the contents of the locally stored certificate.

Removing a Locally Stored Copy of a Certificate

Click on the Clear button to remove the locally stored copy of your certificate if, for example, you have updated your system certificate with one that is signed by a root certificate authority.

Next Steps

Optional: Create credential sets and assign to devices