How to copy the Hardware Rule CMDB Identifier for specific Sub-Classes, to identify Unusual Hardware correctly, or where different devices are known to share name/serial


Description

The out-of-box "Hardware Rule" CMDB Identifier makes some general assumptions, and specific peculiarities of certain makes and models of devices won't work well. e.g. Name, IP or MAC address is not always unique. Even Serial Number may be shared between servers in the same chassis, or virtual environments.

This is the procedure of copying the Hardware Rule for a specific CI Class, which can then be modified to cope with those strange devices that don't fit the assumptions.

Once that has been done, the new Identifier will be used for that specific class of CI only, instead of the Hardware Rule.

Cause

An Example - Many Printers have the same Name

You may have a lot of similar devices/models that return the same default "Name" via SNMP. e.g. APC PDUs (name=RACKPDU), and Ricoh Afficio network printers (name=<model number> e.g. "MP 2550")

If 2 of those devices exist on the network, this is how the default "Hardware Rule" breaks.

  1. Discovery will see the 1st device, see that SNMP is open, and run the Classify and Identity probes.
  2. The data will include the Name and Serial number, plus network adapter information including IP Address and MAC Address of that 1st device.
  3. The Identification and Reconciliation Engine (IRE) will not be able to match any existing CI so will create a new CI
  4. Discovery now sees the 2nd device. This has the same Name (e.g. "RACKPDU"), but all the other identification data will be different.
  5. The Identification and Reconciliation Engine will run through each of the Hardware Rule's rules to compare what has been seen with what is already in the CMDB, in order:
    1. Search Serial Number table [cmdb_serial_number] for a matching serial_number,serial_number_type - No Match.
    2. Search the Serial Number field of the main Hardware [cmdb_ci_hardware] records - No Match.
    3. Search the Name field of the main Hardware [cmdb_ci_hardware] records - Match with 1st CI, not good!
  6. A match was made with the 1st device's CI, and that is then wrongly updated with the 2nd device's attributes.
  7. Every time either of those devices are re-discovered, the same CI will be updated and duplicate cmdb_ci_serial_number, cmdb_ci_network_adapter and cmdb_ci_ip_address records will be created each time, and be linked to that single main CI.
  8. If you have hundreds of similar devices, you end up with a real mess in those related tables. The only CI in the CMDB will randomly represent one of the devices and will regularly change attributes to match whatever was the last scanned, and no CIs will exist for all the others.

Resolution

The above Printer example, where multiple printers are known to have the same name:

  1. Open the CI Class Manager: Configuration - CI Class Manager
  2. On the left, in the Class Hierarchy list, select the CI Class that needs a custom identifier. e.g. Hardware>Printer
  3. In the right column, select CI Identifiers. You will see the Hardware Rule listed in the "Identification" list.
  4. Click New in the header of that Identification list.
  5. Name your new Identifier. e.g. "Custom - Printer", and Submit.
  6. Back in the navigation, Open the list of Identifiers: Configuration - CI Identifiers
  7. Open the "Hardware Rule"
  8. For each of the Active records in the 'Identifier Entries' related list:
    1. Open the record
    2. Change 'Identifier' to your table name. e.g. cmdb_ci_printer
    3. If the 'Search on table' is Hardware:
      • Note which fields are listed in 'Criterion attributes', as you're going to have to put those back in a moment. e.g. 'IP Address, MAC Address' or 'Serial number'
      • change Search on table to your table. e.g. Printer.
      • Add the fields you noted above back into the 'Criterion attributes'
    4. Right click the header, and 'Insert' to make a copy if that entry for your own identifier. (Don't save or submit or you will be modifying the Hardware Rule!)
  9. For each of the Active records in the 'Related Entries' related list:
    1. Open the record
    2. Change 'Identifier' to your table name. e.g. cmdb_ci_printer
    3. Right click the header, and 'Insert' to make a copy if that entry for your own identifier. (Don't save or submit or you will be modifying the Hardware Rule!)
  10. Open your new identifier. You will see your newly copied Identifier entries listed. At this point it is a straight copy of the Hardware Rule, and so functionally identical.
  11. De-activate the troublesome entries. e.g. Untick Active for the entry where the criterion is 'Name', if you've got CIs you know share the same name.
  12. You could also add new entries with other criteria needed to workaround the quirks of your specific device models.

If you are doing something similar to the above Printer example, where the Name rule is deactivated for Printers, then you would expect a lot of printer CIs to be created on the next discovery run, because there will be no match made with existing data. Then on the subsequent discovery run each of the individual CIs will be identified by serial number and updated correctly, because you still have the other entries in your new identifier. Non-Printers will not be affected by your change, and the Hardware Rule will continue to be used for those.

The reason that the Related Entries are also copied is that some Discovery Patterns are written to use the Hardware Rule, and e.g. if a new custom Identifier for Server is created, then the Linux Server pattern won't work properly without those Related Entries it expects.

A trickier Example - AIX Servers share the same Serial Number

You can basically do the same as above, but this time creating an independent identifier for AIX Server [cmdb_ci_aix_server]. The Serial number field, and Serial Number table entries would need disabling to avoid matching only on serial number. A new entry for Name and Serial Number can be added to serial number is still used, but only if there is a matching name too.

What makes this tricky is that the Identification engine Errors if you don't have a rule for serial number. The rules for serial number are what is causing the mis-identification in this case, but if you deactivate those you would see errors in the Pattern log like this and the pattern would fail to update anything:

Identification CI Errors:
Identity Rule for table [cmdb_ci_aix_server] missing Lookup Rule for class [cmdb_serial_number],Abandoned due to too many errors...

The trick to avoid that error is to keep those entries active, but add a filter condition that can never happen, so that the rule can never make a match using that entry. It's now effectively disabled, but still officially active.
e.g. Serial Number IS NeverGoingToMatchOnThis

Some screenshots of the AIX example, which is also attached as an update set for reference. This was done on a Paris Patch 4 instance.

Open the records directly. This bit can't easily be done from the CI Class Manager.

When copying the Entries, the Hardware Table ones need doing in 2 steps (Edit, Insert, Edit more, Update). The other Identifier Entries and Related Entries can be done in 1 step (Edit the identifier and Insert).

Adding a new Entry for Name + Serial Number:

Editing the Serial number entries to add an impossible condition:

Leaves the new Identifier as:

Additional Information

Creating new Identifiers can have side effects. A lot of features use this for matching imported or discovered data with the existing CMDB records. Thorough testing of any discovery sources or imports is advisable on a sub-production instance after making any changes.

If entries are added or changed on the out-of-box identifiers after you copied them, those changes will need manually doing . It is worth keeping an eye on identifier changes done as part of upgrades so that you can maintain your own identifiers to match.

Discovery Patterns and other features will assume they will be using the out-of-box identifiers when putting IRE payloads together. If those payloads cause errors in the identification engine during insert/update, then the customised identifiers are likely to be missing entries, or need updating to match the out-of-box ones they used to inherit.