The discovery data source is based on a handy condition detection module I found in the documentation: System.Discovery.RelationshipSnapshotDataMapper. In reality the documentation is not so clear since it misses an example that fits our situation, but with some management pack digging it’s not so difficult to end up with the correct usage. What we’re going to do is to combine a scheduler with the condition detection module to compose a data source we can use in discovery. The data source type just wraps the scheduler and the data mapper together and exposes the needed parameters, when we’ll define the discovery itself we’re just going to combine the key properties of both classes to obtain the relationship.
<DataSourceModuleType ID="QND.Compliance.HSRefOS.DT" Accessibility="Public" Batching="false">
<Configuration>
<IncludeSchemaTypes>
<SchemaType>System!System.Discovery.MapperSchema</SchemaType>
</IncludeSchemaTypes>
<xsd:element minOccurs="1" name="Frequency" type="xsd:integer" />
<xsd:element minOccurs="0" name="SyncTime" type="xsd:string" />
<xsd:element name="RelationshipId" type="xsd:string" />
<xsd:element name="SourceTypeId" minOccurs="0" maxOccurs="1" type="xsd:string" />
<xsd:element name="TargetTypeId" minOccurs="0" maxOccurs="1" type="xsd:string" />
<xsd:element name="SourceRoleSettings" type="SettingsType" />
<xsd:element name="TargetRoleSettings" type="SettingsType" />
<xsd:element name="InstanceSettings" minOccurs="0" maxOccurs="1" type="SettingsType" />
</Configuration>
<OverrideableParameters>
<OverrideableParameter ID="Frequency" Selector="$Config/Frequency$" ParameterType="int" />
<OverrideableParameter ID="SyncTime" Selector="$Config/SyncTime$" ParameterType="string" />
</OverrideableParameters>
<ModuleImplementation Isolation="Any">
<Composite>
<MemberModules>
<DataSource ID="DS" TypeID="System!System.Discovery.Scheduler">
<Scheduler>
<SimpleReccuringSchedule>
<Interval Unit="Seconds">$Config/Frequency$</Interval>
<SyncTime>$Config/SyncTime$</SyncTime>
</SimpleReccuringSchedule>
<ExcludeDates />
</Scheduler>
</DataSource>
<ConditionDetection ID="Mapping" TypeID="System!System.Discovery.RelationshipSnapshotDataMapper">
<RelationshipId>$Config/RelationshipId$</RelationshipId>
<SourceTypeId>$Config/SourceTypeId$</SourceTypeId>
<TargetTypeId>$Config/TargetTypeId$</TargetTypeId>
<SourceRoleSettings>$Config/SourceRoleSettings$</SourceRoleSettings>
<TargetRoleSettings>$Config/TargetRoleSettings$</TargetRoleSettings>
<InstanceSettings>$Config/InstanceSettings$</InstanceSettings>
</ConditionDetection>
</MemberModules>
<Composition>
<Node ID="Mapping">
<Node ID="DS" />
</Node>
</Composition>
</Composite>
</ModuleImplementation>
<OutputType>System!System.Discovery.Data</OutputType>
</DataSourceModuleType>
The monitor type is the last type we need before we’re ready for the monitoring section of our management pack. We have all the basic plumbling and most importantly the data source needed to check the compliance. The monitor will be a two states monitor, our operating system will simply be Compliant or Non Compliant.
<MonitorTypeStates>
<MonitorTypeState ID="Compliant" NoDetection="false" />
<MonitorTypeState ID="NonCompliant" NoDetection="false" />
</MonitorTypeStates>
To address the compliance we’ll use the summary Boolean properties returned by the data source:
- OSCompliant
- QFECompliant
- WSHCompliant
For the compliance condition detection we’ll put all the properties in AND following this pattern:
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="Boolean">Property[@Name="OSCompliant"]</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="Boolean">true</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
For the non-compliance condition detection we’ll use the same properties in OR checking on false. Since this is the only type we’re going to spend in the monitoring section of the management pack it’s time to define overridable parameters, while the configuration section resembles the data source one. That’s it, here is our MonitorTypes section:
<MonitorTypes>
<UnitMonitorType ID="QND.OSCompliance.MT" Accessibility="Public">
<MonitorTypeStates>
<MonitorTypeState ID="Compliant" NoDetection="false" />
<MonitorTypeState ID="NonCompliant" NoDetection="false" />
</MonitorTypeStates>
<Configuration>
<xsd:element name="OSVersion" type="xsd:string"/>
<xsd:element name="QFEList" type="xsd:string" />
<xsd:element name="WSHVersion" type="xsd:string" />
<xsd:element name="ScriptTimeout" type="xsd:integer" />
<xsd:element name="IntervalSeconds" type="xsd:integer" />
<xsd:element name="SyncTime" type="xsd:string" />
</Configuration>
<OverrideableParameters>
<OverrideableParameter ID="IntervalSeconds" Selector="$Config/IntervalSeconds$" ParameterType="int" />
<OverrideableParameter ID="SyncTime" Selector="$Config/SyncTime$" ParameterType="string" />
<OverrideableParameter ID="OSVersion" Selector="$Config/OSVersion$" ParameterType="string" />
<OverrideableParameter ID="QFEList" Selector="$Config/QFEList$" ParameterType="string" />
<OverrideableParameter ID="WSHVersion" Selector="$Config/WSHVersion$" ParameterType="string" />
<OverrideableParameter ID="ScriptTimeout" Selector="$Config/ScriptTimeout$" ParameterType="int" />
</OverrideableParameters>
<MonitorImplementation>
<MemberModules>
<DataSource ID="DS" TypeID="QND.OSQFEGet.DS">
<OSVersion>$Config/OSVersion$</OSVersion>
<QFEList>$Config/QFEList$</QFEList>
<WSHVersion>$Config/WSHVersion$</WSHVersion>
<ScriptTimeout>$Config/ScriptTimeout$</ScriptTimeout>
<IntervalSeconds>$Config/IntervalSeconds$</IntervalSeconds>
<SyncTime>$Config/SyncTime$</SyncTime>
</DataSource>
<ConditionDetection ID="CDCompliant" TypeID="System!System.ExpressionFilter">
<Expression>
<And>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="Boolean">Property[@Name="OSCompliant"]</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="Boolean">true</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="Boolean">Property[@Name="QFECompliant"]</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="Boolean">true</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="Boolean">Property[@Name="WSHCompliant"]</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="Boolean">true</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
</And>
</Expression>
</ConditionDetection>
<ConditionDetection ID="CDNonCompliant" TypeID="System!System.ExpressionFilter">
<Expression>
<Or>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="Boolean">Property[@Name="OSCompliant"]</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="Boolean">false</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="Boolean">Property[@Name="QFECompliant"]</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="Boolean">false</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="Boolean">Property[@Name="WSHCompliant"]</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="Boolean">false</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
</Or>
</Expression>
</ConditionDetection>
</MemberModules>
<RegularDetections>
<RegularDetection MonitorTypeStateID="Compliant">
<Node ID="CDCompliant">
<Node ID="DS" />
</Node>
</RegularDetection>
<RegularDetection MonitorTypeStateID="NonCompliant">
<Node ID="CDNonCompliant">
<Node ID="DS" />
</Node>
</RegularDetection>
</RegularDetections>
</MonitorImplementation>
</UnitMonitorType>
</MonitorTypes>
To complete this first Management Pack snippet let’s add the manifest section, here I put several dependency we’re going to use later in the management pack.
<?xml version="1.0" encoding="utf-8"?>
<ManagementPack xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsl="http://www.w3.org/1999/XSL/Transform”xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<Manifest>
<Identity>
<ID>QND.AgentCompliance</ID>
<Version>6.1.7221.11</Version>
</Identity>
<Name>QND Agent Compliance</Name>
<References>
<Reference Alias="System">
<ID>System.Library</ID>
<Version>6.0.4941.0</Version>
<PublicKeyToken>31bf3856ad364e35</PublicKeyToken>
</Reference>
<Reference Alias="Windows">
<ID>Microsoft.Windows.Library</ID>
<Version>6.0.4941.0</Version>
<PublicKeyToken>31bf3856ad364e35</PublicKeyToken>
</Reference>
<Reference Alias="Win2003">
<ID>Microsoft.Windows.Server.2003</ID>
<Version>6.0.4941.0</Version>
<PublicKeyToken>31bf3856ad364e35</PublicKeyToken>
</Reference>
<Reference Alias="Win2008">
<ID>Microsoft.Windows.Server.2008.Discovery</ID>
<Version>6.0.4941.0</Version>
<PublicKeyToken>31bf3856ad364e35</PublicKeyToken>
</Reference>
<Reference Alias="SC">
<ID>Microsoft.SystemCenter.Library</ID>
<Version>6.0.4941.0</Version>
<PublicKeyToken>31bf3856ad364e35</PublicKeyToken>
</Reference>
<Reference Alias="Health">
<ID>System.Health.Library</ID>
<Version>6.1.7043.0</Version>
<PublicKeyToken>31bf3856ad364e35</PublicKeyToken>
</Reference>
</References>
</Manifest>
Finally let’s add the LanguagePacks section with the proper display strings (kept at a minimum actually).
<LanguagePacks>
<LanguagePack ID="ENU" IsDefault="true">
<DisplayStrings>
<DisplayString ElementID="QND.AgentCompliance">
<Name>Quae Nocent Docent Agent Compliance</Name>
<Description>Checks for OS compliance for monitoring</Description>
</DisplayString>
<DisplayString ElementID="QND.Compliance.HealthServiceReferenceOperatingSystem">
<Name>HealthService references Operating System</Name>
</DisplayString>
</DisplayStrings>
</LanguagePack>
</LanguagePacks>
In the next post we will complete our types section adding the Windows 2008 R2 Service Pack 1 baseline to the picture and performing some discovery.
Hope that this post was helpful.
No comments:
Post a Comment
Note: only a member of this blog may post a comment.