Mid Server Services Requirement and Credentials Types BOM

Platform Owner	Deanna Burns (Unlicensed)
Project Manager	David Swanson (Unlicensed)
Document status	WORK IN PROGESS
SN Discovery SME	Allena Kendrick (Unlicensed)
CMDB Manager	Christopher Abbott (Unlicensed)
Business Analysts	Vandana Bansal
Yale Technical Lead	Andrew Newman (Unlicensed)
SN CMDB Lead	Vimalpriya Kothandapani (Unlicensed)

Discovery Schedule

The discovery schedule will contain a Location(cmn_location) and Data Center(cmdb_ci_datacenter) location data attributes

YaleSandbox1 Midserver Configuration

Configuration Parameter

Noted: added mid.log.level Value=trace

Supported Application

IP Ranges

Capabilities

Properties

Clusters

Note: IMPORTANT - You can restrict protocols from executing on your schedule by setting up discovery functionality on your schedule.

MidServer Services Architecture

The Management, Instrumentation, and Discovery (MID) Server is a Java application that runs as a Windows service or UNIX daemon on a server in your local network.

The MID Server facilitates communication and the movement of data between a ServiceNow instance and external applications, data sources, and services.

The MID Server enables communication between a Servicenow Instance and the customer network

It is a Java Application that runs as a Windows Service or a Unix Dameon

It requires only an outbound connection on Port 443

MIdServer Services Requirements

The Management, Instrumentation, and Discovery (MID) Server is a Java application that runs as a Windows service or UNIX daemon on a server in your local network. The MID Server facilitates communication and the movement of data between a ServiceNow instance and external applications, data sources, and services.

Windows server: To discover Windows-based servers, run Service Mapping patterns, or execute Orchestration commands on Windows devices, the MID Server must be installed on a Windows server. The MID Server supports all Windows Server 2008, 2012, and 2016 editions, virtual machines, and 64-bit systems.

Note: .NET Framework version 3.5, 4.0, 4.5, 4.6, or 4.7 is required for Service Mapping support and for Windows pattern-based discovery.

ServiceNow Configs

· Ensure Discovery is able to write discovered objects to correct tables

· ServiceNow Administrator web browser must have Flash Player 10.1 or higher

Clusters - Load Balancing and Failover

2 Load balancer Mid-Server for https://yalesandbox.service-now.com and https://yaledev.service-now.com

2 Failover Mid-Server - another location for https://yalesandbox.service-now.com and https://yaledev.service-now.com

1 Load balancer Mid-Server for https://yale.service-now.com

1 Failover Mid-Server - another location for https://yale.service-now.com

FireWall Ports

Internet WAN outbound on port 443 to https://yale@servicenow.com

Local LAN inbound (from MID server IP to scanned IPs)

Any/Any for Windows desktop firewall

Access to admin share (e.g. C$)

Allow 22, 80, 135, 161, 443, 445, 8585, 1024-65535

 May need additional allowed ports if targets not listening on default ports on scanned devices

Discovery Credential and Protocols Requirements

#	Approve CI Classes	Protocol	Port Probe	Protocol - Probes/Pattern
1	Linux/Unix Servers [including storage devices]	SSH User credentials w/ SUDO for target	ssh	Probe to fire patterns for Horizontal discovery: Horizontal Pattern Probe Retrieves information for identifying it in the CMDB, such as serial number and NICs. Linux - Identity Probe Retrieve Linux installed software: Linux - Installed Software Probe Retrieves memory information: Linux - Memory Probe Gets detailed information about the memory modules installed in the system. "\| cat" is used because 1) Dmidecode tends to return junk error codes so "\|" throws away the code, and 2) sudo command has a bug causing it to hang forever; see KB0683246 and https://bugzilla.sudo.ws/show_bug.cgi?:id=826 for details: Linux - Memory Modules Probe Gets network information: Linux - Network Probe Retrieve disk information Linux - Storage: Probe Gathers fully qualified domain name: Linux - Find FQDN Probe Retrieves serial numbers from DMI (BIOS) "\| cat" is used because 1) Dmidecode tends to return junk error codes so "\|" throws away the code, and 2) sudo command has a bug causing it to hang forever; see KB0683246 and https://bugzilla.sudo.ws/show_bug.cgi?id=826 for details: Linux - Hardware Information Probe Gets the distribution for Linux operation system: Linux - Distribution
2	Network Devices	SNMPv3 Read Only String	snmp	Pattern to fire patterns for Horizontal discovery: Horizontal Pattern Pattern fires to obtain router information: Network Router Pattern fires to obtain Routing information: Network Routing Device - Light Pattern fires to obtain switch information: Network Switch
3	NetApp Storage	Basic Auth (net app read only) SNMP Read only string	snmp	Pattern Obtains NetApp device storage details: NetApp Storage 7-Mode Pattern obtains NetApp Devices storage clusters NetApp Storage Cluster-Mode
4	VMware vCenter	VMWARE Read only user/pass	vmapp	Probes a Unix machine for VMWare Workstation information: UNIX - Get VMWare Workstation Probe to get information from vCenter about ESX hosts, resource pools, and virtual machines. Implementation details for this probe are located in a MID server script include called VMWarevCenterProbe. VMWare - vCenter Probe Explores clusters and resource pools. Relate each cluster to its resource pools, ESX hosts and its containing folder or datacenter. The sensor will trigger the "ESX Hosts" probe to explore ESX hosts.This probe's implementation is located in a MID server script include named VMWarevCenterClustersProbe.: VMWare - vCenter Clusters Probe to get information about a vCenter's datacenters. The sensor will fire a probe for each type of vCenter object in each datacenter: VMs, explored by the "VMWare - vCenter VMs" probe, clusters, explored by the "VMWare - vCenter Clusters" probe, datastores, explored by the "VMWare - vCenter Datastores" probe, and networks, explored by the "VMWare - vCenter Networks" probe. This probe's implementation is located in a MID server script include named VMWarevCenterDatacentersProbe. As of the Istanbul release this probe replaces the "VMWare - vCenter" probe for Discovery: VMWare - vCenter Datacenters Probe Explores datastores, datastore hostmounts and datastore disks.This probe's implementation is located in a MID server script include named VMWarevCenterDatastoresProbe: VMWare - vCenter Datastores Explore virtual networks. This probe's implementation is located in a MID server script include named VMWarevCenterNetworksProbe.: VMWare - vCenter Networks Probe Explores NICs installed in virtual machines.This probe's implementation is located in a MID server script include named VMWarevCenterVMNICsProbe: VMWare - vCenter VM NICs Probe Explores VMs.This probe's implementation is located in a MID server script include named VMWarevCenterVMsProbe: VMWare - vCenter VMs
5	F5 Load Balancer	SNMP and read only shell BigIP user	snmp	Probe Retrieves the BIG-IP Identity: SNMP - F5 BIG-IP - Identity Probe Retrieves the BIG-IP chassis serial number, which is globally unique for this vendor: SNMP - F5 BIG-IP - Identity - Serial Probe Collects information on the F5 BIG-IP, including pools, services, and VLANs.: SNMP - F5 BIG-IP - System Probe Retrieves Load balancing Info: F5 BigIP LTM F5 BigIP GTM
6	Oracle	sudo: can run crs_stat, lsnrctl, crsctl, srvctl)	ssh note: adding the service patch levet to the pattern	Probe Get the details of a specific Oracle instance: Oracle - Instance Details Probe Obtain the PFile for Oracle instance: Oracle - Instance PFile Prober Gathers Oracle instance version information: Oracle - Instance Version Probe Get the details of a specific Oracle listener: Oracle - Listener Details Pattern Retrieves Oracle DB information on Unix: Oracle DB On Unix
7	JEA available in Orlando for window servers and MSSQL scans
8	windows servers	JEA available in Orlando		interim solution will be to set up an integration
9	MSSQL	JEA available in Orlando		interim solution will be to set up an integration

MidServer Installation Process

ServiceNow Discovery Journey#MidServerInstallationProcess

Mid-Server Validation process

VALIDATE MID-SERVERS

Navigate to MID Server > Servers.

Open the new MID Server from the list of MID Servers.

Under Related Links click Validate.

The Set Initial Selection Criteria window appears if there are no records in the Supported Applications, IP Ranges, or Capabilities related lists.

On the Set Initial Selection Criteria window, use the switches to enable or disable selection criteria for this MID Server:

Allow ALL capabilities: Allow all capabilities for Orchestration and Event Management use this MID Server.

Note: Service Mapping and Event Management alert aggregation and RCA, which used capabilities in previous releases, rely on the application for MID Server selection starting with the Istanbul release.

Allow ALL applications: Allow all applications that use MID Servers use this MID Server.

Allow ALL IP ranges: Make all IP ranges valid for this MID Server, meaning that it can target any IP address.

Setting initial selection criteria

If you click Cancel, the validation continues but none of the capabilities, applications, or IP ranges are added.

Click OK.

The Validated field on the dashboard is set to Validating, and then set to Yes after the validation completes.

YaleSandbox Mid-Servers

MidServer Name	ServiceNow Instance	Location	IP	host name	Status	Cluster	Host Os
yalesand1	yalesandbox@service-now.com	Norwalk	172.18.16.39	snow-tst-mid1.yu.yale.edu	up	Yes	windows
yalesand2	yalesandbox@service-now.com	west Campus	172.18.16.52	snow-tst-mid2.yu.yale.edu	up	Yes	windows
yalesand3	yalesandbox@service-now.com	west campus	172.18.16.52	snow-tst-mid2.yu.yale.edu	up	yes	windows

New Dev and Production MidServers

New Production Mid-Servers	location	Host OS	cluster
Discovery 1	West Campus	windows	Yes
Discovery 2	West Campus	windows	Yes
Discovery 3	Norwalk	windows	Yes
Discovery 4	Norwalk	windows	Yes
Integration 1	West Campus	windows	Yes
Integration 2	Norwalk	windows	Yes