Description

Incidents

The firescope sender collects single messages or messages in bulk from 1Gateway and sends them to Firescope. The single messages will be a single insert of an incident while the messages sent in bulk will replace all existing incidents from Firescope.

CIs

The Firescope sender sends Configuration Items (CI's) from 1Gateway into Firescope SDDM. The messages get mapped to a format that the Firescope CMDB plugin can process and converted to a JSON string that is sent to Firescope through the Ivanti REST API.

CI's are also retrieved from Firescope SDDM to create a replica collection. Pre-configured rules are used to match existing CI's in the Firescope replica to CI's in other systems. If a match is found, it is recorded in 1Gateway and updated in Firescope SDDM. If its not, a new CI is created.

Prerequisites

Incidents

There are no prerequisites.

CIs

  • MongoDB installed and configured in 1Gateway
  • RabbitMQ installed and configured in 1Gateway

Installation

Make sure you have the Plugin zip file that has been provided to you with the installation files.

1 - Login

Login to 1gateway, and make sure you are in "Advanced mode". If this is the first time you log in, the default user and password are both 'admin' (without the quotes).

2 - System Maintenance

Click on the menu icon and choose the option "System maintenance"


3 - Upload file


In the System maintenance view you can either drag and drop the downloaded zip file or select it by clicking the "choose file" button.

Configuration


Open the main menu and click on "New plugin"

Select the plugin you want to configure. Use the Filter field if needed.

Incidents

Field name

Supported values

Description

Firescope server

Any string

Firescope server or IP

Firescope port number

Any integer

Firescope port number

UsernameAny stringUsername to authenticate with
PasswordAny stringUsernames password

CIs

Main configuration

Field name

Supported values

Description

Endpoint nameAny stringName of the Firescope system (plugin identifier)
Use HTTPS?TickboxSecured connection to Firescope (typically false)

Firescope server

Any string

Firescope server (IP address or Domain name)

Firescope port number

Any integer

Firescope port number (typically 38050)

UsernameAny stringUsername to authenticate with
PasswordAny stringUsernames password

Topics

Any string

Topics the queue should subscribe to

Queue nameTickboxQueue name in RabbitMQ
DurableTickboxPersist queues when RabbitMQ shuts down
Filter expressionValid expressionGroovy expression to filter out unwanted messages
VersionSelectRestore a previously cnfigured version of this plugin


CMDB configuration

Field name

Supported values

Description

Simulation mode

Tickbox

If in simulation mode, CIs are saved in a simulation collection and are not sent to the CMDB.

CMDB replica collection

Any string

Name of the CMDB replica collection where CIs from the CMDB are stored. Used by matching rules to decide if there is a match between the CMDB CIs and other systems CIs.

Replica expiration (in hours)Any integerExpiration of replica collection. After collection is expired, it will be rebuilt.

Process 1Gateway messages (outbound)

Tickbox

Future use


CMDB configuration profiles

Poller profiles

Polls for Firescope SDDM CIs to populate replica collection.

Field name

Supported values

Description

CI message type

Any string

Message type of the asset polled for. These CIs are inserted in the replica collection and used for matching.

Account

Any string

Firescope SDDM acount to poll for

Run interval in seconds

Any integer

Interval between two poll cycles.  

Rule profiles

Defines rules to decide what CIs we consider a match. If the incoming asset has common field values as the CI in the CMDB, it is considered the same CI.

Field name

Supported values

Description

Script

Groovy script

Groovy script to evaluate the CI content and search for a match in the replica.

Priority

Any integer

See also