248 views

Description

 Is there a way to create a port scan discovery schedule that will ONLY scan for certificates? More generally is there a way to disable discovery for everything except certificates scanning?

Release or Environment

  • New Feature in Orlando Version

Cause

  • Discovery schedule is scanning all the port probes networks and updating all the CMDB_CI records which is taking days to complete the discovery.

Resolution

  • we have created a new discovery behaviour and added a new discovery functionality of "https:tlsssl" and gave mid server name.

  • Discovery Functionality defines what each MID Server in this behavior must do, specifically which protocols to detect.
  • we have enabled the tls_ssl_certs port probe and make sure it is active

  • we have created functionality criteria which should scan only certificates and the functionality should be active.



  • we have ran the discovery to check if it is scanning only tls_ssl certificates.
  • It is been observed that it has ran the discovery according to the functionality behaviour i.e. scanned only certificates.


  • we also tried to ran the discovery by disabling the discovery functionality criteria which should scan all the port probes CI's with certificates and it has worked as expected.


  • Discovery scanned all port probes when functionality set to "false"


Additional Information

https://docs.servicenow.com/bundle/kingston-it-operations-management/page/product/discovery/task/create-disco-behavior.html

Article Information

Last Updated:2020-07-30 11:06:47
Published:2020-07-30
behaviour false.png[View]behaviour false.png[View]Certificates.png[View]discovery functionality.png[View]discovery functionality.png[View]functionality criteria.png[View]port probes.png[View]port probes.png[View]scanning ports.png[View]scanning ports.png[View]scanning ports.png[View]