Hi All
In this article, I am going to talk about discovery process step by step:
There are four steps of discovery process (Scanning, Classification, Identification Discovery, Exploration) . Please refer to my following article to understand these steps in detail:
Step 1 - Go to discovery schedules, create new
I am calling mine VM discovery
Step 2 - First I am going to run IP address discovery which is step 1 or Shazzam. In this step discovery happens only to check if the target is alive on network and the information returned is minimal like type of the device, Unix or windows. You would need to ensure that firewall ports are open from ServiceNow instance to target.
This step is characterized by discovery probes or patterns scanning targets and finding out the ports on which ports are configured. For example if a target is responding to port 22 then it's likely be a Unix device and if responding on WMI 135 then it is likely be a windows device
Remember to configure IP Ranges or targets
Step 3 - Press Discover Now and it should create an Unique id like DIS0010108 and after completion, you should see the following screens.
Please note that IP discovery corresponds to Shazzam
Step 4 - In this step, we will run Configuration Items discovery. In this step, logging into device using the credentials provided happens and detailed info on the device is captured.
Detailed Information on the device scanned is displayed:
Step 5- In this step, Identification of targets takes place and more information about the device is gathered through the use of additional probes and sensors
You will also notice that information related to probes starts getting populated in the discovery log
Step 6 - This last step is all about finding applications and software running on the host. Step 5 and 6 are completed as a part of classification step (Step 4)
I hope that you find this article useful. Please like and or comment if it helps you.
