360 Exchange about CMDB best practices - FAQs

CClevenger
ServiceNow Employee
ServiceNow Employee
‎03-21-2025 04:54 PM

On January 29, 2025, ServiceNow hosted a virtual 360 Exchange on CMDB best practices. Below are some of the questions asked by the audience along with the answers provided by our experts Nir Gadasi and Sam Fowler. 

 

  1. How does a CMDB differ from a list of assets?

A simple list of assets provides an overview of components in your environment but lacks relationship information. On the other hand, a CMDB (Configuration Management Database) includes relationships between components, enabling impact assessment and understanding of interactions between components. With a CMDB, an incident affecting one component, such as a computer, can show its impact on other services, like production-level services dependent on that computer. Additionally, CMDB supports automated impact analysis and security auditing, which a basic asset list cannot provide.

 

  1. Is it recommended to use life cycle stage as primary instead of the old stages like hardware status, operational status, etc?

Several versions and releases ago, the life cycle stage statuses were introduced because the older operational hardware statuses, such as operational and install status, did not effectively reflect asset and configuration management processes. While you are not yet mandated to adopt the life cycle stage status, it is recommended that you do so. Tools like the data manager now rely on life cycle stages and statuses for managing and running policies. Although it's not currently mandatory, it is advisable to start planning for its adoption as it may become a requirement in the future.

 

  1. Explain how the ServiceNow out-of-the-box features and functions cover CMP.

When we say CMP, we're referring to the Configuration Management Plan, which is a documented set of governance steps tailored to your organization's needs and requirements for delivering configuration management. While we don't have a plugin that digitizes the Configuration Management Plan, we do offer tools that support, manage, maintain, and measure all aspects of it. Currently, the Configuration Management Plan remains a separate document that should be included in your governance processes.

 
  1. What are some examples of how to measure the health of your CMDB?

Essentially, it comes down to the three Cs: completeness, compliance, and correctness of the CMDB.

  1. Completeness: Ensures all items owned are listed in the CMDB.
  2. Compliance: Verifies, for example, if specific software is present on all relevant devices.
  3. Correctness: Ensures accuracy and avoiding issues such as duplicated, overloaded, or missing CIs (Configuration Items).

These three factors determine the health of the CMDB. Various tools and capabilities support the process of maintaining CMDB health by feeding in data and assisting at each stage.

 

  1. What are some recommended tools to feed data into the CMDB as well as specific implement mechanisms (when to use what)?

Tools and Use Cases

    1. ServiceNow Discovery
      1. Use: Discover IT assets without agents.
      2. Setup: Configure credentials and schedules.
    2. Agent Client Collector (ACC)
      1. Use: Manage endpoints with detailed data via agents.
      2. Setup: Deploy and configure agents.
    3. Service Graph Connectors
      1. Use: Integrate with AWS, Azure for cloud data.
      2. Setup: Enable connectors and sync data.
    4. Integration Hub ETL
      1. Use: Integrate data from non-standard sources.
      2. Setup: Use ETL workflows for data import and reconciliation.

Quick Tips

  1. Define goals (e.g., incident, change management).
  2. Assess data requirements and tools.
  3. Monitor CMDB health for data quality.
  4. Manage asset lifecycles with Data Manager

These tools help populate and sustain an effective CMDB for IT operations.

 

  1. If you don't have a use case for ACI as in you look at that CI and go, am I ever going to raise an incident against this or a change?

Only track Configuration Items that provide operational or business value, e.g., Incidents. CMDB should be purpose-driven—excluding unnecessary items reduces noise and improves performance.

 

  1. Our CMDB is not configured on implementation. So we have about 25% of our assets in the CMDB currently. What is the best way to proceed with getting all of our current state?

First, know where your components are, whether in the cloud, on-premises, or in data centers. Discovery can significantly populate your CMDB as long as you have access and credentials. Other methods can complement Discovery, such as service graph connectors for blind spots (e.g., laptops). Use Intune and ServiceNow Agent Client Collector technology to gather data from remote devices and populate the CMDB.

 

  1. How do you see the challenge of multiple sources adding discovering CIS and ingesting into CMDB? What would you advise 100% through ServiceNow Discovery or putting some governance if it's possible to have some other sources?

ServiceNow Discovery should be the primary source for populating your CMDB, but it can't be the only source due to potential blind spots and network limitations. Alternatives like agents, Service Graph Connectors, and third-party integrations can be used. To avoid data duplication and inaccuracies, set proper data precedence and source rules. ServiceNow Discovery is regularly updated and integrates well with the CMDB and the Identification and Reconciliation Engine (IRE). The IRE prioritizes and reconciles data from multiple sources, ensuring accurate and up-to-date CMDB management. Use these tools dynamically to maintain robust data integrity. You can set Data source Precedence rules to ensure data quality.

 

  1. Modifying the IRE is by exception, right?

Many customers face issues when they heavily modify their Identification and Reconciliation Engine (IRE), causing Discovery to malfunction. This is because Discovery expects the IRE to be set up in a manner that stays very close to OOTB. The IRE and Integration Hub ETL work well together, making ETL a recommended source for non-Service Graph Connector components as it feeds data through the IRE by default. When developing third-party integrations into ServiceNow, it's best to use ETL since it automatically leverages the IRE's features. Using other methods like scripting import sets requires ensuring you use the correct API, which is more complex. Therefore, utilize ETL to simplify the process.

 

  1. Is it true the general message is to use the IRE, regardless of how you choose to import data into the IRE?

Populating the CMDB outside of the IRE often causes chaos and management difficulties. Therefore, it's crucial to always use the IRE for managing CMDB data.

 

  1. When is it appropriate to add an asset from ALM_hardware to the CMDB?

An asset should be added from ALM_hardware to the CMDB when it supports or underpins application services, requires configuration management, or plays a significant role in IT infrastructure and business operations. Examples include servers, network devices, and storage systems.

 

  1. How do you avoid duplicate values and make the CMDB clean?

Preventing duplicate values in the CMDB is crucial, and using the Integration and Resource Engine (IRE) ensures that configuration items (CIs) are created or updated appropriately. Accurately identifying devices and maintaining minimum viable attributes throughout their lifecycle is essential. Using completeness, correctness, compliance mechanisms, and auditing capabilities helps ensure data integrity. Data certifications and attestations can validate accuracy with human oversight. If duplicates are detected, the Deduplication Manager can automate tasks to resolve them, keeping the CMDB healthy throughout its lifecycle.

 

  1. A few questions around CMP and CCB and whether we can provide guidance.

This issue is on our radar, though we don't have artifacts yet. We have experts helping customers and partners understand CMDB frameworks and processes. They provide detailed guidance for specific use cases. We aim to have more documented guidance soon, but exact timelines are yet to be determined.

 

  1. Any recommendations on how to approach a new implementation of CSDM?

Similar to CMDB, planning and understanding your application landscape is essential. Avoid trying to do everything at once; instead, use a "crawl, walk, run, fly" maturity model for CSDM. Start by focusing on what's most important, whether applications, business services, or application services. ServiceNow offers CSDM Align, which provides expert guidance to identify priorities and start with CSDM. The goal is to make you self-sufficient so you can manage without continued assistance from ServiceNow.

 

  1. Utilizing services in the CMDB, what do you want to do when ?

When mapping services, the running processes should be the target application representation ie. cmdb_ci_appl (application) in the CMDB. Service mapping involves linking infrastructure to running applications, with entry points typically managed by load balancers which direct users to these applications. Software installations (SAM SW install) are managed within Software Asset Management as the installed software doesn’t represent the running instance of it.

 

  1. I see chat around CSDM 5.

It hasn't been released yet. It is expected to be mentioned and potentially released in the next few months, but there is no official date. It should be available at events throughout the next year.

 

  1. We heavily rely on the business applications, the out-of-the-box table. So that is the table which we are using to represent all these software and infrastructure which is configured together to provide a certain business functionality. We also try to apply the service mapping for some of our critical applications. But the feedback that we have received from all the technical teams that they would like to heavily rely on the business applications. So out of the out of the application services we tried to create a relationship between the server table and the out-of-the-box business applications directly so that it is easy for them to use. Do you see a problem with that or would you recommend still using application services to be configured and have relationships to the servers?

A business application represents an architectural entity, while an application service represents its deployment and runtime components across different environments (production, QA, etc.). It's better not to directly link business applications with servers but to manage them under service deployments. IT users understand relationships based on whether they handle technical services or configurations.

The organization is shifting from a custom ServiceNow setup to a more standardized model, aiming for accuracy in asset and CI management while aligning with CSDM principles. Relating Business Applications to operational CIs (other than the Application Services that represent deployment of said Business Application is in breach of the CSDM guidelines.

0 Helpfuls
  • 674 Views