Customizing a Classifier to determine which probe gets triggered in exploration

doug_schulze
ServiceNow Employee
ServiceNow Employee

‎06-27-2013 12:49 PM

Wanted to pull this out of a reply in another thread where our friend Nikhil needed to trigger a specific probe base on the build of a linux operating system.

If you look at your probes you can set a condition script to determine when something gets fired. In this case a specific disk probe for SuSE build of linux.. Details below if its something you might need to do as well...

First you have to understand how to 'see' the values that are returning from your classify probe.. To see this you would want to enable(create) a sys_property to turn on classification debug..

glide.discovery.debug.classification
type: True/false
value: true
*be sure to shut it off when you're done, no reason to add to the logs if you dont need to*

Run your scan against the device then check the logs.. You'll see an output like this...

06/27/13 12:36:39 (084) glide.scheduler.worker.7 DEBUG Classification: Value cidata.ip_address = 10.200.2.40
06/27/13 12:36:39 (084) glide.scheduler.worker.7 DEBUG Classification: Value ip_address = 10.200.2.40
06/27/13 12:36:39 (084) glide.scheduler.worker.7 DEBUG Classification: Value name = Linux
06/27/13 12:36:39 (084) glide.scheduler.worker.7 DEBUG Classification: Value discover = CIs
06/27/13 12:36:39 (084) glide.scheduler.worker.7 DEBUG Classification: Value output = Linux doogiehat.doogiesd.com 2.6.35.6-45.fc14.i686 #1 SMP Mon Oct 18 23:56:17 UTC 2010 i686 i686 i386 GNU/Linux
06/27/13 12:36:39 (084) glide.scheduler.worker.7 DEBUG Classification: Value cidata.output = Linux doogiehat.doogiesd.com 2.6.35.6-45.fc14.i686 #1 SMP Mon Oct 18 23:56:17 UTC 2010 i686 i686 i386 GNU/Linux
06/27/13 12:36:39 (084) glide.scheduler.worker.7 DEBUG Classification: Value type = unix
06/27/13 12:36:39 (084) glide.scheduler.worker.7 DEBUG Classification: Value cidata.os_version = 2.6.35.6-45.fc14.i686
06/27/13 12:36:39 (084) glide.scheduler.worker.7 DEBUG Classification: Value cidata.os_name = Linux
06/27/13 12:36:39 (084) glide.scheduler.worker.7 DEBUG Classification: Value cidata.name = doogiehat

Now you can see the values that we are using to match up in a classifier AND values that you can use to ensure only a particular probe gets triggered...

For example in your condition script on a particular probe you can use

values.get('name')=='linux'

See how it matches up with value:

06/27/13 12:36:39 (084) glide.scheduler.worker.7 DEBUG Classification: Value name = Linux



Now where do we get these 'values' from? .. well thats all from uname -a (classify probe) and to set these we parse out the return in the Unix Classifer SENSOR > Responds to probe script for Unix

*******


function(result, ciData, debug, sensor) {
       var output = result.output;
       if (output === null || gs.nil(output))
               return;

       run(output, ciData, debug);

       function run(output, ciData, debug) {
               var ci_data = ciData.getData();
               var uname = output;
               var unameParts = uname.split(/ /);

               var osName = unameParts[0];
               var osHostname = unameParts[1] ? unameParts[1] : "unknown.host";
               var osVersion = unameParts[2] ? unameParts[2] : "";

               ci_data.os_name = osName;
               ci_data.os_version = osVersion;
               ci_data.output = output;

               // Don't bother with ssh hostname if we shouldn't trust the ssh name and DNS already has already populated it
               var trusted = JSUtil.toBoolean(gs.getProperty("glide.discovery.hostname.ssh_trusted", "false"));
               var haveNow = JSUtil.notNil(ci_data['name']);
               var haveNew = JSUtil.notNil(osHostname);

               if (!haveNew)
                       return;

               if (!trusted && haveNow)
                       return;
             
               var hn = new HostnameJS();
               ci_data['name'] = hn.format(osHostname, JSUtil.notNil(ciData.ip_address)? ciData.ip_address:null);
       }
}


*****

So you would want to add catch for the part of uname you want to grab.. in my case if I wanted to catch GNU from my output:

Linux doogiehat.doogiesd.com 2.6.35.6-45.fc14.i686 #1 SMP Mon Oct 18 23:56:17 UTC 2010 i686 i686 i386 GNU/Linux

I would have to edit (below) the number of that value based on the spaces..



function run(output, ciData, debug) {
               var ci_data = ciData.getData();
               var uname = output;
               var unameParts = uname.split(/ /);

               var osName = unameParts[0];
               var osHostname = unameParts[1] ? unameParts[1] : "unknown.host";
               var osVersion = unameParts[2] ? unameParts[2] : "";

               ci_data.os_name = osName;
               ci_data.os_version = osVersion;
               ci_data.output = output;


so maybe (check my math here) var osBuild = unameParts[14];

Then set ci_data.osbuild = osBuild

now back to the sensor and in the sensor script you set that value from the new ci_data you just created...




       classify: function() {
               var values = {};
               values[ 'name'                   ] = this.ci_data.os_name;
               values[ 'output'               ] = this.ci_data.output;
               values[ 'type'                   ] = 'unix';
               values[ 'ip_address'       ] = this.ci_data.ip_address;
               values[ 'discover'           ] = this.discover;


(havent tested but) values[ 'osbuild' ] = this.ci_data.osbuild;


now in your condition script you can set for the specific probe you want run based on the build of the OS

values.get('osbuild')=='GNU\Linux'
Labels:
  • 4,327 Views
22 REPLIES 22

doug_schulze
ServiceNow Employee
ServiceNow Employee
In response to Andy M1

‎10-13-2023 01:27 PM

Yeah, thats not going to work the 'on classification' script isnt used for this purpose, as Ive found the last 30 mins trying to get this to work 🙂 . What I suggest is going the route of calling a script include similar to what we do with the ADME probe, it calls the 'DiscoveryADMEConditions' script include where similarly you can do your queries and determine if it should run.

0 Helpfuls

Andy M1
Tera Contributor
In response to doug_schulze

‎11-14-2023 06:19 AM

Thanks @doug_schulze, I gave it a shot and had some moderate success.  I was able to control whether or not the probe ran using a script include, but need to make it more efficient & accurate before I call it done.  I would like to pass the discovered CIs sys_id to the script include as a parameter, and I'm struggling to figure out how to access it in my code. 

Since the probe I'm using is part of the exploration phase, I know that the identification already took place, which means I've identified the target record in the cmdb.  How can one access the sys_id of the identified record in an exploration probe?  The ci_sys_id parameter highlighted below would work fine but I can't seem to get at it.

below is the xml of an output ecc queue record corresponding with one of the exploration phase probes.
2023-11-14_8-46-37.jpg

 




 

0 Helpfuls

RGreene
Tera Expert

‎03-03-2025 01:35 PM

Where do you find the classify Debug Logs?
I have glide.discovery.debug.classification set to true but I am not seeing anything that looks like any of the examples.

0 Helpfuls