Study of Fermi Lab Asset Inventory and Configuration Item

Databases

August 5, 2009Jonathan Loving

Fermi LabComputing Division

jloving@fnal.gov

Agenda

IntroductionAssignmentData Model DesignsIntegrated Data Model

Introduction

AssignmentAnalyze the structure and data model design of Fermilab asset inventory and configuration item databases.

LinuxWindows/MacNetworks

Determine the relationships that may exist between databases and derive an integrated data model.

Asset Inventory and CI databases

Network

NIMI

NetworkInventory DB

TIssue

Linux SystemsOCS is a MySQL database designed to collect inventory and configuration data for LINUX systems.

Server

Cluster

Hardware Config.

Software Config.

Firewall Config.

OCS Inventory Process

OCSWeb (Type: MySQL)

ServerServers

DB Host Node : FortyTwo

Linux Clusters

Linux Server

Server

OCSInventoryProgram

Apache Perl Module

Every Night

Courtesy of Anil Garg

OCS Data Model

hardware

PK deviceid

name workgourp osname osversion oscomments processort processors processorn memory swap ipaddr etime lastdate lastcome quality fidelity userid type description wincompany winowner winprodid useragent checksum

networks

PK id

FK1 deviceid description type typemib speed macaddr status ipaddress ipmask ipgateway ipsubnet ipdhcp

softwares

PK id

FK1 deviceid publisher name vesion folder comments filename filesize source date_installed

iptables

PK id

FK1 deviceid date_installed tablename chainname iptablestext

softwarehist

PK id

FK1 deviceid publisher name version folder comments filename filesize source date_installed

iptableshist

PK id

FK1 deviceid date_installed tablename chainname iptablestext date_deleted

listenports

PK id

FK1 deviceid date_installed proto localaddress foreignaddress userid fullname state fullcmd

bios

PK,FK1 deviceid

smanufacturer smodel ssn type bmanufacturer bversion bdate

listenhist

PK id

FK1 deviceid date_installed proto localaddress foreignaddress userid fullname state fullcmd date_deleted

Windows / Mac Systems

SMS provides remote control, patch management, software distribution, OS deployment, and hardware and software inventory for Windows and Mac systems.

SMS Process

SMS_CSS (Type: MS SQL Server 2005)

Server

Servers

DB Host Node for SMS Inventory

MS Windows

Apple Mac

SMS Program

….

Servers

Nightly

….

Laptop

Laptop

Courtesy of Anil Garg

SMS Data Model (Hardware/Software Inventory Views)

v_GS_SYSTEM_ENCLOSURE

ResourceIDGroupIDRevisionIDAgentIDTimeStampChassisTypes0Manufacturer0SerialNumber0SMBIOSAssetTag0Tag0

v_GS_X86_PC_MEMORY

ResourceIDGroupIDRevisionIDAgentIDTimeStampAvailableVirtualMemory0Name0TotalPageFileSpace0TotalPhysicalMemory0TotalVirtualMemory0

v_GS_SYSTEM

ResourceIDGroupIDRevisionIDAgentIDTimeStampDomain0Name0SMSID0SystemRole0SystemType0

v_GS_OPERATING_SYSTEM

ResourceIDGroupIDRevisionIDAgentIDTimeStampBootDevice0BuildNumber0Caption0CountryCode0CSDVersion0Description0FreePhysicalMemory0FreeVirtualMemory0InstallDate0LastBootUpTime0Locale0Manufacturer0MaxNumberOfProcesses0Name0OSLanguage0SystemDirectory0TotalSwapSpaceSize0TotalVirtualMemorySize0TotalVisibleMemorySize0Version0WindowsDirectory0

v_GS_IDE_CONTROLLER

ResourceIDGroupIDRevisionIDAgentIDTimeStampAvailability0Description0DeviceID0Manufacturer0Name0Status0

v_GS_COMPUTER_SYSTEM

ResourceIDGroupIDRevisionIDAgentIDTimeStampCurrentTimeZone0Description0Domain0DomainRole0Manufacturer0Model0Name0NumberOfProcessors0PauseAfterReset0Roles0Status0SystemType0UserName0

v_GS_VIDEO_CONTROLLER

ResourceIDGroupIDRevisionIDAgentIDTimeStampAdapterCompatibility0AdapterDACType0AdapterRAM0CurrentBitsPerPixel0CurrentHorizontalResolution0CurrentNumberOfColors0CurrentNumberOfColumns0CurrentNumberOfRows0CurrentRefreshRate0CurrentScanMode0CurrentVerticalResolution0Description0DeviceID0DeviceSpecificPen0DriverDate0DriverVersion0InstalledDisplayDrivers0Name0NumberOfColorPlanes0SpecificationVersion0VideoMode0VideoModeDescription0VideoProcessor0

v_GS_PC_BIOS

ResourceIDGroupIDRevisionIDAgentIDTimeStampDescription0Manufacturer0Name0ReleaseDate0SerialNumber0SMBIOSBIOSVersion0SoftwareElementID0SoftwareElementState0TargetOperatingSystem0Version0

v_GS_INSTALLED_SOFTWARE_MS

ResourceIDGroupIDRevisionIDAgentIDTimeStampChannelCode0ChannelID0MPC0ProductCode0SoftwareCode0

v_GS_NETWORK_ADAPTER_CONFIGUR

ResourceIDGroupIDRevisionIDAgentIDTimeStampDefaultIPGateway0DHCPEnabled0DHCPServer0Index0IPAddress0IPEnabled0IPSubnet0IPXAddress0IPXEnabled0MACAddress0ServiceName0

v_GS_USB_CONTROLLER

ResourceIDGroupIDRevisionIDAgentIDTimeStampAvailability0Description0DeviceID0Name0

v_GS_SMS_ADVANCED_CLIENT_STAT

ResourceIDGroupIDRevisionIDAgentIDTimeStampDisplayName0Name0Version0

v_GS_SYSTEM_CONSOLE_USAGE

ResourceIDGroupIDRevisionIDAgentIDTimeStampSecurityLogStartDate0TopConsoleUser0TotalConsoleTime0TotalConsoleUsers0TotalSecurityLogTime0

v_GS_MOTHERBOARD_DEVICE

ResourceIDGroupIDRevisionIDAgentIDTimeStampDescription0DeviceID0PrimaryBusType0RevisionNumber0SecondaryBusType0Status0StatusInfo0SystemName0

v_GS_INSTALLED_SOFTWARE

ResourceIDGroupIDRevisionIDAgentIDTimeStampARPDisplayName0CM_DSLID0InstallDate0InstallDirectoryValidation0InstalledLocation0InstallSource0Language0LocalPackage0ProductCode0ProductID0ProductName0ProductVersion0Publisher0RegisteredUser0ServicePack0SoftwareCode0SoftwarePropertiesHash0SoftwarePropertiesHashEx0UninstallString0UpgradeCode0VersionMajor0VersionMinor0

v_GS_SCSI_CONTROLLER

ResourceIDGroupIDRevisionIDAgentIDTimeStampAvailability0Description0DeviceID0DriverName0HardwareVersion0Index0Manufacturer0MaxTransferRate0Name0Status0

v_GS_KEYBOARD_DEVICE

ResourceIDGroupIDRevisionIDAgentIDTimeStampDescription0DeviceID0Layout0Name0

v_GS_USB_DEVICE

ResourceIDGroupIDRevisionIDAgentIDTimeStampCaption0ClassGuid0ConfigManagerErrorCode0ConfigManagerUserConfig0CreationClassName0Description0DeviceID0Manufacturer0Name0PNPDeviceID0Service0Status0SystemCreationClassName0SystemName0

v_GS_DESKTOP_MONITOR

ResourceIDGroupIDRevisionIDAgentIDTimeStampDescription0DeviceID0DisplayType0MonitorManufacturer0MonitorType0Name0PixelsPerXLogicalInch0PixelsPerYLogicalInch0ScreenHeight0ScreenWidth0

v_GS_SOUND_DEVICE

ResourceIDGroupIDRevisionIDAgentIDTimeStampAvailability0Description0DeviceID0InstallDate0Manufacturer0Name0PNPDeviceID0ProductName0Status0

v_GS_PROCESSOR

ResourceIDGroupIDRevisionIDAgentIDTimeStampAddressWidth0BrandID0CPUHash0CPUKey0CurrentClockSpeed0DataWidth0DeviceID0Family0IsMobile0IsMulticore0Manufacturer0MaxClockSpeed0Name0NormSpeed0PCache0ProcessorId0ProcessorType0Revision0SocketDesignation0Status0SystemName0Version0

v_GS_SYSTEM_CONSOLE_USER

ResourceIDGroupIDRevisionIDAgentIDTimeStampLastConsoleUse0NumberOfConsoleLogons0SystemConsoleUser0TotalUserConsoleMinutes0

v_GS_NETWORK_CLIENT

ResourceIDGroupIDRevisionIDAgentIDTimeStampDescription0Manufacturer0Name0Status0

v_GS_NETWORK_ADAPTER

ResourceIDGroupIDRevisionIDAgentIDTimeStampAdapterType0Description0DeviceID0MACAddress0Manufacturer0MaxSpeed0Name0ProductName0ServiceName0Speed0Status0

v_GS_LOGICAL_DISK

ResourceIDGroupIDRevisionIDAgentIDTimeStampAvailability0Compressed0Description0DeviceID0DriveType0FileSystem0FreeSpace0Name0NumberOfBlocks0Size0SystemName0VolumeName0VolumeSerialNumber0

v_GS_PARALLEL_PORT

ResourceIDGroupIDRevisionIDAgentIDTimeStampAvailability0Capabilities0DeviceID0Name0Status0

v_GS_SERVICE

ResourceIDGroupIDRevisionIDAgentIDTimeStampDisplayName0Name0PathName0ServiceType0Started0StartMode0StartName0State0Status0

NetworksMachines connected to the Fermilab network are monitored via the Network Information and Management Infrastructure (NIMI).

NIMI DB

TIssue

Network Inventory DB

MISCOMP

NIMI

NIMI DatabaseThe NIMI database is used to maintain real-time imaging of LAN state.

IP Addresses

SubnetsDHCP Leases

NIMI DB Data Modelarp_table_intervals

PK ip_addressPK interval_begin

mac_address interval_end router_name interface_name

dhcp_ranges

PK start_ip

end_ip classname

dhcplease

PK macaddressPK begin

ipaddress nodename expiration

dhcptempreg

PK macaddressPK begin

ipaddress nodename expiration username emailaddress affiliation location contact phone logincount scanstatus

net_affiliation

PK,FK1 subnetPK affiliation

net_issues

PK issue_id

ip_address nodename mac_address problem_code contact observed email pingable details

netblocks

PK subnet

name descr updated

subnets

PK namePK subnetPK interval_begin

interval_end

switch_table_intervals

PK mac_addressPK interval_begin

interval_end switch_name port_name vlan rootcost

timing_record

PK activityPK actionPK timestamp

elapsed_time cpu_time

vpn_account

PK fermi_idPK account_type

user_name group_name group_id active created closed email_address updated

vpn_log

PK session_id

session_active start_date_time username groupname input_octets output_octets input_packets output_packets framed_ip_address nas_ip_address nas_port tunnel_client_endpoint tunnel_server_endpoint principal end_date_time session_type

Network Inventory DatabaseThe inventory database was started by the Computer Security Team to gather near real-time information about network connected devices.

IP Addresses

ObservationsServices

Network Inventory DB Data Modelinv_last_observation_id

PK ip_address

FK1 observation_id

inv_observation

PK observation_id

ip_address mac_address timestamp begin_time end_time nobservations avg_scan_time dns_name os_version os_family os_family_guess

inv_scan_status

PK ip_address

FK1 last_observation_id port_scan_active sa_scan_active v_scan_active scan_error

inv_service

FK1 observation_id protocol port version name product modified

ping_current_status

PK ip_address

FK1 up_snapshot_id down_snapshot_id

ping_last_snapshot

PK address_block

FK1 snapshot_id

ping_snapshot

PK snapshot_id

begin_time end_time address_block

ping_status_history

PK ip_addressPK,FK2 up_snapshot_id

FK1 down_snapshot_id

ping_subnets

PK address

ping_period last_scan description scanable pingable scan_active scan_period

TIssue

TIssue serves as a workflow system for managing blocks of networked systems due to critical vulnerabilities, FCIRT incidents, or other inappropriate activities that are not handled by the Auto Blocker system.

TIssue Data Model (Work Flow)wf_action_codes

PK action_code

action_descr

wf_contacts

PK contact_id

FK1 machine_id first_name last_name fermi_id email_address affiliation organization contact_type

wf_event_log

PK log_entry_id

FK1 event_id event_log_code event_log_text entered_by timestamp

wf_issue_actions

PK issue_codePK,FK2 source_code

FK3 action_codeFK1 severity_code fcirt_approval block_delay email_reminder close_timeout no_email email_cc_list

wf_issue_descriptions

PK issue_codePK,FK2 source_class

short_short_name short_name long_name descriptionFK3 action_codeFK1 severity_code fcirt_approval block_delay email_reminder close_timeout no_email email_cc_list

wf_net_addr_blocking_mode

PK net_address

FK1 type comment

wf_severity_codes

PK severity_code

severity_descr email_from email_cc

wf_source_classes

PK source_class

source_class_descr eligible_for_manual

wf_source_codes

PK source_code

source_descr boiler_textFK1 source_class

wf_blocking_type

PK type

description priority

wf_events

PK event_id

source_name detector_ref_id issue_codeFK2 source_codeFK1 machine_id status ip_address time_found block_after creator message email_sent

wf_machines

PK machine_id

node_name mac_address admin_name email_address affiliation extension miscomp_system_id address_type ip_address created block_status block_immediately block_type how_blocked request_id

wf_machine_log

PK log_entry_id

FK1 machine_id log_code log_text entered_by timestamp

Integrated Data Model

MISCOMP

NIMI

Network Inventory DB

TIssue

OCS SMS

Sunflower

systems.name / node.name

wf_machines.node_name

inv_observation.dns_name**

hardware.namev_GS_COMPUTER_SYSTEM.Name0

arp_table_intervals.router_name

dhcptempreg.node_name

inv_observation.mac_address

hardware_address.hardware_addressassets.system_id

wf_machines.miscomp_system_id

assets.sunflower_asset_id

assets.sunflower_asset_id

Thank you for your time.