Distributed monitoring of desired configurations using rules
First Claim
Patent Images
1. A method for monitoring configuration information of computing devices that are servers, the method comprising:
- providing at a monitoring server a desired configuration monitor document that specifies configuration settings for applications that execute on the computing devices and associated rules for determining whether a configuration settings of the applications are in compliance, the rules being organized based on applications that use the configuration settings, at least one rule being an active rule that references a passive rule that specifies how to create a value that is used by the active rule, at least one rule specifying how to place a configuration setting that is not in compliance into compliance;
distributing from the monitoring server a copy of the desired configuration monitor document to each of the computing devices; and
under control of each of the computing devices and for each application of the desired configuration monitor document,for each configuration setting for that application specified in the desired configuration monitor document,determining whether the rule associated with the configuration setting indicates whether the configuration setting is in compliance by when the rule specifies a passive rule, creating a value as specified by the passive rule and using the created value to determine whether the configuration setting is in compliance; and
when it is determined that the configuration setting is not in compliance, logging that the configuration setting is not in compliance and when the rule specifies how to place a configuration setting that is not in compliance into compliance, automatically placing the configuration setting into compliance in accordance with the rule; and
reporting to the monitoring server that the logged configuration settings are not in compliance and whether the configuration setting that was not in compliance has been corrected.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and system for monitoring configuration information of computing devices is provided. The monitoring system generates a desired configuration monitor (“DCM”) document for each computing device that is to have its configuration monitored. The DCM document specifies configuration settings to be monitored along with rules that specify how to determine whether a configuration setting is correct. Each computing device may include a comparison engine that inputs the DCM document and applies the rules of the DCM document to determine which configuration settings of the computing device are not in compliance.
23 Citations
17 Claims
-
1. A method for monitoring configuration information of computing devices that are servers, the method comprising:
-
providing at a monitoring server a desired configuration monitor document that specifies configuration settings for applications that execute on the computing devices and associated rules for determining whether a configuration settings of the applications are in compliance, the rules being organized based on applications that use the configuration settings, at least one rule being an active rule that references a passive rule that specifies how to create a value that is used by the active rule, at least one rule specifying how to place a configuration setting that is not in compliance into compliance; distributing from the monitoring server a copy of the desired configuration monitor document to each of the computing devices; and under control of each of the computing devices and for each application of the desired configuration monitor document, for each configuration setting for that application specified in the desired configuration monitor document, determining whether the rule associated with the configuration setting indicates whether the configuration setting is in compliance by when the rule specifies a passive rule, creating a value as specified by the passive rule and using the created value to determine whether the configuration setting is in compliance; and when it is determined that the configuration setting is not in compliance, logging that the configuration setting is not in compliance and when the rule specifies how to place a configuration setting that is not in compliance into compliance, automatically placing the configuration setting into compliance in accordance with the rule; and reporting to the monitoring server that the logged configuration settings are not in compliance and whether the configuration setting that was not in compliance has been corrected. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A computer system at a monitoring server for monitoring the configuration settings of computing devices that are servers, the method comprising:
-
preparing at the monitoring server a desired configuration monitor document that specifies configuration settings and associated rules for determining whether a configuration setting is in compliance, the rules being organized based on applications that use the configuration settings, at least one rule specifying how to place a configuration setting that is not in compliance into compliance; sending from the monitoring server to each of the computing devices a copy of the desired configuration monitor document so that a computing device that receives the desired configuration monitor document periodically applies the rules of the desired configuration monitor document to configuration settings of the application and places a configuration setting that is not in compliance into compliance as indicated by a rule; receiving at the monitoring server from the computing devices reports indicating configuration settings of the computing device that are not in compliance as specified by the rules of the desired configuration monitor document and whether a rule that was not in compliance has been placed in compliance; and providing at the monitoring server reports for analyzing the configuration settings that are not in compliance. - View Dependent Claims (7, 8, 9, 10, 11, 12)
-
-
13. A computer-readable storage medium containing instructions for controlling a computing device that is a server to monitor configuration information, comprising:
-
configuration settings and associated rules for determining whether a configuration setting is in compliance, the rules being organized into data sources of the configuration settings, at least one rule being an active rule that references a passive rule that specifies how to create a value that is used by the active rule; a component that determines whether the rule associated with a configuration setting indicates whether the configuration setting is in compliance by when a rule specifies of passive rule, creating a value as specified by the passive rule and using the created value to determine whether the configuration setting is in compliance and that when the configuration setting is not in compliance, logs that the configuration setting is not in compliance; and a component that provides to a monitoring server the logged configuration settings that are not in compliance such that the monitoring server distributes configuration settings and rules to a plurality of computing devices that are servers and receives from the plurality of computing devices logged configuration settings that are not in compliance. - View Dependent Claims (14, 15, 16, 17)
-
Specification