A Compliance Policy stipulates conditions that the devices
must adhere to. A Compliance Policy contains Compliance Rules and
can be configured to send an e-mail action in the event that a policy
fails. Use this procedure to create a compliance policy.
Before you begin
To define new Compliance Policies or edit existing Policies,
access to the User Interface wizard is required. In defining Compliance
Policies, a user must specify to which devices the Policy applies.
It is simple for a user to copy an existing Policy, and modify some
of its components in order to create a new Policy.
About this task
You can an informational action (e-mail) during the creation
of the policy or later.
Follow these steps to
create a Compliance Policy.
Procedure
- Select .
The Create a Policy window
displays. Mandatory fields are denoted by an * (asterisk). Rules to
be included are also required at this stage.
- Use the following descriptions as a guide to entering the
appropriate information in the Create a Policy window.
- Name:
- Specifies the name used to identify the policy. This field takes
a maximum of 255 characters. This is a mandatory field.
- Description:
- Specifies a brief narrative attached to the policy whose purpose
is to explain its function or use. This field takes a maximum of 4000
characters.
- Revision No:
- Specifies an automatically generated number that is given an initial
value of 1. Each time the policy is edited, the revision number is
incremented by 1. This is for versioning control.
- Impact:
- Specifies a brief narrative to complement the Severity and Weight
fields. This field takes a maximum of 255 characters.
- Severity:
- Specifies the severity of the error, in the event the policy is
violated. The user can select one of the following severity values:
Severity value |
Severity |
1
|
Critical
|
2
|
Major
|
3
|
Minor
|
4
|
Warning
|
5
|
Indeterminate
|
- Weight
- Specifies a "weight" that a user can assign to each policy using
a sliding scale. The weight score can be between 1 and 100, with the
default score being 25. This weight is used to calculate the compliance
score that is shown in the Policy Compliance Score & Summary reports.
- Send Trap
- When this option is selected the policy will generate a compliance
event upon execution. If Netcool Configuration
Manager is
integrated with Network Manager and Tivoli Netcool/OMNIbus,
please be aware of the number of events that are being generated and
passed to Network Manager.
Users can safeguard by not selecting the “Send Trap” checkbox for
those Policies which do not require traps. SNMP traps (Send trap checkbox)
are enabled by default.
- Preemptive
- When this option is selected the policy can be used for pre-emptive
validations.
Note: A pre-emptive policy can only contain modelled
definitions and modelled extractions.
- Applicable Device Filter
- This filter allows the ability to select which device VTMOS applies
to this policy. As well as drop down selection for VTMOS, a regular
expression is supported for all filters.
Note: The selected value
entered in the Model Filter will be checked against both 'Model' and
'Actual Model' fields (as in the Device Viewer).
- Rules Included
- Select the Rule(s) required from the navigation pane, and select
using the arrows in the middle of the panel. A new Rule may be created
at this stage using the "Create new" icon; this invokes the Create
a Rule window.
Note: Please be aware of the following
default properties in
/opt/ IBM/tivoli/netcool/ncm/compliance/config/properties/WorkFlowManager.properties.
sendComplianceEvents=true
— Set this property
to false if no events need to be sent.
sendRepeatComplianceEvents=false
— Set this property
to true if repeat pass events need to be sent where the sendComplianceEvent
property
is set to true.
- Click Next to progress.
The Select
Actions window displays. This window provides Action Types
available in the event the Compliance Policy is violated.
- Use the following descriptions as a guide to entering the
appropriate information in the Select Actions window.
- No Action
- Specifies that no action will be taken.
- Email
- Specifies that an e-mail will be sent to an elected individual
or application, and the content of the e-mail will explain the violation.
All devices violating a specific policy will be included automatically
in the body of the e-mail.
- Click Next to continue.
The Choose
a Save Location window displays.
- Navigate through the tree structure, and choose the location
where you wish to save to. Otherwise, it is possible to create a new
folder from here if required.
- Click Finish to complete the creation
of the Compliance Policy.
What to do next
The new or updated Compliance Policy can be validated using
the test function that can be invoked using the test icon. The test
function allows the user to run an ad-hoc validation of a policy,
but without adding the validation results to the overall network compliance
status.