IBM WebSEAL discovery

Release version:
Vancouver
Yokohama
Xanadu
Washington DC
UpdatedAug 3, 2023
3 minutes to read

Vancouver
Service Mapping

The Vancouver release is no longer supported. As such, the product documentation and release notes are provided for informational purposes only, and will not be updated.

IBM WebSEAL discovery

The ® Discovery application uses the IBM WebSEAL patterns to find WebSEAL applications, web application servers, and junctions on your infrastructure. Discovering some of these resources requires installing the Discovery and Service Mapping Patterns application from the ® Store.

Request apps on the Store

Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.

Prerequisites

Detailed information on IBM WebSEAL

For information, see Detailed information on products discovered by ITOM Visibility

Authentication

The WebSEAL authentication process includes HTTP header authentication with basic credentials Basic authentication credentials.

If you’re running discovery for the first time, configure Credential affinity for Discovery and Orchestration Credential affinity for Discovery and Orchestration.

Note: Credential affinity isn’t available In debug mode.

Configured MID Server

Ensure the MID Server has access and permissions to send HTTPS requests to the WebSEAL application.

Configured user permissions to execute API calls

Ensure that the user has the permission to run the following API:

/net/general
/net/dns
/wga/reverseproxy
/wga/reverseproxy/<reverse_proxy_id>/configuration/stanza/junction/entry_name/match-vhj-first
/wga/reverseproxy/<reverse_proxy_id>/junctions
/wga/reverseproxy/"<reverse_proxy_id>/junctions?junctions_id=<junction_id>
/wga/widgets/health.json

HTTP Classification enabled

The IBM WebSEAL Pattern is triggered when you run the discovery on the server that the WebSEAL is on. Ensure that the HTTP Classification is present in the instance. For more information, see Create an HTTP classification and Run discovery through an HTTP or HTTPS REST call

Data collected during horizontal discovery


Field	Description
ISAM Server [cmdb_ci_isam_server]
name	The name of the server as returned by the `/net/general` API call. If the field is empty, `nslookup` on the IP address would be attempted to populate this field.
IP Address [ip_address]	The IP address according to the discovery schedule/configuration.
fqdn	The `search_domain` returned by the`/net/dns` API call.
WebSEAL [cmdb_ci_app_server_webseal]
name	The name of the WebSEAL server as returned by the API.
IP Address [ip_address]	The IP address according to the discovery schedule/configuration.
fqdn	The `search_domain` returned by the `/net/dns` API call.
install_status	The status is set to installed by default.
operation_status	The status is set to operational by default.
install_directory	According to the identification requirement, this field is populated with the FQDN of the server.
WebSEAL Reverse Proxies [cmdb_ci_webseal_reverse_proxy]
name	The name of the resource according to the API response.
object_id	The ID of the resource, of the API response.
install_status	Indicates if the installation is enabled.
operational_status	Indicates if the operation has started.
service_type – hard-coded	The status is set to `Webseal Reverse Proxy`by default.
webseal_health_status	The WebSEAL reported health status regarding the `/wga/widgets/health.json` API call
WebSEAL Junctions [cmdb_ci_webseal_junction]
name	The name of the resource according to the API response.
object_id	The id of the resource, created as a unique hash number corresponding to the case-sensitive name of the resource. Note: The case insensitivity of the queries may create duplicate fields when the name value is identical to the Object ID value. One of the identification attributes must be changed to have a unique value.
install_status	Hard-coded to installed status
operational_status	Hard-coded to operational status
stateful_junction	Boolean value indicating whether it’s a stateful Junction
transparent_path_junction	Boolean value indicating whether it’s a transparent path Junction
junction_type	List for the type of the Junction
WebSEAL Backend Servers [cmdb_ci_webseal_backend_server]
name	the name of the resource, as per API response
object_id	the id of the resource, as per API response
install_status	the status of the resource as per the “enabled” value in the API response
operational_status	the status of the resource as per the “operation state” value
server_id	The UUID used to identify the junction web server
http_port	HTTP port of the back-end third-party server. Applicable when the junction type is tcp.
service_port	TCP port of the back-end third-party server. Default is 80 for TCP junctions and 443 for SSL junctions
Priority	The priority of the server (1-9). Default is 9.

Search:

Table 1. Pattern Relations
CI	Relationship Type	CI
Webseal [cmdb_ci_app_server_webseal]	Runs on::Runs	ISAM Server [cmdb_ci_isam_server]
Webseal Reverse Proxy [cmdb_ci_webseal_reverse_proxy]	Hosted on::Hosts Reference[load_balancer]	Webseal [cmdb_ci_app_server_webseal]
Webseal Reverse Proxy [cmdb_ci_webseal_reverse_proxy]	Runs on::Runs Reference[isam_server]	ISAM Server [cmdb_ci_isam_server]
Webseal Junction [cmdb_ci_webseal_junction]	Allocated to::Allocates Reference [service]	Webseal Reverse Proxy [cmdb_ci_webseal_reverse_proxy]
Webseal Junction [cmdb_ci_webseal_junction]	Owns::Owned by Reference [pool]	Load Balancer Pool Member [cmdb_ci_webseal_backend_server]
Webseal Junction [cmdb_ci_webseal_junction]	Reference only [load_balancer]	Webseal [cmdb_ci_app_server_webseal]

Note: Currently, the relation between the back-end servers and actual server CIs in the CMDB isn’t possible for HD.

Vancouver IT Operations Management

Filters

Versions

Products