Please use for the latest documentation.

This site is for reference purposes only and may not be accurate for the latest ServiceNow version

Discovery FAQ

From Wiki Archive
Jump to: navigation, search

{{ #if: Orchestration

- Orchestration
{{ #if:

}}}} {{#if: Related Topics | |-

Related Topics

{{ #if: Get the Book | |-

Get the Book
{{ #if:

Knowledge.gif Discovery
Knowledge.gif Data Collected by Discovery
Knowledge.gif Orchestration for VMWare

Knowledge.gif Discovery
Knowledge.gif Data Collected by Discovery
Knowledge.gif Orchestration for VMWare

Note: This article applies to Fuji and earlier releases. For more current information, see Discovery at

The ServiceNow Wiki is no longer being updated. Visit for the latest product documentation.


General Topics

What technologies are used for Discovery?

Discovery is deployed in an agentless framework and uses Internet Protocols to probe the network.

  • SNMP - machine specific information
  • SSH - Linux and UNIX logins for in depth scans
  • WMI - Windows discovery
  • Powershell - Windows discovery
  • DNS/WINS IP Resolution
  • VMware API - VMware/ESX discovery

What are credentials, and what kind do you need?

Credentials are generally a user/password used to authorize use of a system. For discovery purposes, the following types of credentials are required:

What will be created with no credentials, no login, no SNMP?

Nothing can be created without these elements. However, if Discovery finds an IP address that is partially responsive, Discovery logs the device for additional exploration.

What will you find in UNIX Discovery?

Very detailed and deep information about the OS, the hardware, network, disk, and application configurations. See Data Collected by Discovery for details.

What detail will you get with Windows WMI?

Very detailed and deep information about the OS, the hardware, network, disk, and application configurations.

Can you discover multi-core processors on UNIX and Windows?

Yes, we detect the number of cores for UNIX, Linux, Windows environments.

Can you discover Web / Application Servers without specific credentials?

Yes. We can discover the presence of a Web Server through a running process classifier. The Web Server will be identified by vendor and make (Apache, Tomcat, BEA WebLogic, IBM Websphere, JBoss, Microsoft IIS, etc.) and the database connections used.

What will you discover about Web Servers with specific credentials?

The applications installed and the database connections used.

Can you identify patches and packages?

Yes. Packages and patches are identified for Solaris, Linux, and Windows.

How does application mapping work?

By finding the relationships between different running processes, such as Web Servers, application servers, and databases. In a typical scenario, Discovery determines that an application starting at an Apache HTTP server may contact one or more application servers that are running particular J2EE applications that connect to one or more databases.

The output of the mapping is a dependency map of the discovered pieces which is easily viewed graphically using our Business Service Visualizer.

Can you import Discovery data?

Yes. For example, you may want to import a list of IP addresses in host file format to start the discovery process on a set of known machines. The system is very agile at importing, exporting, and synchronizing (federating) data.

Does your Discovery run agentless or require an agent on every machine?

Agentless is the simple answer.

Do you discover Solaris Zones?

Yes. Using standard Sun Utility Tools for Management of Solaris Containers.

Do you discover Virtual Machines?

Yes. Using management instrumentation provided by VMware, including the vCenter API on Windows hosts.

Which commands are used by Discovery on UNIX and Linux?

In general, we use simple commands like ps, df, sh, uname, etc. All the commands can be seen in the Probes section of the Discovery application.

Which WMI queries are performed?

The WMI queries are in the database through the Probe Parameter for the WMIProbe. Many parameters are obtained from the Win32_ComputerSystem object, among others.

What access level do you need to run discovery on Linux / UNIX?

For most items, non-root. For application dependency mapping, sudo, or limited root privilege.

What kind of built-in reporting capabilities do you provide?

The system has an easy to use, yet powerful and comprehensive reporting package. The reporting is very interactive, with drill downs, grouping, sorting, filtering, and aggregation all under the end users control.

We supply a number of reports to help get insight to the discovered CMDB.

How can you see the file path that Windows uses to uninstall software?

Discovery detects and displays the paths that Windows uses to uninstall software with the Add or Remove Programs utility. To see uninstallation paths, open a Windows Server configuration item (CI) record. All available paths are shown in the Uninstall string column in the Software Installed Related List.

Software License Management / Compliance

How can you help with license management for application servers such as Websphere and WebLogic?

Discovery will tell you how many instances of the application servers are running, what applications are installed (PKGAdd, RPM or MSI installer).

How can you help with license management for databases such as Oracle, SQL Server, Sybase, others?

Discovery can show the databases / table spaces installed and track the IP address that connect to the database engine to try and help with CAL type licensing. See Software License Management for details on software licensing.

Can Discovery help with license management of Microsoft desktop applications?

Yes. After discovering installed software (Operating System and applications) entries are recorded in the CMDB and also the Microsoft License section of the product's Asset Management application.

The licensing also includes special identifications required by vendors (OEM versus Retail for Microsoft), counting for Symantec and Adobe, etc.

MID Server (Management, Instrumentation, Discovery)

What is this MID Server?

It is a small Java process that runs the probes for the discovery.

Do you provide an appliance or do I need my own hardware for the MID server?

You use your standard hardware (including virtual machines). There is no need to introduce a foreign appliance with it's requisite security / backup / DR issues.

How does Discovery scale in an environment with tens or even hundreds of thousands of devices?

Multiple MID servers deployed in different network segments and/or geographically will provide virtually unlimited scalability. MID servers are capable of handling multiple thousands of devices each.

What OS does the MID server require?

UNIX, Linux, or Windows.

What are the resource requirements (network and CPU) during the discovery?

Resource consumption is remarkably low, see MID Server Requirements for details.

How are the MID servers administered?

All administration (with the exception of the installation) is handled centrally from your instance. Configuration of IP ranges, credentials, schedules for discovery are all in a web-based UI.


How are the credentials secured?

They are stored in the database using 3DES encryption.

How are the credentials transported to the MID server?

Using HTTPS (SSL) to transport all data encrypted. Once at the MID server, the standard encryption capabilities of SSH and WMI are used.

Firewall, TCP Planning Information

What ports are used for Discovery on UNIX and Linux?

Connection is made using the standard SSH port 22.

What port numbers are used in Windows Discovery?

Discovery detects activity on port 135 on Windows machines, and then launches a WMI query. The response from the Windows device is sent over a Distributed Component Object Model (DCOM) port configured for WMI on Windows machines. This can be any port.

Customization and Integration

Can we customize the Discovery commands, and on what level can we customize them?

Yes. The entire set of Discovery commands is centrally administered in the database and can freely be altered, added to, or removed.

Can the Data Model (database definition) be extended?

Yes. Fields, tables, and relationship descriptions can all be customized. There are no limitations.

Can you integrate with other CMDB technologies such as Atrium or AssetCenter?

Yes. This is something we do very well. Through web services, bi-directional integration can be created. We also have standard integrations to many other popular systems such as HP OpenView, HP / Mercury MAM, IBM Tivoli, Microsoft SMS, LanDesk, Oracle Financials, Altiris.

Is it possible to have specific Discovery configurations for a group of computers?


Can we specify which ports are scanned / probed?

Yes. The PortProbe definition permits a parameter "ports" to limit scope. As an example, you could specify ports = 22,80,135.

Can we use an alternate SSH tool?

Yes. It is possible to write probes in languages such as PERL, JavaScript, or BASH that use any tool you choose.

Can Discovery commands be run independently (without sensor reaction)?

Only in Orchestration. Define a Probe with either no Sensor or a special sensor that does not schedule further Probes.

Is it possible to automate the discovery tasks with 3rd party tools?

Yes. There are two possibilities:

  • Use web services to schedule IP ranges to be discovered.
  • Use special Probes and Sensors (written in PERL and JavaScript for example).