How Agent Client Collector for Visibility works

  • Release version: Xanadu
  • Updated August 1, 2024
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of How Agent Client Collector for Visibility Works

    Agent Client Collector for Visibility (ACC-V) is an essential component of ServiceNow's data collection capabilities, requiring the installation of the ServiceNow Agent Client Collector (ACC) on target hosts. This tool leverages a policy-based approach to schedule and collect host data, ensuring comprehensive visibility of IT assets.

    Show full answer Show less

    Key Features

    • Triggering Events: ACC-V operates under specific conditions, such as periodic scheduling, deletion of CI records, MID Server cycles, target host cycles, and network breaks.
    • Checks and Policies: The primary check definition is Enhanced Discovery, which operates on a default schedule of 24 hours (86,400 seconds) and is synchronized across all agents.
    • Data Processing: The ACC-V handles data transformation to ensure compatibility with the identification and reconciliation engine (IRE), along with non-CI data reconciliation.
    • Integration with MID Server: The process involves creating an ECC Queue record for monitor tasks, with the MID Server facilitating communication and data requests via WebSocket over TLS.

    Key Outcomes

    By utilizing ACC-V, ServiceNow customers can expect enhanced visibility into their IT environment through the effective discovery and management of virtual machines and cloud instances. ACC-V supports various virtualization and cloud server vendors, including vCenter, Amazon AWS, Google Cloud Platform, and Microsoft Azure, allowing for seamless integration and relationship mapping within the CMDB.

    Agent Client Collector for Visibility (ACC-V) requires installation of ServiceNow Agent Client Collector (ACC) on the target host. ACC is a derivative of Sensu-Go, an open-source software.

    ACC-V use cases

    ACC-V applies Checks and Policies to schedule and collect host data. ACC-V is triggered during the following cases:
    • Periodic scheduling: A policy-based approach where Discovery is triggered on a periodic basis.
    • On CI delete: When the computer or server CI record is deleted.
    • MID Server cycle: When the MID Server goes down and comes back up.
    • Target host cycle: When the target host goes down and comes back up.
    • Network break: When there is a break in the network link to the target.
    Note:
    Discovery is triggered for those agents whose hosts are already present. Agents whose hosts are not present are discovered through ACC-F.

    ACC-V checks and policies

    The ACC-V assets are stored as Agent plugins with the main entry point [acc_visibility_main] and other modules for OS families. There is one main system Discovery Check definition, called Enhanced Discovery, which is used by the Enhanced Discovery Policy. This ACC-V policy runs off a schedule, which is defaulted to 24 hours (86,400 seconds). This policy configuration is synced to all agents as defined in the ACC-V policy.

    When the payload is returned from the MID Server to the instance, the ACC-V Check Type, EnhancedDiscovery, delegates tasks to the EnhancedDiscoveryHandler script include provided by ACC-V. The script contains logic to process the data from the check and handles tasks such as:
    • Data transformation into an identification and reconciliation engine (IRE) compatible payload
    • Non-CI data reconciliation (cmdb_running_processes, cmdb_tcp_connections, and so on)

    The ACC-V Check Definition, Enhanced Discovery, is initiated by the ServiceNow Instance. Then, an ECC Queue record with topic, MonitoringProbe, is created on the output queue with relevant Check information. The MID Server then processes the check by sending a message to the ACC via WebSocket over TLS.

    During this time, the MID Server also serves any relevant Assets or Plugins that the ACC requests, making sure it is relevant to the particular Operating System, platform, OS version, and architecture on which the ACC is running.

    You can edit and modify all parts of the ACC-V application including check type, policy, and check definition. See Checks and policies for more information.

    Virtual machines and cloud instances

    ACC-V associates a target, discovered via Discovery, with a pre-existing virtual machine (VM) Instance CIs. ACC-V associates the discovered CI record with any pre-existing VM Instance record or Cloud Server Instance record with appropriate CMDB relationships.

    The following variants of virtualization and cloud server vendors are supported for ACC-V:
    • vCenter
    • Amazon AWS Cloud
    • Google (GCP)
    • Microsoft Azure