审计配置管理数据库

“审计”是iTop特性,旨在检查一致性存储在iTo​​p数据库中的信息。使用审计,您可以回答以下问题:“我们是否为生产中的任何设备定义了有效的支持合同?”或“我们知道用于现场支持的所有服务器的本地化吗?”

1.png

验证名为审计规则。

计规则分为审计类别。类别定义必须符合规则的对象列表(范围)。该范围是使用OQL范围定义的,因此将动态地计算实际的范围。示例:所有正在生产的设备⇒ 选择设备状态='production'。

审计规则定义要检查的实际约束。例如“设备已附加到活动支持合同。”。它也由OQL需求定义。

要添加或修改审计类别或审计规则,请在“管理工具”模块中单击“审计类别”。

了解审计报告

通过单击“数据管理”菜单中的“审计”链接,可以交互式运行审计。

2.png

审计报告列出了所有要审核的类别。对于每个类别,标题行均包含:

  • 该类别中的对象数
  • 带有至少一个错误的对象数(由类别的规则报告)
  • 此类别中不含错误的对象的百分比
  • 对于每个规则,另外一行表示:
    • 错误中此规则的对象数。单击数字将显示错误中的对象列表
    • 此规则中不含错误的对象的百分比

管理审计类别

审计类别由名称,描述和定义集定义。定义集定义了对象范围,这些对象将受相关审计规则的约束。它是OQL审计。

3.png

要为给定的类别创建或删除审计规则,请使用审计审计上“审计Rules”选项卡中的“ Create a new审计Rule”或“ Delete”按钮

4.png

管理审计规则

审计规则由名称,描述,要检查的查询和有效对象标志定义。

查询定义了通过审计失败的对象的列表(在类别定义的范围下)。

由于有时列出通过审计的对象要比失败的对象容易,所以将标志Valid Objects?用于指示查询返回“有效”对象还是“无效”对象。

如果设置有效对象?如果为false,则规则返回的对象将显示为红色(表示无效对象),如果将其设置为true,则规则显示的对象将不会显示。

请注意,规则始终仅链接到一个类别。并且此类别确定规则的类别。

审计规则样本

没有任何成员的团队

SELECT Team AS t 
JOIN lnkPersonToTeam AS l1 ON l1.team_id=t.id 
WHERE l1.person_id != 0 

此查询返回具有至少一个成员的团队,因此您必须设置有效对象?虚假

通知等于“是”且没有“发送邮件地址”的人

SELECT Person 
WHERE notify = 'yes' 
AND email = "" 

此查询返回的通知等于“是”,而没有“发送邮件地址”的人员,因此您必须设置有效对象吗?变为真实

原文:https://www.itophub.io/wiki/page?id=2_6_0%3Aadmin%3Aaudit


Auditing the CMDB

The “Audit” is an iTop feature designed to check the consistency of information stored in the iTop database. Using the audit, you can answer questions like: “Do we have an active support contract defined for any device in production?” or “Do we know the localization of all the servers for on-site support?”

Example of a simple audit report

The verifications are named audit rules.

Audit rules are grouped into audit categories. A category defines the list of objects (the scope) that must be compliant with the rules. This scope is defined using an OQL query, so that the actual scope will be computed dynamically. Example: all devices that are in production ⇒ SELECT Device WHERE status = 'production'.

An audit rule defines the actual constraint that needs to be checked. For instance “Devices being attached to an active support contract.”. It is also defined by an OQL query.

To add or modify an audit category or an audit rule, click on “Audit Categories” in the “Admin tools” module.

Understanding the Audit Report

编辑

The audit is run interactively by clicking the “Audit” link in the “Data administration” menu.

Explanations of the Audi Report

The audit report list all the categories to be audited. For each category the header line contains:

  • The number of objects in this category

  • The number of objects with at least one error (as reported by the category's rules)

  • The percentage of objects without error in this category

  • The for each rule, an additional line indicates:

    •  

    the number of objects in error for this rule. Clicking on the number displays the list of objects in error

    •  

    the percentage of objects without error for this rule

Managing Audit Categories

An audit category is defined by a name, a description and a definition set. The definition set defines the scope of objects that will be subject to the related audit rules. It is an OQL query.

New Audit Category

To create or remove audit rules for a given category, use the button “Create a new Audit Rule” or “Delete” from the “Audit Rules” tab on the Audit Category

New Audit Rule

Managing Audit Rules

An audit rule is defined by a name, a description, the query to check and a Valid Object flag.

The query defines the list of objects (under the scope defined by the category) that pass/fail the audit.

Since it is sometimes easier to list the objects that pass the audit than the objects that fail, the flag “Valid Objects ?” is used to indicate whether the query returns the “valid” objects or the “invalid” ones.

Note that a rule is always linked to only one category; and this category determines the scope of the rule.

标签:
由 superadmin 在 2020/08/25, 16:27 创建
    

需要帮助?

如果您需要有关XWiki的帮助,可以联系:

深圳市艾拓先锋企业管理咨询有限公司