SSA getting started
Does anyone have a sample of how to use SSA?
I have SSA 2019.02 installed and I can access the application in the CMS UI. I have gone though the documentation however the end to end process is still not clear.
I have software products, primarily on UNIX, which are not in the current SAI files which I need to discover.
I anyone has additional details, or an example, it would be greatly appreciated.
for me it is not clear as well. The SSA looks stupid as hell. Has anybody managed to make it useful?
I am sure that I am missing something. Currently I can't understand how SSA to be used for file based recognition.
I have used SSA in the past when it was still in beta version. I have yet to install 2019.11 so have not tried to set up latest SSA server.
The basic workflow of SSA as I understand:
- Send scan files from UD Probe servers to SSA server. Managed by the ASRConfig.json configured by using the CMS UI.
- Scan files are processed by the SSA server. The files are checked for unrecognized files and registered installed packages.
- The unrecognized elements are checked by a machine learning program and organized by publisher, title and version.
- An autoteach.zsai is available with these machine learning "suggestions".
The machine learning does a "fair" job of matching elements but it is not perfect. It still requires a person to validate it's suggestions. The person responsible for this activity needs to be knowledgeable about the software they are reviewing enough to know what is a "main" file. Without this knowledge applications may be misidentified.
If your goal is to increase your recognized applications in your scan files from 60% to 99% then this module will help you. I believe this SSA module is what the Micro Focus software librarians are using today to create the monthly Discovery Knowledge SAI files. Although, I think they are using a version with a much better machine learning (vertica?) data set.
I have a more strategic goal of identifying a collection of "managed" titles. For that I use the Inventory Tools Analysis Workbench and SAI editor. When I have an unrecognized installed application or a partial recognition of a managed title I use these tools to update my custom SAI files. I have yet to find a good solution to learning about these partial or unrecognized titles that needed to be added / updated. For now I just watch my recognized numbers and when they start falling off I investigate the scan files to learn if a new version has been installed that may not be recognized.
Thanks for the explanation @John Goldstein ,
This is how I understand it on a high level as well. However the devel I see is in the detail. Maybe my recognized files are not complete, even though all the software inventory information is there - scanned files with checksums, rpm list, etc.
What I currently see SSA is doing is to take the list of rpm collection/ windows installed msi collection and create a generic application rule based recognition, taking the rpm name patterns and putting them as a release and version match patterns:
I really don't see the benefit of that, except that it saves me typing the name of the software. Therefore I assume I am doing something wrong.
What I am missing is where is the file recognition option? What if I want to take all the detected files on the server and select the ones attached to a software and create SAI entry for that? This would save the whole workbench exercise. However the detected files from the scans are not imported in my SSA and I can't understand if that is a bug or some misconfiguration of the scan process at my side.
Hi at all,
we have also the same questions about die detailed configuration of the ssa server an how it works in deep detail.
we have a couple of own deployed applications and want to make a spezial name.
how does it work. is their a detailed descprition or a video with some examples.
No @bsh_itom , there are no detailed documentation or videos. The product is pretty useless if you need more advanced features like file based recognition. Where it "shines" is to have pattern based recognition based on the raw rpm/installed software list.
What it does is to take all the unrecognized raw software from the scan file and create a pattern for them. Then it adds them to a .sai file and pushes them into UCMDB. What you get is list of "pre-approved" software which you put, which is basically the same as importing the raw installed software into UCMDB.