Grouping activity results

Jun 5, 2012 at 10:49 PM

It might be best to start this explaining my scenario to provide context...

I manage a team responsible for our client computing standards and their supporting server infrastructure components.  Our security peers produce quarterly reports of pci vulnerability scans that include a variable number of items that require remediation.  We manage 13,000 systems and plan to integrate the scan details into the GRC solution accelerator combining dcm/compliance, service manager, opsmge, and orchestration.  My first order of business, however, is to automate the creation of change control/work requests that represent any number of changes to a particular client....  this is the time drain on my team today.

We are dumping the remediation needs into a SharePoint list.  I would like to create a single request per system and include the details of each remediation need.

I am currently using the SharePoint oip to pull the details from the list by using a view filtered to only those without a request id.

I have been unable to find an easy way to group the results such that the bus will be able to do this without a pretty involved set of runbooks... although I did pat myself on the back when I finished it.  What I am doing today is as follows:

1. Create a temp folder
2. Get records for items without a request
3. For each record, create a folder in the temp folder, named for the system (this facilitates the grouping)
4. For each record, append details about the system to a header.txt in the system folder
5. For each record, append the vulnerability details to a vuln.txt in the system folder
6. for each record, Loop wait here for a ticket.txt in the system folder

so that gets my data divided up and in system folders... next, a rb is running looking for any vuln.txt file creations every 30sec....

1. For each file, split the path and extract the system name
2. Read lines 1-8 of header file (rest are omitted as they are system specific and redundant)
3. Read 1-all of vuln.txt
4. Kick off a posh script that takes these fields as input to create a request in remedy using its com component (thank goodness the posh activity uses 32bit as remedy doesn't like 64)
5. Write ticket.txt with the request I'd as line1

Continuing from the first rb,
7. Read line 1 of ticket.txt
8. For each record in the original sp query, post the ticket # to the item
9. Clean up system folder

So this is my first real try at doing anything in orchestrator since having used opalis robot back in '99.  Please help me understand how to do it a better way.