Tenjin Icon

Installing and Configuring JobR

This article covers the following:

Installation

JobR can be installed in a customer's ServiceNow instance or hosted in a secure Biomni's ServiceNow domain where a customer is not already using ServiceNow. For more details about a hosted JobR system contact jobrsupport@biomni.com

For customers wishing to install into their own ServiceNow instance, the JobR application is available on the ServiceNow app store. From here, a ServiceNow administrator can install it in a production environment or take a trial in a non-production environment. All the activities described below need to be performed by a ServiceNow administrator.  

System Requirements/Prerequisites

  • MID Server. You must have a working Windows MID Server on the instance. When you create a new Data Source, you will have the option to specify which MID Server to use. Please see the section on MID Security Policy. The MID Server must be able to access the servers you wish to collect data from.  
  • For each data protection system that will be included in JobR, the relevant admin must provide credentials for an admin account and the REST API URL 
  • JobR supports Veritas NetBackup (minimum version:8.3) and Veeam Enterprise Manager (minimum version:11) 
  • NetBackup: It is recommended to use API Key authentication The NetBackup admin must obtain the API key for an administrator-level account and provide the REST API URL (typically https://masterserverURL) 
  • Veeam: Veeam uses basic auth. The Veeam Enterprise Manager admin will provide the credentials (user ID and password) for an admin-level account and the Veeam EM REST API URL (typically https:/VeeaEMURL:9838).
  • Commvault: It is recommended to use basic authentication. The core Commvault URL (typically https://cellname) is required along with credentials (user ID and password) for an administrator-level account. 
  • Cohesity: It is recommended to use basic authentication. The core Cohesity URL (typically https://clustername) is required along with credentials (user ID and password) for an administrator-level account. 
  • Rubrik CDM: It is recommended to use basic authentication. The core Rubrik URL (typically https://node) is required along with credentials (user ID and password) for an administrator-level account.
  • Additional Information may be required from a Data Management administrator.  

Once the app is installed please make the following changes to roles shipped by the app:

  • Create the following 2 jobr groups: JobR Users and Jobr Admins
  • Add roles canvas_user and x_biomn_jobr.user  to JobR Users
  • Add roles canvas_user, connection_admin, credential_admin and x_biomn_jobr.administrator to Jobr Admins
  • Assign Jobr Users to the respective user group

Mid Server Check

JobR requires a MID Server to collect data from your on-premise data protection systems. When you create a new Data Source within JobR, you will have the option to specify a MID Server to use. The MID Server must be able to access the servers you wish to collect data from.

Mid Security Policy

If your internal Backup Server does not have signed certificates you need to make a change in the ServiceNow setting for the MID Servers. 

  1. Select MID Service>MID Security Policy from the left-hand menu.
  2. Select Intranet.
  3. Untick “Certificate Chain Check” and “Hostname Check blobid0.png

Minimum Configuration

A data source within JobR represents the system from which JobR will extract information. The REST API URL and associated administrator credentials for the data source are stored as ServiceNow Connections and Credentials aliases. These will need to be configured before the data source can be used. 

Configuration

A Connection and Credential Alias is required for each Backup system you are connecting to. It defines how JobR connects to and authenticates against the REST API of a Brackup system. 

Create a Connection & Credential Alias

  1. Select “Connections & Credentials>Connection & Credential Aliases” from the left-hand menu.
  2. Click New to create a new alias.
  3. Give it a name (this is what will be visible in JobR) and leave the other fields at their default values. 
  4. Click Submit. 

Create a Credential

  1. Select Connections & Credentials>Credentials from the left-hand menu.
  2. For NetBackup, select “API Key Credentials” from the list, enter a name, and paste in the API Key from NetBackup. 
  3. For Veeam, select “Basic Auth Credentials” from the list, enter a name and the user name/password pair created in Veeam. 
  4. Click Submit.

Create a Connection

  1. Select Connections & Credentials>Connections from the left-hand menu.
  2. Select “HTTP(s) Connection” from the list.
  3. Enter a name and select previously created Alias above.
  4. Enter the URL of the backup server in the “Connection URL” field and check “Use MID Server”.
  5. Click Submit

Configure JobR Data Source

  1. Select JobR>Configuration>Data Sources from the left-hand menu.
  2. Click New, fill in the Name field and check the Active box.
  3. Select the Technology (this must match the “Connection & Credential Alias”).
  4. Select the Alias created above in the “Connection & Credential Alias” field.
  5. Click Submit to create the Data Source or Test Connectivity.  

Enable Job Data Collection

  1. Select JobR>Configuration>Data Sources from the left-hand menu.
  2. Open the Data Source previously created.
  3. In the “Data Collectors” tab, click Edit.
  4. Select “Get Job Failures” from the left-hand list and move to the right.
  5. Click Save. 

The Data Collector process runs every ten minutes although you can force its execution through the Data Collectors menu item.

Customer Setup

Jobs can be optionally allocated to customers. A customer can be an external entity, for example, a Service Provider's clients and / or internal teams, for example, an application development team. 

The only mandatory field for a customer is the name. The VIP flag is used to flag the most important customers to allow easy filtering of dashboard data.

The condition is used by the rule that assigns an incoming job to a customer. You can use all fields from the Job Failure table and combine them into a logical statement e.g the policy name starts with ABC and the Backup Server is london1.

You need to ensure that the rules do not overlap each other as the system uses the first condition that is true for a specific job.

The job details can be edited and the customer assigned manually as well.

Customer assignment covers both failed and successful jobs.

JobR ships with 2 rules for customer assignment. If you are not planning to use customer assignment, you should deactivate these rules.

If you plan to use customer assignment, set up customers and associated conditions first before you start bringing job data into JobR.

Data Cleanup

2 data cleanup jobs are set to automatically clear down job failure/success data that, by default, is older than 3 months. To change the 3 month period:

  1. Type “Table Cleanup” in the menu and select the option under Instance scan
  2. Search for records where the application is JobR
  3. Edit the desired record (*_failure, *_success)
  4. Change the Age in seconds
  5. Save the record

Conditions can also be applied to allow different cleanup settings based on the attributes of the records. For example, to keep failure records for “VIP” customers for a year:

  1. Type “Table Cleanup” in the menu and select the option under Instance scan
  2. Click New
  3. Set the Tablename field, search for the JobR table name, e.g. Job Failure
  4. The MatchField should be set to sys_created_on
  5. Set Age in seconds to 31536000
  6. Select “Show Related Fields” from the Condition drop-down
  7. Select “Customer => Customer fields” from the Condition drop-down
  8. Select VIP from the Condition drop-down and set the condition to “is true
  9. Save the record

You may want to repeat 1-9 above to create another record to set non-VIP customers to shorter periods. Then repeat twice to cover the job success table.

Note: if you create your own table cleanup records, you should de-activate the out-of-the-box records as these will override the newly created records.

JobR Workspace

The home page for JobR’s workspace has 2 variants:

JobR Landing Page. This is the default page and contains components relevant to customers.

JobR Landing Page – No customer. This variant is deactivated and it does not contain any customer-related components.

If you are not going to use customers, you should deactivate the default landing page and activate the ‘No customer’ one.

Reports based on Report Writer

JobR ships with 2 sample reports: JobR Failures and JobR Successes

The reports contain the jobs from the previous day and are scheduled to run at 1am every day.
The scheduled report task ‘Daily JobR Reports’ is linked to two other Scheduled report tasks, ‘JobR Failures’ and ‘JobR Successes’.

They represent a daily report that a customer may wish to receive on a scheduled basis.
You should use these reports as a basis to develop your custom reports and associated scheduled jobs.

Reports based on Flow

The following flows generate reports for customers and internal operations:

Customer Report – Weekly: This flow sends an email containing all successful and failed jobs as well as summary information on the overall success rate and data transferred in the last seven days. It is shipped deactivated. It should be copied to create a flow per customer.

Operation Rollup Report: This flow emails a summary of what happened to all customers in the last seven days. The recipient can be an operations team or a manager. It is shipped deactivated. It should be copied to create a flow that corresponds to your requirements.

Customization

JobR ships with several components that can be replaced by customized versions. It is strongly recommended that you do not change the shipped components. You should make copies, customize the copies, deactivate the shipped ones, and activate the custom ones.

Workspace

You will most likely want to change the home page. You must create a variant, make the necessary changes, and activate it while deactivating the current active variant.

Flow - Create Incident JobR

There is a Flow action that you must review and make the necessary changes before using. It is the ‘Create Incident JobR’ Flow action that should be copied and adapted to your Incident creation requirements.

Once you have published, you need to change the relevant action on JobR to point to the new Flow action.

Resetting Data

  1. Select JobR>Data Collectors from the left-hand menu.
  2. Select the “Get Job Failures” data collectors.
  3. Click the “Clear Data” link and the “Execute” button.
  4. All failed job data will be cleared in and re-imported.
  5. View the job failures in JobR>Job Failures page. 

MSP Support, Multi-Domain ServiceNow

JobR is a domain-aware application and it runs on multi-domain ServiceNow instances. The configuration is identical with single domain instances but there are differences on who can do what.

Credentials and Connections

The System administrator must create the connections and credentials that make up a Connection and Credential Alias, within the domain. To avoid exposing Connection and Credential Aliases that belong to other domains, a Query Business Rules can apply the necessary filtering.

Data collector scheduled Job

JobR ships with a scheduled job that runs the task of collecting data from on-premise systems. This job is called JobR:Execute Data Collectors and should be deactivated. In a multi-domain environment, you need to create a Scheduled Job (a replica of the shipped one) per domain and set the Run As property to a user account that belongs to this domain and the JobR Admin group. In addition, this user account needs to have the Credentials and Connection admin roles.

Data rollup scheduled job

JobR ships with a scheduled job that runs the data roll-up task daily. This job is called JobR: Execute Daily Rollups and should be deactivated. In a multi-domain environment, you need to create a Scheduled Job (a replica of the shipped one) per domain and set the Run As property to a user account that belongs to this domain and the JobR Admin group.

MID Server

ServiceNow provides instructions on how to use MID Servers in a multi-domain environment. For JobR, each domain / customer will have its own MID Server and the corresponding MID Server user account will belong to the relevant domain.

Data Sources

The creation of data sources is a system admin activity. A domain administrator (customer representative) needs to coordinate the creation of data sources with the system admin.

The system admin will switch to the target domain and configure the data source as per earlier instructions.

 

JobR User Roles

Two user roles exist within JobR. Your ServiceNow administrator assigns both;

Administrator: x_biomni_jobr.administrator. A user with this role has complete access to the JobR app. 

User: x_biomni_jobr.user. A user with this role type can monitor and action failed jobs. They cannot create data sources, rules, or actions.  

Once the app is installed please make the following changes to roles shipped by the app: 

  • Create the following 2 jobr groups: JobR Users and Jobr Admins
  • Add roles canvas_user and x_biomn_jobr.user  to JobR Users
  • Add roles canvas_user, connection_admin, credential_admin and x_biomn_jobr.administrator to Jobr Admins
  • Assign Jobr Users to the respective user group

Accessing JobR

Direct Access to JobR

JobR is accessed via a ServiceNow workspace. To access the workspace login directly into the JobR Workspace (https://yourcompany.service-now.com/x/biomn/jobr/home). 

Through the Cassic ServiceNow UI

To get to the JobR workspace from the classic ServiceNow UI, search for JobR to find its menu and submenus

 

 

Share this article

Comments

0 comments

Article is closed for comments.