Administer > Audit and compliance > Snapshots, snapshot specifications, and snapshot jobs

Snapshots, snapshot specifications, and snapshot jobs

Snapshots

A snapshot captures the configuration of a managed server at a particular point in time and provides a means of capturing the current state of a known working (or a known not working) server. A snapshot is useful for capturing a server configuration that you know represents a desired state of configuration.

You can also compare the snapshot with other servers in your facility by using the snapshot in an audit.

A snapshot is also a useful way to back up a managed server, especially if you plan to make changes to the server and want to keep a record of it before you change anything.

In addition to recording information about objects on managed servers, a snapshot can contain the content of some objects. A server snapshot also identifies attributes of other objects on specific types of operating systems, such as the Windows Registry and Windows Services, application configurations, COM+ objects, hardware information, installed patches, and more. You can even create custom scripts that gather data from the target managed servers.

The SA Client cannot create a snapshot of the entire Windows Registry or a snapshot of all system keys. The volume of data is larger than the current design allows.

VMware ESXi servers cannot be the source or the target of a snapshot.

Snapshot process

The following tasks are required to create a snapshot of a server configuration:

Create a snapshot specification, which is a template that defines the configuration parameters captured on a target server.

Run the snapshot specification job that results in a snapshot.

The following figure shows the snapshot process, including step-by-step descriptions.

Snapshots and snapshot specifications

Snapshots are configured in similar way as you configure an audit. First, you create a snapshot specification, which is like a template that defines exactly what you want to capture for a server’s configuration. Next, you configure the snapshot specification’s rules and then run it. The results are a snapshot—a picture of a server’s configuration. The main difference between a snapshot and an audit is that a snapshot takes a picture of a server’s configuration, whereas an audit compares a server configuration with the rule values that you define.

You can schedule when you want a snapshot to be created (either once or as a recurring job) and who you want to receive email notification about the status of the job.

Snapshot used in an audit

You can use a snapshot in an audit to compare managed servers, groups of servers, and snapshots. By using a snapshot in an audit, you can compare a problematic server (target of the audit) with a known working server (snapshot as source for the audit). To further extend the audit definition, you can also define rules for server objects.

When a snapshot is used as the source for an audit, all server configuration values captured in the snapshot results are available to use as rules for the audit. For more information about using a snapshot in an audit, Audit configuration .

Snapshot specification used in an audit

You can use a snapshot specification as the source of an audit if you want to keep track of a server’s configuration over time and monitor any changes that occur. For example, you might want to keep track of a specific application to make sure that its configuration remains correct over a period of time. If this application runs on several servers, you can create a snapshot specification that defines a desired state of server configuration, and then run the snapshot.

Next, you can create an audit and use the original snapshot specification as the source for your audit. Each server that was targeted by the snapshot are now also included as targets of the audit. Next, when you run the audit (either on-demand or on a scheduled basis), each server’s current configuration will be compared with the state originally captured when you took the initial snapshot. Any changes are displayed in the audit results window. See Audit configuration .