HP OM - Policy Administration

Policies determine the action to be taken as a result of events that are intercepted.
To be more clear, policies are like a set of rules based on which monitoring takes place.

Policies need to be assigned and distributed to managed nodes from the management server. This can be done either from command line or from admin GUI (version 9)[motif GUI in version 8].

opctemplate / ovpolicy are the commands used for policy management. 

Assigning a policy:

A policy needs to be assigned to the node that it will be distributed to.
Assignment can be done either from the command line using opcnode command or from the GUI options.

opcnode -assign_pol pol_name=<> pol_type=<> [version=<>] [mode=<>] node_name=<>net_type=NETWORK_IP 
OR
opcnode -assign_pol pol_name=<> pol_type=<> [version=<>] [mode=<>] group_name=<>

where pol_type can be     TEMPLATE_GROUP
                                       CONSOLE_TEMPLATE
                                       OPCMSG_TEMPLATE
                                       LOGFILE_TEMPLATE
                                       MONITOR_TEMPLATE
                                       SNMP_TEMPLATE
                                       EC_TEMPLATE
                                       SCHEDULE_TEMPLATE
Version is the version of the policy you want to assign.
mode is  the way a policy is assigned to a node. This can be  FIX (default)
                                                                                           MINOR_TO_LATEST
                                                                                           LATEST

Distributing a policy :

After assigning a policy, the policy can be distributed using the opcragt command

opcragt -distrib [ -policies ][ -templates ][ -instrum ][ -actions ][ -monitors ][ -commands ] [ -subagts ] [ -force | -purge ] [ -highprio ] [ -simulate ] 

-force => The data is transferred even if it exists already on the node.
-purge => Instrumentation is removed from the node and deployed again.
-highprio => will ignore limitations set on the number of simultaneous deployments                              and immediately trigger the deployment to the specified node.
-simulate => only a simulation, the files/policies will not be distributed to the node.

Listing policies on the managed node :

opctemplate / ovpolicy can be used to list all the policies distributed to the managed node.
# opctemplate -list
       * List installed policies for host 'localhost'.

     Version            Status
 --------------------------------------------------------------------

CONFIGSETTINGS      "OVO settings"              enabled    1

LOGFILE             "<******>log"               enabled    0001.0006

mgrconf             "OVO authorization"         enabled    1

MONITOR             "<******************>"      enabled    0001.0000

OPCMSG              "<******************>"      enabled    0001.0004

SCHEDULE            "<*********************>"   enabled    0001.0004

SNMPTRAP            "<*****************>"       enabled    0001.0013

# ovpolicy -list

       * List installed policies for host 'localhost'.

     Version            Status

 --------------------------------------------------------------------

configsettings    "OVO settings"              enabled    1

le                "<******>log"               enabled    0001.0006

mgrconf           "OVO authorization"         enabled    1

monitor           "<************>"            enabled    0001.0004

msgi              "<******************>"      enabled    0001.0004

sched             "<*********************>"   enabled    0001.0004

trapi             "<*****************>"       enabled    0001.0013

Remote listing policies on the mgd node from the management server :

# ovpolicy -list -host <******>
       * List installed policies for host '<******>'.

     Version            Status
 --------------------------------------------------------------------
  configsettings    "OVO settings"              enabled    1
  le                "<LOGFILE POLICY NAME>"     enabled    0001.0000

Removing policies on the managed node :

On the managed node :

ovpolicy -remove -all 

Describing a policy on the node :

Policies are stored on the managed node in the location  /var/opt/OV/datafiles/policies under the directories for specific type of policy.

# ls -lrt
total 28
drwxrwxr-x 2 root root 4096 Jul 16 19:06 configsettings
drwxrwxr-x 2 root root 4096 Aug 11 15:25 le
drwxrwxr-x 2 root root 4096 Sep 11 11:59 msgi
drwxrwxr-x 2 root root 4096 Sep 12 17:42 monitor
drwxrwxr-x 2 root root 4096 Sep 12 17:58 trapi
drwxrwxr-x 2 root root 4096 Sep 12 17:58 sched

drwxrwxr-x 2 root root 4096 Sep 17 12:07 mgrconf

Each policy will have a data file and a header xml file. The data file is the one that is the policy.

[>>:/var/opt/OV/datafiles/policies/trapi]

# ls -lrt

total 88

-r--r----- 1 root root  9171 Jul 16 19:06 0<***>0_data

-r--r----- 1 root root 11051 Jul 16 19:06 7<***>0_data

-r--r----- 1 root root 29541 Jul 16 19:06 b<***>0_data

-r--r----- 1 root root  1281 Aug 11 15:25 c<***>0_data

-r--r----- 1 root root  3333 Aug 11 18:12 7<***>0_header.xml

-r--r----- 1 root root  3331 Aug 11 18:13 b<***>0_header.xml

-r--r----- 1 root root  3326 Aug 11 18:13 c<***>0_header.xml

-r--r----- 1 root root  3302 Aug 11 18:13 0<***>0_header.xml

-r--r----- 1 root root  3271 Sep 12 17:58 8<***>0_header.xml

-r--r----- 1 root root  4450 Sep 12 17:58 8<***>0_data

Doing a grep on the files for the policy name would yield the file name for that particular policy.
# grep "<NAME OF POLICY>" *
c<***>0_data:SNMP "<NAME OF POLICY>"

c<***>0_header.xml:   <name><NAME OF POLICY></name>