U.S. patent application number 11/097680 was filed with the patent office on 2006-10-26 for automated change approval.
This patent application is currently assigned to Tripwire, Inc.. Invention is credited to Troy D. Thompson, Gregor W. Torrence.
Application Number | 20060242277 11/097680 |
Document ID | / |
Family ID | 37054197 |
Filed Date | 2006-10-26 |
United States Patent
Application |
20060242277 |
Kind Code |
A1 |
Torrence; Gregor W. ; et
al. |
October 26, 2006 |
Automated change approval
Abstract
An automated method for facilitating management of a data
processing environment is disclosed. In various embodiments, the
method may include facilitating creation of a first
memorialization, in digital form, of first one or more changes made
to a first data processing device of the data processing
environment. In various embodiments, the method may further include
facilitating creation of a second and a third memorialization, both
in digital form, of second and third one or more changes made to a
second and a third data processing device of the data processing
environment, respectively. In various embodiments, the method may
still further include facilitating automated approval of the second
and third changes made to the second and third data processing
devices, using the first, second and third memorializations. Other
embodiments of the present invention may include, but are not
limited to, apparatus adapted to facilitate practice of the
above-described method.
Inventors: |
Torrence; Gregor W.;
(Portland, OR) ; Thompson; Troy D.; (Lafayette,
OR) |
Correspondence
Address: |
SCHWABE, WILLIAMSON & WYATT, P.C.;PACWEST CENTER, SUITE 1900
1211 SW FIFTH AVENUE
PORTLAND
OR
97204
US
|
Assignee: |
Tripwire, Inc.
|
Family ID: |
37054197 |
Appl. No.: |
11/097680 |
Filed: |
March 31, 2005 |
Current U.S.
Class: |
709/221 |
Current CPC
Class: |
H04L 41/0843 20130101;
H04L 41/0866 20130101; H04L 41/082 20130101 |
Class at
Publication: |
709/221 |
International
Class: |
G06F 15/177 20060101
G06F015/177 |
Claims
1. An automated method for facilitating management of a data
processing environment comprising: facilitating creation in digital
form, a first memorialization of first one or more changes made to
a first data processing device of the data processing environment;
facilitating creation in digital form, a second and a third
memorialization of second and third one or more changes made to a
second and a third data processing device of the data processing
environment, respectively; and facilitating automated approval of
the second and third changes made to the second and third data
processing devices, using the first, second and third
memorializations.
2. The method of claim 1, wherein said facilitating of creation
comprises facilitating automated application of the first one or
more changes to the first data processing device, and facilitating
automated comparison of a pre-application of the first one or more
changes state of the first data processing device to a
post-application of the first one or more changes state of the
first data processing device to create a first file of first one or
more records of the application of said first one or more changes
to said first one or more data processing device.
3. The method of claim 1, wherein said facilitating of creation
comprises facilitating automated application of the second one or
more changes to the second data processing device, and facilitating
automated comparison of a pre-application of the second one or more
changes state of the second data processing device to a
post-application of the second one or more changes state of the
second data processing device to create a second file of second one
or more records of the application of said second one or more
changes to said second data processing device.
4. The method of claim 1, wherein said facilitating of automated
approval of the second and third changes made to the second and
third data processing devices comprises facilitating automated
comparison of the second and third memorializations to the first
memorialization.
5. The method of claim 4, wherein the first, second and third
memorializations comprise a first, a second, and a third file of a
first, a second, and a third one or more records of the application
of the first, second and third changes made to the first, second
and third data processing devices respectively, and said
facilitating of automated comparison of the second and third
memorializations to the first memorialization comprises
facilitating automated comparison of the second and third files of
second and third one or more records to the first file of first one
or more records.
6. The method of claim 4, wherein said facilitating of comparison
comprises facilitating automated comparison of a change to a
software in either the second or third data processing device, to a
corresponding change to a corresponding software of the first data
processing device.
7. The method of claim 4, wherein said facilitating of comparison
comprises facilitating automated comparison of a change to a data
in either the second or third data processing device, to a
corresponding change to a corresponding device of the first data
processing device.
8. The method of claim 4, wherein the method further comprises
facilitating definition in digital form, one or more responses to
one or more detected differences during said automated comparison
of the second and third memorializations to the first
memorialization.
9. The method of claim 8, wherein the one or more responses include
a no-action automatic approval response to a detected
difference.
10. The method of claim 8, wherein the one or more responses
include an automatic remediation or alert response to a detected
difference.
11. The method of claim 1, wherein said automated comparison of the
second and third memorializations to the first memorialization are
performed substantially concurrently.
12. The method of claim 11, wherein the method further comprises
facilitating definition of the second and third data processing
units as members of a group of data processing units, to facilitate
said substantial concurrent performance of said second and third
memorializations to the first memorialization.
13. The method of claim 1, wherein the second data processing
device is a device selected from the group consisting of a
networking device, a server, a desktop computer, a laptop computer,
a tablet computer, a personal digital assistant, a cellular phone,
a set top box, and a media player.
14. An automated method of managing a computing environment,
comprising: facilitating definition in digital form, one or more
automated responses to detected differences during automated
processing of changes made to one or more data processing devices,
including a no-action automatic approval response to a detected
difference; and facilitating employment of the definition in
automated processing and approval of changes made to one or more
data processing devices.
15. The method of claim 14, wherein said facilitating of definition
in digital form, one or more automated responses to detected
differences during processing of changes made to one or more data
processing devices, further includes facilitating definition in
digital form, an automatic remediation or alert response to a
detected difference.
16. The method of claim 14, wherein said facilitating of employment
comprises facilitating employment of the definition in
substantially concurrent automated processing of changes made to a
plurality of data processing devices that are members of a logical
data processing device group.
17. An apparatus comprising: a memorialization module adapted to
facilitate creation of a first memorialization of first one or more
changes made to a first data processing device of the data
processing environment, and facilitate creation of a second and a
third memorialization of second and third one or more changes made
to a second and a third data processing devices of the data
processing environment, respectively; and an automatic change
approval module operatively coupled to the memorialization module
to facilitate approval of the second and third changes made to the
second and third data processing devices, using the first, second
and third memorializations.
18. The apparatus of claim 17, wherein said memorialization module
is adapted to facilitate application of the first one or more
changes to the first data processing device, and facilitate
comparison of a pre-application of the first one or more changes
state of the first data processing device to a post-application of
the first one or more changes state of the first data processing
device to create a first file of first one or more records of the
application of said first one or more changes to said first one or
more data processing device.
19. The apparatus of claim 17, wherein said memorialization module
is adapted to facilitate application of the second one or more
changes to the second data processing device, and facilitating
comparison of a pre-application of the second one or more changes
state of the second data processing device to a post-application of
the second one or more changes state of the second data processing
device to create a second file of second one or more records of the
application of said second one or more changes to said second data
processing device.
20. The apparatus of claim 17, wherein said automatic change
approval module is adapted to facilitate comparison of the second
and third memorializations to the first memorialization.
21. The apparatus of claim 17, wherein the apparatus further
comprises a response definition module adapted to facilitate
definition of one or more responses to one or more detected
differences during said comparison of the second and third
memorializations to the first memorialization.
22. The apparatus of claim 21, wherein the one or more responses
include a no-action automatic approval response to a detected
difference.
23. An apparatus, comprising: a response definition module adapted
to facilitate definition of one or more responses to detected
differences during processing of changes made to one or more data
processing devices, including a no-action automatic approval
response to a detected difference; and an automatic change approval
module operative coupled to the response definition module, and
adapted to facilitate employment of the definition in processing
and automatic approval of changes made to one or more data
processing devices.
24. The apparatus of claim 23, wherein the response definition
module is further adapted to facilitating definition of an
automatic remediation or alert response to a detected
difference.
25. The apparatus of claim 23, wherein the automatic change
approval module is adapted to facilitate employment of the
definition in substantially concurrent processing of changes made
to a plurality of data processing devices that are members of a
logical data processing device group.
Description
FIELD
[0001] Disclosed embodiments of the present invention relate
generally to the field of data processing, and more particularly to
automated change approval in data processing environments.
BACKGROUND
[0002] Data processing devices are deployed in many different
configurations and are used for many different applications in a
variety of data processing environments. In some configurations,
data processing devices may be grouped for various reasons. For
example, using servers as illustrative data processing devices,
servers may reside together in a server farm. A server farm may
streamline internal processes by distributing the workload among
the individual servers of the farm and may expedite computing
processes by harnessing the abilities of multiple servers. Groups
of servers in server farms may be identical, or similar in certain
operational respects, for a variety of reasons, including mirror
servers, back-up servers, etc. While multiple servers may initially
commence operation with identical, or similar, operational states,
varying changes may occur, either by design, inadvertently, or
otherwise, among the multiple servers. Similar situations may arise
among a wide variety of data processing devices, including but not
limited to switches, routers, and other networking devices of the
like.
BRIEF DESCRIPTION OF THE DRAWINGS
[0003] Embodiments of the invention are illustrated by way of
example and not by way of limitation in the figures of the
accompanying drawings, in which like references indicate similar
elements and in which:
[0004] FIG. 1 illustrates a method view of the present invention,
in accordance with various embodiments of this invention;
[0005] FIGS. 2a-2e illustrate various graphical user interface
dialogs associated with specifying approval by template, provided
by one or more modules equipped to facilitate practice of the
methods of the invention, in accordance with various embodiments of
this invention;
[0006] FIGS. 3a-3c illustrate various graphical user interface
dialogs associated with specifying approval by template, provided
by one or more modules equipped to facilitate practice of the
methods of the invention, in accordance with various embodiments of
this invention;
[0007] FIG. 4 illustrates parts of a workflow associated with using
approval by template, in accordance with various embodiments of
this invention; and
[0008] FIG. 5 illustrates an example computer system suitable for
use in association with automated change approval, in accordance
with various embodiments of this invention.
DETAILED DESCRIPTION OF ILLUSTRATIVE EMBODIMENTS
[0009] Embodiments of the present invention include, but are not
limited to, an automated method for facilitating management of a
data processing environment. In various embodiments, the method may
include facilitating creation of a first memorialization, in
digital form, of first one or more changes made to a first data
processing device of the data processing environment. In various
embodiments, the method may further include facilitating creation
of a second and a third memorialization, both in digital form, of
second and third one or more changes made to a second and a third
data processing device of the data processing environment,
respectively. In various embodiments, the method may still further
include facilitating automated approval of the second and third
changes made to the second and third data processing devices, using
the first, second and third memorializations. Other embodiments of
the present invention may include, but are not limited to,
apparatus adapted to facilitate practice of the above-described
method. The following discussion is primarily presented in the
context of computers. It is understood that the principles
described herein may apply to other data processing devices,
including but not limited switches, routers, and other networking
equipment of the like.
[0010] In the following description, various aspects of embodiments
of the present invention will be described. However, it will be
apparent to those skilled in the art that other embodiments may be
practiced with only some or all of the described aspects. For
purposes of explanation, specific numbers, materials and
configurations are set forth in order to provide a thorough
understanding of the embodiments. However, it will be apparent to
one skilled in the art that other embodiments may be practiced
without the specific details. In other instances, well-known
features are omitted or simplified in order not to obscure the
description.
[0011] Parts of the descriptions of various embodiments will be
presented in terms of operations performed by a processor-based
device, using terms such as data and the like, consistent with the
manner commonly employed by those skilled in the art to convey the
substance of their work to others skilled in the art. As well
understood by those skilled in the art, the quantities may take the
form of electrical, magnetic, or optical signals capable of being
stored, transferred, combined, and otherwise manipulated through
mechanical and electrical components of the processor based device;
and the term processor include microprocessors, micro-controllers,
digital signal processors, and the like, that are standalone,
adjunct or embedded.
[0012] Various operations will be described as multiple discrete
operations in turn, in a manner that is most helpful in
understanding the embodiments, however, the order of description
should not be construed as to imply that these operations are
necessarily order dependent. In particular, these operations need
not be performed in the order of presentation.
[0013] The phrase "in one embodiment" is used repeatedly. The
phrase generally does not refer to the same embodiment, however, it
may. The terms "comprising," "having" and "including" are
synonymous, unless the context dictates otherwise.
[0014] Some embodiments of the present invention include a scalable
architecture to facilitate automated change approval of changes in
data processing devices. Such data processing devices may include
but are not limited to servers, desktop computers, laptop
computers, tablet computers, networking devices, personal data
assistants (PDA), cellular phones, set top boxes, media players, or
other types of data processing devices.
[0015] FIG. 1 illustrates a method view of the present invention,
in accordance with various embodiments of this invention. As shown,
for the embodiments, the method may be practiced to facilitate
management of a data processing environment having, for example,
data processing devices 102, 104 and 106. In various embodiments,
data processing device 102 may comprise a test server. Data
processing devices 104 and 106 may comprise various production
servers. In various other embodiments, data processing devices 104
and 106 may comprise other types of data processing devices, such
as, desktop computers, laptop computers, tablet computers,
networking devices of like kind, personal data assistants (PDAs),
cellular phones, set top boxes, media players, or the like. In
various embodiments, data processing device 102 may comprise a
different type of data processing device other than a test server.
In some embodiments, data processing devices 104 and 106 may
represent two different types of data processing devices.
[0016] Illustrating a portion of a possible operational context in
some embodiments, first one or more changes may be made to data
processing device 102, as illustrated by block 110. In various
embodiments, one or more modules incorporated with the teachings of
this invention (to be described more fully below) may facilitate
creation of a first memorialization, in digital form, of the first
one or more changes made to a first data processing device, which
may be represented by data processing device 102. In various
embodiments, the first memorialization may comprise a record or
template, which may be represented by template 112. In some
embodiments, such a template may consist of a file, such as a
binary report file or a plain text file. In other embodiments, such
a template may consist of a different type of digital
memorialization.
[0017] Illustrating a portion of a possible operational context in
some embodiments, the same one or more changes made to data
processing device 102 may be directed to be performed to data
processing devices 104 and 106, as illustrated by block 114. In
various embodiments, the one or more modules may facilitate
creation of a second and a third memorialization of second and
third one or more changes made to a second and a third data
processing device of the data processing environment, which may be
respectively represented by data processing devices 104 and 106. In
various embodiments, the one or more modules may facilitate
automated approval of the second and third changes made to the
second and third data processing devices, using the first, second
and third memorializations. In some embodiments, such use of the
first, second and third memorializations may comprise a comparison
of template 112 to a memorialization (not shown) of the changes
made to data processing device 104, as well as a comparison of
template 112 to a memorialization (not shown) of the changes made
to data processing device 106, as illustrated by block 116. In some
embodiments, if the respective memorializations of the respective
changes match, then the second and third changes may be
automatically approved. For example, if the second memorialization
matches the first memorialization, then the second changes made to
data processing device 104 may be automatically approved. For
example, if the third memorialization matches the first
memorialization, then the third changes made to data processing
device 106 may be automatically approved. In other embodiments,
such use of the first, second and third memorializations may
comprise other uses of said memorializations.
[0018] Graphic 108 illustrates that there may be any number of data
processing devices (not shown) grouped, either explicitly or
implicitly, with data processing devices 104 and 106, according to
various embodiments. Such a grouping may not be present in various
other embodiments. In some embodiments, such additional data
processing devices may be grouped with data processing devices 104
and 106 and may be included in the operations represented by blocks
114 and 116. In some embodiments, such additional data processing
devices may be grouped with data processing devices 104 and 106 for
other operations (not shown) that may be performed on data
processing devices 104 and 106. In some embodiments, such
additional data processing devices may have other operations
performed on them instead.
[0019] In various embodiments, the one or more modules may allow
for said automated comparison of the second and third
memorializations to the first memorialization to be performed
substantially concurrently. In some embodiments, the one or more
modules may facilitate the definition of the second and third data
processing units as members of a group of data processing units, to
facilitate said substantial concurrent performance of said second
and third memorializations to the first memorialization. In various
embodiments, said automated comparison of the second and third
memorializations to the first memorialization may be performed in a
manner other than substantially concurrently. In some embodiments,
the one or more modules may facilitate the definition of data
processing units as members of a group of data processing
units.
[0020] In various embodiments, said facilitating of creation of the
first memorialization by the one or more modules may comprise
facilitating automated application of the first one or more changes
to the first data processing device. In various embodiments, said
facilitating of creation of the first memorialization by the one or
more modules may comprise facilitating automated comparison of a
pre-application of the first one or more changes state of the first
data processing device to a post-application of the first one or
more changes state of the first data processing device to create a
first file of first one or more records of the application of said
first one or more changes to said first one or more data processing
device. In such a comparison, a difference between a
pre-application state and a post-application state may be termed a
violation in some contexts. In some embodiments, said one or more
records may comprise of the violations detected. In various
embodiments, said facilitating of creation of the first
memorialization by the one or more modules may comprise performance
of other operations.
[0021] In various embodiments, said facilitating of creation of the
second memorialization by the one or more modules may comprise
facilitating automated application of the second one or more
changes to the second data processing device. In various
embodiments, said facilitating of creation of the second
memorialization by the one or more modules may comprise
facilitating automated comparison of a pre-application of the
second one or more changes state of the second data processing
device to a post-application of the second one or more changes
state of the second data processing device to create a second file
of second one or more records of the application of said second one
or more changes to said second data processing device. In various
embodiments, said facilitating of creation of the second
memorialization by the one or more modules may comprise performance
of other operations.
[0022] In various embodiments, said facilitating of automated
approval of the second and third changes made to the second and
third data processing devices may comprise facilitating automated
comparison of the second and third memorializations to the first
memorialization. In various embodiments, said facilitating of
automated approval of the second and third changes made to the
second and third data processing devices may comprise other
operations.
[0023] In various embodiments, the first, second and third
memorializations may comprise files, as discussed above in relation
to template 112 of FIG. 1 representing a file in some embodiments.
In various other embodiments, the first, second and third
memorializations may comprise memorializations other than
files.
[0024] In various embodiments, said facilitating of comparison by
the one or more modules may comprise facilitating automated
comparison of a change to software or data in either the second or
third data processing device, to a corresponding change to
corresponding software or data of the first data processing device.
In some embodiments, such a comparison may occur with at least the
use of hashes made of the respective software residing on their
respective data processing devices. In some embodiments, such a
comparison may occur in another manner. An illustrative case of an
embodiment making use of hashes may involve the memorializations
described herein making use of hashes made of particular software
or particular data both before and after the changes have been
made. Such hashes may make use of any number of past, present, and
future hashing algorithms consistent with the principles of an
embodiment of this invention. Such hashing algorithms include, but
are not limited to, MD5 (Message Digest 5), SHA-1 (Secure HASH
Algorithm), and HAVAL (Hashing Algorithm with Variable Length).
[0025] In various embodiments, the one or more modules may
facilitate definition in digital form of one or more responses to
one or more detected differences during said automated comparison
of the second and third memorializations to the first
memorialization. In some embodiments, the one or more responses may
include a no-action automatic approval response. For example, in
some embodiments, a no-action automatic approval response may be
applied in cases where a difference, or "violation," in either the
second or third memorializations matches a difference, or
"violation," in the first memorialization. In some embodiments, a
no-action automatic approval response may be applied in cases where
certain differences have been pre-approved, such as, for example,
for acceptable differences known to arise on a certain data
processing device. In some embodiments, a no-action automatic
approval response may be applied in other cases.
[0026] In some embodiments, the one or more responses to one or
more detected differences during said automated comparison of the
second and third memorializations to the first memorialization may
include an automatic remediation or alert response to a detected
difference. For example, in some embodiments, an automatic
remediation response may comprise of making a change to the second
data processing device, where said change had been made to the
first data processing device. This may occur when the first
memorialization indicates such a change had been made to the first
data processing device and the second memorialization indicates
that such a change had not been made to the second data processing
device. In some embodiments, where such a change had been made to
the first data processing device and not to the second data
processing device, an alert response notifying a user of such a
detection may occur. In various embodiments, other responses may
comprise either automatic remediation or alert responses to
detected differences.
[0027] FIGS. 2a-2e illustrate various graphical user interface
dialogs associated with specifying approval by template, provided
by the one or more modules incorporated with the teachings of the
present invention, in accordance with various embodiments of this
invention. In other embodiments, different information may
alternatively or additionally be displayed in such graphical user
interface dialogs. In alternative other embodiments, other dialogs
or their substantive equivalent may be provided. FIG. 2a
illustrates the one or more modules providing option "Approve by
Template" 202 in Report drop-down menu 204 of a portion of database
update window 206, in accordance with an embodiment of this
invention. FIG. 2b illustrates the one or more modules providing
"Approve by Template" dialog window 220, in accordance with one
embodiment of this invention. For the illustrated embodiments,
"Approve by Template" dialog window 220 may include the following
modes of determining how the template file is interpreted: "Object
names and hashes must match" mode 222, "Only violated object names
must match" mode 224, and "Only violated rule names must match"
mode 226.
[0028] "Object names and hashes must match" mode 222 may comprise
an operation where an opened violation will be approved if the
template file has a violation in it with exactly the same object
name and hash values, of the same type of violation: added,
removed, or changed. "Only violated object names must match" mode
224 may comprise an operation that compares each violated object's
name to see if the same name is in the template file. "Only
violated rule names must match" mode 226 may comprise an operation
where a violation is approved if it belongs to a rule where the
template file also has a rule with the same name with
violations.
[0029] For the illustrated embodiments, "Approve by Template"
dialog window 220 may include Template Report File Name input field
228 for the selection of a particular file to be used as a
template. Browse button 230 may allow a user to specify a report
file or a text file. When selecting a text file, it may be possible
to specify the file's character encoding. "Approve by Template"
dialog window 220 may include selection field 232 to allow a user
to clear any approved violation already set before the approval by
template operation is performed. FIG. 2c illustrates a possible
dialog window 240 resulting from selecting browse button 230 of
FIG. 2b, in accordance with an embodiment of this invention.
[0030] FIG. 2d illustrates a possible results dialog window 250 the
one or more modules may employ for presentation of a report after
approval is completed, in accordance with an embodiment of this
invention. Results dialog window 250 may include Machine column
252, designating the machine compared with the template. Results
dialog window 250 may include Approved column 254, designating
approved violations. Results dialog window 250 may include Possible
column 256, designating the total number of violations. Results
dialog window 250 may include missing column 258, designating a
violation in the template but not found in the report.
[0031] FIG. 2e illustrates the one or more modules providing option
"Approve Violations" 260 in Machine drop-down menu 262 of a portion
of database update window 264, as another way to direct an approval
operation on selected machines, in accordance with an embodiment of
this invention. "Approve Violations" 260 may include submenu 266
specifying different operations regarding how violations may be
approved.
[0032] FIGS. 3a-3c illustrate various graphical user interface
dialogs associated with specifying approval by template, provided
by the one or more modules incorporated with the teachings of the
present invention, in accordance with various embodiments of this
invention. In other embodiments, different information may
alternatively or additionally be displayed in such graphical user
interface dialogs. In alternative other embodiments, other dialogs
or their substantive equivalent may be provided. FIG. 3a
illustrates "Approve by Template" dialog window 300, provided by
the one or more modules, in accordance with an embodiment of this
invention. "Approve by Template" dialog window 300 may include the
following modes of determining how the template file is
interpreted: "Object names and hashes must match" mode 306, "Only
violated object names must match" mode 308, and "Only violated rule
names must match" mode 310.
[0033] "Object names and hashes must match" mode 306 may comprise
an operation where an opened violation will be approved if the
template file has a violation in it with exactly the same object
name and hash values, of the same type of violation: added,
removed, or changed. "Only violated object names must match" mode
308 may comprise an operation that compares each violated object's
name to see if the same name is in the template file. "Only
violated rule names must match" mode 310 may comprise an operation
where a violation is approved if it belongs to a rule where the
template file also has a rule with the same name with
violations.
[0034] For the illustrated embodiments, "Approve by Template"
dialog window 300 may include Template Report File Name input field
302 for the selection of a particular file to be used as a
template. Browse button 304 may allow a user to specify a report
file or text file. When selecting a text file, it may be possible
to specify the file's character encoding. "Approve by Template"
dialog window 300 may include selection field 312, which may
include accompanying text field 314 for specifying saving a file.
In some embodiments, an Extensible Markup Language (XML) file may
be selected for the results file, while in other embodiments, such
an option may not be provided. After "Approve by Template" dialog
window is dismissed, in some embodiments, if there are violations
already checked, a message box prompt for whether they should be
cleared first may be provided. In other embodiments, such a message
prompt box may differ from the description above, or such a message
prompt box may not occur, either at this stage or at all.
[0035] FIG. 3b illustrates a possible results dialog window 330
provided by the one or more modules for presentation of a report
after approval is completed, in accordance with one embodiment of
the invention. For the illustrated embodiments, results dialog
window 330 may include Machine column 332, designating the machine
compared with the template. Results dialog window 330 may include
Possible column 334, designating the total number of violations for
the machine. Results dialog window 330 may include Approved column
336, designating the number of violations that met the approval
criteria. Results dialog window 330 may include Rejected column
338, designating the violations that failed to meet the approval
criteria. Results dialog window 330 may include Not Found column
340, designating violations specified in the template but not found
on the applicable machine. In various embodiments, results dialog
window 330 may consist of buttons that allow for selection of a
further dialog window. In some embodiments, machine column 332 may
consist of machine names that, when selected, bring up a machine
properties dialog (not shown) for that machine. In some
embodiments, numbers in at least one of columns 334, 336, 338, and
340, in results dialog window 330 may comprise of buttons that,
when selected, bring up a dialog window with further detail
regarding the numeric value. For example, numeric button 342 may
allow for the selection of such a dialog window.
[0036] FIG. 3c illustrates an example dialog window 350 that may
result from the selection of numeric button 342 in FIG. 3b, in
accordance with one embodiment of the invention. Dialog window 350
may display a list of the seven file names referred to by the
numeric value of numeric button 342 in FIG. 3b.
[0037] FIG. 4 illustrates parts of a workflow 400 associated with
using approval by template, in accordance with various embodiments
of this invention. Various other embodiments may have various other
workflows associated with them. In various embodiments, at least
some of the operations illustrated in FIG. 4 may be automated. In
other embodiments, more than one of the operations illustrated in
FIG. 4 may not be automated. Workflow 400 may include operation
402, where changes may be made to one system. Workflow 400 may
include operation 404, where the violations resulting from the
changes are verified as trusted. An operation that stores a report
documenting the changes may be included, as in operation 406. In
various embodiments, operation 404 and/or operation 406 may be
automated/facilitated by the one or more modules provided by the
invention.
[0038] Workflow 400 may include operation 408, where the same
changes made to the system in operation 402 are directed to be made
to another system, or other systems. Workflow 400 may include
operation 410, where a check is run with respect to the other
system(s) changed in operation 408. Workflow 400 may include
operation 412, where the resulting report files from the other
system(s) may be opened. An operation that includes selecting an
approval by template feature may be included, as illustrated by
operation 414. Operation 414 may include or work in conjunction
with specifying the report file from operation 406. Workflow 400
may include operation 416, where all trusted changes from operation
406 are approved. In various embodiments, one or more of operations
410, 412, and 414 may be automated/facilitated by the one or more
modules provided by the invention.
[0039] FIG. 5 illustrates an example computer system suitable for
use in association with automated change approval, in accordance
with various embodiments of this invention. As shown, computer
system 500 may include one or more processors 502 and may include
system memory 504. Additionally, computer system 500 may include
mass storage 506 in the form of one or more devices (such as
diskette, hard drive, CDROM and so forth), input/output devices 508
(such as keyboard, cursor control and so forth) and communication
interfaces 510 (such as network interface cards, modems and so
forth). The elements may be coupled to each other via system bus
512, which may represent one or more buses. In the case where
system bus 512 represents multiple buses, the multiple buses may be
bridged by one or more bus bridges (not shown).
[0040] These elements each perform their conventional functions
known in the art. In various embodiments, communication interfaces
510 may facilitate coupling of computing system 500 to a network,
though which computing system 500 may be coupled to data processing
devices 102, 104, 106, and so forth, as necessary. In various
embodiments, computing system 500 may at least be partially
incorporated in a data processing device, such as data processing
devices 102, 104, and 106 of FIG. 1. System memory 504 and mass
storage 506 may be employed to store a working copy and a permanent
copy of the programming instructions implementing various aspects
of the one or more earlier described modules of the present
invention. The permanent copy of the programming instructions may
be loaded into mass storage 506 in the factory or in the field, as
described earlier, through a distribution medium (not shown), or
through communication interface 510 from a distribution server (not
shown). The constitution of these elements 502-512 are known, and
accordingly will not be further described. In alternate
embodiments, part or all of the one or more modules may be
implemented in hardware, for example, using one or more Application
Specific Integrated Circuits (ASICs) instead.
[0041] Thus, it can be seen from the above description, an
automated method for facilitating management of a data processing
environment is described. In various embodiments, the method may
include facilitating creation of a first memorialization, in
digital form, of first one or more changes made to a first data
processing device of the data processing environment. In various
embodiments, the method may further include facilitating creation
of a second and a third memorialization, both in digital form, of
second and third one or more changes made to a second and a third
data processing device of the data processing environment,
respectively. In various embodiments, the method may still further
include facilitating automated approval of the second and third
changes made to the second and third data processing devices, using
the first, second and third memorializations. Other embodiments of
the present invention may include, but are not limited to,
apparatus adapted to facilitate practice of the above-described
method.
[0042] While the present invention has been described in terms of
the foregoing embodiments, those skilled in the art will recognize
that the invention is not limited to the embodiments described.
Other embodiments may be practiced with modification and alteration
within the spirit and scope of the appended claims. Accordingly,
the description is to be regarded as illustrative instead of
restrictive.
* * * * *