Applies to LDMS 8.8
This document is intended for intermediate LANDesk Management Suite users who are also adept at managing SQL Databases or have a DBA.
Warning: This document contains SQL statements that will remove data from the database. Backup the database before executing any delete statements. The contributor(s) to this article and LANDesk make no warranty on the contents or statements and are not responsible for any data loss.
Inventory and Software License Monitoring
Software Scanning Mode:Ensure the scanning mode is “Listed” or for specific files instead of all files. This setting is contained in the ldappl3.template in ldlogon on the core. Click “Make available to All” button in Software License Monitoring to propagate changes to the clients via normal inventory process.
Scanning with “mode=all “not only increase the database size and scan size, it can also reduce performance as it inserts all of this data to the fileinfo tables. Combining this mode with additional file types beyond .exe can dramatically increase database size and scan size which also translates into a performance hit when inserting scans. Essentially using this mode needs to be carefully planned and executed and is usually done against a specific group of machines for a short period of time as needed.
See DOC-5553 to review more information on gathering software.
AMT– Appliesto all users with AMT devices in their environment.
Apply patch 20525 (requires coredbutil) or apply 8.8 SP3 which has the patch rolled into it.
This prevents too many connections from being opened to the database, it affects performance and not table size. There are many other fixes and adjustments to the AMT functionality as a whole. LDMS users with AMT devices should utilize this if they are on 8.8 SP2.
Vulnerability Scanning
Scanning for all vulnerabilities without removing old or unnecessary vulnerabilities from the scan section affects storage and performance. Usage is affected by the number of nodes, how many vulnerabilities are being scanned for and what frequency the scanning takes place.
The environment must be taken into account when tuning this. If over utilized then the vulnerability piece can take up far more connections to the database via IIS than other components.
LANDesk has created the following patch to help reduce the size of the computervulnerability table. (contact support for the patch)
The patch is: PAT-2333388.2 and requires the following SQL query be run with it. The same statements can be run against 8.8 SP3.
INSERT INTO PATCHSETTINGS (Name,Value) VALUES ('DiscardUndetectedBlockedApps',1)
INSERT INTO PATCHSETTINGS (Name,Value) VALUES('DiscardUndetectedSpyware',1)
Agent watcher
Ensure if it is in use that the time it checks in is spaced out. Otherwise this generates a lot of traffic and updates to the database. Size is less of an issue here.
Setting the interval to a longer period of time is recommended for larger environments. Default is 30 once checked but that is only ideal in smaller environments, otherwise IIS traffic to the core and DB can be affected.
Patch History
Individual or multiple device patch history can be purged to reduce the amount of storage consumed. This is explained in detail with screenshots in DOC-5676
The DBA can add the following SQL to the LANDesk Database maintenance plan to remove records that are X days old. In the example below, 90 days is used. Modify that value to the desired range. Ensure there is a backup of the database before running any delete statements.
DELETE from PatchHistory WHERE dateDiff("d",Actiondate,getdate()) > 90
Inventory Change History
When using Inventory Change History as shown below, change data is stored in the History table.
The Inventory Change Settings tool is found by choosing Configure – Inventory History
If this functionality is utilized for frequently changing attributes, the History table can increase in size over time.
The following SQL can either be run manually or added to the LANDesk Database maintenance plan. In the example below, removal of records older than 90 days is used. Modify that value to the desired range. Ensure there is a backup of the database before running any delete statements.
DELETE from History WHERE dateDiff("d",ChangeDate,getdate()) > 90
Alerting
See DOC-5071 to prevent management updates every time CBA starts on machines. These updates can over time increase table size in the database based on number of nodes and updates. If the alerting component is utilized then leaving these alerts on is recommended because a health update is sent with the startup alert. This document also goes into preventing two miniscans from being sent at startup.
DOC-5036 can be referenced for detailed information on purging the Alertlog and history.
Remote Control Logging
If reports on remote control are not utilized, then the option to add additional logging to this table can be disabled by going to “Configure – Remote Control Logging” on the core server. Uncheck the enable remote control history box. Also from this tool, history can be deleted by specifying a date to clear any RC history before the specified date.
<!--[if !vml]--><!--[endif]-->
Note, this data also can be purged via SQL script. This particular data is often not purged due to policy compliance or a requirement to keep remote control data. Also, removing data will affect data captured in the Return On Investment reporting.
The following SQL can either be run manually or added to the LANDesk Database maintenance plan. In the example below, removal of records older than 90 days is used. Modify that value to the desired range. Ensure there is a backup of the database before running any delete statements.
DELETE from RCLog WHERE dateDiff("d",EventTime,getdate()) > 90
Additional tuning options
SQL Express users should refer to DOC-6103 to add maintenance tasks.
A third party utility called LDMS_CORE automates multiple maintenance tasks. Below are just a few of the tasks it performs in relation to the above topics. See the readme for details from its author on how it works. Because it isn't an official LANDesk utility for any assistance on using LDMS_CORE go to http://www.droppedpackets.org/
Patch History:
LDMS_CORE can automatically remove patch history records for machines which no longer have a record in the database.
Computer Vulnerability:
LDMS_COREcan automatically remove superseded vulnerabilities from the scan folder. It also removes orphaned rows in the computervulnerability table. Both work differently and can be used in conjunction if proffered.
Orphaned Products:
A second factor that affects Software License monitoring is the number of packages that are not associated to computers. LDMS_CORE can automatically query the database to check for orphaned packages and remove them freeing up tablespace. There is additional logic to not remove any packages that have licenses associated or are in compliance groups, thus no important data is lost in the process.