In the electronic environment of today, computer systems undergo constant changes. In order to keep up with these changes, it is important that users of these systems be able to monitor the systems. Monitoring can be classified into several different types, including active monitoring and passive monitoring. Passive monitoring includes any observation that does not modify a computer system. To this extent, passive monitoring can include scanning a file system to perform a compliance check, scanning a registry to determine which applications are currently installed on the system, security scanning, file system inspection, license usage monitoring, and the like. In contrast, activities, such as patching, applying a security update, etc., that involve modification of the computer system are referred to as active monitoring.
Standardization can be an asset in effective systems management. Standardization of a data center helps customers control maintenance costs by limiting the number of different variations of systems running in the data center. This allows costs to grow in proportion to the number of different software configurations rather than in proportion to the number of different instances of those configurations.
To realize some of the benefits of standardization, providers of a computer system can insure that all deployed instances begin their lifecycle from one or more standard “images” or pre-configured software stacks. In order to conserve resources, each particular type of deployed instance is often tailored to a type of task that the user of the instance wishes to perform. This can be done by including functions that are useful for performing the particular type of task while leaving out those that are not. In addition, efficiencies can be added by using specific operating systems, middleware, and/or applications that perform the particular type of task efficiently at the expense of those that do not. This can result in the need for several different types of deployed instances generated from different pre-configured software stacks having different combinations of operating systems, middleware, applications, etc., executing on the same computer.
This can become a challenge when it comes to performing passive monitoring operations that need to be performed on a significant number of the deployed instances. One example of this type of operation is drift detection. Once a deployed instance begins execution, it can deviate from the standardized state due to changes within the instance. These changes can be accidental, intentional but without harmful intent, or malicious in nature. In any case, these con-compliant deviations can cause the particular instance not to function correctly and/or can affect the efficiency of the instance within the overall computer system, possibly impacting other instances and/or the overall efficiency of the computer system. However, as the number of types of instances increases, with the increasing numbers of operating systems, middleware and applications, it can be increasingly difficult to provide a single tool for passively monitoring that can be used for all types. Further, any attempt to update or customize the tool could cause the tool to require increasingly more resources or to become unstable.