Dots Connected #3: Inventory Quality (part 3), a reliable inventory with good application recognition and no "merge" issue.

The last green lights on inventory to reach full SAM Value

You have patiently already read the last two "Dot Connected" blog articles that describe what a fresh, exhaustive and relevant inventory is and which ideal inventory tool combination to choose... and here comes again an article on inventory! Keep going, this is the last one, and worth the effort.

You got the keys of a good inventory strategy... what if know the issues or limitation are not on the inventory side but the way your ITAM tool is ingesting it? Flexera is an incredible technology... but as for any tool, there may be issues. Not that the technology is bad, but because the data is complex and sophisticated.

Application Recognition fully trusted

That's one of the scariest things in Software Asset Management, on average, on a computer 150 installer evidence and 3000 file evidence are found... and 80 applications are recognized. Did the Application Recognition Library (ARL) miss something? Question is always hard to answer.

To take a step back on what a good recognition is... Numbers don't mean a lot. I have always found pointless this question in Requests For Information (RFI) when companies start a tooling selection project: "How many applications does your nromalization solution recognize?". Depending on the granularity or recognition, you can have a one to 10 factor. Flexera IT Visibility (using the Technopedia release level normalization that is perfect to perform configuration Management and Application Lifecycle Management) will recognize 2 millions applications where the ARL (that is so relevant for Software Asset Management) will recognize 350K applications.

But where Technopedia will recognize App 1.10, 1.11, 1.12, 1.20 etc. the ARL will recognize App 1. Numbers don't matter. You may recognize useless freeware and drivers but not the latest Adobe Premiere Pro 2024 version.

Focus on Commercial Applications... and installer evidence. Don't disperse your energy trying to recognize everything and have no more file evidence in the "Unrecognized Evidence" screen. Commercial applications matter.

When it comes to file evidence, don't be the SAM Don Quichotte that fights against windmills. That's a thing that will happen one day I am sure (an unfinished task as Product Manager): the "unrecognized file evidence" screen will disappear. "Unrecognized" means implicitly files should be recognized. 1 file out of 1000 is useful for recognition (swidtags are definitely, Java.exe or /bin/Java, some executables for applications deployed without MSIs or RPM for Unix)... rare Jar files. Out of 7 million unrecognized files evidence (titles) in a large ITAM instance, probably 2000 are useful for recognition. Some others (THE executable for each desktop application) can be useful for usage.

So, focus on installer evidence and this is a reasonable target to have 0 unrecognized installer evidence for a Publisher you manage for License Compliance. You need to ignore the signatures standing for application with no licensing liability and map to the applications the unrecognized one (omitted in the ARL library, this is worth sharing in a ticket, or specific to your organization (packaging)).

Run the incredibly useful "Unrecognized Installer Evidence Analysis" report. You can find this report in the SAM Operations Hub or in the SAM Operations folder of the saved reports. This is not the most complex SQL report I have written and productized, but one of the most useful ones. The Flexera ARL team uses the code regularly against Cloud data to extend the library. The starting point of this report is: 99% of unrecognized applications are other versions of recognized applications, the report makes a pretty simple assessment of all unrecognized installer evidence. The report:

• Checks if the Publisher is already licensed (super useful) by checking the row publishers (for instance: Microsoft Corporation) against all ARL Publishers in ARL evidences linked to licensed applications (for instance "Microsoft%" linked to Project Professional 2022).

• Looks for a similar evidence (disregarding version, let's name it the "brother evidence") that is recognized... linked to a commercial application... or eventually licensed commercial application

• Provides the "Other recognized versions" for the "brother" product. For instance for Premiere Pro: 1, 1.0, 1.2, 1.5, 2.0, 5.5, 6.5, 7, CC, CC (2014), CC (2015), CC (2016), CC (2017), CC (2018), CC (2019), CC (2020), CC (2021), CC (2022), CC (2023), CC (2024), CS3, CS4, CS5, CS5.5, CS6, Unspecified. You get a feeling of the level of normalization (major, minor...) and the holes in the recognition.

• Prioritizes the evidence. Priority 1 are unrecognized evidences linking to licensed commercial applications that need a new version. You will notice that the report, here, failed guessing the "2024" was actually already existent as CC (2024). Priority 2 is for licensed commercial applications that already exist etc. The documentation gives all details.

• Recommends "intelligent" evidence (Premiere Pro / 24.% / Adobe% )

• Recommends the applications to create (or to map the evidence to)

Long story short, you know where to rush and what to do. You can use the guidance of the Managing Unrecognized Applications SAM Best Practice Webinar to extend the recognition of the ARL.

Other aspect of recognition is to have the right executables associated to applications to make usage metering more reliable. You can check the Metering in FlexNet Manager: collection, management and optimization SAM Best Practice Webinar.

To come back to the screenshot below from today. I was sarcastic earlier writing "You may recognize useless freeware and drivers but not the latest Adobe Premiere Pro 2024 version". Indeed, today, the latest version is not recognized (I trust it will be in a week!). The unrecognized version in the screenshot is: "24.2.1"You can check in the library, there is a great variety of versions in the library (24.1, 24.2, 24.0, 24.0.%, 1.0.%, 24)... but not the clever one: "24.%" that would secure the recognition for a year... Clever wildcarding is an important aspect of reliable recognition and can always be perfected.

Merge issues solved

This issue is a pretty technical and tricky one that few people understand. You will be one of these happy few after reading this article! It can have a massive impact on applications false positives.

Flexera ITAM can merge multiple overlapping inventory sources, which is really powerful... However, this merge can result in applications evidence of various dates to be merged. An old and static inventory source will cause false positives. For instance, an expensive application uninstalled 6 months ago will still trigger consumption in your license. Here is what happens in details:

• The import of inventory puts all data in "staging tables": ImportedComputer, ImportedInstalledInstallerEvidence etc.

• A sophisticated algorithm will merge computers from various sources including Inventory Manager, managed like a third party data source. If you are on premises, you can understand and even influence this merging logic by checking the xml files for computers and clusters located in your application batch server on: C:\ProgramData\Flexera Software\Compliance\ImportProcedures\Inventory\Matcher. Depending on compter type, various keys (or sets of keys) will be used (Serial Number or Name + Domain for Physical computers, VMUID for VMs etc.).

• Evidence data is also merged and the recognized applications result from all sources.

Here comes the issue:

• Let's imagine data from SCCM has not been reported for two months for a computer and came yesterday from the Flexera agent. Older data will cause application to be recognized, including applications uninstalled in the last 30 days...

• Trickier now: let's imagine Flexera Inventory Manager by accident created two records in its database for the same computer while importing the daily or weekly generated NDIs. Newer data will update one of the records, the other will stay as is.

Some solutions have been brought that partially fixes these problems when the is a FlexNet Inventory duplicate that is remerged. For 3 years now, only the latest evidence of two remerged computers from a unique source are kept for recognition. There are still cases where this skimming doesn't work.

THE solution is to run the "Merged Devices Issues Analysis" report that checks which imported inventory records have been merged, the dates of the information, the success or not of the skimming. I created and shared this report in 2021 in the Inventory Gap Analysis custom reports (VMs from vCenter, Oracle issues, merged computers, ESX Ghosts...) KB article. You can now find the report in the SAM Operations Hub (this is one of the KPIs) and in the "SAM Operations" folder of saved reports.

Priority 1 issues require a deletion that you can perform in the database if you are on premises or that you can request to Flexera Customer Support.

Want to learn more?

I would recommend some of the recorded SAM Best Practices Webinars I delivered, that you can find in the Flexera Community

• Managing metering and usage in ITAM

• Managing unrecognized applications in ITAM

• The SAM Operations Hub

You can find the links to the 24 recorded Flexera SAM Best Practices Webinars in the "ITAM Best Practice Available in the Community" Flexera KB article.

You are now all set with Inventory Quality and ready to climb the Maslow Pyramid of SAM to get its incredible value!