Latest revision as of 16:12, 19 August 2024

1 What is BigFix
- 1.1 Short Answer
- 1.2 Long Answer
- 1.3 Components
2 HCL Content
3 V10 Cloud Functions
4 Sites
5 Subjects
6 Items to Remember
7 Active Issues
8 Tutorials and Training Material
9 Items to investigate further
10 Integrations
11 Diagnostics
12 Current Issues
13 Remote Site Relay Hardware
- 13.1 The Solutions
14 History
15 Relevance
16 I Want to ...
17 Content
- 17.1 Utilities
- 17.2 Documentation
  - 17.2.1 Videos
  - 17.2.2 Links
- 17.3 Diagnostics
- 17.4 DSA Server
- 17.5 SCM & SCA Server
- 17.6 Performance
- 17.7 Utilities
- 17.8 Logging Documentation
- 17.9 Client
- 17.10 Service Now Items of Note
- 17.11 OS Deployment
- 17.12 SOAP API
- 17.13 REST API Content
- 17.14 IBM AIX Support in BigFix
- 17.15 Custom Content Creation
- 17.16 Interesting items
  - 17.16.1 Client Installation Information
  - 17.16.2 Client Configuration Content
  - 17.16.3 Creating Custom Content
- 17.17 Documentation
- 17.18 WebUI Documentation
- 17.19 IEM Component Articles
- 17.20 Tools that might be useful
- 17.21 Pages about odd information
18 Projects
19 Support Links
- 19.1 Blogs
20 Notes

What is BigFix

Short Answer

BigFix is a "Agent Based" system used to securely manage computers without needing to constantly visit each computer.

Long Answer

BigFix is a "Client/Server" based system of managing remote computers. Member computers need to be connected to the network, and can be managed anywhere in the world as long as they are actively connected to a network where they can reach a Relay or the BigFix server. The Server and Clients use Relays as "store and forward" devices to allow a huge amount of computers to be managed by a single BigFix implementation. Console Operators can deploy software to remote computers, including OS Patches and Software installation packages. Authorized Console Operators can create custom Fixlets and Tasks to perform any task on remote computers that can be scripted. Management of Computers can be distributed between multiple "Console Operators" and different levels of access can be assigned via the Role objects.

Components

BigFix Servers
Console Operators
Roles
Sites
Relays
Clients
WebUI Server
Web Report Server
Fixlets/Tasks
Analyses
Actions

HCL Content

HCL Recently bought BigFix from IBM. This means most all of the links below will need to change. (!!) Perfect time to clean things up and re-organize the collection!

These links are from a recent posting on the Forums and should be a good starting point to fixing the rest of the links.

HCL BigFix Idea Center

According to the Forum post, Internet Explorer is NOT supported at the above links.

According to HCL, they are working on providing updated PDF forms of the documentation.

HCL BigFix Technology Partner information can be found HERE

V10 Cloud Functions

Sites

Subjects

Items to Remember

RITM2586103 - New Project request so I can get a new VM for the BigFix Test environment. Freaking stupid that I have to request a whole project just to get a new VM for the Test Environment of a FUNCTIONAL system.
How will IBM BigFix Patch address new servicing models for Windows 7 and 8.1? (Broken)
KB0024021
TASK1728858 - Relay Refresh with X3250 and RS140's.
RITM1309391 - Decommission request for DEMO & CON1
BigFix WebUI
RITM1518487 - New DMZ Relay
RITM1518488 - New DMZ Relay
Root Server Hardware Specs - Discussion about running in a VM
TASK2593699 - Requesting Service Account for WebUI DB access.
TASK2597919 - Requesting Service Account SQL access required for WebUI functionality based on documentation from IBM.
RITM2013089 - SSL Request for Test Environment
RITM2118451 - Restore Firewall rule for Relays in DMZ (restoring access from Internet on port 52311)
7Zip 18.05 x64 Update
PRJ0064377 - Relay Project
KB0029526 - DHTS Work Instructions on Clearing/Resetting a BigFix Relay
RITM2240495 - Technical Bridge request for DNS change as part of the switch from Physical to Virtual BigFix servers.
Using DSA to replace a BigFix Server
KB0030524 - Procedure to generate and install an SSL Cert for the Web Reports server.
RITM2589542 - New Cert for ILMT Server
PRJ0080342 - Rebuild BigFix Test Environment
RITM2638250 - Decommission VML-TEM-ILMT and VML-TEM-DB2
RITM2688193 - Request new PACE Relay
RITM2688192 - Request new PACE Relay
RITM2759511 - Firewall request to allow Server communications into the dc-dhts-non-clinical VRF
INC2496211 - Problem adding Group Manager Groups to Local Administrator Groups via Command Line NET LOCALGROUP commands and Power Shell.
RITM3374423 - Requested SQL Server be installed on the new SCA server.
RITM3380791 - New Project Request for Microsoft SCCM POC
RITM3405803 - Decommission two DMZ Relay servers
CHG0184584 - Change to Remove BigFix Inventory from Production Environment
TASK3771248 - Task to create a "Universal" Encryption property in BigFix for reporting purposes.
RITM3835378 - F5 VIP Request for BF-Core
Microsoft Windows Update Resources
CS0295243 - HCL ticket about systems cycling between Evaluating, Pending Download, and not Relevant.
RITM4462525 - New ILMT SSL Cert Requested
RITM4512395 - New WebUI SSL Cert Requested
RITM5054521 - New WebUI SSL Cert Requested (2023)
RITM5503316 - Decommissioning 4 Remote Relay Servers running 2012R2
RITM5523128 - New WebReports SSL Cert Requested (2024/01/10)
RITM5687282 - New ILMT SSL Cert Request (2024/03/07)
RITM5913381 - Firewall Requests for ILMT

Active Issues

BigFix Server Client Report Ingestion Stalls at Midnight

Tutorials and Training Material

IBM Security Learning Academy

Items to investigate further

Integrations

Diagnostics

Current Issues

Remote Site Relay Hardware

I need to spec out hardware for Relays to place at "Remote" locations. These systems don't need to have massive processors or tons of RAM, they just need a decent network connection, and they need to be cheap.

After a little Googling I found these systems ...

Lenovo RS140 - $746.10

Our Facilities Manager doesn't like them because they don't have Dual Power Supplies. My thought is "that's fine", I plan to use them in an N+1 configuration for each location anyway. If there is even dual power available at a location, we can always connect the even numbered units to one leg of power and the odd numbered units to the other leg of power. If power fails at a site, my guess is most of the workstations will go with it, and there won't be a huge need for the Relays ANYWAY.

The Solutions

It looks like it's going to be a combination of both the RS140 and the X3250 from Lenovo.

Lenovo RS140
- Low Cost
- Mountable in 2 post rack systems (TelComm Racks)
- Single Power Supply
Lenovo X3250-m5
- Low Cost
- Mountable in standard server racks
- Dual Power Supplies available as an option

History

The search for inexpensive rackable computers with Dual Power Supplies until I can convince someone it's a bad idea.

Dell PowerEdge R420 (Cannot locate on Dell's Web Site)
Dell PowerEdge R330 - $1,385.40 - Configured with No OS, No RAID, 500GB SATA Drive, Dual Power Supplies and 8GB RAM.
[1] - "Ribbed for your viewing pleasure!" External Cooling vanes. Not Rack mountable and very expensive. Not an option, but funny!
ABMX rack mountable server - $1,238 with dual PS, 8gb ram, and 500gb hd
ABMX Rack mountable servers
Wall Mount Rack

Relevance

Relevance Question: List out all relevant fixlets for a Computer Group
Action Parameter to define IP Address
string values of selects "MediaLoaded from Win32_CDROMDrive" of wmi
Examples of Relevance From IBM
IBM BigFix Session Relevance

I Want to ...

Content

Utilities

Documentation

Videos

Links

Diagnostics

Why does a BigFix client sometimes take a long time to do its thing

DSA Server

SCM & SCA Server

SCM and SCA
Synchronize Checks Wizard
Create the check lists using the Wizards and then as the checklists are updated, there are other wizards that can be used to keep them updated.

Performance

Utilities

Logging Documentation

Enable Web Report Logging

Client

Client Settings

Service Now Items of Note

RITM0819411/REQ0812148 - Requested DMZ Server for BigFix/Service-Now Test/Dev
Tools to interact with BigFix SOAP API
Forums.BigFix.com posting about ServiceNow
ServiceNow Integration with BigFix
BigFix Service Now Integration

OS Deployment

OSD 3.9 Announcement

SOAP API

Session Relevance Computer Propeties query efficiency

REST API Content

IBM AIX Support in BigFix

AIX Patch Management FAQ

Custom Content Creation

Interesting items

'(ids of it, values of results of it) of bes properties whose (name of it = "Last Logged on User")'
Is today the 2nd Tuesday of the month?
Undelete Actions via SQL commands
Customizing the Self-Service Portal
SQL Analysis Properties
if exists (domain users(names of logged on users))then full names of domain users(names of logged on users)else if exists (users(names of logged on users)) then "local account" else "none"
File being Uploaded never shows Completed Status in Software Distribution dashboard
Internet Facing Relays
Need a Secure way to prompt a console user for a password
BigFix OS Deployment Content
Enable Custom Site to bypass a Client Lock State
Terminal Services Recommended Settings
BitLocker Analysis
- BigFix - Encryption with Bitlocker is easier now!
- Windows BitLocker
BitLocker Events from Logs
Adjust Console Timeout settings to prevent Error 28's
Get the current Action Name while running the Action
Download Folder Path
POSTMan
Tracking Logins for Local Administrator Accounts
Configure Preference for IP v4
Is there a way to externally tell if an action is running?

Client Installation Information

Client Configuration Content

BigFix Patching Maintenance Windows

Creating Custom Content

exists keys "HKEY_LOCAL_MACHINE\SOFTWARE\Sassafras\Install\KeyAccess" of (x64 registries; x32 registries)

Documentation

WebUI Documentation

IEM Component Articles

Tools that might be useful

Pages about odd information

Projects

Automate the assignment of Relay Affiliation Groups to clients and Relays

Support Links

Blogs

Notes

https://forum.bigfix.com/t/add-custom-property-to-relevance-query/26111

@@ Line 1: / Line 1: @@
+= What is BigFix =
+== Short Answer ==
+BigFix is a "Agent Based" system used to securely manage computers without needing to constantly visit each computer.
+== Long Answer ==
+BigFix is a "Client/Server" based system of managing remote computers.
+Member computers need to be connected to the network, and can be managed anywhere in the world as long as they are actively connected to a network where they can reach a Relay or the BigFix server.
+The Server and Clients use Relays as "store and forward" devices to allow a huge amount of computers to be managed by a single BigFix implementation.
+Console Operators can deploy software to remote computers, including OS Patches and Software installation packages.
+Authorized Console Operators can create custom Fixlets and Tasks to perform any task on remote computers that can be scripted.
+Management of Computers can be distributed between multiple "Console Operators" and different levels of access can be assigned via the Role objects.
+== Components ==
+* BigFix Servers
+* Console Operators
+* Roles
+* Sites
+* Relays
+* Clients
+* WebUI Server
+* Web Report Server
+* Fixlets/Tasks
+* Analyses
+* Actions
+= HCL Content =
+HCL Recently bought BigFix from IBM.  This means most all of the links below will need to change. (!!)  Perfect time to clean things up and re-organize the collection!
+These links are [https://forum.bigfix.com/t/release-announcement-hcl-bigfix-9-5-product-documentation/31919 from a recent posting on the Forums] and should be a good starting point to fixing the rest of the links.
+* [https://help.hcltechsw.com/bigfix/9.5/platform/welcome/BigFix_Platform_welcome.html Platform]
+* [https://help.hcltechsw.com/bigfix/9.5/patch/welcome/BigFix_Patch_welcome.html Patch]
+* [https://help.hcltechsw.com/bigfix/9.5/lifecycle/welcome/BigFix_Lifecycle_welcome.html Lifecycle]
+* [https://help.hcltechsw.com/bigfix/9.5/inventory/welcome/BigFix_Inventory_welcome.html Inventory]
+* [https://help.hcltechsw.com/bigfix/9.5/compliance/welcome/BigFix_Compliance_welcome.html Compliance]
+* [https://help.hcltechsw.com/bigfix/9.5/webui/welcome/BigFix_WebUI_welcome.html WebUI]
+* [https://bigfix-ideas.hcltechsw.com/ HCL BigFix Idea Center]
+According to the Forum post, Internet Explorer is NOT supported at the above links.
+According to HCL, they are working on providing updated PDF forms of the documentation.
+HCL BigFix Technology Partner information can be found [https://www.hcltechsw.com/bigfix/partners HERE]
+= V10 Cloud Functions =
+* [[BigFix v10 Cloud Functionality]]
+* [https://help.hcltechsw.com/bigfix/10.0/platform/Platform/Config/c_pluginportal.html The Plugin Portal]
 = Sites =
 * [https://www.itcentralstation.com/products/ibm-bigfix-reviews IBM BigFix Review]
@@ Line 4: / Line 52: @@
 * [http://bigfix.me BigFix.Me]
 * [http://forum.bigfix.com Forums]
+** [https://forum.bigfix.com/t/bigfix-documentation-resources/12540 Documentation Thread in Forums]
 * [[BigFix Inventory]]
 * [[IBM License Metric Tool]]
+* [https://github.com/jgstew/tools JGStew's Tools]
 = Subjects =
@@ Line 11: / Line 61: @@
 * [[IBM Server Automation]]
 * [[IBM BigFix Basics]]
+* [[BigFix Service Now Integration]]
+* [[Configuring SSL Certs for BigFix Components]]
 = Items to Remember =
 * RITM2586103 - New Project request so I can get a new VM for the BigFix Test environment.  Freaking stupid that I have to request a whole project just to get a new VM for the Test Environment of a FUNCTIONAL system.
-* [https://www.ibm.com/developerworks/community/blogs/a1a33778-88b7-452a-9133-c955812f8910/entry/How_will_IBM_BigFix_Patch_address_new_servicing_models_for_Windows_7_and_8_1?lang=en How will IBM BigFix Patch address new servicing models for Windows 7 and 8.1?]
+* [https://www.ibm.com/developerworks/community/blogs/a1a33778-88b7-452a-9133-c955812f8910/entry/How_will_IBM_BigFix_Patch_address_new_servicing_models_for_Windows_7_and_8_1?lang=en How will IBM BigFix Patch address new servicing models for Windows 7 and 8.1?] (Broken)
 * KB0024021
 * TASK1728858 - Relay Refresh with X3250 and RS140's.
@@ Line 33: / Line 85: @@
 * KB0030524 - Procedure to generate and install an SSL Cert for the Web Reports server.
 * RITM2589542 - New Cert for ILMT Server
+* PRJ0080342 - Rebuild BigFix Test Environment
+* RITM2638250 - Decommission VML-TEM-ILMT and VML-TEM-DB2
+* RITM2688193 - Request new PACE Relay
+* RITM2688192 - Request new PACE Relay
+* RITM2759511 - Firewall request to allow Server communications into the dc-dhts-non-clinical VRF
+* INC2496211 - Problem adding Group Manager Groups to Local Administrator Groups via Command Line NET LOCALGROUP commands and Power Shell.
+* RITM3374423 - Requested SQL Server be installed on the new SCA server.
+* RITM3380791 - New Project Request for Microsoft SCCM POC
+* RITM3405803 - Decommission two DMZ Relay servers
+* CHG0184584 - Change to Remove BigFix Inventory from Production Environment
+* TASK3771248 - Task to create a "Universal" Encryption property in BigFix for reporting purposes.
+* RITM3835378 - F5 VIP Request for BF-Core
+* [https://docs.microsoft.com/en-us/windows/deployment/update/windows-update-resources Microsoft Windows Update Resources]
+* CS0295243 - HCL ticket about systems cycling between Evaluating, Pending Download, and not Relevant.
+* RITM4462525 - New ILMT SSL Cert Requested
+* RITM4512395 - New WebUI SSL Cert Requested
+* RITM5054521 - New WebUI SSL Cert Requested (2023)
+* RITM5503316 - Decommissioning 4 Remote Relay Servers running 2012R2
+* RITM5523128 - New WebReports SSL Cert Requested (2024/01/10)
+* RITM5687282 - New ILMT SSL Cert Request (2024/03/07)
+* RITM5913381 - Firewall Requests for ILMT
+= Active Issues =
+* [[BigFix Server Client Report Ingestion Stalls at Midnight]]
 = Tutorials and Training Material =
@@ Line 145: / Line 221: @@
 * [http://www-01.ibm.com/support/docview.wss?uid=swg21506002 How does BigFix determine if a reboot is required (Windows)]
 * [[Detect Apple OS X WDE Encryption Status]]
+* [https://forum.bigfix.com/t/number-of-times-and-action-has-run-on-a-client Track number of times a user logs into a computer to install/uninstall software]
 = Content =
@@ Line 152: / Line 229: @@
 == Documentation ==
+=== Videos ===
+* [https://www.youtube.com/channel/UCtoLTyln5per0JYzw1phGiQ/videos YouTube BigFix Tech Advisor Channel]
+* [https://www.youtube.com/watch?v=6VMGt0Ml-wA BigFix Beyond the Perimeter Considerations when leveraging a DMZ relay]
+* [https://www.youtube.com/watch?v=tXRX3zlw1aQ BigFix PeerNest Introduction]
+=== Links ===
 * [[List of most helpful BigFix links]]
+* [https://www.ibm.com/support/knowledgecenter/SSQL82_9.5.0/com.ibm.bigfix.doc/Platform/Installation/c_list_of_advanced_options.html Advanced Configuration Options]
 * [https://www.ibm.com/support/knowledgecenter/en/SSTK87_9.5.0/com.ibm.bigfix.webui.doc/WebUI/Admin_Guide/c_server_settings_definitions.html WebUI Server Settings Definitions]
 * [[IBM BigFix Relay Optimization in Large Environments]]
@@ Line 216: / Line 300: @@
 == Logging Documentation ==
-* [http://www-01.ibm.com/support/docview.wss?uid=swg21505914 Enable Web Report Logging]
+* [https://help.hcltechsw.com/bigfix/9.5/platform/Platform/Web_Reports/c_logging_web_reports.html Enable Web Report Logging]
 == Client ==
@@ Line 224: / Line 308: @@
 * RITM0819411/REQ0812148 - Requested DMZ Server for BigFix/Service-Now Test/Dev
 * [https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/TEM%20SOAP%20API Tools to interact with BigFix SOAP API]
-* [https://forum.bigfix.com/t/servicenow-anyone/2165/10 FOrums.BigFix.com posting about ServiceNow]
+* [https://forum.bigfix.com/t/servicenow-anyone/2165/10 Forums.BigFix.com posting about ServiceNow]
+* [https://forum.bigfix.com/t/bigfix-service-now-integration-to-invoke-tasks/25708 ServiceNow Integration with BigFix]
+* [[BigFix Service Now Integration]]
 == OS Deployment ==
 * [https://forum.bigfix.com/t/windows-10-in-place-upgrade-feature-is-available-for-bigfix-os-deployment-3-9/16004 OSD 3.9 Announcement]
+== SOAP API ==
+* [https://www.ibm.com/developerworks/community/blogs/e9d21113-aa93-467e-ac77-a0d20a21eaec/entry/Session_Relevance_Computer_Properties_query_Efficiency?lang=en Session Relevance Computer Propeties query efficiency]
 == REST API Content ==
@@ Line 248: / Line 337: @@
 == Interesting items ==
+* '(ids of it, values of results of it) of bes properties whose (name of it = "Last Logged on User")'
 * [[Is today the 2nd Tuesday of the month]]?
 * [https://forum.bigfix.com/t/looking-up-information-on-deleted-actions/15041 Undelete Actions via SQL commands]
@@ Line 260: / Line 350: @@
 * [[Terminal Services Recommended Settings]]
 * [http://bigfix.me/analysis/details/2994754 BitLocker Analysis]
+** [https://bigfix-wiki.hcltechsw.com/blogs/bradsexton/entry/Bigfix_Encrypt_your_devices_with_Bitlocker?lang=en_us BigFix - Encryption with Bitlocker is easier now!]
+** [https://help.hcltechsw.com/bigfix/10.0/mcm/MCM/Config/c_windows_bitlocker.html Windows BitLocker]
 * [http://bigfix.me/analysis/details/96 BitLocker Events from Logs]
 * [http://bigfix.me/fixlet/details/3959 Adjust Console Timeout settings to prevent Error 28's]
@@ Line 326: / Line 418: @@
 == Documentation ==
 * [[List of most helpful BigFix links]]
+* [https://www.ibm.com/support/knowledgecenter/SSQL82_9.5.0/com.ibm.bigfix.doc/Platform/Installation/c_list_of_advanced_options.html List of Advanced Configuration Options]
+* [https://www.ibm.com/support/knowledgecenter/SSQL82_9.5.0/com.ibm.bigfix.doc/Platform/Config/c_config_stngs_overview.html Client Configuration Settings]
 * [[IBM BigFix Relay Optimization in Large Environments]]
 * [ftp://public.dhe.ibm.com/software/tivoli/IEM/9.2/ FTP Server with the BigFix 9.2 Documentation in PDF format]
@@ Line 352: / Line 446: @@
 * [https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/Relays.dat%20Parser Relays.dat Parser]
 * [https://forum.bigfix.com/t/relay-server-linux-redhat-or-windows-server-2012-r2/15507 FORUM: Windows or Linux Relay]
+* [https://www.ibm.com/support/knowledgecenter/en/SSQL82_9.5.0/com.ibm.bigfix.doc/Platform/Installation/c_list_of_advanced_options.html List of Advanced Options]
 == WebUI Documentation ==
@@ Line 385: / Line 480: @@
 * [http://support.bigfix.com Bigfix Support]
 * [http://www-03.ibm.com/certify/tests/eduC2150-521.shtml IBM BigFix Certification]
+== Blogs ==
+* [https://www.ibm.com/developerworks/community/blogs/e9d21113-aa93-467e-ac77-a0d20a21eaec BigFix Relevance musings]
+* [https://www.ibm.com/developerworks/community/blogs/a1a33778-88b7-452a-9133-c955812f8910 BigFix]
 = Notes =
 * https://forum.bigfix.com/t/add-custom-property-to-relevance-query/26111
+[[Category:BigFix]]
+[[Category:Tivoli Endpoint Manager]]
 [[Category:IBM Endpoint Manager]]
 [[Category:IBM BigFix]]
 [[Category:Work]]

Difference between revisions of "BigFix"

Latest revision as of 16:12, 19 August 2024

Contents

What is BigFix

Short Answer

Long Answer

Components

HCL Content

V10 Cloud Functions

Sites

Subjects

Items to Remember

Active Issues

Tutorials and Training Material

Items to investigate further

Integrations

Diagnostics

Current Issues

Remote Site Relay Hardware

The Solutions

History

Relevance

I Want to ...

Content

Utilities

Documentation

Videos

Links

Diagnostics

DSA Server

SCM & SCA Server

Performance

Utilities

Logging Documentation

Client

Service Now Items of Note

OS Deployment

SOAP API

REST API Content

IBM AIX Support in BigFix

Custom Content Creation

Interesting items

Client Installation Information

Client Configuration Content

Creating Custom Content

Documentation

WebUI Documentation

IEM Component Articles

Tools that might be useful

Pages about odd information

Projects

Support Links

Blogs

Notes

Navigation menu

Search