Fixlet Authoring

This page has not been liked. Updated 10/16/14 2:45 PM by SteveHullTags: None

This section of the wiki includes the following information for the Fixlet Authoring:

 

In addition to pre-authored, pre-tested Solutions for Patch Management, Vulnerability Management, and Endpoint Security available with BigFix, administrators can use the authoring environment integrated within the console to create powerful custom Fixlets, Tasks, and Analyses to enforce policies, view computer information, detect and remediate vulnerabilities and many other configuration management issues.

For example, with custom Fixlet content, you can:

  • Remove the new P2P software that is hogging all your company's bandwidth.
  • Find those rogue DHCP servers that have been causing you so much network trouble.
  • Update the custom applications in your company.

 

 

Documentation

Here is some documentation that will help you learn how to use the Relevance and Action Language to create custom content.

Training Guides: Teach you how to use IBM Endpoint Manager authoring and the relevance language to create Fixlet messages

Quick References: Quick examples of how to use the Relevance and Action Languages
Inspector Libraries: Reference libraries that contains every piece of information that can be retrieved by the IBM Endpoint Manager agents for Fixlet messages and retrieved properties

Note: The following guides may be outdated. Please refer to the inspector lists in the wiki.

Action Libraries - Reference libraries that contain information about how to use actions in Fixlet messages or in custom actions

 

Note: Custom authoring support is not included in the standard IEM support contract. You will need to purchase a Custom Authoring support contract if you would like help creating custom content.

Classes are also available for detailed custom authoring training. Contact Professional Services for more information.

 

Related Links

"IBM Endpoint Manager Inspectors Reference" :  http://support.bigfix.com/inspectors/World%20Objects_Any.html
 
 
BigFix.me interactive inspector guide:  http://bigfix.me/inspectorguide   (unofficial user updated)
 

 

Other Tools

Fixlet Debugger (QnA)

You can download the Fixlet Debugger application from this page:

https://www.ibm.com/developerworks/community/wikis/home?lang=en#/wiki/Tivoli%20Endpoint%20Manager/page/Fixlet%20Debugger%20(QnA)%20Tool

Instructions for using the Fixlet Debugger

  1. Download the zip file above and extract to a folder.
  2. Run the RelevanceDebugger.exe file. A notepad-like interface will appear with a top and bottom window.
  3. Type any relevance expression, then select the "Edit" menu followed by the "Evaluate option" or press Ctrl+Enter. For instance, type name of operating system and hit Ctrl+Enter. You should see the answer returned as something like Win7.
  4. See the "Relevance Language Documentation" above or Relevance Tips for more information on creating relevance statements and resolving errors.

Note: Non-Windows IEM Clients already contain an appropriate version of QnA for the operating system they run on. The program file is contained as part of the IEM Client package distribution.

Note: QnA will behave differently on Vista IEM Clients unless it is run with elevated privileges. If it is run in the standard user space it may return answers different than the actual IEM Client. The following inspectors in particular are affected by this: regapp, recent applications, services (and any inspectors that reference process information).

sha1.exe

  • Download: sha1.exe Version 1.1.2.2 (375 KB)
  • Description When creating a Fixlet message action or custom action that downloads a file from the Internet or an untrusted source, it is always a good idea to verify that a checksum of the file matches a known value before running the file to ensure that you downloaded the correct unchanged file. The sha1.exe application will generate an action command that will verify the size and SHA1 checksum of a file. This action command can be pasted into the action of a Fixlet message so that the IEM Client can verify the checksum before the IEM Client executes the file.

    Note: the sha1 value in the action will also allow the IEM Server and IEM Relay to maintain a persistent cache of the downloaded files.

A "prefetch" statement can be generated using the sha1.exe file. Simply run the sha1.exe file with the argument "-r <filename>" from the command line. For example:

C:\>sha1.exe -r package.exe

prefetch sha1.exe sha1:9370b0019a942400cfebfbdf15c107bbecdc8b0a

size:79360 http:~//EXAMPLEURL/REPLACEME.exe
You would then copy this result into a custom action or Fixlet action.

The argument -c puts the result string into you paste buffer so you don't need to copy/paste out of the command window.

Usage:

sha1.exe [-r|-s|-m|-b] [-c]