Fixlet Authoring

2 likes Updated 9/28/17, 5:45 PM by APTNinjaTags: None

Most of the knowledged on this page below the line refers to legacy documentation.  The BigFix Developer site is the official, up to date, place to get all knowledge that is developer related:

BigFix Developer (



This section of the wiki includes the following information for the Fixlet Authoring:


In addition to pre-authored, pre-tested Solutions for Patch Management, Vulnerability Management, and Endpoint Security available with BigFix, administrators can use the authoring environment integrated within the console to create powerful custom Fixlets, Tasks, and Analyses to enforce policies, view computer information, detect and remediate vulnerabilities and many other configuration management issues.

For example, with custom Fixlet content, you can:

  • Remove the new P2P software that is hogging all your company's bandwidth.
  • Find those rogue DHCP servers that have been causing you so much network trouble.
  • Update the custom applications in your company.


Related links

Here is some links to documentation that will help you learn how to use the Relevance and Action Language to create custom content.

Training Guides: Teach you how to use IBM BigFix authoring and the relevance language to create Fixlet messages


Action Libraries - Reference libraries that contain information about how to use actions in Fixlet messages or in custom actions


API Libraries References libraries that contain infirmation about the APIs.
Relevance Libraries - References libraries that contain infirmation about the relevance language.


Inspector Libraries: Reference libraries that contains every piece of information that can be retrieved by the IBM BigFix agents for Fixlet messages and retrieved properties.

Note: The following guides may be outdated. Please refer to the inspector lists in the wiki.

o   Inspector library search utility - In addition to the manuals below, this search facility will allow you to search electronically among all of the platform inspectors.

o   Windows Client Inspector Guide (PDF) - Last updated 7/6/2011

o   Windows Mobile Inspector Guide (PDF) - Last updated 8/18/2011

o   Linux Inspector Guide (PDF) - Last updated 8/18/2011

o   Solaris Inspector Guide (PDF) - Last updated 8/18/2011

o   HPUX Inspector Guide (PDF) - Last updated 8/18/2011

o   AIX Inspector Guide (PDF) - Last updated 8/18/2011

o   Macintosh Inspector Guide (PDF) - Last updated 8/18/2011

o   BigFix Session Inspectors Guide (PDF) - Last updated 8/18/2011

o   Core Inspectors Guide (PDF) - Last updated 8/18/2011



Note: Custom authoring support is not included in the standard BigFix support contract. You will need to purchase a Custom Authoring support contract if you would like help creating custom content.

Classes are also available for detailed custom authoring training. Contact Professional Services for more information.



Other Tools

Fixlet Debugger (QnA)

You can download the Fixlet Debugger application from this page:

Instructions for using the Fixlet Debugger

  1. Download the zip file above and extract to a folder.
  2. Run the RelevanceDebugger.exe file. A notepad-like interface will appear with a top and bottom window.
  3. Type any relevance expression, then select the "Edit" menu followed by the "Evaluate option" or press Ctrl+Enter. For instance, type name of operating system and hit Ctrl+Enter. You should see the answer returned as something like Win7.
  4. See the "Relevance Language Documentation" above or Relevance Tips for more information on creating relevance statements and resolving errors.

Note: Non-Windows IEM Clients already contain an appropriate version of QnA for the operating system they run on. The program file is contained as part of the IEM Client package distribution.

Note: QnA will behave differently on Vista IEM Clients unless it is run with elevated privileges. If it is run in the standard user space it may return answers different than the actual IEM Client. The following inspectors in particular are affected by this: regapp, recent applications, services (and any inspectors that reference process information).


  • Download: sha1.exe Version (375 KB)
  • Description When creating a Fixlet message action or custom action that downloads a file from the Internet or an untrusted source, it is always a good idea to verify that a checksum of the file matches a known value before running the file to ensure that you downloaded the correct unchanged file. The sha1.exe application will generate an action command that will verify the size and SHA1 checksum of a file. This action command can be pasted into the action of a Fixlet message so that the IEM Client can verify the checksum before the IEM Client executes the file.

    Note: the sha1 value in the action will also allow the IEM Server and IEM Relay to maintain a persistent cache of the downloaded files.

A "prefetch" statement can be generated using the sha1.exe file. Simply run the sha1.exe file with the argument "-r <filename>" from the command line. For example:

C:\>sha1.exe -r package.exe

prefetch sha1.exe sha1:9370b0019a942400cfebfbdf15c107bbecdc8b0a

size:79360 http:~//EXAMPLEURL/REPLACEME.exe
You would then copy this result into a custom action or Fixlet action.

The argument -c puts the result string into you paste buffer so you don't need to copy/paste out of the command window.


sha1.exe [-r|-s|-m|-b] [-c]