hello.
I am an engineer new to BigFix products.
I’m currently testing integration between BigFix and Tenable.io.
For circumstances, after installing/configuring the BigFix Enterprise server and all necessary components on one server, the BigFix IVR was also configured.
I also confirmed that the Datasource was configured without any problems by receiving the access/secret key from the Tenable.io owner manager, and that the permissions of the Tenable.io account were also fine.
However, the IVR menu is not visible from the App menu of the WebUI, and there is no data in the ivr.vulnerabilities table of the MSSQL DB.
I checked the BFIVR log file, but there are no detailed logs either.
It looks like I’ve set something less in the BigFix configuration?
And, I tried to execute the command below as mentioned in the manual, but the value does not come out.
<image redacted>
I would appreciate it if you could help me with what part to check additionally in the integration between BigFix and Tenable.io.
Please edit your post and remove your private keys of the Tenable.io environment, you have exposed the credentials to the world. Make sure to ask the Tenable admin to rotate the API Keys right away.
When I run the command you asked about, I get the following output:
==================================================
C:\Program Files (x86)\BigFix Enterprise\BFIVR>BFIVR.exe --validateconfiguration
Validating the Configuration file
Initializing Config Manager With ConfigData
Process Manager Initialized
Opening Connection: Driver={ODBC Driver 17 for SQL Server};SERVER=192.168.2.144;DATABASE=BFInsights
RootURL: Driver={ODBC Driver 17 for SQL Server};SERVER=192.168.2.144;DATABASE=BFInsights
Query:
delete from [IVR].vulnerabilities
where source_hash not in
VerifyCert: False
SQL Method: SCRIPT
Value : e3b4c355
Value : 31f0b6e0
Binding parameters for query :
delete from [IVR].vulnerabilities
where source_hash not in (?,?)
Query type: SCRIPT, Rows: 0, Time: 0:00:00.078153
Sending for Response To Parent Process
Connection Complete
Initializing Config Manager With ConfigData
Process Manager Initialized
Opening Connection: Driver={ODBC Driver 17 for SQL Server};SERVER=192.168.2.144;DATABASE=BFInsights
RootURL: Driver={ODBC Driver 17 for SQL Server};SERVER=192.168.2.144;DATABASE=BFInsights
Query:
delete from [IVR].findings
where source_hash not in (?,?)
VerifyCert: False
SQL Method: SCRIPT
Value : e3b4c355
Value : 31f0b6e0
Binding parameters for query :
delete from [IVR].findings
where source_hash not in (?,?)
Query type: SCRIPT, Rows: 0, Time: 0:00:00.046870
Sending for Response To Parent Process
Connection Complete
Initializing Config Manager With ConfigData
Process Manager Initialized
Opening Connection: Driver={ODBC Driver 17 for SQL Server};SERVER=192.168.2.144;DATABASE=BFInsights
RootURL: Driver={ODBC Driver 17 for SQL Server};SERVER=192.168.2.144;DATABASE=BFInsights
Query:
delete from [IVR].vulnerability_fixlet_nexus
where source_
VerifyCert: False
SQL Method: SCRIPT
Value : e3b4c355
Value : 31f0b6e0
Binding parameters for query :
delete from [IVR].vulnerability_fixlet_nexus
where source_hash not in (?,?)
Query type: SCRIPT, Rows: 0, Time: 0:00:00.046860
Sending for Response To Parent Process
Connection Complete
Configuration Verified Successfully!
C:\Program Files (x86)\BigFix Enterprise\BFIVR>
=====================================================
Next step would be to look in the log files …\BFIVR\logs and see if there is anything that shows there.
Also if I recall correctly there is a log file in the BFIVR directory, I don’t have an environment in front of me too look into to confirm the name. Look in there to see if any correlation is happening.