Audit Trail cleaner automation task Using BigFix for DSA environment

Manish · August 2, 2018, 1:07pm

Hello All,

I’m trying to Automate the Audit trail cleaner activity for DSA environment, Below action script is working perfectly using Fixlet Debugger but when I ran the action script using BigFix - Task, Only the start part of action script is getting completed that is service stop.
Please guide how to overcome this issue.
Action Script used :-

delete __createfile
folder delete C:\Audit
dos mkdir "C:\Audit"

//  CREATEFILE
CreateFile until END_OF_FILE
sc stop BESRootServer
chdir /d D:\Program Files (x86)\BigFix Enterprise\BES Server
BESAdmin.exe /audittrailcleaner /run /oldcontent /oldactions /oldrelaydatfile /deletedcontent /deletedactions  /orphanedsubactions /hiddenactions=15 /deletedmailbox /syncconsoles /olderthan=15 /batchsize=100000
TIMEOUT /T 10
shutdown.exe /r /t 00
END_OF_FILE

delete Audit.bat
move __CreateFile Audit.bat
move "Audit.bat" "C:\Audit\Audit.bat"
waithidden C:\Audit\Audit.bat

Thanks in Advance!!

dmccalla · August 2, 2018, 2:15pm

Try placing quotes around D:\Program Files (x86)\BigFix Enterprise\BES Server.

Manish · August 2, 2018, 2:19pm

Doesn’t make any difference

dmccalla · August 2, 2018, 2:37pm

Ok. Try removing the commas from the dos mkdir “C:\Audit” and the move “Audit.bat” “C:\Audit\Audit.bat” lines. I would test this myself but I don’t want to run the audit trail cleaner on my test box.

Manish · August 2, 2018, 3:38pm

I’m able to copy the Audit.bat file inside folder C:\Audit.
Concern here is when I execute Audit.bat file through BigFix Task first line of the batch file is working and it is stopping root server service and after that remaining lines are not getting executed but when I execute same using Fixlet debugger everything seems to be working fine without any hassle.

Batch file content
Comment :- Through BigFix Task only first line is getting executed and remaining line is not getting executed but using Fixlet debugger every line is getting executed successfully.
sc stop BESRootServer
chdir /d D:\Program Files (x86)\BigFix Enterprise\BES Server
BESAdmin.exe /audittrailcleaner /run /oldcontent /oldactions /oldrelaydatfile /deletedcontent /deletedactions /orphanedsubactions /hiddenactions=15 /deletedmailbox /syncconsoles /olderthan=15 /batchsize=100000
TIMEOUT /T 10
shutdown.exe /r /t 00

rohit · August 2, 2018, 3:41pm

@Manish
On the server, does the audit.bat contain all the lines you creating?

Manish · August 2, 2018, 3:42pm

yes …batch file contains all the lines.

rohit · August 2, 2018, 3:46pm

On another note, you don’t need to stop the root server nor reboot for running the audit trail cleaner.

Manish · August 2, 2018, 3:47pm

We want to stop the root server just to make sure no sure has logged in to BigFix Console.

dmccalla · August 2, 2018, 3:52pm

I removed the quotes and tested on a throw away root server and the action completed. I think I had a bad copy previously from the forum post and the quotes were messed up. So that aside, I ran the .bat file manually and the audit trail cleaner is popping up a confirmation dialogue so that is preventing your commands from completing.

rohit · August 2, 2018, 3:56pm

Don’t feel that is the right way to do it. Stopping root server will not log people out of the console. They might get wierd errors on console which affects their work.
That is the reason its recommended to run the audit trail cleaner during maintenance hours.

dmccalla · August 2, 2018, 3:59pm

I would suggest you configure the audit trail cleaner to run using the BES Admin tool (Clean Up tab).

Manish · August 2, 2018, 4:19pm

on DSA, BES Admin tool does not have capability to run Audit trail cleaner.

Manish · August 2, 2018, 4:50pm

We always intimate user via email that BigFix Console will be down. So,that is not a concern.

JasonWalker · August 2, 2018, 5:55pm

You sure about that? (BESAdmin doesn’t schedule on DSA) It seems to be working in mine…

Manish · August 2, 2018, 6:11pm

In 9.5.3 I don’t see the option in DSA server.

AlanM · August 2, 2018, 8:53pm

How can this work at all as doesn’t this require the keys to perform this action? Checking the documentation does suggest that you need it for some commands.

https://www.ibm.com/support/knowledgecenter/en/SS63NW_9.5.0/com.ibm.bigfix.doc/Platform/Installation/c_additional_besadmin_onwindows.html

For the chdir are you sure that directory is the right one? Its definitely a non standard location.
Additionally your move "Audit.bat" "C:\Audit\Audit.bat" might fail if the destination exists.

Manish · August 2, 2018, 9:01pm

yes directory is correct and the Audit.bat file is getting executed successfully via Fixlet Debugger but through BigFix Task, first line of action is executed i.e “Stop root server” and rest are left apart.

Now concern here is if Audit.bat file is executed via fixlet debugger then it should be executed via BigFix task too…

First line of my action script is to delete the “C:\Audit” folder. So, I don’t think that is issue here.

jgstew · August 4, 2018, 4:31am

that is not a valid assumption.

Try the following actionscript instead:

wait sc stop BESRootServer
wait "D:\Program Files (x86)\BigFix Enterprise\BES Server\BESAdmin.exe" /audittrailcleaner /run /oldcontent /oldactions /oldrelaydatfile /deletedcontent /deletedactions  /orphanedsubactions /hiddenactions=15 /deletedmailbox /syncconsoles /olderthan=15 /batchsize=100000
wait TIMEOUT /T 10
restart 10

There isn’t really a reason to do this with a BAT file.

This is probably not valid:

should probably be:

waithidden cmd /c C:\Audit\Audit.bat

or similar.

Manish · August 6, 2018, 8:16pm

Still same…
First line of script got executed and other left apart…