We have Linux and Carbon Black App Control in our environment. CB has us under its control because it is only compatible with certain version of the Linux Kernel. Right now el9_7 is supported finally. We have had to create a filter to check if el9_7 is in the description and display the fixlet names. We then Globally Hide these patches so no one accidently pushes them including our patch policies.
What I would like to do is when the filter finds fixlets with el9_7 (or future version when released like el9_8) in its description to automatically Globally hide these fixlets.
Is this possible?
Thanks
Yes, this can be achieved using the following approach within a batch/scripted process:
-
Create an API query to fetch the IDs of the required fixlets.
-
Use those Fixlet IDs as input for the SQL-based solution shared by @jgstew below to perform a global hide:
https://forum.bigfix.com/t/is-there-a-way-using-an-api-to-globally-hide-a-fixlet/12172/9
-
Update the query to target specific Fixlet IDs instead of superseded fixlets. For example:
From:
AND ExternalFixletsTable.[Name] LIKE '% (Superseded)%'
To:
AND ExternalFixletsTable.[ID] IN (12345, 23456, 34567)
-
Schedule the script to run at a frequency that aligns with your requirements.
As recommended, this should first be tested in a lab or DSA environment. If successful, it can then be promoted to production.
The primary area requiring thorough validation is the global hide functionality; the rest of the process should work as expected.