BFI Scanner Behavior on *nix

Hello my favorite software people :slight_smile:

In nixland-- let’s use, say, Solaris and Red Hat as our examples-- how does the BFI scanner determine where it will scan? I understand that in Windows it does a registry search first, then categorizes the software and does a diff going forward.

But how does it work in nix? I see in the documentation that:

the scanner searches the system registry to gather information about Windows and UNIX packages that are installed on the endpoints. Then, it returns the findings to the server where the discovered packages are compared with the software catalog. If a particular package matches an entry in the catalog, the software is discovered.

But obviously the scanner is not checking the Red Hat registry. I assume it’s looking in like /etc and /var, but it would be great if I could find a list of the directories that it is checking.

Thanks!
Josh

The documentation uses registry to mean both the Windows Registry, and the RPM Database on UNIX endpoints.

1 Like

Thanks! Does it run RPM to dump installed software to a file that it then reads off? And is the use of RPM for the scanner documented anywhere if a customer wanted something official?

There is an analysis, Installed UNIX Packages (ID 32) in the BFI Site, which contains the results of the scan. In the BFI User Interface, there is also a report, in the Software Inventory group, called Packages, In this report, the Type column contains either Windows or Rpm to indicate which registry the data comes from.

The available reports are documented here: https://www.ibm.com/support/knowledgecenter/en/SSKLLW_9.5.0/com.ibm.bigfix.inventory.doc/Inventory/softinv/c_types_of_reports.html

The name of the file used to store the RPM data varies by OS , but will be found in a subdirectory of \LMT which is found in the Client Installation directory. If you decode the relevance for the property Installed Unix Packages List, in the Analysis, you will find the various filenames by OS flavor.

1 Like