Look forward to your findings.
I’ve done some more digging myself, and I think I’ve decoded just a bit about how it works internally.
Each Remote Shared Disk is assigned as a negative computer_ID value while real hosts are assigned positive values.
In the database, I can find files that were detected on NFS paths via the query
SELECT TOP (1000) [id]
,[scan_file_id]
,[computer_id]
,[path]
,[name]
,[full_path_sha1]
,[size]
,[version]
,[md5]
,[sha256]
,[valid_from]
,[valid_to]
FROM [BFInventory].[sam].[file_facts_scd]
WHERE computer_id < 0
Selecting the max([id]) I find 378,179 file detections. The ‘path’ values are in the from ‘server:\mounted\path\name’ (interesting the forwardslashes were converted to backslashes)
Unfortunately, no searches for either the NFS server name, the path with forwardslashes, or the path with backslashes give me any results in the “Scanned File Data” report. Nor do the results look particularly valuable - as posted earlier, the Linux scans behave kind of like Windows scans, expecting a ‘filename extension’ to mean something. All I really have in this table are a bunch of .sh and .pl scripts, where what I really need are ‘executable binaries’.
I’ve submitted a series of RFE’s this morning, if you think these might be helpful then please give us a vote everyone! Thanks in advance…
http://www.ibm.com/developerworks/rfe/execute?use_case=viewRfe&CR_ID=124800
BFI: Detect and Scan automount NFS filesystems
Currently BigFix Inventory ignores any NFS filesystems that are managed by automount, but are not actively mounted at the time of the software scan. Additionally any prior scan of the filesystem is marked as ‘deleted’ when a subsequent scan occurs with the filesystem inactive/dismounted.
http://www.ibm.com/developerworks/rfe/execute?use_case=viewRfe&CR_ID=124801
BFI: Include Linux Shared Filesystem (NFS) paths in “Scanned File Data” report or in a new report. The ‘Scanned File Data’ report should list all files found in a scan, allowing us to create custom signatures. However files that were located on NFS paths appear to be missing from the list (perhaps because the files are not associated to any particular computer?). This is a request to add NFS paths to the “Scanned File Data” report, or to create a new report specific to NFS paths.
http://www.ibm.com/developerworks/rfe/execute?use_case=viewRfe&CR_ID=124802
BFI: Enhance Linux/UNIX Inventory Scan to include all ‘Executable’ files
Currently the options for scanning files are based on filename/extension (which are meaningful on Windows but less so on Linux/UNIX). Requesting an enhancement to include ‘Executable’ files in Linux/UNIX scans. ‘Executable’ files are determined by file permissions. This would allow detection of many more Linux/UNIX products. A simple example would include ‘Java Runtimes’. The executable file ‘java’ is not detectable based on filename extension (it doesn’t have one) but would be detectable as a file with the Execute bit set.
http://www.ibm.com/developerworks/rfe/execute?use_case=viewRfe&CR_ID=124804
BFI: Provide a ‘Software Template’ Report to provide data for remote shared disks
Currently the only way to via the software inventory results for products found on an NFS mount are to create a computer group to apply the resulting ‘Software Template’ from an NFS scan against a set of target computers, and then review the results from one of those members. However if one of the group members happened to be dismounted from the NFS path at the time of that computers scan, it would no longer be a member of the group and not have the Software Template applied on it. Directly exposing the NFS mount’s scan in a report would make it much easier to identify products installed on an NFS path and to identify unsanctioned software installations.
http://www.ibm.com/developerworks/rfe/execute?use_case=viewRfe&CR_ID=124806
BFI: Catalog enhancements for file scans on Linux/UNIX. The current software signatures for Linux/UNIX platforms are based almost entirely on ‘OS Package Installed’ (presence of RPM / DEB / BFF package). There are few or none of the file-based signatures. Software that is simply ‘extracted’ to a local filesystem or remote NFS path goes largely undetected by BigFix Inventory.