BigFix WebUI and Insights new release available (January 2021)

adinia 2021-01-22 09:39:29 UTC #1

HCL Software is pleased to announce a new update to BigFix WebUI and BigFix Insights. These releases introduce a range of enhancements, including new features, functionality, and improved security.

BigFix WebUI and Insights General Release - Features

New Device view with improved flexibility and user experience!

The new Device page has been designed to greatly improve flexibility and user experience.

The view on the Device page can now be customized by BigFix operators, allowing them to select and display the device properties of their interest among all the ones available in BigFix, both out-of-the-box and custom ones, including the ones coming from analyses. The view can be visually adjusted (column width and position) and is persistent for the operator.
In addition to the existing filtering options, it is now possible to filter devices by any property that is present in the view, including custom properties and properties coming from analyses.

The view also provides largely increased data density, and adapts to different screen resolutions to maximize real estate utilization.
Greatly simplified installation of BigFix Agents residing on AWS or Azure VMs via cloud-native APIs!

You can now install the BigFix Agent in AWS and Azure environments much more quickly and easily by leveraging the cloud provider services and APIs directly from WebUI. You no longer need to provide Client credentials or deploy and configure the Client Deploy Tool (CDT).
Note: this feature requires BigFix Platform version 10.0.2 or later.

Inline Reporting:

Additional export options:
- You can now export in PDF to capture the Summary Charts

Patch application:

Added support for the following:
- RHEL 5/6/7/8 Extended Support Updates
- CentOS 8
- Ubuntu 20.04
- Oracle Linux 8

Patch Policies application:

Support for custom content
- Custom content can now be added to a policy
Skip locked constraints when deploying policy
- Operators with console “Can Lock” permissions now have the option to deploy a policy to a locked device without having to first unlock the device
Added support for the following:
- RHEL 5/6/7/8 Extended Support Updates
- CentOS 8
- Ubuntu 14.04/16.04/18.04/20.04
- Oracle Linux 8

BigFix Insights:

Better enrich your reports and analytics with:
- More fields now available in our updated schema:
  - DeviceDimensions: Added MAC Address
  - FixletDimensions: Added superseded fields
  - FixletDimensions: Added product and product-family fields
  For more information, please see https://help.hcltechsw.com/bigfix/10.0/insights/Insights/Getting_Started/c_schemanew.html
- Custom attributes: Operators with appropriate permissions can now readily view, create, edit, and delete custom attributes from within WebUI
  
  For more information, please see https://help.hcltechsw.com/bigfix/10.0/insights/Insights/Getting_Started/t_editing_settings.html
More granular data synchronization options: ETLs can now be scheduled more frequently with options to run an ETL every 4, 8, or 12 hours
- For more information, please see https://help.hcltechsw.com/bigfix/10.0/insights/Insights/Getting_Started/t_scheduling_ETL.html
Expanded support: the BigFix Insights database now works with MS-SQL 2019
More quickly synchronize data with BigFix Insights with improved ETL performance

Other modifications

Security Updates for WebUI:
- CVE-2020-15366
- CVE-2020-8244
- CVE-2020-7751
- CVE-2020-11023
- WS-2020-0201
Resolved Defect Articles:
- KB0082201: WebUI stuck in Loading Device Group
- KB0084143: WebUI login stuck in the cachecheck page for NMOs when their permissions are modified
- KB0084285: WebUI initialization failing
- KB0084730: WebUI doesn’t work on Linux RedHat 6
- KB0084852: Improve description of WebUI in DSA environment scenario
- KB0084966: WebUI might not start when installed with BigFix v10 on DB2
- KB0085195: Performance degradation in BigFix v10 environment while running WebUI
- KB0085404: Unable to deploy baseline action as an offer
- KB0085960: WebUI Patch page showing no entries for NMOs
- KB0086393: Deploying using “Target by Group” is allowed only for NMOs having unrestricted targeting permissions

How to update

WebUI will update automatically by default, unless configured otherwise.
Please note that for BigFix Insights, due to the potentially high impact, updates must be done manually via the Application Updates page on WebUI. For more information, please see https://help.hcltechsw.com/bigfix/10.0/webui/WebUI/Admin_Guide/c_manage_application_updates.html.

Published WebUI Site Versions

WebUI Site Name	Version
WebUI API	7
Application Administration	18
Patch Policies	18
Common	60
WebUI Content App	8
Custom	29
WebUI Data Sync	12
WebUI Framework	14
Insights	5
MDM	4
Patch	29
WebUI Permissions and Preferences	8
Profile Management	13
Query	20
Software Distribution	32
WebUI Reports	3
WebUI Take Action	13

WebUI Documentation link:

https://help.hcltechsw.com/bigfix/10.0/webui/index.html

BigFix Insights Documentation link:

https://help.hcltechsw.com/bigfix/10.0/insights/index.html

The BigFix WebUI & Insights Teams

flecciso 2021-01-23 09:54:21 UTC #2

bobdennedy 2021-01-29 14:25:02 UTC #3

We are running into major issues since this version was released. Our root is 9.5.16.90 and WebUI is a different server. We had WebUI auto-update enabled and never had issues until now. We use SAML. Support case opened. CS0200956

Issue: most of the WebUI appears to work fine, but when loading Patch Policies, we get an error:

{“data”:{“error”:“Conversion failed when converting date and/or time from character string.”},“status”:500,“config”:{“method”:“GET”,“transformRequest”:[null],“transformResponse”:[null],“jsonpCallbackParam”:“callback”,“url”:"/autopatch/api/policy/39/previewdelta/count",“params”:{“forceCacheRefresh”:false},“headers”:{“Accept”:“application/json, text/plain, /”,“X-XSRF-TOKEN”:"-------"}},“statusText”:“Internal Server Error”,“xhrStatus”:“complete”,“resource”:{}}

We think it has something to do with the new feature where custom content can be included in a policy. We don’t know if the issue started just because of the update, or because one of our operators was attempting to use/edit the custom content feature.

We also had the issue with it stuck in initializing prior to this, but re-pushed the db connection fixlet and restarted and that fixed that issue. This issue still persists. If we restart WebUI service, patch policies at least load for about 5 min. and then the error above comes back. We’ve not tried to edit a policy in that time window yet.

bobdennedy 2021-01-30 19:38:10 UTC #4

Providing some updates as I got WebUI Patch Policy loading at the moment. Support was able to identify this error message in autopatch.log:

SELECT CUSTOM_FIXLETS.Name AS “Name”, CUSTOM_FIXLETS.SiteID AS “SiteID”, CUSTOM_FIXLETS.ContentID AS “ContentID”, CUSTOM_FIXLETS.LastModificationTime AS “ModificationTime” FROM CUSTOM_FIXLETS LEFT OUTER JOIN SITES ON SITES.ID=CUSTOM_FIXLETS.SiteID LEFT OUTER JOIN CUSTOM_FIXLET_FIELDS AS SUPERSEDENCECHECK ON SUPERSEDENCECHECK.SiteID=CUSTOM_FIXLETS.SiteID AND SUPERSEDENCECHECK.ContentID=CUSTOM_FIXLETS.ContentID AND (SUPERSEDENCECHECK.Name IN (‘x-fixlet-superseded’, ‘x-fixlet-superseded-date’)) LEFT OUTER JOIN CONTENT_VISIBILITY AS GLOBALHIDDENPATCHCHECK ON GLOBALHIDDENPATCHCHECK.SiteID=CUSTOM_FIXLETS.SiteID AND GLOBALHIDDENPATCHCHECK.ContentID=CUSTOM_FIXLETS.ContentID AND (GLOBALHIDDENPATCHCHECK.IsVisible = 0) LEFT OUTER JOIN CONTENT_VISIBILITY_USER AS LOCALHIDDENPATCHCHECK ON LOCALHIDDENPATCHCHECK.SiteID=CUSTOM_FIXLETS.SiteID AND LOCALHIDDENPATCHCHECK.ContentID=CUSTOM_FIXLETS.ContentID AND (LOCALHIDDENPATCHCHECK.UserID = 103) AND (LOCALHIDDENPATCHCHECK.IsVisible = 0) WHERE (CUSTOM_FIXLETS.IsDeleted IN (0)) AND (SITES.IsDeleted IN (0)) AND (CUSTOM_FIXLETS.IsTask IN (0)) AND (CUSTOM_FIXLETS.Category IN (‘undefined’)) AND (CUSTOM_FIXLETS.Source IN (‘undefined’)) AND (SITES.Name IN (‘undefined’)) AND (CUSTOM_FIXLETS.SourceReleaseDate>=‘Invalid date’ AND CUSTOM_FIXLETS.SourceReleaseDate<=‘Invalid date’) AND (SUPERSEDENCECHECK.Name IS NULL ) AND (GLOBALHIDDENPATCHCHECK.IsVisible IS NULL ) AND (LOCALHIDDENPATCHCHECK.IsVisible IS NULL ) AND (CUSTOM_FIXLETS.DefaultAction IS NOT NULL )

Specifically, it includes:

CUSTOM_FIXLETS.SourceReleaseDate>=‘Invalid date’ AND CUSTOM_FIXLETS.SourceReleaseDate<=‘Invalid date’

This feels like someone was trying to include custom fixlets (new feature) and somehow the dates were invalid (possibly input validation issue for the app team?)

WARNING: Below was done by me without input from support team. Re-apply at your own risk

I used SQL Mgmt studio and ran this query:

SELECT TOP (10) *
FROM [BFEnterprise].[webui].[apPOLICY]
WHERE [webui].[apPOLICY].[inclusion] LIKE ‘%custom":true%’

custom":true is a part of the JSON that would indicate custom fixlet content is included in the policy.

From there I was able to ID the policyID then ran an UPDATE query to remove the entire custom_content object from the JSON.

UPDATE webui.apPOLICY
SET inclusion = '<json_without_custom_content_object>'
WHERE policyID=<number_identified_from_select_query>;

system 2021-02-28 18:02:35 UTC #5

This topic was automatically closed after 30 days. New replies are no longer allowed.