Can any one help me to create fixlet for fetching file from linux server and move to bigfix server
1 Like
Is the file accessible via a HTTP front-end like Apache? If you, you can create a fixlet to run against your root BES server that prefetch the file in question. Once the file is in the BES cache on the root BES server, you use the move command from the BESClient cache to the desired location on the root BES server.
Where exactly do you want to move the file in question to on your root BES server?
2 Likes
Thanks cannady for quick rresponse!
For example, client placed files in linux server , i need to fetch that file using fixlet…then i need to move same file to diff server using fixlet… Do you have any idea hoe to implement this
1 Like
You will have to expose the file on the Linux server in some method that the root BES server can “fetch” it. This would mean Apache, FTP, Samba, SCP, etc., but this method of access must have client functionality that can be leveraged on the root BES server (assuming that it’s Windows and not Linux too). So this would typically suggest front-ending the Linux server with Apache or similar HTTP service so that the root BigFix server can prefetch via HTTP to download the file in question.
If the root BES server is also a Linux server, then I’d leverage SCP within the fixlet that runs against the root BES server to “fetch” the file in question.
So to fully answer your question, I need to know:
- Is your root BES server is Linux or Windows?
- Does the Linux server with the file that needs to be “fetched” have Apache or other HTTP service installed?
- If both servers are Linux, do you have local or LDAP credentials that could be used to create a SCP connection from the root BES server to the file server?
Best,
@cmcannady
1 Like
here the details -
Is your root BES server is Linux or Windows - Linux
Does the Linux server with the file that needs to be “fetched” have Apache or other HTTP service installed - no
If both servers are Linux, do you have local or LDAP credentials that could be used to create a SCP connection from the root BES server to the file server - both linux server, but here i need to use fixlet for getting file…im not supposed to use SCP
1 Like
If you can’t leverage SCP for Linux-to-Linux file transfer, then you’ll have to:
A - Front-end the Linux file server with Apache or similar HTTP service to expose the file for prefetch within content to be executed on the root BES server.
B - Research and leverage the archive now functionality on the Linux file server to upload the file to the root BES server.
C - Front-end the Linux file server with Samba or NFS for remote file sharing.
Option A would be my 1st choice as it’s easy to implement, secure and is relatively low overhead on Linux. The archive now functionality (in my opinion) is clunky and I’m not a fan of SMB/NFS for file transfer through BES.
1 Like
Thanks much!
I will check the options. pls share if you have any fixlet format for the same
Thnx
Here’s the action script source that I’ve utilized in the past to pull files from an internal HTTP resource and drop into the BES cache on the root server. This will only work on NIX endpoints with Bash installed.
// Query for action parameters of fixlet
action parameter query "_filename" with description "Please enter the file name."
action parameter query "_sha1" with description "Please enter SHA1 value of the file."
action parameter query "_internal_url" with description "Please enter the internal URL to file location. For example, http://subdomain.domain.suffix/path/to/script/goes/here/ and make sure to include final slash."
// Declare fixlet parameters
parameter "_date_and_time" = "{((year of it as string & month of it as two digits & day_of_month of it as two digits) of date(local time zone) of it & "."& (two digit hour of it as string & two digit minute of it as string & two digit second of it as string) of time (local time zone) of it) of now}"
parameter "_root_bes_path" = "/var/opt/BESServer/wwwrootbes/Uploads/cache"
parameter "_root_sha1_path" = "/var/opt/BESServer/wwwrootbes/bfmirror/downloads/sha1"
// Generate installer script
createfile until __EOF
#!/bin/sh
# *** ***************************************************************** ***
# *** ***
# *** Casey Cannady - CBI ***
# *** bigfix@cbisecure.com ***
# *** www.cbisecure.com ***
# *** ***
# *** ***************************************************************** ***
#
# Change to proper directory on root BES server
#
cd {parameter "_root_bes_path"}
rc=$?; if [[ $rc != 0 ]]; then exit $rc; fi
#
# Download file from internal HTTP service
#
wget {parameter "_internal_url" & parameter "_filename"}
rc=$?; if [[ $rc != 0 ]]; then exit $rc; fi
#
# Put the downloaded file in the BES sha1 folder to make available for endpoints
#
mv {parameter "_filename"} {parameter "_root_sha1_path"}/{parameter "_sha1"}
rc=$?; if [[ $rc != 0 ]]; then exit $rc; fi
__EOF
// Move temporary file download script to tmp filesystem
move __createfile /var/opt/BESServer/tmp/bes_cache_{parameter "_date_and_time"}.sh
// Set temporary download script permissions
wait chmod 755 /var/opt/BESServer/tmp/bes_cache_{parameter "_date_and_time"}.sh
// Execute temporary download script
wait /bin/sh /var/opt/BESServer/tmp/bes_cache_{parameter "_date_and_time"}.sh
parameter "__ExitCode1" = "{if exist exit code of action then exit code of action as string else "999"}"
if {parameter "__ExitCode1" != "0"}
exit {parameter "__ExitCode1"}
endif
// Good house keeping
delete __createfile
delete /var/opt/BESServer/tmp/bes_cache_{parameter "_date_and_time"}.sh
You’ll want to make sure to be sure and specify the custom relevance for the action’s “Success Criteria” as follows:
exit code of action != 0
Hope this helps.
@cmcannady
*** Please note that the above is provided as-is and without warranty.
2 Likes