@fhansen Frank, I wanted to acknowledge seeing your post, but don’t currently have access to a test system to check this out for you. I hope soon.
Hello All,
I just downloaded and installed this dashboard and I really like it.
The only question I have is, how could I modify it to show a specific computer group and CVEs?
I see an option to select a computer group when I click on show computer but not on the main screen.
The reason for asking is because we are are an MSP and have several customers in our environment, it would be helpful to be able to filter on a specific customer or computer group.
1 Like
@Mojea, Good idea and it makes sense, but the dashboard does not currently do that. We are not able to filter by computer group within the dashboard.
1 Like
Thanks @leewei for such a quick reply!!! I really appreciate you taking the time to respond.
I am relatively new to Bigfix, could you provide some basic guidance on how I could add that feature?
IE what tools are required to edit the dashboard, skills required to program it, etc…
Also is there anyway to make this a scheduled report? or import a report based on this info?
@Mojea, The dashboard is written in HTML, JavaScript with the BigFix Session Relevance language. So knowledge of all 3 will be useful. This is not trivial, so I would try to find someone with prior experience.
By the way, the dashboard is distributed as source code, and the entry point is CVEs.ojo file.
If you follow that file, you will see all the source.
Scheduling is very different because it is done from Web Reports and not the Console.
1 Like
Hello @leewei
Can this dashboard be available as report on BigFix webreports UI, is it available ?
Thanks !
@BF_dev, technically it is absolutely possible to run this under Web Reports which some tweaks. I think I did it for someone but never publish it. If I can find it and something easy I will post here.
1 Like
Good day!
Could you explain, how bigfix_cve_util choice a cve what it remove or add ?
Example, I interested CVE-2017-1376 but it was remove.
How i can understand why it was remove? What have rules for choice?
CVEs downloaded from NVD are removed if there are no corresponding Fixlets.
For example:
- A CVE for the Cisco router will be removed because BigFix does not have content (Fixlets) for them.
- On the other hand, if you do not subscribe to a certain sites, say Patches for AIX, then CVEs relating to AIX will be excluded as well.
The idea is that I will only show you CVEs where there are Fixlets.
Sorry for stupid question, but how do I load this in console in a custom site?
Here is the install guide that describes how to add the files for the dashboard into any sites you choose.
Actually, you can only add to a custom site anyway because we cannot modify “external” sites from IBM.
CVEDashboard.pdf (1.3 MB)
Hi All, Just recently purchased product and installed 9.5.9. CVE dashboard stopped getting updated content in June 2018. Anyone else facing this issue?
Regards,
A
I realize this is an old topic, but I’m just trying this out. I, too, need for non-master operators to be able to see this dashboard. I’ve imported the files into a Custom Site, and given the desired operator “Writer” permissions to the site. They can see the site, and the files, but not the Dashboard. I read above about permissions to the “dashboard variables”, but that’s a new one on me. (7 years with Bigfix).
Also, “Show Computers” does not work. (Bigfix 9.5.7)
Any ideas?
Hi lkj962,
Are you getting updated information from your CVE dashboard, after June 2018?
The last “Critical” ones are from June, but I’m seeing “High” and “Medium” from July 18, 2018.
@leewei : When i run the relevance it shows the values of Computer, Risk Score in XML format.
But still the Dashboard shows empty . I dont know why its showing like that.
Any Suggestions
Hi,
Where will this dashboard access?
I confirm that the dashboard access following site only.
http://static.nvd.nist.gov/
If there are other sites, let me know.