I wonder if anyone has tried to create a fixlet, that can transfer the result of a disconnected scan to the BigFix/ILMT server - so that results from e.g. iSeries can be transferred via a BigFix agent on another host?
The scenario looks a bit like:
iSeries runs a disconnect scan
The output is transferred to a Windows or Linux server (to a specific folder)
A BigFix client on that server transfers the result to the BigFix server via the archive function
Some sort of script makes sure, that the uploaded file is located in the right folder for ILMT to scan the output.
I must admin, that I am a noob at fixlets - so I am not able to create such a fixlet myself (or in case I should try, it would probably take many weeks )
If you do manage to write a fixlet, the issue is you cannot run it on the disconnected server since there is no client on it. Is that what you are asking?
In my case, the scan results are copied manually to a particular folder on BFI server.
The other approach i can think of is, if server A (BFI server) can remotely execute script on server B that copies over the results back to server A, then we can achieve what you are looking for.
The challenge is that the iSeries server has no BigFix agent.
A linux/windows server next to the iSeries also does not have direct access to the BigFix server.
BigFix clients can only communicate to the BigFix server via a relay server.
So my thought was:
have a cron job or similar run on the iSeries to run the disconnected scan once a day (for example)
when the scan is completed, the output files are transferred to a server in the same network, where a BigFix client is installed. If the transfer is done via SSH/SCP, FTP or another protocol is not important
The “daily” data from the iSeries will be located in a specific folder on the linux/windows server with a BigFix client installed.
A fixlet should be scheduled to grab the contents of this specific folder and transfer it to the BigFix server
Some sort of script should find the uploaded information on the BigFix server and place it in the configured folder for disconnected scan results.
Does it make sense ?
The main issue is that the BigFix/ILMT Server is located between a firewall, and the only communication allowed towards it from BigFix clients will happen through a Relay Server …
)