Flow of Data Creating Task and Deploying Task

mbartosh · September 8, 2016, 11:40pm

Has anyone seen a data flow diagram of how data flows when creating a task using the Software Distribution Dashboard, and then taking an action against a task?

strawgate · September 9, 2016, 1:48am

Well i’m not really sure what you’re asking but here’s my understanding of it. The first part is how Software Distribution works, the second part (starting at “Task Created”) really just covers how BigFix itself works with tasks/actions.

Open Manage Software Distribution

The console queries private dashboard variables from the dashboard to determine what packages currently exist and display them in a grid/table. These packages are marked as, “Private” packages.
The console queries shared dashboard variables from the dashboard to determine what packages currently exist and display them in a grid/table. These packages are marked as, “Shared” packages.

New Package

Operator presses, “New Package”

Upon pressing Confirm the console writes a new dashboard variable in JSON (private for a private package, shared for a shared package).

{ "lastmodified": "Thu Sep 8 20:19:30 GMT-0500 2016", "version": "0.0", "pkgTag": "", "description": null, "creator": "weaston-master", "comment": null, "pkgvariablekey": "SWD_Package_weaston-master_147338353453675", "owner": "weaston-master", "product": "New Product", "vendor": "New Vendor" }

Adding Files

Operator presses, “Add Files…” under the manage files part of their new Software Distribution Package.

If the operator selects to add a file. The file is uploaded via a shell command call to UploadManager.exe where the console uploads the file directly to the BigFix server over TCP 52311 bypassing the relay infrastructure.
If the operator selects to add a folder without compression, every file in the folder is uploaded (essentially calling 3a for each file).
If the operator selects to add a folder with compression then a shell command is called to invoke bfarchive and archive the folder into a .bftemp file. This bftemp file is uploaded as a single file similar to how any other file from 3a would be uploaded.
If the operator selects to add from a file url a shell command is invoked to download the file and gather it’s hash and size from the provided URL

Some information is gathered about the file (if applicable) prior to upload and is included as metadata alongside the file – once the file has been added the dashboard variable is modified to include information about the uploaded file:

{
  "lastmodified": "Thu Sep 8 20:19:30 GMT-0500 2016",
  "version": "0.0",
  "pkgTag": "",
  "description": null,
  "creator": "weaston-master",
  "comment": null,
  "pkgvariablekey": "SWD_Package_weaston-master_147338353453675",
  "owner": "weaston-master",
  "product": "New Product",
  "files": [
    {
      "ReferenceID": 8031,
      "sha256": "2f73c3d343c0a2e1be0a8d339691780be97b460f720ff1e095055b37f1660efc",
      "HasAnonymousReference": false,
      "file_url": null,
      "msi_metadata": null,
      "sha1": "D2441B7C93648CA9E42F594B557FB7D52348B32F",
      "ReferenceName": "\/D2441B7C93648CA9E42F594B557FB7D52348B32F\/CVHCI64.exe",
      "filename": "CVHCI64.exe",
      "size": 16877608,
      "compressed_data_for_package": false,
      "dateadded": "Thu, 08 Sep 2016 20:19:29 -0500",
      "spb_metadata": null,
      "osd_metadata": null,
      "folderoffset": "",
      "appv_metadata": null,
      "id": "D2441B7C93648CA9E42F594B557FB7D52348B32F_1473383970248488",
      "uploadSuffix": "bfswd",
      "exe_metadata": {
        "FileVersion": "4.2.9.52",
        "ProductVersion": "4.2.9.52",
        "ProductName": "Dell ControlVault Host Components Installer 64 bit",
        "CompanyName": "Broadcom Corporation",
        "exe_metadata_version": "1.0.0.9"
      }
    }
  ],
  "vendor": "New Vendor"
}

New Task

Operator Presses, “New Task…” under Manage Tasks under the new product.

The console reads the files portion of the dashboard variable described above and presents a list for the operator to choose what files to include in the task.
If the operator selects any known file types (.exe, .msi, etc) the next screen will offer a sample installation command like, “Setup.exe” for an MSI it might offer msiexec /i. The file selected on this screen may be used to automatically generate relevance for the fixlet in the case of an MSI.
On the next screen the operator is able to add custom relevance.

Task Creation

Operator presses “Create Task” on the final software distribution pane and a new task is generated pre-populated with information from the dashboard. The relevance is based on the manually added relevance (and MSI relevance if applicable) the actionscript is based on the provided installation command line.

Three relevance lines are added covering:

Free disk space
Version of client
Operating System check.

Metadata about the fixlet is also populated including Source, Release Date, Category and Download Size.

At this point no clients know about the task.

Task Created

Once the operator presses OK and the task is created, the site version for the site the fixlet was saved in is incremented and a UDP ping notification goes out to all clients subscribed to the site the fixlet was saved in. The UDP ping includes the new site version and if the site version in the UDP Ping is newer than the version the client has the client polls for new content.

The client requests this site from the relay who requests it from the root server. This site version includes a copy of the task the operator just created – specifically it includes a copy of the relevance of the task.

Client Evaluation

The client sees there is a new file in __BESData\NameOfSite called Fixlet(ID OF FIXLET).fxf.

The contents of this file are as follows:

x-bes-textfields-hash: sha256,77bb3eef0c382f0c178c318228f03a3e50312fc8083f5b3f28308a520291b89d
MIME-Version: 1.0
Character-Set: windows-1252
Subject: Deploy "New Product" Files - Installation Command: "CVHCI64.exe"
Content-Type: multipart/digest; boundary = "ggX4efxO1A)GA?QArPCJiw8'21o3NKoV"


--ggX4efxO1A)GA?QArPCJiw8'21o3NKoV
Subject: Deploy "New Product" Files - Installation Command: "CVHCI64.exe"
X-Relevant-When: (((if(name of operating system starts with "Win") then free space of drive of client > 33755216 else if ((mac of it) of operating system) then free space of filesystem of folder (pathname of client) > 33755216 else free space of filesystem of client > 33755216)) AND (version of client >= "8.2")) AND (windows of operating system AND (if( name of operating system starts with "Win" ) then platform id of operating system != 3 else true))
X-Relevant-When: true
X-Fixlet-ID: 8032
X-Fixlet-Type: Task
X-Fixlet-Source: New Product
X-Fixlet-Source-Severity: <Unspecified>
X-Fixlet-Source-ID: <Unspecified>
X-Fixlet-Source-Release-Date: 9/8/2016
X-Fixlet-Download-Size: 16877608
x-fixlet-swd-wizard-data: {"lastmodified":"Thu Sep 8 20:19:30 GMT-0500 2016","version":"0.0","pkgTag":"","description":null,"creator":"weaston-master","comment":null,"pkgvariablekey":"SWD_Package_weaston-master_147338353453675","owner":"weaston-master","product":"New Product","files":[{"ReferenceID":8031,"sha256":"2f73c3d343c0a2e1be0a8d339691780be97b460f720ff1e095055b37f1660efc","HasAnonymousReference":false,"file_url":null,"msi_metadata":null,"sha1":"D2441B7C93648CA9E42F594B557FB7D52348B32F","ReferenceName":"/D2441B7C93648CA9E42F594B557FB7D52348B32F/CVHCI64.exe","filename":"CVHCI64.exe","size":16877608,"compressed_data_for_package":false,"dateadded":"Thu, 08 Sep 2016 20:19:29 -0500","spb_metadata":null,"osd_metadata":null,"folderoffset":"","appv_metadata":null,"id":"D2441B7C93648CA9E42F594B557FB7D52348B32F_1473383970248488","uploadSuffix":"bfswd","exe_metadata":{"FileVersion":"4.2.9.52","ProductVersion":"4.2.9.52","ProductName":"Dell ControlVault Host Components Installer 64 bit","CompanyName":"Broadcom Corporation","exe_metadata_version":"1.0.0.9"}}],"vendor":"New Vendor"}
x-fixlet-swdCommandOverride: "CVHCI64.exe"
x-fixlet-swdPackageID: SWD_Package_weaston-master_147338353453675
x-fixlet-advancedLogOptions: {"individualLogCustomerName":null,"individualLog":false,"uploadTheLog":false}
x-fixlet-advancedPathOptions: {"customPathName":null,"deleteCustomPath":false,"customPath":false}
x-fixlet-prePostInstall: {"selected":false,"postType":null,"postInstall":null,"preType":null,"preInstall":null}
x-fixlet-runAsSystem: true
x-fixlet-pkgTag: 
x-fixlet-pkgType: 
x-fixlet-swdSelectedFiles: ["D2441B7C93648CA9E42F594B557FB7D52348B32F"]
x-fixlet-runFileSha1: D2441B7C93648CA9E42F594B557FB7D52348B32F
x-fixlet-canPreserveCustom: true
x-fixlet-adf-wizard-source: Software Distribution_SoftwareDistribution
x-fixlet-adf-wizard-data: ""
Content-Type: multipart/related; boundary = "cyEmSIWzvj8amiSP1?yisi3vqK=/EBH4"


--cyEmSIWzvj8amiSP1?yisi3vqK=/EBH4
Content-Type: text/html; charset=us-ascii

<custom>
--cyEmSIWzvj8amiSP1?yisi3vqK=/EBH4--

--ggX4efxO1A)GA?QArPCJiw8'21o3NKoV--

An important thing to notice is that the actionscript is not in the fixlet file – the client has no idea what is in the actionscript yet. It runs through the relevance of the fixlet as listed in X-Relevant-When: and if all of the relevance statements return true it will notify the server that it is relevant for the task. If there are any “False” statements or statements that result in an error the client will not be relevant.

Console Update

The relays aggregate the relevant notifications from clients and report to the root server which reports to the console the list of applicable computers.

Action Creation

When the operator creates an action from the fixlet the only computers listed under “Select Devices” are devices that have returned a message to the root server indicating that they are applicable. Yellow yield signs will appear over the “Users”, “Messages”, “Offer”, and “Post-Action” tabs of the action if there are any targeted devices in a proxy agent context (devices managed by a mangement extender).

Once the operator selects the targets one of two things can happen:

Dynamic Target

If the operator dynamically targets via an active directory group, retrieved property, or by a group and presses OK a new action is created on the root server. Clients subscribed to the operator receive a UDP similar to when the task was created. Upon polling for content a new file is created in __BESData\Opsite(Operator ID) or __BESData\Actionsite if the operator is a master operator.

Non-Dynamic Target

If the operator targets individual machines then the action is actually a mailbox action and instead of being delivered to every client for target evaluation, it is delivered directly to __BESData\mailboxsite for the clients targeted. This means clients not targeted have no idea that a new action was created.

Action Content

The file created looks like this:

MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="SHA256"; boundary="----E34C13A0BB642C182E42AC4D2AACFEF8"

This is an S/MIME signed message

------E34C13A0BB642C182E42AC4D2AACFEF8
x-bes-textfields-hash: sha256,853da9710bc9bd5548b3b004973e6164253e026c424bf6e8b6ba3dfca4f00b86
MIME-Version: 1.0
Character-Set: windows-1252
Subject: Deploy "New Product" Files - Installation Command: "CVHCI64.exe"
X-Relevant-When: version of client >= "7.0"
Content-Type: multipart/digest; boundary="x9QJpaaL4dj''(sloJEbsAh'HEqV_Jt2"


--x9QJpaaL4dj''(sloJEbsAh'HEqV_Jt2
Subject: Deploy "New Product" Files - Installation Command: "CVHCI64.exe"
X-Action-Component-Type: Action
X-Classify-Subsequent-Relevance: Targeting
X-Relevant-When: exists site "CustomSite_Content"
X-Classify-Subsequent-Relevance: Applicability
X-Relevant-When: (((if(name of operating system starts with "Win") then free space of drive of client > 33755216 else if ((mac of it) of operating system) then free space of filesystem of folder (pathname of client) > 33755216 else free space of filesystem of client > 33755216)) AND (version of client >= "8.2")) AND (windows of operating system AND (if( name of operating system starts with "Win" ) then platform id of operating system != 3 else true))
X-Success-Criteria: RunToCompletion
X-Fixlet-ID: 8038
X-BigFix-Minimum-Required-Client-Version: 8.2.531.0
X-Report-Criteria: IsOrWasTargeted
action-active-user-requirement: None
action-retry-limit: 0
action-retry-delay: 1 hour
action-try-limit: 1
action-distributor: actionsite
action-end-time: Sat, 10 Sep 2016 20:49:40
action-ui-name: Deploy %22New Product%22 Files - Installation Command%3a %22CVHCI64%2eexe%22
action-issuer-name: weaston-master
action-ui-remote-consoles: 1
site-context: http://bigfix.ad.weaston.org:52311/cgi-bin/bfgather.exe/CustomSite_Content
Content-Type: multipart/related; boundary="suR(Ur:4bqK(z?Hz0eGvoyn_Q.sgmgy1"; type="application/x-bigfix-itclient-action"


--suR(Ur:4bqK(z?Hz0eGvoyn_Q.sgmgy1
Content-Type: application/x-bigfix-itclient-action

Content-Type: application/x-Fixlet-Windows-Shell
action-requires-downloads: 1
site-context: http://bigfix.ad.weaston.org:52311/cgi-bin/bfgather.exe/CustomSite_Content
fixlet-context: 8032
action-parameter: "action issue date"="Fri, 09 Sep 2016 01:49:44 +0000"

// ---------------------------------------------EDITING INSTRUCTIONS---------------------------------------------------------------------
// When editing this task through the Manage Software Distribution Packages dashboard, you will have the option to preserve any custom edits you make to this action.
// If you select the option to preserve custom edits, only areas bound by the comment markers 'Preparation Marker', 'Command Marker' and 'Closing Marker' are updated.
// To ensure that all your custom Action Script changes can be preserved, only make changes to areas that are not bound by the comment markers.
// Removing the comment markers may result in the Action Script not updating correctly during the next edit.
// See KB Article swg21668807 (http://www-01.ibm.com/support/docview.wss?uid=swg21668807) for more information.
// --------------------------------------------------------------------------------------------------------------------------------------



//**Begin Preparation Marker
// Download all specified files
begin prefetch block
  add prefetch item name=D2441B7C93648CA9E42F594B557FB7D52348B32F sha1=d2441b7c93648ca9e42f594b557fb7d52348b32f size=16877608 url=SWDProtocol://127.0.0.1:52311/Uploads/D2441B7C93648CA9E42F594B557FB7D52348B32F/CVHCI64.exe.bfswd sha256=2f73c3d343c0a2e1be0a8d339691780be97b460f720ff1e095055b37f1660efc
end prefetch block

// All SWD files will go into a folder in the clients __BESData folder. This folder gets cleared on every restart.
parameter "baseFolder" =  "__Download/"
// Move files into subfolders and unescape file names
move "__Download/D2441B7C93648CA9E42F594B557FB7D52348B32F" "{parameter "baseFolder"}CVHCI64.exe" 

// Log setup
parameter "mainSWDLogFolder" = "{parent folder of client folder of current site}/__Global/SWDDeployData"
folder create "{parameter "mainSWDLogFolder"}"
parameter "logFile" = "SWD_DeploymentResults.log"

//**End Preparation Marker
delete __createfile
parameter "logFolder" = "{parameter "mainSWDLogFolder"}"
// Run setup process
delete run.bat

// Use .bat to set working directory to packages root, for setup command.
createfile until _end_
@ECHO OFF
cd "{parameter "baseFolder"}"
rem // See comments at the beginning of this action for an explanation of the comment markers.
echo %DATE% %TIME% >> "{parameter "logFolder"}/{parameter "logFile"}"
echo Action ID: {id of active action} >> "{parameter "logFolder"}/{parameter "logFile"}"
rem //**Begin Command Marker
echo Command: "CVHCI64.exe" >> "{parameter "logFolder"}/{parameter "logFile"}"
set errorlevel=
"CVHCI64.exe" >> "{parameter "logFolder"}/{parameter "logFile"}" 2>&1
set SWDExitCode=%errorlevel%
rem //**End Command Marker

echo Return code: %SWDExitCode% >> "{parameter "logFolder"}/{parameter "logFile"}"
echo. >> "{parameter "logFolder"}/{parameter "logFile"}"
exit %SWDExitCode%
_end_

move __createfile run.bat
// You will not be able to stop or take action on an applicable BigFix Client until your installer completes.
// So ensure no user input is required.
// If your package absolutely must interact with the user, replace 'override wait' with 'override run' and 'wait' with 'run'.
override wait
hidden=true
completion=job
wait run.bat

//**Begin Closing Marker
// Get the return code of the previous action.
parameter "returnCode" = "{exit code of action}"

// Task will now exit.
exit {parameter "returnCode"}
//**End Closing Marker
--suR(Ur:4bqK(z?Hz0eGvoyn_Q.sgmgy1--

--x9QJpaaL4dj''(sloJEbsAh'HEqV_Jt2--

------E34C13A0BB642C182E42AC4D2AACFEF8
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"

MIIJ6wYJKoZIhvcNAQcCoIIJ3DCCCdgCAQExDzANBglghkgBZQMEAgEFADALBgkq
hkiG9w0BBwGgggZ7MIIGdzCCBF+gAwIBAgIE5ewVjjANBgkqhkiG9w0BAQsFADCC
AXYxCzAJBgNVBAYTAlVTMRcwFQYDVQQDEw5XaWxsaWFtIEVhc3RvbjEOMAwGA1UE
CBMFVGV4YXMxSDBGBgNVBAcTPzExMzA1IEZvdXIgUG9pbnRzIERyaXZlLCBCdWls
ZGluZyAxLCBTdWl0ZSAxNzAsIEF1c3RpbiBUWCA3ODcyNjEXMBUGA1UEChMOQXZu
ZXQgU2VydmljZXMxETAPBgNVBAsTCEN1c3RvbWVyMScwJQYJKoZIhvcNAQkBFhh3
aWxsaWFtLmVhc3RvbkBhdm5ldC5jb20xgZ4wEAYDVQQpEwlIYXNoOnNoYTEwGwYD
VQQpExRDdXN0b21BY3Rpb25zOkVuYWJsZTAfBgNVBCkTGExpY2Vuc2VBbGxvY2F0
aW9uOjk5OTk5OTAjBgNVBCkTHFNlcnZlcjpiaWdmaXguYWQud2Vhc3Rvbi5vcmcw
JwYDVQQpEyBDdXN0b21SZXRyaWV2ZWRQcm9wZXJ0aWVzOkVuYWJsZTAeFw0xNjAz
MTcyMTQxMjFaFw0yNjAzMTUyMTQxMjFaMG4xIzAhBgNVBAMUGlNlcnZlclNpZ25p
bmdDZXJ0aWZpY2F0ZV8wMRswGQYDVQQpExJUeXBlOkFkbWluaXN0cmF0b3IxKjAo
BgNVBCkUIURCTmFtZTpTZXJ2ZXJTaWduaW5nQ2VydGlmaWNhdGVfMDCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBANXLeJiISPanMqvKAr0KxQWFRYDCke7R
y20hrtjHoVfzWHiAJfRoXOfHCvQk4Qn2NwoBztOs3nZ+Qk5T2PCAQeG/Uto+fRP7
dgYfJ86+4C2nslJ8LLEOoo1GWT4JM0N++TSmMgXNXTy9+9GuIT8sDGHFEWi4M82L
OOeA+Gu32LP6g7n2Q3eZMCZMkXPBtJge65N4TqFzTygKLp5htSULj8cuIP5C8Wue
be6sgKnpFGt7e5XHoSVZNlLQ01H1Td5iW4Yh6vUzCF/6dhf25IUxkrM8r2Y1FRoB
IiF7P+VVmlZFJJUL7un1surZnnjmkS/gxQglyoc8/BUIcQBnXDd/010CAwEAAaOC
AREwggENMAkGA1UdEwQCMAAwHQYDVR0OBBYEFBDNfZmbiuwz7MV4PCjERsQ51Hff
MIHgBgNVHSMEgdgwgdWAFAqUL2pIawIEGSMJqz5UR389ku+loYG2pIGzMIGwMQsw
CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEMMAoGA1UEChMDSUJNMRsw
GQYDVQQLExJTaXRlIEF1dGhvcml6YXRpb24xLDAqBgNVBAMTI0FjdGlvblNpdGUg
UmVnaXN0cmFyOlNlY3VyZSBMaWNlbnNlMTMwMQYJKoZIhvcNAQkBFiRpZW0tc2Vj
dXJpdHktdGVhbUB3d3BkbC52bmV0LmlibS5jb22CBAkSVb4wDQYJKoZIhvcNAQEL
BQADggIBAHUN95sYfkxfPINcLs7iJoJvlXGwhxIcs5O8VaHbaz0xbLZsfy2nwJZV
OHWbsdkvF6s8/5bA+u4uX2pAYNZcLCDX7PX4GZkidmOYYlu8PYiryqbJ3tiKYv2D
pOZx46Iym33MvXIoXYZyM3cdNTo/alWKLMwWNaIodQ93yQqkAnSmbliGkoi7WIJA
abk3cggBZNV2AWRrRGea21csCfPDgNFEX41sg4PUCiKxX41Hot8Rqlg6E6uoXV4Q
zEM+EHqzT1GDQBZxpj9pdinj18MKtt4lx71f97cwf/FNZTAbOk4CNe5xeGeLWeBj
ZLiJ+WFBa7v3QuD5A/xpKoMnT6XCezNyZZcFj8K/b3iSmJ95eXK4RmdTJeOLsjb4
TcGf4vFsmReNyWxBTNJqrumiVhruPnrc0SjC0GRPDMj//zgoV3wBoJcfBRrpbnww
iTt5Qc665aBuoFrnibaEcFFeyRfTp6NyttC18qp8h0Hb7+FDLnonFjb3hEVVMBkn
iiHVVy/3wEPmClfywbpRYQINYaySN5OrXarwzRafn6BydrpAkOVxps7KMVf7v38U
L6Y7P9epTXPHmGpTjEiJ12Jxd8Pbk3yQKgPyeBUHtGsAsfS6iEJ4c4k62KFd2ca4
48jd0hRkp8c0xocZDsh59YpOXBP2kw5WUwu77aiX8g1KnclKmdi5MYIDNDCCAzAC
AQEwggGAMIIBdjELMAkGA1UEBhMCVVMxFzAVBgNVBAMTDldpbGxpYW0gRWFzdG9u
MQ4wDAYDVQQIEwVUZXhhczFIMEYGA1UEBxM/MTEzMDUgRm91ciBQb2ludHMgRHJp
dmUsIEJ1aWxkaW5nIDEsIFN1aXRlIDE3MCwgQXVzdGluIFRYIDc4NzI2MRcwFQYD
VQQKEw5Bdm5ldCBTZXJ2aWNlczERMA8GA1UECxMIQ3VzdG9tZXIxJzAlBgkqhkiG
9w0BCQEWGHdpbGxpYW0uZWFzdG9uQGF2bmV0LmNvbTGBnjAQBgNVBCkTCUhhc2g6
c2hhMTAbBgNVBCkTFEN1c3RvbUFjdGlvbnM6RW5hYmxlMB8GA1UEKRMYTGljZW5z
ZUFsbG9jYXRpb246OTk5OTk5MCMGA1UEKRMcU2VydmVyOmJpZ2ZpeC5hZC53ZWFz
dG9uLm9yZzAnBgNVBCkTIEN1c3RvbVJldHJpZXZlZFByb3BlcnRpZXM6RW5hYmxl
AgTl7BWOMA0GCWCGSAFlAwQCAQUAoIGEMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0B
BwEwGQYJKwYBBAGBpjMJMQwECmFjdGlvbnNpdGUwHAYJKoZIhvcNAQkFMQ8XDTE2
MDkwOTAxNDk0NFowLwYJKoZIhvcNAQkEMSIEIPQyvyI/AyLuSfu8J3tWURiPhLuH
9g+PK9FnVOuGbYM9MA0GCSqGSIb3DQEBAQUABIIBAMr8AQXChRrasol5RoCs2W9Q
7CovmwNDwP1qVPVTNHSHUd3I4ilwqr4FYaqsZCqMbi4tPalPlvcexk1ObLgTVTzS
oHNG1PtZzr0yZCNGQB1mzZBYZhyB29fpEY3t0o6m0rqAIbeKZTyjaEwP6JbFpjhi
KMq0kpqMKQNmTNtOyZ8b7/NZZduuZmOiGTWz8wCd0wvjhnAH9Up43ujLoetsmpmG
vx9mQx4weoyDyJRp+DQsVdVriaTvwrb4620vwls2L8KXMxC5icZcyIys8Uj/uf3A
qY2BsyCoSaw1LZATq6p+yOijfzvt075kG+hGTz6pHdz7pPr9oGtmdYD/SBFWOvk=

------E34C13A0BB642C182E42AC4D2AACFEF8--

Unlike the initial task that was created, this action file includes relevance, actionscript and a digital signature for the operator who took the action

Action Evaluation

The client first looks at applicability and then considers action constraints.

This Action has two sets of relevance that determine if the action needs to run on the client:

Targeting relevance (I targeted a group in a site):

X-Relevant-When: exists true whose (if true then (member of group 6575 of site "CustomSite_Managed_Devices") else false)
Base fixlet relevance:

X-Relevant-When: (((if(name of operating system starts with "Win") then free space of drive of client > 33755216 else if ((mac of it) of operating system) then free space of filesystem of folder (pathname of client) > 33755216 else free space of filesystem of client > 33755216)) AND (version of client >= "8.2")) AND (windows of operating system AND (if( name of operating system starts with "Win" ) then platform id of operating system != 3 else true))

If the client evaluates both of these to true it will then check action constraints (Am i suppose to run between a certain time or after a certain time?) and then it will run the action.

Running the Action

Once the action has been submitted, the root server downloads the files from itself. You see, when you uploaded the files to the root server it put them in a special uploads directory that the relay part of the BigFix server can’t see. So the gather service has to get the download from the upload directory and put it in the SHA1 cache on the root server before it can start handing out the file.

Once the client wants to run the action it requests the file from its parent relay according to the action ID and the file ID within the action, you can see this in the log:

   ActionLogMessage: (action:8035) Action signature verified for Downloads
   DownloadsAvailable: checking for 'http://127.0.0.1:52311/bfmirror/downloads/8035/0'
   DownloadsAvailable: false (action id 8035)

Essentially it’s asking its parent relay for file 0 (the first file) from action 8035, my action from software distribution. DownloadsAvailable: false means the parent relay does not have this file yet. Upon first request the relay will request it from the root server. The relay will ping the client when it gets the file or the client will request again after a certain number of minutes.

Once the client has the file it will execute the action using the actionscript as it is provided in the action (id of action).fxf file previously downloaded.

Whatever the result the client will report to its relay, and the relay will forward to the root server which will present it to console operators and make it available over web reports.