New inspectors were added in version 9.5.3.211 to get random values using BigFix relevance: https://developer.bigfix.com/relevance/reference/integer.html#random-integer-of-integer-integer
These inspectors are not yet available on all platforms (Mac) and are not super useful if you have to write relevance to work on previous versions of BigFix.
That said, here is a method to get 10 random characters using that method: https://bigfix.me/relevance/details/3019528
concatenations of (characters it) of (it + 33 /* int to ASCII table position */ ) of (random integer of it) of (94) /* <-character set */ of integers to 9 /* <-length */
If we don’t need perfect cryptographic randomness, then what is an alternative method to get random characters using older versions of BigFix?
The best way to get randomness using BigFix is to combine as many possible sources of semi-random data using a hashing function. If you only need to support BigFix v9.0.586.0+ then the sha2_512
and sha2_256
hashing functions are available, otherwise sha1
is available for BigFix v8.2.1078.0+
Sources of semi-randomness:
###computer id:
Q: computer id
A: 12345
###uptime of operating system:
Q: uptime of operating system / second
A: 2952805
subscribe times of sites:
Q: (now - minimum of subscribe times of sites) / second
A: 50737777
last gather time of current site:
Q: (now - last gather time of current site) / second
A: 7576
expiration date of client license
Q: (now - expiration date of client license) / second
A: -314213597
pids of processes
Q: sum of pids of processes
A: 2907920
used amount of ram:
Q: used amount of ram
A: 345382912
last report time of client:
Q: (now - last report time of client) / second
A: 7
average of evaluationcycle of client:
Q: average of evaluationcycle of client
A: 1243655
effective dates of settings of clients:
Q: sum of (it / second) of (now - it) of effective dates of settings of clients
A: 12214814002
Others:
- https://developer.bigfix.com/relevance/reference/time.html#last-relay-select-time-time
- https://developer.bigfix.com/relevance/reference/time.html#last-report-time-of-client-time
- https://developer.bigfix.com/relevance/reference/time.html#start-date-of-license-time
concatenations of mac addresses of adapters of networks
Once, you have “enough” sources of semi-randomness, then combine them:
Q: (base64 encode it) of sha1s of concatenations of sha1s of (it as string) of (computer id; uptime of operating system / second; (now - minimum of subscribe times of sites) / second; (now - last gather time of current site) / second)
A: MzI4YzZjMzgxYzVhZDlkMDRjMDkyYTA0YTg4NzdhOGJhNWQwZTRhYw==
This will work as long as you need less than ~50 characters
Q: (base64 encode it) of sha2_512s of concatenations of sha2_512s of (it as string) of (computer id; uptime of operating system / second; (now - minimum of subscribe times of sites) / second; (now - last gather time of current site) / second)
A: MTM2MjZlNDQ5NzhmODQxNzc1NmJjOWQ2ZDNhYWM0MWIxMzY1Y2Y2MzJiMTM1YzdiMTQ4MTg0YWRhYjQ1MGIwNzMxNzc3MzNkN2EwZWRkMWViMDlmZThkYzFiOWNkZjYxMzg1ZTcyZDZhNmI0ZWQ0OTAxMGU0ZWJhMDdlYTMyNDY=
This will work with ~170 characters
There may be a better option to expand the character set of the hash than base64 encode
but that is definitely the easiest.
To get the first 20 characters:
Q: firsts 20 of (base64 encode it) of sha2_512s of concatenations of sha2_512s of (it as string) of (computer id; uptime of operating system / second; (now - minimum of subscribe times of sites) / second; (now - last gather time of current site) / second)
A: ZjViYzAxNzYzNjQxZjFk
This should give up to ~50 random characters using random operators with fallback:
Q: last 50 of (if ( exists properties whose(it as string = "random integer of <integer>: integer") ) then (concatenation of (characters it) of (it + 33 /* int to ASCII table position */ ) of (random integer of it) of (94) /* <-character set */ of integers to 52) else ( (base64 encode it) of (sha2_512 of it | sha1 of it) of concatenation of (sha2_512 of it | sha1 of it) of (it as string) of ( (computer id);(uptime of operating system / second);((now - minimum of subscribe times of sites) / second);((now - last gather time of current site) / second);((now - expiration date of client license) / second);(sum of pids of processes);(size of ram);((now - last report time of client) / second);(average of evaluationcycle of client);(sum of (it / second) of (now - it) of effective dates of settings of clients) ) ))
A: ^1Uz~4mHWXN%7fIS+Xiz(*jB,uV\gIQrBnU#*cCZ}(ruscYZC~{e
T: 0.423 ms
This SHOULD work for BigFix v8.2+
If you are going to use something like this for a password or similar, then the longer the better.