I’ve been playing with the idea of using as much Bigfix native methods as possible to automate via a fixlet…a little weekend project to keep the old braincells exercised . The idea being a fixlet will download the JSON, parse the latest version and if the latest version is different to current version, it will download the MSI and update a fixlet with detection relevance and actionscript then deploy it…in my testing case a computer ID. This way only the JSON is downloaded on a regular interval so is very low bandwidth use.
Try this proof-of-concept fixlet in a suitable DEV or LAB environment (I would not suggest using a PROD env and hopefully I’ve got these steps right )
- Create an empty fixlet is whatever custom site in your environments you want this in, in my LAB env its “My Windows Support”
- Download the fixlet https://github.com/RobG-BF/Bigfix/blob/main/DataDog%20-%20Auto%20Deployment%20of%20latest%20version.bes
- Edit the fixlet as follows
a. Line 35 – Change the value of the fixlet id to match the empty one created in step 1
b. Line 183 – Change the site from “My Windows Support” to the custom site for fixlet you created in step 1
c. Line 188 – This will need modifying the reflect the type of targeting that is applicable to your environment, possible a relevance statement to target a group, eg
<CustomRelevance>member of group 876 of site "CustomSite_MY-2dGroups"</CustomRelevance>
d. Line 201 – Change the site name from “
My%20Windows%20Support” to the custom site for fixlet you created in step 1
e. Optionally, and recommended, comment out line 202 so no action is created……if in a LAB or using a computer ID, the action should be low risk.
- Import the fixlet (it uses secret parameters for operator password so it will warn about dynamic content)
- The fixlet will only evaluate relevant on the main sever.
- Review the fixlet in the console and double check changes are correct. You can make further modifications via the console is you need to.
- Deploy the fixlet, remembering to enter your operator password before hitting the “Take Action” button.
Once deployed to will create/update files in the /Uploads/DataDog folder so these can be reviewed and the dynamically created fixlet and action XML files syntax checked.
I wont suggest this is the cleanest or most slick of methods (with more spare time it would be nice to add option to select the site and fixlet via combo boxes so the fixlet is much more dynamic and doesn’t use hard coded fixlet IDs or site names, and there may be a better way to parse the JSON) , but it is using purely platform native features hence it runs on the min server to use platform supplied IEM.exe to access the REST API rather than other scripting language methods (granted one could also use curl.exe).
Similar to @jgstew this can be deployed to re-run every day, every 7 days etc so the content is updates as the vendor releases new versions.