I am working on a compliance Fixlet for our company LAptops which use CPM.
I have created a fixlet for the time being that will tell me if a laptop is compliant or not by looking at a few criteria.
To be compliant a laptop has to have had the following run within the timescales specified: “LastPatternUpdate” of CPM Client within last 5 days ; “LastRun” of Maintenance Window within last 7 Days and the “LastScanStartTime” of the CPM client is withi last 7 days.
Relevance:
Q: IF (Exists key “HKLM\SOFTWARE\BigFix\CPM\client” of registry) AND (exists value “LastPatternUpdate” whose (it as time > now - 5day) of key “HKLM\SOFTWARE\BigFix\CPM\client” of registry) AND (exists key “HKLM\SOFTWARE\BigFix\EnterpriseClient\MaintenanceWindow” of registry) AND (exists value “LastRun” whose (it as time > now - 7day) of key “HKLM\SOFTWARE\BigFix\EnterpriseClient\MaintenanceWindow” of registry) AND (exists key “HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\CPM” of registry) AND (exists value “LastScanStartTime” whose (it as time > now - 7*day) of key “HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\CPM” of registry) THEN “Device Compliant” ELSE “Device Not Compliant”
A: Device Not Compliant
However I would like to make the Relevance more complex to display specifically the reason(s) the laptop is not compliant, but i am struggling with what method to use in the relevance. ELSE IF THEN?!? for the various combinations??
I would like to complete the final relevance on my own…I just need a nudge in the right direction
Thanks Noah -I have just written some relevance to that effect. However it is not giving me the result i want. Its reporting “Everything is ok” even though i have changed some values…
Here is my new relevance. I have covered every outcome as far as i can see. Its got me really puzzled now as though had cracked it:
Q: IF (Exists key “HKLM\SOFTWARE\BigFix\CPM\client” of registry) AND (exists value “LastPatternUpdate” whose (it as time > now - 5day) of key “HKLM\SOFTWARE\BigFix\CPM\client” of registry) AND (exists key “HKLM\SOFTWARE\BigFix\EnterpriseClient\MaintenanceWindow” of registry) AND (exists value “LastRun” whose (it as time > now - 7day) of key “HKLM\SOFTWARE\BigFix\EnterpriseClient\MaintenanceWindow” of registry) AND (exists key “HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\CPM” of registry) AND (exists value “LastScanStartTime” whose (it as time < now - 7day) of key “HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\CPM” of registry) THEN “Not Compliant - Virus Scan Out of Date” ELSE IF(Exists key “HKLM\SOFTWARE\BigFix\CPM\client” of registry) AND (exists value “LastPatternUpdate” whose (it as time > now - 5day) of key “HKLM\SOFTWARE\BigFix\CPM\client” of registry) AND (exists key “HKLM\SOFTWARE\BigFix\EnterpriseClient\MaintenanceWindow” of registry) AND (exists value “LastRun” whose (it as time < now - 7day) of key “HKLM\SOFTWARE\BigFix\EnterpriseClient\MaintenanceWindow” of registry) AND (exists key “HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\CPM” of registry) AND (exists value “LastScanStartTime” whose (it as time > now - 7day) of key “HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\CPM” of registry) THEN “Not Compliant - Maintenance Window Out of Date” ELSE IF(Exists key “HKLM\SOFTWARE\BigFix\CPM\client” of registry) AND (exists value “LastPatternUpdate” whose (it as time > now - 5day) of key “HKLM\SOFTWARE\BigFix\CPM\client” of registry) AND (exists key “HKLM\SOFTWARE\BigFix\EnterpriseClient\MaintenanceWindow” of registry) AND (exists value “LastRun” whose (it as time < now - 7day) of key “HKLM\SOFTWARE\BigFix\EnterpriseClient\MaintenanceWindow” of registry) AND (exists key “HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\CPM” of registry) AND (exists value “LastScanStartTime” whose (it as time < now - 7day) of key “HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\CPM” of registry) THEN “Not Compliant - Maintenance Window & Virus Scan Out of Date” ELSE IF (Exists key “HKLM\SOFTWARE\BigFix\CPM\client” of registry) AND (exists value “LastPatternUpdate” whose (it as time < now - 5day) of key “HKLM\SOFTWARE\BigFix\CPM\client” of registry) AND (exists key “HKLM\SOFTWARE\BigFix\EnterpriseClient\MaintenanceWindow” of registry) AND (exists value “LastRun” whose (it as time > now - 7day) of key “HKLM\SOFTWARE\BigFix\EnterpriseClient\MaintenanceWindow” of registry) AND (exists key “HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\CPM” of registry) AND (exists value “LastScanStartTime” whose (it as time > now - 7day) of key “HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\CPM” of registry) THEN “Not Compliant - Virus Pattern Out of Date” ELSE IF (Exists key “HKLM\SOFTWARE\BigFix\CPM\client” of registry) AND (exists value “LastPatternUpdate” whose (it as time < now - 5day) of key “HKLM\SOFTWARE\BigFix\CPM\client” of registry) AND (exists key “HKLM\SOFTWARE\BigFix\EnterpriseClient\MaintenanceWindow” of registry) AND (exists value “LastRun” whose (it as time > now - 7day) of key “HKLM\SOFTWARE\BigFix\EnterpriseClient\MaintenanceWindow” of registry) AND (exists key “HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\CPM” of registry) AND (exists value “LastScanStartTime” whose (it as time < now - 7day) of key “HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\CPM” of registry) THEN “Not Compliant - Virus Pattern & Virus Scan Out of Date” ELSE IF(Exists key “HKLM\SOFTWARE\BigFix\CPM\client” of registry) AND (exists value “LastPatternUpdate” whose (it as time < now - 5day) of key “HKLM\SOFTWARE\BigFix\CPM\client” of registry) AND (exists key “HKLM\SOFTWARE\BigFix\EnterpriseClient\MaintenanceWindow” of registry) AND (exists value “LastRun” whose (it as time < now - 7day) of key “HKLM\SOFTWARE\BigFix\EnterpriseClient\MaintenanceWindow” of registry) AND (exists key “HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\CPM” of registry) AND (exists value “LastScanStartTime” whose (it as time > now - 7day) of key “HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\CPM” of registry) THEN “Not Compliant - Virus Definition & Maintenance Window Out of Date” ELSE IF(Exists key “HKLM\SOFTWARE\BigFix\CPM\client” of registry) AND (exists value “LastPatternUpdate” whose (it as time < now - 5day) of key “HKLM\SOFTWARE\BigFix\CPM\client” of registry) AND (exists key “HKLM\SOFTWARE\BigFix\EnterpriseClient\MaintenanceWindow” of registry) AND (exists value “LastRun” whose (it as time < now - 7day) of key “HKLM\SOFTWARE\BigFix\EnterpriseClient\MaintenanceWindow” of registry) AND (exists key “HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\CPM” of registry) AND (exists value “LastScanStartTime” whose (it as time < now - 7*day) of key “HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\CPM” of registry) THEN “Not Compliant - Virus Pattern; Maintenance Window & Virus Scan All Out of Date” ELSE “Device Compliant - Everything ok”
I think you were missing some parenthesis in key places. Here is a much simpler construction:
(if (item 0 of it = “Compliant” and item 1 of it = “Compliant” and item 2 of it = “Compliant”) then (“Compliant”) else ("Not Compliant: " & concatenation " , " of (item 0 of it; item 1 of it; item 2 of it) whose (it != “Compliant”))) of ((if (item 0 of it) then “Compliant” else “Virus Pattern Out of Date”) , (if (item 1 of it) then “Compliant” else “Maintenance Window Out of Date”) , (if (item 2 of it) then “Compliant” else “Virus Scan Out of Date”)) of (exists value “LastPatternUpdate” whose (it as time <= now - 5day) of keys “HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\CPM” of registry , (exists value “LastRun” whose (it as time <= now - 7day) of keys “HKLM\SOFTWARE\BigFix\EnterpriseClient\MaintenanceWindow” of registry) , (exists value “LastScanStartTime” whose (it as time < now - 7*day) of keys “HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\CPM” of registry))
It first checks against each of your three criteria, returning True only if the check passes. It then maps the True/False result to the type of compliance check. Finally, it will return “Compliant” if all checks pass or it will return a list of the checks that didn’t pass.
Here is a slight modification that makes it easier to read:
(if (item 0 of it = “Compliant” and item 1 of it = “Compliant” and item 2 of it = “Compliant”) then (“Compliant”) else ("Not Compliant: " & concatenation " , " of (item 0 of it; item 1 of it; item 2 of it) whose (it != “Compliant”))) of ((if ((exists value “LastPatternUpdate” whose (it as time <= now - 5day) of keys “HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\CPM” of registry)) then “Compliant” else “Virus Pattern Out of Date”) , (if ((exists value “LastRun” whose (it as time <= now - 7day) of keys “HKLM\SOFTWARE\BigFix\EnterpriseClient\MaintenanceWindow” of registry)) then “Compliant” else “Maintenance Window Out of Date”) , (if ((exists value “LastScanStartTime” whose (it as time < now - 7*day) of keys “HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\CPM” of registry)) then “Compliant” else “Virus Scan Out of Date”))
