Need help creating fixlet to install agent

I have the installation command and executable file to deploy an endpoint protection agent. Need guidance in creation of fixlet to deploy on group of identified servers in my environment. Could you point me in the right direction towards creating the fixlet. Thank you

How far have you gotten? A good starting point would be the “Manage Software Deployment” dashboard in the console, or the Software Deployment app in the WebUI. That handles uploading your binary to the root server and building a template action to download the installer to your endpoint, and has an input for you to enter the command lines you need.

For some installer types, it may also generate working relevance to detect whether the application is already installed, or you may need to modify the detection relevance if the wizard can’t determine that on its own.

This is what I’m working with - I have the installation commands and the executable file for an antivirus agent called endgame. There does not exist a module for software distribution. I need to create a fixlet to install this agent on several servers. Is it possible to deploy this agent by creating a fixlet to do so?

Do you have a “Manage Software Distribution” dashboard? It may be part of the BigFix Lifecycle license, so it might not be included in your license. Check for a “Lifecycle” Domain at the bottom-left of your console.

The Software Distribution dashboard certainly simplifies things, but yes you could manually create a package for it. The basics are

  1. Find a place to host your installer file. Often this would be a separate web server inside your network that is reachable by the BigFix server, but you could also copy it to the bigfix server itself under the wwwrootbes/Uploads folder. In that case when you write your Task, you’d use a download URL like https://your.bigfix.server.com:52311/Uploads/InstallerDirectory/setup.exe

  2. Determine the size, sha1, etc. that you’ll need for the download command. You can do this locally on your machine using the Fixlet Debugger. Use the queries
    (size of it, sha1 of it, sha256 of it) of file "c:\temp\setup.exe"

  3. Create a Task. The action script should be something like

    prefetch size:12345 sha1:aabbccdd url:https://your.bigfix.server.com:52311/Uploads/InstallerDirectory/setup.exe sha256:bbccddee

    waithidden __Download\setup.exe [your installer commands]

  4. determine Relevance for the task. Some common relevances that are often reused would be something like

windows of operating system

not exists keys whose (value "DisplayName" of it = "Your Application" and value "DisplayVersion" of it as string as version >= version "5.1") of keys "HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall" of (x32 registries; x64 registries)

1 Like

We do not have Software Distribution Dashboard. Thank you for your assistance. I really appreciate it. I will reach out to you if I encounter problems. Thanks again

The operator “sha256” is not defined. so for step 3 the second line is not required.

What version of client / debugger are you running? I thought the ‘sha256 of file’ inspector has been around for quite a while?

the version of the Fixlet Debugger is QnA 5.0.3.0

Come again?
What version of BigFix platform are you using? Like the server and client version?

You should be using the fixlet debugger version to match, usually. And I really hope your version at least starts with 9.2 or 9.5…

My BigFix version is 9.5. In my environment I’m having difficulties retrieving the latest version of the debugger hence I’m using an older version

I was able to get to QNA version 9.5.12

Good morning while constructing action script I receive an error unable to parse action script line 1
my script looks like this

prefetch size:### sha1:###
url:\(internal location of exe file)
sha256:###
waithidden__download\(internal location of exe file)
config instructions

What am I doing wrong

Thanks

Apologies, I gave a slightly wrong syntax for the prefetch statement. There is no tag for “url:”, just supply the url itself.

Example:

prefetch hodor.jpg sha1:ce842e0af799f2ba476511c8fbfdc3bf89612dd0 size:57656 http://i.imgur.com/YAUeUOG.jpg sha256:74f69205a016a3896290eae03627e15e8dfeba812a631b5e0afca140722a322b

https://developer.bigfix.com/action-script/reference/download/prefetch.html

That clears up one thing for me. Thanks. the last problem that I’m having is in order to install the product, I need to open a command prompt on the destination server in order to run the installation commands.

This is what I have. The installation commands need to be run from a command prompt on the local server. Prefetch retrieves the exe file from the remote server, than I need to open a command prompt on the destination server receiving the app in order to run the installation commands on the server that is receiving the app.

When making the corrections to the action script, I still receive the unable to parse action script line 1 error message. To install the app locally, you open a command prompt and run .exe file with -c to reference a cfg file with its commands. I’m trying to install this app through a fixlet and only local installation procedures were provided. I hope this makes sense and thank you for your help

Am I on the right track.
prefetch file sha1: size:
sha256:

waithidden_download(file location)
run “c:\windows\System32\cmd.exe”


the installation instructions place the “exe file” -c calls for the (.cfg file) -k and other commands

Is the run command enough to open the command prompt to run the installation commands at this pint in time. Also when it downloads the exe file do I need to run a similar command to obtain the cfg file as well. I’m not sure BigFix at this time has identified or established the cfg file during this installation.

Thank you

I’m not sure what you’re trying to do there…you just want to open a command prompt and then type (or have the user type) in the installation commands?

Bigfix is about managing computers at scale, so you don’t type anything in at the endpoint.

An example of how you’d do this…

prefetch <options for the installer>
prefetch <options for the config file>

waithidden __Download\setup.exe -c "{pathname of file "config" of download folder}" [any other options here]

You need to find command-line options to make the install completely silent - it can’t pop up a question for the user, or make you click “ok to continue” or anything like that.

Once you have all the options you’d take an action to install it on any computers where its needed - without having to log on to those computers or type any commands.

Thank you for making this clearer for me. I made the corrections in my script and I have run into one final error. My error is that it wants to track the installation progress and pike it into a file "c:\windows\system32\logfiles\sensor_install.log. Do I simply verify that this folder location exists on Windows 2008 and 2012 targeted servers. This happens to be the last line of the action script and is highlighted in red.

I don’t think that you’ve posted your script, or even told us what product you are installing, so it would be difficult to help you determine whether the installation was successful.

Commonly we would look at the entry from Add/Remove Programs (via the registry inspectors) or the presence of the product’s service (via the services inspector) to judge whether the product was installed successfully, and add those queries to the relevance statements for the task/fixlet.

If you want to read the log file, be sure to deal with the complexity of the 32-bit BESClient reading the 64-bit “system32” path. If you try to read file "c:\windows\system32\logfiles\sensor_install.log" you would be redirected to the syswow64 folder and not find the file. Instead read
file "logfiles\sensor_install.log" of native system folder