I’m new to BigFix and am trying to get things figured on my end. I want to set up some custom Computer Groups, but I’m having trouble.
The first thing I’d like to do is very simply - create a group showing all relays, and another group showing all computers except the relays.
Temporarily, I have created a manual group and added my relays to it - but I want this to be automatic in case I expand.
What I have tried so far is:
using the pull down option for:
BES Relay Service Installed
contains
(blank)
also tried Yes
also tried “Yes -”
Leaving it blank returned ALL computers, not just my relays. Having Yes or “Yes -” in there returns nothing.
I also tried using Relevance Expression Is True
BES Relay Version = “8.1.617.0”
And that is returning nothing.
So my first question is - when using the first option of the pre-defined pull downs, is there a way of finding out what are possible entires to include there? Meaning, should I be looking for “true” or “Yes” or “yes” or without quotes…
And my second question is - Where can I find examples of relevence expressions? I did some searching on this forum, but didn’t come up with a whole lot.
both statements are working now… don’t know why it didn’t work before. Just to diversify, and help me learn, I used your first example on finding the relays, then I used your second example, but used “is false” for the operator to find everything else. So thanks for your help.
Another question. While the definitions were wrong, many computers put themselves into the relay group but two didn’t take themselves out once the definitions were corrected. I assume it’s because these computers need to be on, and “check in” with the relay to see that they no longer have that attribute. But why is this necessary? The BigFix database already has the stats of each machine, why does it need the computer to be on to assign it to a group.
Take Microsoft SCCM for example (if you’ve ever used that). When creating a computer collection (similar to a group), you could say make a collection for all computers that have Adobe Reader installed. SCCM doesn’t need the computer to be on becuase it’s already taken an inventory of the PC the last time it was on. So it will add all computers it knows of that have Reader installed. Once that computer comes back online again, if it no longer has Reader, it will update its inventory with SCCM and the collection will update taking the computer out.
Is there a way to tell BigFix that those two computers should no longer by in that group without having to wait for them to come back online again to report in?
Should I just delete the group and re-create it again?
And somewhat related, if I delete the computer all together from the BigFix database, will they automatically be entered back in once they come back online? Because that would solve my problem too.
unfortunatley, whenever you make a change to content in the console (a fixlets, group, user rights, etc), the client must be on and able to check in to get the updated content.
Yes, if you really wanted to, you could delete those 2 inactive computers from the console. Then next time they checkin, they’ll get the updated computer group information and they won’t show up in the group.
Yes, you can delete a computer from the console and next time it checks back in, it will recreate itself.
That’s unfortunate. Anyway, does anyone know of a web-resource where I can find samples of Relevance Expression’s? It’s mostly the syntax I will need help with and what variables I can use.
The Fixlet Authoring section of this Forum has 100s if not 1000s of examples of Relevance and Action Script. You can search it easily from search.bigfix.com.
When you use the Fixlet Debugger be sure to use the indentation feature so you can more easily read the scripts. Also, there is this very handy syntax for figuring out the inspectors and operators available to you (in this example I’m trying to remember what inspector to use for AD Groups):
q: properties whose (it as string contains
"group" and it as string contains
"active") A: groups error message of <active directory local computer>: string A: group <string> of <active directory local computer>: active directory group A: groups of <active directory local computer>: active directory group A: groups error message of <active directory local user>: string A: group <string> of <active directory local user>: active directory group A: groups of <active directory local user>: active directory group A: name of <active directory group>: string A: distinguished name of <active directory group>: string A: distinguished name error message of <active directory group>: string A: sid of <active directory group>: security identifier A: sample time of <active directory group>: time A: interactive group: security account A: remote interactive logon group: security account