Hey everyone. I am not familiar with creating fixlets for linux. I got a task to create a fixlet for splunk forwarder and push it out to the linux host we have.
I have everyhing I need. I got the deployment server we need to target. I have the Splunk forwarder .rpm download file.
If you haven’t already. I would recommend creating some test VMs as this will be invaluable for testing relevance expressions and actions for your environment if, like me, you are not from Linux background.
If you are using v11.0.2 or later you can use the linux of operating system inspector to detect a distro of Linux then add a second layer of logic for the specific distros you want to target (e.g. maybe you have multiple distros in your env but only way to target RHEL and Ubuntu and not SuSE, CentOS, Rocky etc) then check for the package for each packaging technology…i,.e 3 relevance statements.
Relevance 1
linux of operating system
Relevance 2
exists matches (case insensitive regex ("Red Hat|Ubuntu")) of name of operating system
Relevance 3
not exists package "[name_of_package]" whose (version of it >= "[version_you_are_deploying]") of (if exists properties whose(it as string contains "debianpackage:") then debianpackages else if exists properties whose (it as string contains "rpm:") then rpms else ERROR "The operators are not defined.")
For the action, if you have separate RPM for RHEL and DPKG for Ubuntu, you could do a prefetch block so you limit the download of the installer to only that needed by the endpoint (avoid wasting bandwidth pulling the package that is incompatible with the OS). The method I’ve used in the past is
if{exists properties whose(it as string contains "debianpackage:")}
add prefetch item name=name_of_Ubuntu_installer.deb sha1=[your_package_sha1] size=[your_package_size] url=[your_download_url]
else
add prefetch item name=name_of_RHEL_installer.rpm sha1=[your_package_sha1] size=[your_package_size] url=[your_download_url]
endif
end prefetch block
if{exists properties whose(it as string contains "debianpackage:")}
wait dpkg --install __Download/name_of_Ubuntu_installer.deb
else
wait rpm -ivh __Download/name_of_RHEL_installer.rpm
endif
If you have the installers is some other format, that will require a different actionscript approach.
Hopefully this is something to help get you started
3 Likes