Very green to BigFix. 2nd week using. Just trying to wrap my hands around this product. no training was offered so I am learning as I go!
Patching and Server Automation
Trying to put together a script to be able to find a server or servers and patch by criteria (install all patches that are By Source/Microsoft/By Source Severity/Critical)
Put that script at the top of an server automation plan
any help on this would greatly be appreciated!
I’d strongly recommend you reach out to your VAR, reseller, or HCL / IBM directly, and get some training offerings. It probably won’t cost as much as you think, and you might be able to enroll by yourself or through a local user group for a “Proof of Technology” which can often cost $0
A lot of the built-in processes in BigFix are based around company desires for strong configuration management - they expect an administrator to review and vet content before pushing it out. Most of this is not “fire-and-forget” like Windows Update where you never really know what patches are going to get installed. I haven’t used Server Automation much, but my understanding is that you could set up a maintenance plan to “Apply all baselines from site X” - but you are still expected to review the content and create the baselines.
You might look in to Patch Policies (which is an app available through the optional WebUI installation). That sounds a lot closer to what you’re looking for. You set a criteria for the patches to select (Microsoft/Critical), select a group of machines on which the policy applies, and define maintenance windows for when the fixlets get applied.
I want to add that you can learn a lot by browsing the BigFix content at https://securitylearningacademy.com .