I want to run a ‘.vbs’ script (service_list.vbs) on windows computers and this script should create an output ‘services.txt’ file for each computer.
I created required task and the execution of .vbs part is solved. I saw the ‘services.txt’ files on the computers locally.
My problem is;
I want to see all output files of all computers in one place (like BigFix server) but can not find corresponding method. I tried “archive now” method so output of a computer is created on Bigfix server (under directory BufferDir/sha1) but it was hashed and I did not understand the content.
You can work around it with basic powershell script - in my case I am adding them to a .zip file but feel free to change it to Copy-Item or Move-item. I am assuming your root server is Windows, but I am sure something similar can be done with sh script.
That said, what exactly is that you are trying to collect on services? Are you sure you can’t retrieve it via inspectors in a property and remove the need to run scripts, produce outputs, collect outputs, then merge them… service inspectors on Windows are generally pretty good!
I am using the script mentioned above for collecting service account names on each windows computers.
I am working for a hardening process: “restriction of privileged service accounts” so I need to know all service account names and it should be in one central location for ease of read and investigate.
In your script, you are collecting content of “C:\Temp\CombinedResults.zip” files on computers and writing them to “services.txt” on BigFix Server. Is it right?
That’s what you said your output is but it really depends how you use “archive now”, if you are renaming the file to something else then you need to adjust the command to match - whatever the actual file as is on the root server is what you need to specify.
Sorry, I guess I cannot explain my problem well
I have a ‘.vbs’ script that will be run 1 time for each windows computer and print an output to somewhere like C:\services.txt.
In the output, there will be names of all users of all services (like “Windows Time-Local Service”)
Script is ready and running well but i want to collect all output files in one place.
What kind of action must be used for taking all outputs to one place (ex: BigFix server)
my current action is like this (it works and creating output files in computers local disks):
prefetch and extract part
waithidden cmd.exe /C Cscript.exe __Download\service_list.vbs /ALL /Quiet
Thanks for the answer.
I used “archive now” by setting “_BESClient_ArchiveManager_OperatingMode” var to '2’
Then I found my output in UploadManagerData\BufferDir\sha1***index.txt” but it was all encrypted
prefetch and extract part
waithidden cmd.exe /C Cscript.exe __Download\service_list.vbs /ALL /Quiet
archive now
What do you mean “encrypted”? The file structure is a bit messy cause it should be in …\sha1#last_two_digits_of_computerID##computerID##prefix#_services.txt but if you open the actual text file, it should be in readable format.
The above script will only help you “combine” the results once uploaded to the sha1 folder from all machines. If the text file is not readable or not collected, the script by itself won’t do you any good and you need to troubleshoot your original action…
@trn is actually right. Are you sure you are setting the same exact settings for the “archive now” to work? Just changing the “mode” and do “archive now” doesn’t work by itself - you need to specify exactly what you need to be uploaded. Here is an example that I’ve used (I reset back the mode after done, so other stuff doesn’t get impacted, if you are not worried about that, you can skip it):
// save existing ArchiveManager settings
parameter “saved_operatingmode” = “{if (exists setting whose (name of it = “_BESClient_ArchiveManager_OperatingMode” and exists value of it) of client) then value of setting “_BESClient_ArchiveManager_OperatingMode” of client else “0”}”
//manual upload settings
setting “_BESClient_ArchiveManager_OperatingMode”=“2” on “{now}” for client
// specify what files/file you want to upload (in my case it’s any files that matches _PS1_*.txt from %systemdrive\Temp folder
setting “_BESClient_ArchiveManager_FileSet-ffe_ps1”="{(value of variable “systemdrive” of environment) & “\Temp\_PS1_*.txt”}" on “{now}” for client
//upload the file
archive now
//restore previous settings
setting “_BESClient_ArchiveManager_OperatingMode”="{parameter “saved_operatingmode”}" on “{now}” for client
Firstly, thanks for your helps and valuable informations.
I have not enough experience about these operations and bigfix. @trn output file has only 4 lines.
I did settings on a test computer->right click->edit computer settings->more options->custom settings
Here, I chose “_BESClient_ArchiveManager_OperatingMode” on “name” part and set its value to ‘2’ @ageorgiev, did you set the values on action part?
I really believe you should reconsider the approach. If all you are doing is reporting on some services, build an Analysis for that and retrieve the results via Web Reports.
In fact we have some built-in Services analyses in the “BES Inventory and License” Site that may be useful.
I was going to post a link to our documentation on the Archive & Upload Manager, but … it’s not very clear. So I’ll point at this Wiki article that summarizes it instead.
Actually we are using bigfix for periodic patches (like browsers) ın my company.
Sometimes we need for some other things.
Maybe this problem can be solved in different ways but I want to learn the solution of main problem in Bigfix:
When we use scripts and scripts print outputs. I don’t want to connect all of our computers for read them.
I will scan the documents you shared, thanks again.
Take Action Part
-I selected just one server to make action and console show “completed” but I cannot find the file in Bigfix server.
(When I edit the ArchiveManager settings, the relay setting of computer changing manual to automatic relay. I don’t know why)
I think you may need to build it all in the same task. The “Edit settings” part needs to be done BEFORE “archive now” is executed and obviously AFTER the cscript.exe (the file should be in place), otherwise, you are trying to send something completely different (whatever else archive manager is configured to upload prior to this execution).
As you said, I built all the processes in the same task.
In latest status, my task was look like:
waithidden cmd.exe /C Cscript.exe __Download /ALL /Quiet
setting “BESClient_ArchiveManager_OperatingMode” = “2” on “{now}” for client
setting “BESClient_ArchiveManager_FileSet-txt” = “{“C:\services.txt”}” on “{now}” for client
archive now
Task status shown as completed but again I cannot found the file in anywhere
try without the curly brackets - they denote relevance substitution which you don’t really have one:
waithidden cmd.exe /C Cscript.exe __Download /ALL /Quiet
setting “BESClient_ArchiveManager_OperatingMode” = “2” on “{now}” for client
setting “BESClient_ArchiveManager_FileSet-txt” = “C:\services.txt” on “{now}” for client
archive now
Have you confirmed that the c:\services.txt exists after the execution? What do you see in the agent log file when the action is ran (any errors)?
I tried without brackets but result is same.
Yes, I confirmed that services.txt exists in target computer’s local disk C after execution of the script and didn’t see any error about the task or archiving
