yeoek
May 8, 2017, 9:46am
1
Hi guys
At times, we need to find out why a server was marked not relevant for a patch in BigFix
Is there a tool or some guide line to help newbies with reading relevance?
All advise welcome
1 Like
AlanM
May 8, 2017, 8:29pm
2
Have you tried looking at http://developer.bigfix.com ?
You might want to test on a Client box separately each relevance statement from a mentioned fixlet using Fixlet Debugger or an analysis.
If you decide to test whole relevance statement in Fixlet Debugger, you may use the Graphical mode (File => New Tab => New Graphical Breakdown Tab)
For Fixlet Debugger, make sure to use the Client mode (Debug => Evaluate Using => Local Client Evaluator)
1 Like
Hi @yeoek ,
Instead of reading relevance, I would recommend the following steps in order to find out why a server was marked not relevant (false negative):
Verify relevance evaluation result, by running relevances on the target endpoint using QnA tool
If relevances evaluate all True, try send refresh to the target endpoint, or clear the BigFix server cache.
If any of the relevances evaluates False, verify the following:
Patch is indeed needed for the endpoint (various ways in doing this, e.g. MBSA scan, looking at Windows Update)
Patch is installable on the endpoint (download the patch and manually run it)
You can open a PMR with IBM support if the above proves it’s a false negative case.
Hope the above helps.
1 Like
yeoek
May 9, 2017, 7:28pm
5
Thanks, I’ll give it a try
Aram
May 9, 2017, 7:30pm
6
Note that another (potentially simpler) method to evaluate such relevance statements for testing purposes against an endpoint is via BigFix Query rather than QNA (https://www.ibm.com/support/knowledgecenter/SSTK87_9.5.0/com.ibm.bigfix.webui.doc/WebUI/Users_Guide/c_bigfix_query.html ). The advantage being that you don’t have to remotely connect to the machine to leverage Query, and you can quickly evaluate a given relevance expression across multiple machines at once.
3 Likes