I’ve been thrown into a BigFix environment to fend for myself and I’m having some trouble with a high density area and relay selection. Essentially what I’m looking for is this:
We have a DC that houses our master server, top level relays, a DMZ relay, and a DC relay. Master server and top levels are working just fine, but with them being in the same datacenter subnet as 1500 other servers we run into issues of congestion on top levels. So I just put in a new relay to house all our DC subnet. I need to create some kind of relevance so that everything in our DC (10.19) subnet goes to the new datacenter relay. I would obviously want to exclude our master server and top level\DMZ items. But everything else in that subnet should not have an opportunity to select the master or top levels automatically, which is our problem right now. I know I could do this as a manual selection but that doesn’t help us going forward for new installs.
I’m not looking for someone to write this for me but I’m not even sure where to start. Any suggestions?
Start with settings “_BESClient_Register_Affiliation_SeekList” and “_BESRelay_Register_Affiliation_AdvertisementList”
Set relays affiliation setting to 1 or 2 (or other value you use throughout) depending on the lines of separation you want for them (or create auto fixlet to determine)
Set Clients via a Policy Action with relevance similar to the following (its a start)
Relevance
((not exists relay service OR not exists main gather service) AND ((not exists setting “_BESClient_Register_Affiliation_SeekList” of client) OR (not exists value of setting “_BESClient_Register_Affiliation_SeekList” of client) OR ((value of setting “_BESClient_Register_Affiliation_SeekList” of client) != (if (exists (registration address of client)) then (if (registration address of client as string) starts with “10.19” then “1” else “2”) else “2”))))
Action
setting “_BESClient_Register_Affiliation_SeekList”= {(if (exists (registration address of client)) then (if (registration address of client as string) starts with “10.19” then “1” else “2”) else “2”)} on “{now}” for client
1 Like
Thinking about this and realizing that starts with “10.19” would also include 10.19x – use “10.19.” to mitigate.
1 Like