Software catalog updates

system · February 5, 2010, 4:58pm

(imported comment written by SystemAdmin)

Bummer. We just attempted the update and it failed on the apache piece. Said port 80 wasn’t availible and the rerun setup. This server is dedicated to DSS / SAM and has nothing else installed. We reran setup and tried to repair the install but no apache. Wanted to share just in case anyone else encounters this problem.

We’ll be placing a support call.

system · February 6, 2010, 1:00am

(imported comment written by SystemAdmin)

If you get the error message:

upgrade failure: Unable to free up port 8080 for service “BigFixDSSApache”. Please ensure this port is available.

please contact support for assistance. We should be able to help you complete the installation and are looking into diagnosing the problem further.

system · February 6, 2010, 2:28am

(imported comment written by SystemAdmin)

Tyler,

Indeed, that was the message. Although I believe our was saying port 80, not 8080.

Support was quiclkly able to get us back up and running and I believe they have a fix for installer already as well. A big thanks to BigFix support!

system · February 10, 2010, 4:31am

(imported comment written by SystemAdmin)

mcalvi

does this version include a subscription for the catalog?

Hi, looks like your question got buried in the thread…Sorry about that.

If by “subscription” you mean auto-update via BigFix content, unfortunately not yet. The catalog upgrader is provided separately from the full DSS SAM application installer, so if you want to just upgrade the catalog component of your server, you can just grab the catalog and run the upgrade script. (The latest catalog is also included in the full DSS SAM application installer so if you upgrade your server application, you get the new catalog by default.)

We’re working on the auto-update feature now. Look for news on this soon.

system · August 7, 2010, 5:55pm

(imported comment written by SystemAdmin)

Hi Everyone,

I just wanted to repost this request as we’re always looking for updated info for the catalog…

Per the discussion in this thread, we want to start working on the process to receive results from deployments that we can then feed back into our catalog production process to improve the breadth and accuracy of our catalog.

If you’re interesting in working with us on this, can you please contact me via email (jeff_spitulnik@bigfix.com).

And can I ask you to take the first manual step now:

Using SQL Management Studio, run the following query for your DSS SAM database:

select name from [BFInventory].dbo.unknown_packages;
Copy the results to a text file and email it to me.

The results list will show misc package data that is not yet used by the catalog, although don’t worry about its length or contents – it is

not

a list of unrecognized software in your environment.

Thanks!

system · August 19, 2010, 12:00am

(imported comment written by SystemAdmin)

Hi Everyone,

We just released the latest catalog update.

Upgrade instructions: http://support.bigfix.com/product/documents/dss/Software_Catalog_Upgrade_Guide_2010_05.pdf

Change list: http://software.bigfix.com/download/dss/SoftwareCatalog_5_2010_34014_August_Change_List.pdf

Catalog package: http://software.bigfix.com/download/dss/SAMCatalog_5_34014_2010_August.zip

Enjoy!

– Jeff

system · August 19, 2010, 12:02am

(imported comment written by mcalvi91)

any update on subscription based updates for DSS?

jeffs

{quote:title=mcalvi}does this version include a subscription for the catalog?

Hi, looks like your question got buried in the thread…Sorry about that.

If by “subscription” you mean auto-update via BigFix content, unfortunately not yet. The catalog upgrader is provided separately from the full DSS SAM application installer, so if you want to just upgrade the catalog component of your server, you can just grab the catalog and run the upgrade script. (The latest catalog is also included in the full DSS SAM application installer so if you upgrade your server application, you get the new catalog by default.)

We’re working on the auto-update feature now. Look for news on this soon.{quote}

system · August 19, 2010, 3:00am

(imported comment written by dgies91)

mcalvi

any update on subscription based updates for DSS?

We’ve been holding off on this because of a couple reasons.

The first is that a Fixlet to upgrade the catalog would need to take actions on the DSS SAM database, which may be remote, using the credentials of the DSS SAM service, which are frequently different from those of the agent. There’s a workaround involving having the agent stage the files locally and notify the DSS service to load them, but it’s more difficult to implement.

The second reason is that a catalog update could introduce conflicts with the user’s local modifications to the catalog if both had changes in the same areas of the catalog. This could result in detection failures or double-counting. A full solution would require a mechanism for the Fixlet to hold the conflicted changes in a staging area and send a notification to the SAM admin to resolve the conflicted catalog entries.

Due to the possibility of a catalog update conflicting with local modifications we recommend that SAM administrators review the catalog changelist against the local modifications in the catalog audit log for any conflicts before updating the catalog. If conflicts are found they should be manually corrected after updating the catalog.

system · August 19, 2010, 6:10am

(imported comment written by SystemAdmin)

I understand the concerns. Can you tell us if this is at least being actively worked on or is it tabled for the reasons listed?

As for your first concern, we’d be ok with the DSS SAM server contacting the BigFix Server directly if that makes it easier. We don’t really care if the update is done through BES. That would be nice, but it is not required.

The second concern is a bigger issue and I think one that quickly needs to be addressed. When a catalog update conflicts with our own content, there should be a way for an admin to see all the conflicts that will occur once the catalog is imported (or at the least, list them all after it is imported). There should also be a way to go through that list and compare the two entries that conflict side by side. Those two entries should clearly be marked as to which entry is BigFix content and which is custom. Manually trolling through the audit log is medieval, as is not being able to tell which entry is which when digging through the catalog looking for the conflicting entries.

I’d also hope that after a catalog update, the new conflicting entries would be put into a held state, which would then prevent them from causing the detection failures and double counting. After the admin uses the tools I mentioned above, then the entries would be marked as active.

John

system · August 20, 2010, 4:23am

(imported comment written by SystemAdmin)

Thought I’d jump in here too… Regarding automating catalog updates: we haven’t tabled this – we still have the desire to make catalog updates more seamless than they are today. However, as dgies noted, having a completely automated loop introduces a number of complexities we’re not ready to handle, so we’ll most likely offer a semi-automated solution first. Something like providing an alert that a catalog update is available and letting you or a fixlet download it, but not automagically update your deployment without human intervention.

Regarding catalog updates introducing conflicts: the info is there to help you make decisions or at least look for issues, but we do need to consolidate it with some useful context, and perhaps provide a workflow (as you suggest). It’s on our list of enhancement to-do’s.

system · September 2, 2010, 8:46pm

(imported comment written by SystemAdmin)

Jeffs - Looks good and we can’t wait for any enhancements. Thanks - john

system · September 23, 2010, 12:58am

(imported comment written by SystemAdmin)

Hi Everyone,

We just released the latest catalog update.

Upgrade instructions: http://support.bigfix.com/product/documents/dss/Software_Catalog_Upgrade_Guide_2010_05.pdf

Change list: http://software.bigfix.com/download/dss/Catalog6_Change_list.pdf

Catalog package: http://software.bigfix.com/download/dss/SAMCatalog_6_2010-9.34015.zip

Enjoy!

– Jeff

system · September 23, 2010, 3:38am

(imported comment written by SystemAdmin)

Are catalog updates cumulative? If we miss / skip one, does the next catalog update contain all the changes of all the past updates or just the deltas from the previous catalog update.