Please add the ability to specify the Archive Manager destination folder.
Archive Manager works great when you’re using it only by BigFix, for BigFix.
When using it for humans, however, or with other tools, it’s rather cumbersome to have to find a path based on the BigFix Computer ID of a machine like “BigFix Enterprise\BES Server\UploadManagerData\BufferDir\sha1\89\123456789”.
One use case is with audits. I know I could use BF to run the audit and spit out the report, but my auditing vendor first and foremost would consider that to be me auditing myself (no bueno of course), but they also require the output of their audit script to be in specific format(s). Right now I can get that output folder uploaded to “BigFix Enterprise\BES Server\UploadManagerData\BufferDir\sha1\89\123456789”, but if we’re not auditing every device then it’s cumbersome to have to find which of the hundreds of numeric folders have the audit script outputs uploaded to them.
It would be much simpler and faster if I could just go to “BigFix Enterprise\BES Server\UploadManagerData*Audits\2020\foo*” to find my audit vendor’s results for their 2020 FOO audit.
And that’s before we think of the fun stuff, like using BigFix to allow users working in multiple segmented environments to leverage the BigFix architecture to upload files into a central repository without unnecessarily complicating the firewall configs.
Closest I could find to this feature was Archive now directory where it was suggested to make this a feature request a few years ago.
One thing that helps with this is to have a script or relevance that looks for the newest files in the upload manager data and either outputs the pathname, or could even copy them to an inbox. The script could even query info about the computer based upon ID so that it could include the computer name and/or other essential info along with the files being copied over.
This is kind of the same idea but in reverse. This looks to delete old files instead of copying new files.
Trust me, this sucks, but BigFix Computer ID is the primary ID that is for sure unique. It is the only thing we can count on. Computer Names are not unique, MAC Addresses are not always unique.
This is an interesting idea, but kind of messy. The upload manager will keep track of all files you wish to upload and upload them only if they have changed, but you can specify many files to upload. It would be much more complicated to allow you to specify a folder for the destination but also do this. There is also more likelihood of naming collisions and issues.
That’s more or less what I did this morning: Made a Property that tells us the Archive Manager folder for a given machine, then a Task that copied everything in that sha1 directory that had the right filename format.
But that requires BF privileges or requires our BF guy (ie me) to write, every time it’s needed, for every application. I can do it, but to me it seems like a value-add to the product.
To me, the guy who’s not the poor HCL project manager trying to juggle 87 mutually-exclusive priorities for BigFix, so…
but you could have something that inspects the root server itself for all new files in the archive manager folder, like everything uploaded within the past 5 days. This would not require knowledge of the computers involved, only that there is new content to do something with. You could even filter out the results so it wouldn’t include BigFix Inventory Scans or NMAP scans. We should provide something out of the box to make this easier.
This does give me the idea that you could have a script do this kind of check every so often and then create shortcuts to the files that were uploaded recently in a folder but such that it would be updated to delete the oldest stuff, keep only the newest shortcuts. (maybe even self limiting to the newest 300 files?) Something like: BigFixComputerID - ComputerName - FileName.lnk
Another thing that is a pain with computer names in filenames, is that you can have computers with names that are NOT valid file names, especially on MacOS. You have to do careful sanitization of the computer name, which is also why we don’t include it by default. You can include the computer name in the archive manager fileset name, but you have to be careful about it. I DO NOT sufficiently sanitize computer names in this example: bigfix-content/fixlet/Compress and Upload Logs - MacOS.bes at main · jgstew/bigfix-content · GitHub
Relevance to return only lowercase alpha and numerics from a string:
( concatenations of characters whose( (it > "%2F" AND it < "%3A") OR (it > "%60" AND it < "%7B") ) of it ) of (it as lowercase) of (computer names)
That’s certainly doable, finding everything changed in the last x timeframe, but at that point I’d just have a recurring Task to create a shortcut named “ComputerName.lnk” for each device with a name. Simpler, and gives non-BF things (eg people, or their scripts) something that they can predict (a path with the computer name).
WRT the BigFix Computer ID being the only unique value you can count on… oh man don’t get me started on the presumed-uniqueness of SNMP EngineIDs. I totally get it, that Computer ID is absolutely necessary.
On the other hand, Archive Manager uploading only changed files is but one of its capabilities (_BESClient_ArchiveManager_SendAll = 0). It can also upload the files regardless of change (_BESClient_ArchiveManager_SendAll = 1). Using the suggested custom destination feature could always/only use this functionality. Naming collisions shmaming collisions, that’s the user’s problem.
I’ll noodle on it a few days and submit it to the RFE site that @Jared linked (thanks!), but in the meantime I think this discussion gave me a plenty sufficient solution what with generating the shortcuts. Thanks guys!
I would be careful with this. The higher the number of devices, the more this becomes a potential problem. Also, you might consider “ComputerName - BigFixID.lnk” so that you have both available and avoid naming collisions.
Relevance to return only lowercase alpha and numerics from a string:
( concatenations of characters whose( (it > "%2F" AND it < "%3A") OR (it > "%60" AND it < "%7B") ) of it ) of (it as lowercase) of (computer names)
Session Relevance that would give the proposed shortcut name for every computer:
(item 0 of it & " - " & item 1 of it & ".lnk") of ( ( concatenations of characters whose( (it > "%2F" AND it < "%3A") OR (it > "%60" AND it < "%7B") ) of it ) of (it as lowercase) of (name of it | "Unknown"), id of it as string) of bes computers
again, probably wouldn’t recommend this approach with more than 1000 endpoints.
Even shortcuts can cause problems when you need the whole path in one go vs being able to change the working directory. I suppose I could get into the arcane wizardry of symbolic links.
I was assuming a user would look to the folder of links and then sort by name, look for computer name or search for computer names containing within the folder, or search on ID in the folder
If you are using some kind of automation, then just using computer id only like it is now would be easiest.
You can basically use session relevance to look up ID by computer name with something like this:
(ids of it, names of it, now - last report time of it) whose(item 1 of it as lowercase contains "win" AND item 2 of it < 5 * day) of bes computers
Where in this case “win” is in the computer name… obviously a more specific computer name would be best.
You could also create a right click menu option for the bigfix console that would open the network share of that computers upload manager archive location, or if you are running the console on the root server, then the local folder.
