I am trying to use bigfix to deploy sysmon in our environment via a fixlet. I have uploaded the files (.exe, config file, install bat) to bigfix. The install bat is sysmon64.exe -accepteula -i sysmonconfig.xml.
My action is
prefetch 29f44dd789d9d5f2aeb001d9672947f24dbe6187 sha1:29f44dd789d9d5f2aeb001d9672947f24dbe6187 size:4888267 http://BigFix-P-01.brandyami.com:52311/Uploads/29f44dd789d9d5f2aeb001d9672947f24dbe6187/Sysmon.tmp sha256:3ae890879bf7b24e2a594344143293e5e3c43d2d66c9a31ca7066cf55b8246b2 extract 29f44dd789d9d5f2aeb001d9672947f24dbe6187 wait “{pathname of system folder & “\cmd.exe”}” /Q /C “{(pathname of client folder of current site) & “__Download\sysmon.bat”}”
All jobs fail with Exit Code 1 and never install. All the files are downloaded to C:\Program Files (x86)\BigFix Enterprise\BES Client__BESData\actionsite__Download.
I suspect the exit code is being passed to BigFix from your bat file so maybe the first place to check is the bat file. Maybe the bat script is failing to locate the sysmon64.exe and that is throwing the error back to the CMD.exe process which in turn gets returns to BigFix? Win32 error code 1 is “Incorrect function”
Edit: Thinking about it, it might be more the case that its running sysmon64.exe but the command is failing locate the path to the sysmonconfig.xml as its full path in not being fully qualified.
Or try this after your extract comment. It works ok for me, and no need for a bat file.
parameter "MyPath"="{pathname of client folder of current site}"
waithidden cmd.exe /c "{(parameter "MyPath") & "\__Download\sysmon64.exe"} -accepteula -i {(parameter "MyPath") & "\__Download\sysmonconfig.xml"}"
I do think that probably your issue is BigFix calls CMD.exe and then you pass the full path to sysmon64.exe, but its not able to find the sysmonconfig.xml as the CMD working folder isn’t the folder containing all the files needed.