(imported topic written by SystemAdmin)
I’d like to create some relevance to check if a working local web server exists at a specific port, say port 1234 like: http://localhost:1234
I’m scratching my head wondering what object to use to query something like that.
Paul
(imported comment written by BenKus)
Hey Paul,
Is it an IIS web server? If so, we can look at the metabase…
Ben
(imported comment written by SystemAdmin)
No, it’s the McAfee EPO client that’s installed on each PC. If you http to it’s specific port, you’ll get a web page about the last updates that ocurred. If that web page can’t be reached, then there’s something wrong with the EPO client and I need to re-install it.
Paul
(imported comment written by BenKus)
Hey Paul,
You can either create a utility that checks for the webpage and run it periodically in an action or perhaps use the netstat command run in an action.
In both cases, you can pipe the results to a file and parse it using relevance…
Ben
(imported comment written by SystemAdmin)
Ben,
So here’s where it would be nice if we could have actions within relevance. Like how we can have relevance within actions, but the other way around.
(future feature request)
Then there’s always relevance within actions within relevance within actions… 
-Paul
(imported comment written by BenKus)
Hey Paul,
Actually, this is explicitly NOT allowed by our design…
The reason why is because Relevance is not allowed to change anything on the computer. The idea is that if you are going to allow people to publish Fixlets that go out to your computers without you testing them first, you want some assurance that:
Fixlets will not “do” anything without your authorization.
There are no security holes that would allow people to own your computers.
In this case most people trust BigFix, Inc. to make new Fixlets and publish them, but it would be unacceptable if we could just run arbitrary new applications on your computers without authorization. By making a clear distinction that relevance is “query only” with no configuration changes or process execution allowed without authorization, we have a much stronger and safer model.
What you really want is that we have a new inspector to look at open ports of a computer… and that enhancement request was filed a little while ago…
Ben
(imported comment written by SystemAdmin)
That makes sense. I liked your last statement anyhow. Nice.
If there was something that could inspect a port, not only would I like to know something was there - but I could forsee taking what was found and checking if it contained a certain string.
I’ll use the EPO client again as an example. The EPO agent actually returns an XML file. I could look for the name of the EPO server and know if (1) the client has an active EPO agent and (2) that its looking at the right server.
Paul
(imported comment written by JasonO91)
Paul,
I find that I can usually get things accomplished via the command line much faster than I can put together relevance. I’d suggest looking for a tool that allows you to accomplish your goal and then work the relevance around that.
I’d look at the netcat utility to get the job done. It will allow you to connect to ports, perform actions, etc. You could use netcat to connect to the local machine, grab the xml file and then use relevance to parse the file as needed. It really is the TCP/IP swiss army knife. In the past, I’ve created scripts to pipe data from a file into netcat which relayed the information to another server for it to perform daily functions.
Jason
(imported comment written by SystemAdmin)
Yeah, I don’t think I want to do that. Like Ben said earlier I’d need to have an action that runs periodically and then another fixlet that generates relelance on its’ output. I guess for now maybe I’ll just wait to see what new inspector comes out about examining ports.
Now what would be great is if we had an API so we could add our own inspector DLL.
Paul