I’m having some trouble with some linux machines that were recently brought into our environment. We traditionally have been a Windows only shop so this may be purely down to my own lack of knowlege.
We run an AV product called EndGame which we can detect a service for and the version of the executable from Windows without a problem.
In the ubuntu machines, I can only get an analysis to report that the service is running but I am not able to get a version to report back. We opened a ticket with vendor and apparently the only way to display the version from the client OS is to run “sudo/usr/sbin/esensor --version”
I’m only aware of the basics for analysis like version of “file” or version of service “service”, I cannot figure out how to get this command converted to use in an analysis for reporting and I am wondering if Sudo is getting in the way or there is a way to call the version in the same fashion as from the guest os terminal.
When a specific inspector is not available, an option could be to let Bigfix run the command and parse the command output. First create a task to submit the command as shown in the folowing example (untested !):
The above action will create the file /tmp/version.txt with the version of your AV.
Now you can create a property that reads the file line and report the value in the BigFic Console. The following example (untested !) show the relevance of the property:
lines of file "/tmp/version.txt
I can’t be more precise here as I don’t know the actual output of the command, if it returns multiple strings, then you have to refine the “lines of file” inspector.