BDE Info

The BigFix Enterprise Suite platform uses continually watchful agents to look deeply into the hardware and software of your computers, and BigFix Fixlets to identify and correct issues according to policies you create - enabling enterprise configuration management in near real-time.

You can author Fixlet messages directly in the BES Console if custom authoring is enabled. Alternately, you can use the BigFix Development Environment (BDE) for a more full-featured Fixlet message development environment.

BigFix Fixlet Training and BDE documentation

  • Training Guides: Teach you how to use BDE and the relevance language to create Fixlet messages
    • Training Guide For Writing Fixlet Messages - How to use the simple BigFix Relevance Language for creating Fixlet messages
    • BDE Guide - Use BDE to create Fixlet messages to do policy enforcement, vulnerability assessment, configuration management, application deployment, and more
  • Inspector Libraries: Reference libraries that contains every piece of information that can be retrieved by the BigFix agents for Fixlet messages and retrieved properties
    • Guides can be downloaded here.
  • Action Libraries: Reference libraries that contain information about how to use actions in Fixlet messages or in custom actions

BigFix Development Environment (BDE)

Information on downloading and installing BDE can be found at http://support.bigfix.com/bde/install/bdeinstall.html.

Other Tools

QnA

  • Download: qna-6.0.7.8 (1.2 MB) - version 6.0.7.8
  • Description: The RelevanceDebugger application allows a user to do local relevance evaluation to help develop Fixlet messages and retrieved properties. The Relevance Debugger can be run on Window's OSes only.
  • How to use QnA
    1. Download the zip file and extract to a folder.
    2. Run the RelevanceDebugger.exe file. A notepad-like interface will appear.
    3. Type any relevance expression in the upper window, then select the "Edit" menu option and then "Evaluate", or press Ctrl+Enter. For instance, type name of operating system and press "Ctrl+Enter". You should see the answer returned as something like Win2000.
    4. See the "Training Guide for Writing Fixlet Messages" above for more information on creating relevance statements.

sha1.exe

  • Download: sha1.exe (50 KB)
  • Description: When creating a Fixlet message action or custom action that downloads a file from the Internet or an untrusted source, it is always a good idea to verify that a checksum of the file matches a known value before running the file to ensure that you downloaded the correct unchanged file.
    • The sha1.exe application will generate an action command that will verify the size and SHA1 checksum of a file. This action command can be pasted into the action of a Fixlet message so that the BES Client can verify the checksum before the BES Client executes the file.
    Note: The sha1 value in the action will also allow the BES Server and BES Relay to maintain a persistent cache of the downloaded files.
  • Example of a download action without using the checksum:
    download http://testserver.com/download/package.exe
    run __download/package.exe /s
  • Example of a download action using an SHA1 checksum:
    download http://testserver.com/download/package.exe
    continue if {(size of it = 2643496 and sha1 of it = "1ae3b0718cfaae3d5fb74be78535b844c6c76823") of file "package.exe" of folder "__download"}
    run __download/package.exe /s
  • The "continue if ..." statement in the action above can be generated using the sha1.exe file. Simply run the sha1.exe file with the argument "-r <filename>" from the command line. For example:
    C:\>sha1.exe -r package.exe
    continue if {(size of it = 2643496 and sha1 of it = "1ae3b0718cfaae3d5fb74be78535b844c6c76823") of file "package.exe" of folder "__download"}
    You would then copy this result into a custom action or Fixlet action.

Configuration Manager Example Site

Coming soon!

Contact BigFix Support for more information.