Introducing BigFix Explorer: A Seamless Approach to Data Retrieval and Evaluation

Introducing BigFix Explorer: A Seamless Approach to Data Retrieval and Evaluation

In the realm of BigFix operations, navigating through the intricacies of the Session Relevance Language and managing data collected by the BigFix Platform can be a daunting task for the BigFix operators. The conventional methods involve juggling between Dashboards in the Console, Web Reports on the Web Reports Server, and utilizing the REST API /api/query to craft and assess Session Relevances. However, this combination of approaches often leads to resource strain, potential user type additions, and necessitates direct access to the BigFix Server.

In response to these challenges, we introduce BigFix Explorer, a groundbreaking component of the BigFix Platform engineered to streamline data retrieval and evaluation processes, offering enhanced features for the operators, security and resource efficiency. This blog delves into the deployment, utilization, and advanced functionalities of BigFix Explorer.

Simplifying Data Retrieval

BigFix Explorer introduces a paradigm shift by simplifying data retrieval from a BigFix deployment. Leveraging existing datastores from the Console and Web Reports, it provides REST APIs for near real-time evaluation of Session Relevances. This streamlined approach not only simplifies operations but also optimizes resource utilization.

Delegated Access Control

The presence of BigFix Explorer enhances security by delegating access control to the BigFix Server. With BigFix Explorer acting as a proxy, access to sensitive BigFix Server functionalities is managed through Explorer instances. This delegation not only enhances security but also reduces the burden on the BigFix Server, mitigating potential security risks.

BigFix Explorer serves as a direct conduit to the Root Server, establishing a secure connection to facilitate data retrieval and evaluation. Unlike traditional aggregators, BigFix Explorer connects to a single Root Server.

Authentication between BigFix Explorer and the Root Server is a critical aspect of the architecture, ensuring secure communication and data integrity. During the installation process, BigFix Explorer is provisioned with an authentication certificate, enabling it to securely authenticate with the Root Server. This certificate-based authentication mechanism enhances security and mitigates the risk of unauthorized access, safeguarding sensitive data within the BigFix environment.

Resource Offloading

By offloading data retrieval and evaluation tasks to BigFix Explorer instances, the BigFix Server experiences reduced resource strain. The BigFix Explorer ability to handle data queries locally alleviates the need for direct involvement of the BigFix Server in every operation. As a result, the BigFix Server can focus on core functionalities, leading to improved overall system performance and resource efficiency.

 

Deploying BigFix Explorer

BigFix Explorer supports a wide range of platforms, ensuring compatibility and flexibility for diverse deployment scenarios. It is supported on Windows Server and Red Hat Enterprise Linux.

Deploying BigFix Explorer is a straightforward process facilitated through the dedicated Fixlet named 'Install BigFix Explorer (Version 11.0.x)', available in the BES Support site. This streamlined deployment mechanism ensures hassle-free integration into existing BigFix environments and simplifies the setup process for BigFix administrators.

 

BigFix Explorer for Session Relevance evaluation

BigFix Explorer offers a comprehensive REST API interface tailored for querying collected data using Session Relevance and retrieving component status. The APIs are exposed on port 9383 of the BigFix Explorer instance by default.

Request Format (cURL)

curl -X POST --data-binary @query.json --user {user}:{pass} https://bf-explorer-instance:9383/api/relevance

Example Query (query.json)

{

"relevance": "(id of it, name of it, (agent version of it, agent type of it)) of bes computers"

}

Response Format

{

"result": [

[ 12261993, "a-wonderful-pc-name", [ "11.0.0.123", "Native" ] ],

[ 122623213, "another-wonderful-pc-name", [ "11.0.0.121", "Native" ] ]

],

"count": 5,

"plural": true,

"type": "( integer, string, ( string, string ) )",

"evaltime_ms": 5.519

}

Maximizing Efficiency with JavaScript integration in BigFix Explorer

BigFix Explorer supports JavaScript for seamless integration into diverse workflows, as well as any other programming language enabled to parse and interpret JSON Objects. Customizing requests with the keys field, one of the standout features of the BigFix Explorer REST APIs is the ability to customize request payloads using the keys field. This optional field allows operators to rename and restructure fields within the returned data, providing greater flexibility and control over the output format.

The syntax used in the keys field is reminiscent of GraphQL, a query language for APIs, making it familiar to developers familiar with GraphQL. The name of a key can contain only letters, numbers and underscores. A space separates the name of a key from the name of the following one. If you want one or more keys to be children of another, write the name of the parent key, then write a {, then the name of the child keys, and finally write a }

Example: Integration with JavaScript

Let us explore a practical example showcasing the seamless integration of BigFix Explorer with JavaScript:

process.env['NODE_TLS_REJECT_UNAUTHORIZED'] = '0';

const options = {

method: 'POST',

headers: {'Authorization': 'Basic ' + Buffer.from(`${username}:${password}`).toString('base64')},

body: JSON.stringify({

relevance: '(id of it, name of it, (agent version of it, agent type of it)) of bes computers',

keys: '{id computer_name agent {version type}}',

}),

rejectUnauthorized: false

};

try {

const response = await fetch('https://explorer-instance:9383/api/relevance', options);

const data = await response.json();

if (data.error) {

console.log(`Evaluation error: ${data.error}`);

} else {

console.log(`Evaluation time: ${data.evaltime_ms} ms`);

console.log(`Type: ${data.type}`);

console.log(`Result: ${data.result}`);

data.result.forEach(c => {

console.log(`Computer: [ID: ${c.id} | Name: ${c.computer_name} | Agent: ${c.agent.version}-${c.agent.type}]`);

});

}

} catch (error) {

console.error(error);

}

In this example, we utilize JavaScript to construct a request payload, specifying the desired Session Relevance query and customizing the output format using the keys field. The resulting data is then processed and logged for further analysis, demonstrating the seamless integration of the BigFix Explorer REST APIs with JavaScript.

 

Enhanced BigFix Server API Query (/api/query)

In version 11.0.2, BigFix Server introduces enhancements to the BigFix Server API, facilitating seamless integration with BigFix Explorer instances. When a query is submitted to the BigFix Server, it is seamlessly forwarded for evaluation, with the destination determined based on the presence of BigFix Explorer instances, if present, or to a Web Reports Server instance, otherwise. A prioritization mechanism ensures that queries are processed by the instance with the highest priority setting, optimizing performance and resource utilization within the BigFix environment.

Despite the introduction of BigFix Explorer and enhancements in the query routing, backward compatibility remains a cornerstone of the BigFix ecosystem. The behavior supported up to version 11.0.1 remains unchanged, ensuring continuity and consistency for existing deployments.

With the integration of BigFix Explorer into the query processing pipeline, BigFix Operators gain access to a wealth of new features and functionalities. By utilizing a new request header, "Content-Type: application/json+relevance", operators can exploit the advanced capabilities of the BigFix Explorer APIs. By submitting requests in the JSON format supported by BigFix Explorer, operators can harness its powerful capabilities for data retrieval and evaluation.

Example (cURL)

curl -X POST --data-binary @query.json --user {user}:{pass} -H "Content-Type: application/json+relevance" https://bf-server:52311/api/query

Managing BigFix Explorer Instances

Setting Priority

A new REST API endpoint /api/explorers on the BigFix Server allows operators to inspect and manage registered BigFix Explorer instances, including adjusting priority settings for optimal performance.

Example (Get Explorer Instances)

Retrieve the list of the available BigFix Explorer instances:

curl -X GET --user {user}:{pass} https://bf-server:52311/api/explorers

 

<?xml version="1.0" encoding="UTF-8"?>

<BESAPI xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="BESAPI.xsd">

<Explorer Resource="https://server.bigfix.com:52311/api/explorer/ddefefbe1a8b">

<URL>https://explorer1.bigfix.com:9383</URL>

</Explorer>

<Explorer Resource="https://server.bigfix.com:52311/api/explorer/1a8b4decafbd">

<URL>https://explorer2.bigfix.com:9383</URL>

</Explorer>

</BESAPI>

 

Then, get the details of the desired instance with:

curl -X GET --user {user}:{pass} https://server.bigfix.com:52311/api/explorer/ddefefbe1a8b

 

<?xml version="1.0" encoding="UTF-8"?>

<BESAPI xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="BESAPI.xsd">

<ExplorerDetails>

<Explorer>

<URL>https://explorer1.bigfix.com:9383</URL>

<Name>ddefefbe1a8b</Name>

<Priority>77</Priority>

</Explorer>

</ExplorerDetails>

</BESAPI>

 

Now, first, prepare the XML that will be passed to the REST API:

<?xml version="1.0" encoding="UTF-8"?>

<BESAPI xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="BESAPI.xsd">

<ExplorerPriority>

<Priority>15</Priority>

</ExplorerPriority >

</BESAPI>

 

Then, update the priority value with:

curl -X PUT --data-binary @priority.xml --user {username}:{password} https://server.bigfix.com:52311/api/explorer/ddefefbe1a8b

 

HTTP 200 success code is returned if the priority has been updated correctly.

 

Why Clients Choose BigFix Explorer

Customers may opt for BigFix Explorer to alleviate strain on their infrastructure caused by heavy REST Query traffic. By decoupling essential functions like 'Session Relevance' and 'User Reporting', it offers enhanced performance and scalability. This upgrade ensures smoother operations, particularly during critical activities like prod deployment of patching actions. With improved stability and responsiveness, BigFix Explorer becomes an essential tool for optimizing BigFix environments and ensuring seamless operations.

Conclusion

BigFix Explorer represents a paradigm shift in BigFix operations, offering a streamlined approach for data retrieval and evaluation. With its intuitive APIs, seamless integration, and advanced management capabilities, BigFix Explorer empowers operators to navigate complex data landscapes with ease. Embrace the future of BigFix operations with BigFix Explorer.