CBI Blog - IBM BigFix

IBM BigFix: The Pure Power of Web Reports

blog_bigfix-webreports.jpg

One of the often overlooked capabilities of BigFix is reporting. BigFix gathers a ton of useful information and most of the information is digested within the BigFix console itself by the tool administrators.  They are very familiar with the tools and where to find the content.  They typically don’t run many reports as part of the daily usage of the tools or the care and feeding of them.  Within the BigFix console, all of the content that we have automatically displays all of the applicable systems. BigFix will also automatically group systems based upon just about any question (property) that we choose to ask.  So in comparison with traditional management tools, I don’t spend nearly as much time writing and running reports as I would with other tools.

Having said that, I still need to provide information to various internal customers who need to consume various types of data on a near constant basis.  In a past life, I would have spent countless hours writing SQL queries to answer various random questions.  This was typically because the reporting engine with various other tools was hard to use by the average novice internal customer and took too long to spit out data.

If I look at BigFix Web Reports, there has been a tremendous leap forward in out of the box content over the recent past.  A few years ago, there were probably a dozen reports out of the box. Not much to look at whatsoever. As a pre-sales engineer at the time, I would walk the customer through the basics of how to write a report from scratch to answer some basic questions.  All of this was very straight forward and easy for the customer to understand since we were simply selecting things from dropdowns.

Within a few seconds, I can walk anyone through creating a report showing all of the missing Microsoft security patches in their world.

CordellBlog1.png

I can take that a step further and just show the critical patches.

CordellBlog2.png

We can even throw some date ranges in there easily.

CordellBlog3.png

One of the things to understand about BigFix is how the reporting engine is designed.  All reports start with all of the content that you are looking at (fixlets, computers, actions, etc.) and then you filter out what you don’t want to see. If the BigFix Web Reports engine wasn’t amazingly fast, this would be a terrible idea.

I can also easily add additional columns, and show relevant computers by checking the various boxes. Easy.

CordellBlog4.png

 

I would also show that I can save the data in a few different ways.

CordellBlog5.png

We also go though and prove that we can easily schedule these reports to show up in an inbox anytime we want them to. Easy.

The problem with the out of the box reports is that there are very few flashy, eye-catching reports.

To address this, I would reach into my bag of tricks and pull out some cool custom reports to help show the value and power of the web reports tools.

Fast-forward a couple of years and we have a ton (100+) of canned reports out of the box.  We also have numerous custom reports that haven’t made it into the tools yet, and we get new ones every so often that impress me more than expected. The problem is that you need to know where to find them, and even today they are not all in one single place.

Almost every jaw-dropping custom report that I have run across has been written by Lee Wei - #LeeWeiRocks (I don’t know if that’s a thing, but it should be). Lee Wei is the ultimate Jedi master when it comes to writing custom reports. The language that is used for BigFix Web Reports is called Session Relevance. If Yoda could command Session Relevance as well as he can wield control of the Force, my money still goes on Lee Wei every single time. I tip my hat to you, sir.

So what kind of custom reports do we have out there?  First, we have a report that I absolutely cannot live without, and neither can any customer.

Before coming to BigFix and the sales side of things, I was always on the customer side of the table. I have worked in and managed a wide variety of environments using a bunch of tools along the way. What was the most popular question of all time? So how did our patching go this time? Whether I was asking that question, or I was being asked, the question was always there – and still is today.

Now, I can rock your world.

The official name of this report is Fixlet Compliance by Computer Group v1.7. In short, this report allows you to select a baseline(s) and a computer group(s), compare them and bring back data in an extremely easy to consume fashion.

Select your content and machines and then hit the Generate Report button.

CordellBlog6.png

Extremely easy to follow data. Percentages and charts are easy.

CordellBlog7.png

Get a list of your specific problems:

CordellBlog8.png

Also, you get the details for all of the content you are measuring against:

CordellBlog10.png

For those that have Change Management processes to follow when deploying patches, everything that you need is in the report. Once you create your baseline for this month’s patches, run the report, open your change record and then schedule the deployment once approved. After you have deployed the patches, you expect to see something like this, and then you close your change record.

CordellBlog11.png

So the drawback to this report is that it cannot be scheduled. The operator has to understand what to select in the dropdowns. Most folks can be trained, but not all. Plus, if someone were to select all of the baselines that you have as well as all of your groups, they could easily put a hurting on your web reports server.

So what do we do to help protect ourselves as the keepers of the tools but also make sure that we don’t start a bunch of reports manually and sending screenshots? We look to Lee Wei again of course!

A while back, I took a customer request for a report to Lee Wei for help and we worked on a report.  OK, so that is a really loose interpretation of “we worked”. I watched while he busted out the core of the report and I tried to follow along. The next day, I had a functional report in my inbox to deliver to the customer. He has continued to work on that report and has a couple amazing variations that can be scheduled.

CordellBlog12.png

This report will leverage all of the filters that you set in the top portion of the report (and you can save them like presets), so this is simple to understand. Who doesn’t want to see information like this???

This variation of the report is by content rather than by computer.

CordellBlog13.png

Let’s look at things over the last 12 months…

CordellBlog14.png

When I talk to customers, it almost always boils down to the same things when we look at security in their various worlds, everyone wants very similar things.

I want to gather a ton of useful data, so I can look at things from a hundred different directions to make sure that I am doing everything that I can to properly secure my environment. But, I can’t deal with a ton of data – show me what matters in a simple to consume manner.  I want to spend a couple of seconds to understand a situation. I don’t have time to churn through a ton of data, and I don’t want my teams to have to either. Oh, and don’t impact my machines or my network either. Period.

Show me what I care about, show me what I need to address, let me move on to the next fire. That’s the world I live in.

BigFix Web Reports provides that for me, just like the BigFix Console does.

Here are links that I have been keeping track of for a long time. This is where I get my Web Reports bag of tricks from. Some of these are pretty old, and some have been incorporated into other reports, but there is some good stuff here.

BigFix Excel Connector

The BigFix Excel Connector shown above has saved me a ton of headaches.  In every organization, there is that guy that stays up late at night coming up with the most difficult and pointless question ever and he wants you to create a report for it.  After you spend weeks working on it, he looks at it once and throws it away. It becomes frustrating. For folks like that, give them the Excel connector. This app creates an additional tab within Excel and allows you to easily setup queries and pull data straight into Excel.  Excellent tool.

Over time, many cool custom reports have been created that showcase the power of BigFix Web Reports. When you have time, download and import these reports and see what you think. I couldn’t do what I do without them.

Like any powerful set of tools, if you don’t know how to use them, you will never get the full value out of them. I am trying to do my part to make everyone more powerful and capable in their own worlds. BigFix is an absolutely fantastic set of tools and trust me, even more amazing things are coming.

 

If you want to learn even more, be sure to check out our other blog posts about IBM BigFix:

CBI Jason Cordell

Jason Cordell

Jason Cordell is the Strategic Manager for IBM and is responsible for leading and executing the IBM vision at CBI. Jason brings 20 years of real world industry experience with him to CBI. Prior to joining CBI, he was a BigFix pre-sales engineer at IBM. Jason has managed a wide variety of environments using a diverse set of tools over the years and understands the challenges based upon first-hand experience.