IVR Fixlets and Tasks

Learn more about available Fixlets and Tasks for BigFix Insights for Vulnerability Remediation.

Deploy Insights for Vulnerability Remediation

Download BigFix Insights for Vulnerability Remediation Reports

Manage BigFix Insights for Vulnerability Remediation Datasources

Manage BigFix Insights for Vulnerability Remediation ETLs

Manage BigFix Insights for Vulnerability Remediation Service

Uninstall BigFix Insights for Vulnerability Remediation

Upgrade BigFix Insights for Vulnerability Remediation

Whitelist Report Download URLs of BigFix Insights for Vulnerability Remediation

Deploy Insights for Vulnerability Remediation

Tenable.io

Tenable.sc

Qualys

Download BigFix Insights for Vulnerability Remediation Reports

Use this task to deploy the reports for PowerBI or Tableau platform.

BigFix Insights for Vulnerability Remediation provides business intelligence reports to address three main use cases:
  • Vulnerabilities With Available Fixlets - A list of vulnerabilities that have matching BigFix Fixlets available for remediation. The report will list the most recent Fixlet related to each vulnerability, and the CVE entries that are associated to the vulnerability.
  • Vulnerabilities Without Available Fixlets - A list of vulnerabilities that do not have an available Fixlet for remediation.
  • Vulnerability Discrepancies - A list of vulnerabilities where the scanning system identifies the issue, but BigFix does not see an applicable remediation.
Reporting fixlet uses dynamic downloading. To download the report, ensure that specific URL is added in the DownloadWhitelist.txt:

The location of the file on the BigFix server is:

C:\Program Files (x86)\BigFix Enterprise\BES Server\Mirror Server\Config

If the file does not exist, create a new one with the same name. The file should contain file formats such as the following:

http://127.0.0.1:52311/.*

http://software\.bigfix\.com/.*

Refer to the following link to find out more about Dynamic download White-lists.

Note: To use this task, you must have only one instance of IVR Dataflows service deployed in this environment.


Manage BigFix Insights for Vulnerability Remediation Datasources

You can use this task to update the specified datasouce or validate the IVR Service configuration. This task additionally provides option to specify proxy settings configuration for respective datasources.
Note: To use this task, you must have only one instance of IVR Dataflows service deployed in this environment.

Manage BigFix Insights for Vulnerability Remediation ETLs

Use this task to configure/re-configure the BigFix Insights for Vulnerability Remediation ETLs. You can also use this fixlet to restart the IVR Service.
Note: To use this task, you must have only one instance of IVR Dataflows service deployed in this environment.

Manage BigFix Insights for Vulnerability Remediation Service

This task facilitates the management of the BigFix Insights for Vulnerability Remediation Service. You can use this task to Start, Stop, Restart or validate the configuration of the IVR Service.
Note: It is always recommended to stop the service before making any update on datasource or ETL fixlet to the already deployed service and then restart the service to apply the latest changes.
Note: To use this task, you must have only one instance of IVR Dataflows service deployed in this environment.

Uninstall BigFix Insights for Vulnerability Remediation

This Fixlet uninstalls the BigFix Insights for Vulnerability Remediation service.

This process will remove the IVR service.

Note: Make sure to close any tabs that have the IVR folder open, as this may prevent the folder from being deleted during the uninstall process.

After the IVR service is removed, delete the IVR schema (if it exists) in the SQL Server by running the query below:

DECLARE @Sql VARCHAR(MAX), @Schema varchar(20)
SET @Schema = 'ivr' --put your schema name between these quotes
SELECT @Sql = COALESCE(@Sql,'') + 'DROP TABLE %SCHEMA%.' + QUOTENAME(TABLE_NAME) + ';'
+ CHAR(13)
FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_SCHEMA = @Schema AND TABLE_TYPE = 'BASE
TABLE'
ORDER BY TABLE_NAME SELECT @Sql = COALESCE(@Sql,'') + 'DROP PROCEDURE %SCHEMA%.' +
QUOTENAME(ROUTINE_NAME) + ';' + CHAR(13)
FROM INFORMATION_SCHEMA.ROUTINES WHERE ROUTINE_SCHEMA = @Schema AND ROUTINE_TYPE =
'PROCEDURE'
ORDER BY ROUTINE_NAME SELECT @Sql = COALESCE(@Sql,'') + 'DROP FUNCTION %SCHEMA%.' +
QUOTENAME(ROUTINE_NAME) + ';' + CHAR(13)
FROM INFORMATION_SCHEMA.ROUTINES WHERE ROUTINE_SCHEMA = @Schema AND ROUTINE_TYPE =
'FUNCTION'
ORDER BY ROUTINE_NAME SELECT @Sql = COALESCE(REPLACE(@Sql,'%SCHEMA%',@Schema), '')
exec (@Sql);
drop schema ivr;

DROP TABLE IF EXISTS [ivr].[vulnerability_fixlet_nexus]DROP TABLE IF EXISTS
[ivr].[findings]
DROP TABLE IF EXISTS [ivr].[vulnerabilities]DROP TABLE IF EXISTS
[ivr].[global_computer_values]
DROP TABLE IF EXISTS [ivr].[schema]DROP TABLE IF EXISTS [ivr].[analysis_calendar]
DROP FUNCTION IF EXISTS [ivr].[rtrim_non_ascii]DROP schema IF EXISTS [ivr]
Note: Make sure to select the relevant database where the IVR tables are located.

Upgrade BigFix Insights for Vunerability Remediation

The fixlet will upgrade the BigFix Insights for Vulnerability Remediation service to the most recent version. To initiate the upgrade, it is required to provide the BigFix Insights user credentials and vulnerability management datasource credentials.

Note: Before you install the Fixlet, go to Success Criteria tab and select all lines of the action script have completed successfully.

Whitelist Report Download URLs of BigFix Insights for Vulnerability Remediation

This Fixlet whitelists the dynamic download report URLs specific to each vendor of BigFix Insights for Vulnerability Remediation service.