Discovering software on shared disks

BigFix Inventory allows you to scan the shared disk on designed endpoint and use the information across all of endpoints. The solution is fully-automated.

To discover software that is installed on shared disks, identify disks that exist in your infrastructure. Then, choose the method of scanning these disks that best suits your environment.

Software that is discovered on shared disks is reported on every computer on which the shared disk is mounted. It causes that license metric utilization that is calculated for the discovered software increases. When the software is reported on every computer on which the shared disk is mounted, it continues contributing to license metric utilization for the entire reporting period even if the shared disk is unmounted.

Requirements

  • Scanning shared disks might increase the number of scanned files per computer in your environment and it might affect the hardware requirements of your system. For more information, see: Hardware requirements.
  • Discovery of shared disks is supported on Linux, AIX, Solaris, and HP-UX. It is not supported on Windows.
  • Types of discovered shared disks include UNIX Network File System (NFS) and Windows Common Internet File System (CIFS).
  • Types of software scans that are run on shared disks include catalog-based scan, file system scan, and software identification tags scan.
  • If you have systems with multiple interfaces, ensure that you configure them correctly. For more information, see: Configuring servers in separate networks.
Warning:
  1. BigFix Inventory scan is designed to scan only mounted drives and not invoke automounting of the shares. This is achieved by listing the mounts at the beginning and then scanning only designed and mounted.
    • Scan for designed share disk does not further check against the specific directories on the scanned shared. It assume that all the structure is local and can be accessed.
    • Form version 10.0.6, the */.snapshot/* directory is excluded by default for the newly set up endpoints. The snapshot directory is an example of directory that is not listed as a shared directory but gets triggered to mount as sub-shared.

      The exclude_path.txt file include the exclusion rules. The exclusion list does not allow to scan directories matching */.snapshot/*. The */.snapshot/* exclusion rule is not added when exclude_path.txt exists. You can change the rules on server side as required.

      Run the 1_Install_Scanner.bes fixlet to include the exclude_path.txt file. For newly set-up endpoints, if the exclude_path.txt file is not present, the 1_Install_Scanner.bes fixlet creates the same. For scanner initialization or upgrade, the existing exclude_path.txt file is used and the exclusion rule is not overwritten.

    • Check if the exclusion list includes */.snapshot/* directory on non-Windows endpoints. It is recommend to add the */.snapshot/* directory on non-Windows endpoints when you apply share disk scan.
  2. There is an option to automate the scan, see also Optimized mode - Automatic scanning of remote shared disks. Use this process to limit the scope of the scan and decide the endpoints that you want to scan. Scans access file systems and incorrect manual configuration might lead to overloading share disk if targeted incorrectly. It is recommended to use it when you are familiar with the process.

Set up shared disk scan

A prerequisite for the shared disk scan is to collect information about available and mounted share disks. See Step 1: Discovering remote shared disks.

Table 1. Methods of scanning remote shared disks
Scenario Considerations Visibility in BFI Steps to follow
Extending current discovery to all mounted shared disks This will scan every detected and mounted share disk once. Each computer having the disk mounted is having extended list of software on Software Classification Only.

See: Optimized mode - Automatic scanning of remote shared disks

Extending current discovery to selected mounted shared disks

Requires manual effort to designate computer to do the scan per share, however, allows to control scanned shared disks.

Also visible on Software Classification Only however user is on control to which computers information is assigned.

See: Limiting scope of automated scan

Scanning selected individual disks directly on computer

Extends the scope of regular scan to include shares. Use the standard exclusions to restrict the share from scan.

Use only on limited number of endpoints / shares. Avoid scanning share on more than one computer.

Extend standard discovery with the facts found on the shared disk. See: Manually Scanning Individual Disk