Introducing Fixlets and Tasks
Fixlets and Tasks are central to BigFix.
Each Fixlet and Task has a set of Relevance statements that describes the conditions for its applicability to a computer. Those statements can be used to identify computers that exhibit a set of characteristics, such as having a certain operative system with a certain version of a program installed on it.
By evaluating the Relevance statements of a Fixlet (or Task), a BigFix Client can determine if the computer it is running on has an issue or a vulnerability. In other words, Fixlets and Tasks use Relevance statements to describe what computers they are "applicable" to.
Each Fixlet and Task has at least an "action" associated to it. Each action consists of a set of Action statements, which are the commands that the BigFix Client can execute. By running the Action statements of a Fixlet (or Task), the BigFix Client can perform maintenance operations, fix issues, remediate vulnerabilities, and more.
The action of a Fixlet or Task is only performed if it is "issued" by a BigFix "operator" to a computer with the BigFix Client installed on it. A BigFix Client can only run the action if the corresponding Fixlet (or Task) is relevant on its computer.
A BigFix operator can see what Fixlets and Task are "relevant" on what computer and choose to apply them. For a given Fixlet (or Task), a BigFix operator can target all computers that it is relevant on, or enumerate a specific set of target computers.
In order to apply a Fixlet (or Task) to the chosen set of computers, which can be determined dynamically or not, a BigFix operator will create a BigFix "action".
As an action propagates through your network, you can track its progress with the BigFix Console, Web Reports, or the WebUI.
Depending on how the action is targeted and issued, a BigFix Client can receive the action directly or determine that it is a relevant target for the action. It then proceeds to run the Action statements written in the Fixlet (or Task) associated to that action.
After an action was issued to fix an issue identified a Fixlet on a computer, if the action ran successfully, that Fixlet becomes not relevant.
If a Fixlet (or Task) was relevant on a computer and then, due to a BigFix action or to conditions changing on that computer, it becomes not relevant, it is said to have been "remediated" on that computer.
The BigFix Client continuously evaluates the relevance of Fixlets and Tasks, so if something changes on its computer and, for example, a Fixlet that was previously applied becomes relevant again, a new action can be issued to apply it again.
They are both packaged with an Action script that can resolve the issue with a simple mouse-click.
Fixlets and Tasks differ mainly in how they get resolved. A Task comes with one or more Action scripts that help you adjust settings or run maintenance tasks. It generally stays relevant after its Action script has been run. Tasks are designed for reapplication and as a consequence, they are often persistent.
Fixlets and Tasks allow you, as a BigFix operator, to find and fix issues at once. Most have a "default action" that can be issued with just a few clicks. They can both be grouped into Baselines, allowing higher levels of automation.
If you create a Baseline of Fixlets or Tasks which all contain default Actions, you can turn the tedious chores of maintaining a corporate policy or common operating environment into a single-click operation.
In typical operation, Fixlet relevance contributes to the overall baseline relevance; Task relevance does not.
Similarly, Actions created from a Baseline can be composed of both Fixlet and Task Actions, and typically only the relevance of the Fixlet Actions contributes to the decision to run the group.
These are defining features of Fixlets and Tasks. The following table summarizes the differences:
| Fixlet message | Task | |
| Relevance interpretation: | Machine is in remediable state | Action is available to run in this context |
| To establish success of remediation: | Relevance becomes false | Action runs to completion |
| Contributes to Baseline Relevance? | Yes | No |
| Contributes to Group Action execution? | Yes | No |
At any time, you can open a Fixlet or Task to inspect the underlying Relevance expressions that are used to target the Clients, as well as the Action scripts that are designed to address the issue. The language is human-readable to give you a high degree of confidence in both the applicability of the trigger and efficacy of the remedial Action. You can also see exactly which computers in your network are affected by each Fixlet or Task. When propagated, you can then view the progress and ultimate history of each Action taken on a Client-by-Client basis.