Configuration Instructions

Configure a customer instance of the Service Graph Connector for HCL BigFix following the initial deployment of the application.

About this task

Note:
Accept all incoming changes if you see any errors while installing or upgrading the Service Graph Connector application.

Procedure

  1. Configure the MID Server security policy.

    Beginning with Rome, the out-of-the-box (OOB) MID Server security policy checks for certificates when communicating with the MID Server. For more information on MID Server certificate check policies, refer to ServiceNow documentation.

    Customers see certificate errors while using the Service Graph Connector for HCL BigFix if BigFix Inventory does not use valid certificates that are trusted by the MID Server. To avoid these issues, leverage trusted certificates with BigFix Inventory (Configuring secure communication), or disable the checks within ServiceNow by setting the flags to false for the Internet or Intranet depending on how the MID Server communicates with the instance.

    1. Navigate to the MID Server security policies.
    2. Locate the Internet and Intranet policies, depending on how your MID Server communicates with the instance.
    3. Set the respective certificate check flags to false.
  2. Configure the MID Server capability.

    Ensure that the MID Server has the appropriate capabilities assigned to communicate with BigFix.

    1. Create a new MID Server capability if one does not already exist.
    2. Associate the capability with your MID Server or MID Servers.
  3. Configure application access permissions for the CMDB tables.

    To allow the Service Graph Connector for BigFix to remove software records from the Configuration Management Database (CMDB) that no longer exist on endpoints, you must enable delete permissions for the relevant CMDB tables. For details and reference, refer to ServiceNow Table design and runtime settings.

    1. Navigate to the specific CMDB table you want to configure, such as Software Installation (cmdb_sam_sw_install).
    2. Select the Application Access tab.
    3. Select the Can delete checkbox.
  4. Add the Discovery Source.

    Register BigFix as a discovery source within your ServiceNow instance.

    1. In the left navigator, select Fix Scripts.
    2. In the Fix Script list, look for Register BigFix Discovery Source.
    3. Open that record and select Run Fix Script.
  5. Configure the BigFix connection parameters using the guided setup.

    Use the guided setup to configure the API and HTTP connections.

    1. In the application menu, navigate to Service Graph Connector for BigFix > Setup.
    2. Follow the directions provided within the guided setup process.
    3. In the Configure the Connection section, follow the provided instructions to complete the necessary tasks.
  6. Configure the API key.
    1. Log in to your BigFix Inventory user interface.
    2. Locate and select your Profile in the top-right corner of the header.
    3. Select Show Token, then copy the resulting token and paste it into the designated API Key field in the ServiceNow Setup interface.

      Replace the initial placeholder with the actual API key obtained from the Inventory user interface.

    4. Select Update to save your changes.
    5. Return to the Setup page and designate the task as complete.
  7. Configure the HTTP connection.
    1. In the Host field, provide the IP address or domain name of the BigFix Inventory server.

      Ensure the default placeholder is replaced with the specific details of the customer's Inventory server.

    2. Select the Use MID server checkbox.
    3. Verify that Capabilities is selected and MID Application is set to ALL.
    4. Select Update.
    5. Return to the Setup page and designate the task as complete.
  8. Test the configuration.

    After configuring connection details, the Setup Guide allows for connection testing. Verify that your instance can successfully retrieve data from BigFix.

    1. In the Setup Guide, locate the Test the connection task and select Configure.
    2. Select Test Load 20 Records.
    3. Verify the Progress indicator.
      If the result shows Processed with data and Success, the connection is established.
  9. Test Flow Designer data streams.
    1. Navigate to Flow Designer and under Data Streams, look for data streams under the application Service Graph Connector for HCL BigFix.
    2. Open any data stream, for example: List Hardware Inventory Details.
    3. Select the Test button.
    4. Select the Connection Alias and select Run Test.
    5. Execute the test to confirm data population.
      Successful results indicate that the connections are functional, allowing you to proceed with the subsequent steps.
  10. Manage the Criteria flags by adjusting the relevant system properties.

    The following system properties control the values within the Criteria field. If modifications are necessary prior to testing, adjust these properties to meet specific customer requirements.

    1. Navigate to the sys_properties table.
    2. Adjust the following properties as needed.
      Property name Default value Description
      x_hclte_sg_bigfix.include_aix_computers false Specifies whether to include AIX computers in the Service Graph Connector integration. Set to true to include AIX computers.
      x_hclte_sg_bigfix.include_computers_with_no_bios_serial_number false Specifies whether to include computers that do not have a BIOS serial number. Set to true to include these computers.
      x_hclte_sg_bigfix.include_macos_computers false Specifies whether to include macOS computers in the Service Graph Connector integration. Set to true to include macOS computers.