Home
Configuring
After you install BigFix Inventory, configure the application. Create accounts for the users who need access to the application and set up scans to collect software and hardware inventory data from your environment.
Setting up scans to discover software and hardware inventory
The scanner is an independent, well-defined component that is used by BigFix Inventory. It is installed and managed through the BigFix client, and it enables the software and capacity scans. Software and capacity scans collect data that is later on displayed on the BigFix Inventory reports. For environments with up to a few thousand computers, you can enable the default scan configuration. In this case, the analyses are activated and software and capacity scans as well as uploads of their results are scheduled automatically on the computers that are subscribed to the BigFix Inventory site. For larger environments, it is advisable to divide the computers into groups and manually configure a separate scan schedule for each group to avoid performance issues.
Discovering software and hardware on IBM i
Available from 9.2.5. You can discover software and hardware inventory on IBM i systems by using disconnected scans that do not require direct connection between the scanned computers and BigFix server. Scripts that are provided in the disconnected scanner package initiate software and capacity scans, and prepare scan results that you later on upload to BigFix Inventory.
(Optional) Manually installing the scanner and running the scans
Available from 9.2.5. scripts that automate the scans are not appropriate for your environment, and you need to customize the execution of scans without changing the required scan frequency, refer to this appendix. The appendix describes how to run each scan, how to collect the results, and finally how to create the final package that can be uploaded to BigFix Inventory manually. The automated scripts, however, remain a recommended way of discovering on IBM i systems.
(Optional) Manually running the scans and preparing the results
Available from 9.2.5. After you install the scanner, you use the QSH to initiate the software and capacity scans. Each type of scan creates a different output that must be copied to the final package that is imported to BigFix Inventory.
Running the capacity scan
Available from 9.2.5. In the capacity scan, the scanner reports the system type and details about the physical processor. If applicable, it also collects information about the guest operating system and logical partitions. This data is required to calculate the PVU and RVU MAPC consumption.

Configuring
After you install BigFix Inventory, configure the application. Create accounts for the users who need access to the application and set up scans to collect software and hardware inventory data from your environment.
- Creating users and groups
  Each user who has access to BigFix Inventory must be assigned a role and a computer group. The role defines which reports and panels the user can view. The computer group narrows down the scope of these reports and panels to computers that meet certain criteria.
- Setting up scans to discover software and hardware inventory
  The scanner is an independent, well-defined component that is used by BigFix Inventory. It is installed and managed through the BigFix client, and it enables the software and capacity scans. Software and capacity scans collect data that is later on displayed on the BigFix Inventory reports. For environments with up to a few thousand computers, you can enable the default scan configuration. In this case, the analyses are activated and software and capacity scans as well as uploads of their results are scheduled automatically on the computers that are subscribed to the BigFix Inventory site. For larger environments, it is advisable to divide the computers into groups and manually configure a separate scan schedule for each group to avoid performance issues.
  - Frequency of scans and uploads of data
    By default, software and capacity scans are scheduled with a frequency that meets auditing requirements. If you want to change the default frequency, ensure that the new setup fulfills the minimal requirements and all considerations.
  - Default scan configuration
    Default scan configuration is advised for environments with up to a few thousand computers. It ensures that the required analyses are activated and software and capacity scans as well as uploads of their results are scheduled automatically. These actions are necessary to collect data from the computers in your infrastructure and to display it on the BigFix Inventory reports. You can enable the default scan configuration during the configuration of BigFix Inventory connections to the databases or when adding another data source.
  - Manual scan configuration
    Manual scan configuration is advised for environments with more than a few thousand computers. It requires that analyses are activated and software and capacity scans as well as uploads of their results are scheduled manually after the installation. These actions are necessary to collect data from the computers in your infrastructure and display in on the BigFix Inventory reports. Flexibility of the manual scan configuration allows for avoiding performance issues that might occur when you scan too many computers at the same time.
  - Advanced scan configuration
    After you successfully schedule software and capacity scans and the scan data is displayed on the BigFix Inventory reports, you can further customize the scans. For example, you can exclude directories from software scans or scan remote shared file systems.
  - Discovering software and hardware on IBM i
    Available from 9.2.5. You can discover software and hardware inventory on IBM i systems by using disconnected scans that do not require direct connection between the scanned computers and BigFix server. Scripts that are provided in the disconnected scanner package initiate software and capacity scans, and prepare scan results that you later on upload to BigFix Inventory.
    - Disconnected scanner requirements
      The list of disk space requirements, the supported IBM i version compatible with the disconnected scanner and other relevant requirements.
    - Adding a new data source for disconnected scans
      Available from 9.2.5. All scan results are imported to BigFix Inventory from a directory dedicated to disconnected scans. You must add this directory as a data source to allow BigFix Inventory to check its content and import all packages that are stored within. The packages are imported during each data import.
    - Preparing installation files for disconnected scans
      Available from 9.2.5. After you add the data source, prepare the installation package and distribute it to IBM i endpoints. The package should contain the disconnected scanner and configuration files used to initiate the scans. These files are downloaded from the BigFix console.
    - Installing the scanner and gathering initial data
      Available from 9.2.5. After you distribute the disconnected scanner package to the computers in your infrastructure, install the scanner and run the initial scans.
    - Running software scans and gathering scan results on IBM i systems
      Available from 9.2.5. The script that is responsible for the software scan collects the results of the catalog-based, package data, and software ID tags scan as well as retrieves results of the capacity scan and the computer.yml file. All these results are combined and compressed into a common ZIP package that can be imported to BigFix Inventory.
    - Importing scan results to BigFix Inventory
      Available from 9.2.5. To import new scan results to BigFix Inventory, copy the package to the disconnected scans directory that you added as a data source.
    - Disconnected scanner maintenance and troubleshooting
      Available from 9.2.5. You can use the maintenance and troubleshooting tasks related to the disconnected scanner to monitor the scan progress, optimize the processor usage during the scan, understand and fix the most common issues, or learn more about the log files.
    - (Optional) Manually installing the scanner and running the scans
      Available from 9.2.5. scripts that automate the scans are not appropriate for your environment, and you need to customize the execution of scans without changing the required scan frequency, refer to this appendix. The appendix describes how to run each scan, how to collect the results, and finally how to create the final package that can be uploaded to BigFix Inventory manually. The automated scripts, however, remain a recommended way of discovering on IBM i systems.
      - (Optional) Manually installing the scanner
        Available from 9.2.5. If the automated scripts are not appropriate for your environment, you can manually install the scanner. You will also need to run the initial capacity scan, create the computer.yml file, and schedule regular capacity scans. These tasks are optional and can be completed with the automated scripts.
      - (Optional) Manually running the scans and preparing the results
        Available from 9.2.5. After you install the scanner, you use the QSH to initiate the software and capacity scans. Each type of scan creates a different output that must be copied to the final package that is imported to BigFix Inventory.
        Running the capacity scan
        Available from 9.2.5. In the capacity scan, the scanner reports the system type and details about the physical processor. If applicable, it also collects information about the guest operating system and logical partitions. This data is required to calculate the PVU and RVU MAPC consumption.
        Running the catalog-based scan
        Available from 9.2.5. In the catalog-based scan, the scanner creates scanner catalogs that are based on the catalog that you attach while initiating the scan. Based on these catalogs, the scanner discovers exact software matches.
        Running the ISO tags scan
        Available from 9.2.5. In software identification tags scan, the scanner searches for ISO tags that are delivered with software products. After you upload the final package with scan results to BigFix Inventory, the tags are processed. Based on the information that they contain, the software is discovered.
        Running the package data scan
        Available from 9.2.5. In the package data scan, the scanner searches the system registry to gather information about packages that are installed on your endpoints. After you upload the final package with scan results to BigFix Inventory, the discovered packages are compared with the software catalog resulting in software discoveries.
      - Creating the final package
        Available from 9.2.5. Gather all scan results and compress them into a ZIP package that can be imported to BigFix Inventory.
- Performing optional configuration
  You can perform optional configuration tasks to further customize the application.
- Classifying the BigFix client used by multiple BigFix products

Running the capacity scan

Available from 9.2.5. In the capacity scan, the scanner reports the system type and details about the physical processor. If applicable, it also collects information about the guest operating system and logical partitions. This data is required to calculate the PVU and RVU MAPC consumption.

Note: This task is optional, because it can be completed by an automated script. Use it only for advanced scenarios.

About this task

The capacity scan must be run every 30 minutes to collect current results.

Procedure

In QSH, run the following command to initiate the capacity scan:
```
/qsys.lib/qtivcit.lib/wscanhw.pgm -nolock  -s -c tlm_hw_config.xml  -o tlm_hw_<DATE>_<SECONDS>.xml
```
Where:

-s

Creates a signature for the output file. The signature must be stored for audit purposes.

-c tlm_hw_config.xml

Path to the tlm_hw_config.xml configuration file that you downloaded with CIT.

-o tlm_hw_<DATE>_<SECONDS>.xml

The output file.

DATE - Date in the YYYMMDDHHMM format, for example 201511101248.

SECONDS - Number of seconds that passed since January 1st 1970, for example 1447177713.

Tip: You can retrieve the date and the number of seconds by running the date +%Y%m%d%H%M-%s command on Linux.
Compress the output file into a capacity.zip package. The package can contain more than one output file.
Copy the capacity.zip package to the common /scans directory, in which you store all scan results.