Creating signatures from package data

You can use package data to expand your custom catalog. You can add signatures for software products that are installed in your infrastructure but are not present in the HCL® catalog.

Before you begin

An icon representing a user. You must have the View Raw Data, View Endpoints and Manage Catalogs permissions to perform this task.


  • 9.2.11 For versions 9.2.11 and higher
    1. Log in to BigFix Inventory, and go to Reports > Package Summary.
    2. Set up the relevant filters, and identify the packages that you want to create signatures for.
    3. Check one or more packages. You can select up to twenty packages at a time.
    4. Hover over the Signature icon Signature icon and click Add Signature.
      Note: You cannot create a signature on a Package Data report, if you already added either a file or an extended signature for the component with the same details. If you create a package signature for a component that is a part of a basic catalog, the component and the detection will be duplicated.
  • For versions before 9.2.11
    1. Log in to BigFix Inventory, and go to Reports > Package Data.
    2. To filter the report data, hover over the Manage Report View icon Manage Report View icon, and click Configure View. Then, specify the appropriate filtering options.
      Note: To find a file or a package that can be used as a signature, filter the report to the data from the computer on which the particular software product is installed. To further narrow down the results, specify the whole or part of the path to the directory where the software is installed. Then, look at the following columns.
      • Recognized - the column shows whether the package data and/or file was recognized as part of an existing signature.
      • Removed since 10.0.4: Caused Detection - the column shows whether the file contained enough information to cause detection of the related software. The Caused Detection column is removed since BigFix Inventory version 10.0.4. You must re-create your saved reports in case you had used the Caused Detection column.
      If the value in both columns is No, the file is not used for software detection and you can use it to create a new software signature.
    3. In the Name column, look for the location where the missing software title is installed. Click the arrow on the right from the Name of the file that you want to use as a signature, and click Create Signature.

      Image that shows how to locate file name in the Package Data report.
    4. In the Create Catalog Entry window, provide the publisher name, product name, and release number.

      Create Catalog Entry window.

      10.0.9 To create a template signature with auto-detectable version of the package, you may choose the Package Template signature type and copy data from the Package or File Signatures tab to the template type. For more details, see Creating signatures.

      Tip: The most efficient signatures are file-based signatures with a constant size that is different for each release, or signatures that are based on registry entries where a wildcard (*) can be used. You can use a wildcard in the Name and Version fields for a package. A wildcard represents any string and can be combined with other characters. You can use an asterisk '*' character not combined with other characters in the Vendor field for a package (meaning any vendor). For example, you can use IBM * SDK for Java™, 5.*, * for the name, version, and vendor fields.
      Note: A detailed package version that is discovered is shown in the 'Component Detailed Version' column in the Software Classification report and 'component_detailed_version' column in REST API.
    5. To save the catalog entry, click Submit.
      Important: If you create an entry that exists in the software catalog an informational message is displayed, and both signatures are saved in the catalog.


You added a software signature to your custom catalog, and it can now be used to detect software. When you create signatures from package data, the custom content version of the software catalog remains the same, because the signatures are matched on the server side, and no new catalog needs to be created.

You can view the audit trail of the changes on the Catalog Audit report.

What to do next

You can edit the details of the signature and delete a custom catalog entry on the Catalog Customization panel.