Discovering cloud resources

BigFix 10 provides the capability to discover resources that you own on any of the supported cloud providers.

The discovery is performed by the cloud plugins. Each plugin periodically queries the corresponding cloud provider, and retrieves available cloud resource data. Retrieved data is then processed by the Plugin Portal, and eventually sent to the BigFix Server. In case of cloud resources on which the BigFix Agent is installed, the new cloud provider inspector allows retrieving data that is used for computer correlation purposes.

In BigFix Version 10.0.8, a new feature was introduced to delete on the BigFix Database the computer instances no longer discovered. When during a discovery, the Plugin recognizes that a device is no longer present, it sends a report to the Plugin Portal, that removes the device from its database and sends a removal HTTPs Post Request to the Server which will perform either a physical deletion from the database or a logical deletion.

By default, the BigFix Server performs a logical deletion: all the data still remain in the database but the devices are marked as deleted. Devices no longer discovered due to an error, for instance due to wrong credentials, are not removed.

A new setting was added to the Plugins, allowing you to perform the physical deletion from the database. With this option, the BigFix Server physically removes the devices and all its associated data from the database, as the BES Computer Remover Tool does.

To avoid database inconsistencies, we do not support physical delete operations in DSA environments. If the server receiving the physical delete request is within a DSA environment, it logs that the physical delete operations are not supported in DSA environments and switches to a logical delete operation.

Another setting was added to the Plugins, allowing also the deletion of all the correlated instances. Both these settings can be changed from the WebUI. For more details about the settings, see Configuring cloud plugins.

In the following example, the Plugin discovers 100 new machines and no longer detects another 200, so the Plugin Portal receives a new report for the 100 new machines and an empty report for the other 200 machines. For its part, the Plugin Portal must register new devices and remove undetected devices (Device alerts / Deletion requests arrow). With this new feature, the Plugin Portal will also send an HTTP delete request for the devices that are no longer detected (Delete HTTPs request arrow). The Relays will forward the request to the BigFix Server, which is in charge of performing either a physical or a logical deletion (depending on the new plugin setting introduced and already described above) of the 200 undetected devices from the BigFix database. What happens is that the removed devices will not be displayed in the BigFix Console and in the WebUI computer list and the BigFix Console and the WebUI will always show the list of the actually detected devices.