Introducing Fixlets and Tasks

Fixlets and Tasks are central to BigFix.

Using Relevance statements, they target specific computers, remediating only those BigFix Clients affected by an issue. They are both packaged with an Action script that can resolve the issue with a simple mouse-click.

Fixlets and Tasks differ mainly in how they get resolved.

  • A Fixlet is triggered by a Relevance clause that detects a vulnerability. When an Action is invoked to remediate the vulnerability, the Fixlet automatically loses relevance and is thus no longer applicable on that specific BigFix Client. As a Fixlet Action propagates through your network, you can track its progress with the Console, Web Reports. When every BigFix Client in your network has been remediated, the Fixlet is no longer relevant and it is removed from the list. If the issue returns, the Fixlet is shown again in the list, ready to address the issue again.
  • A Task comes with one or more Action scripts that help you adjust settings or run maintenance tasks. It generally stays relevant after its Action script has been run. Tasks are designed for reapplication and as a consequence, they are often persistent.

Both Fixlets and Tasks might have a Default Action, allowing you to simply click from the list to deploy it. They can both be grouped into Baselines, allowing higher levels of automation. If you create a Baseline of Fixlets or Tasks which all contain default Actions, you can turn the tedious chores of maintaining a corporate policy or common operating environment into a single-click operation. In typical operation, Fixlet relevance contributes to the overall baseline relevance; Task relevance does not. Similarly, Actions created from a Baseline can be composed of both Fixlet and Task Actions, and typically only the relevance of the Fixlet Actions contributes to the decision to run the group. These are defining features of Fixlets and Tasks. The following table summarizes the differences:

Fixlet message Task
Relevance interpretation: Machine is in remediable state Action is available to run in this context
To establish success of remediation: Relevance becomes false Action runs to completion
Contributes to Baseline Relevance? Yes No
Contributes to Group Action execution? Yes No

At any time, you can open a Fixlet or Task to inspect the underlying Relevance expressions that are used to target the Clients, as well as the Action scripts that are designed to address the issue. The language is human-readable to give you a high degree of confidence in both the applicability of the trigger and efficacy of the remedial Action. You can also see exactly which computers in your network are affected by each Fixlet or Task. When propagated, you can then view the progress and ultimate history of each Action taken on a Client-by-Client basis.