6 Replies Latest reply on May 19, 2014 2:58 AM by Monoj Padhy

    How to fliter non complaint Severs into a server group ?

    Monoj Padhy

      Hi,

       

      We have executed a compliance job. Now looking to parse the content of O/p of compliance job and add the non compliant servers into a server group. I have used below command in a NSH script and successfully extracted the compliance job result into a CSV file.

       

      blcli_execute Utility exportComplianceRunLatest "${TEMPLATE_LOCATION}" "${TEMPLATE_NAME}" "${RULE_NAME}"

      "${JOB_LOCATION}" "${JOB_NAME}" "$LOG_PATH/$LOG_FILE.csv" "CSV"

       

      Attached is the file generated for your reference.

       

      Can anyone help me out here to filter the csv file content and add the non compliant server into server group. How we can start reading data from specific line number ?

       

      Regards,

      Blas

        • 1. Re: How fliter non complaint Severs into a server group ?
          Rajeev Gupta

          You can probably store the output in some property/properties..

          Create a custom property.. store the value using the same NSH script after pulling compliance data > setPropertyValue

          Then create smart group as per the property..

          • 2. Re: How fliter non complaint Severs into a server group ?
            Monoj Padhy

            Sample data extracted from the above command is attached. I hope you have gone through the same. Storing data in property will not be a feasible solution.

             

            Mean while I have done some googling and find out how we can read data from csv file.

             

             

            filename=compliance.csv

            while IFS=, read -r A B C D E F G H I J K L M N O; do


            if [[ $I -eq "Fail" ]]

                 then

                 echo "server_name=$B"

                 echo "result=$I"

            else

                 echo "In else block"

            fi

             

            done< "$filename"



            Here I found something unexpected....where echo command is executing even if for "Pass" but in if I am only do echo if $I contains "Fail". Also for server name(column position B in csv) i am getting value of rule definition(column position G in csv)



            • 3. Re: How fliter non complaint Severs into a server group ?
              Bill Robinson

              what are you trying to accomplish by doing this ?

              • 4. Re: How fliter non complaint Severs into a server group ?
                Monoj Padhy

                Hi Bill,

                 

                We are looking to filter out the non compliant servers into some server groups based on some condition(os platform, environment etc). After that customer will have the list of non compliant servers under the server group and they will create some change request for only those servers.

                 

                Then as a part of remediation, We will create a generic script that will include some command to make the required attributes compliant for a specific user ...here root(we have only few users compliance check in our scope)

                 

                We are not looking to remediate the attributes for any user by attaching a remediation package to the compliance rule.

                 

                As of now I executed the above blcli command and generate the compliance job latest run details into a csv file. Now while iterating through csv file I am facing issue and it is not iterating as expected due to presence of some carriage return . In the previous thread I have already attached a copy of sample csv file generated.

                 

                I think column G and H creating some problem while iterating with IFS.

                little bit googling and I got some thing like below . What I understand is the 1st command is removing the carriage return and secons one to create a new csv file with data from the specific position from the file1.csv.

                 

                sed -e ':a' -e 'N' -e '$!ba' -e 's/]]\n/]]/g' file.csv > file1.csv

                 

                awk 'FNR==1 {CNT=split(COLS, CNo, ",")}

                {for (i=2; i<=NF; i+=2) {

                gsub (/,/, "\001", $i)}

                split ($0, TMP, ",")

                $0="" for (i=1; i<=CNT; i++) $0=$0 ($0?",":"") TMP[CNo[i]]

                gsub ("\001", ",")

                }

                1

                ' FS="\"" OFS="\"" COLS=1,2,3,4,5,6,8,9,10,11,12,13, file1.csv > file2.csv


                In file2.csv data is not is expected format and by doing this mismatch condition data is moved to template name coiumn. Not able it figure it out.... whats going wrong here ?

                 

                can you please tell me how can I deal with carriage returns here.

                 

                Looking forward for your valuable suggestion.

                • 5. Re: How to fliter non complaint Severs into a server group ?
                  Joe Piotrowski

                  If I understand what you're trying to do, it seems like you're trying to come up with something that BSA already naturally does, but in a completely different way.

                   

                  My question would be, if BSA can:

                  - do a compliance check

                  - attach remediation to a compliance check

                  - analyze your servers for compliance

                  - from analysis create a remediation package against the target(s) you want (BSA does that natively)

                  - you can also alter the BLPackage or targets before deployment if you want

                   

                  Why can't or wouldn't you follow this process?

                  • 6. Re: Re: How to fliter non complaint Severs into a server group ?
                    Monoj Padhy

                    Hi Joe,

                     

                    I am completely agree with you. Please find below comments of mine.

                     

                    My question would be, if BSA can:

                    - do a compliance check --- We have compliance rule in place to check this.

                     

                    - attach remediation to a compliance check --- As per customers requirement we need to have some generic format that we will apply against the server group created for each failed user. (Client Insist to have such a solution design as this would be easier from their prospective to handle the change management process). I will once again check with the client if we go with the steps you have mentioned.

                     

                    - analyze your servers for compliance --- This is also we have done by running compliance job.

                     

                    - from analysis create a remediation package against the target(s) you want (BSA does that natively)

                    - you can also alter the BLPackage or targets before deployment if you want

                     

                    Currently the only thing I got stuck is that reading the CSV file using below command.

                     

                    filename=ComplianceData.csv

                    while IFS=, read -r A SERVER C D E F G H Value J K L M N O; do


                    if [[ $Value -eq "Fail" ]]

                        then

                        echo "server_name=$SERVER"

                        echo "result=$Value"

                    else

                        echo "In else block"

                    fi

                     

                    done< "$filename"


                    In $SERVER sometimes i got value of G or H or Value field due to presence of carriage return or blank spaces.


                    Attached the original csv file (ComplianceData.csv)generated using utility exportComplianceRunLatest


                    Now how can I generate a new csv file (ComplianceData_New.csv) by removing he fields Rule Definition and Mismatched Conditions.


                    I have manually removed these 2 fileds from the csv file and while loop is working as expected.


                    If you can assist me in creating the file (ComplianceData_New.csv) from the original csv then my issue will be resolved.


                    Regards,

                    Blas