generate_bigfix_relevance_script
Create PowerShell scripts that determine if computers require action in IBM BigFix environments, following best practices for proper output format, logging, and error handling.
Instructions
Generate a BigFix relevance script to determine if computers need action.
Creates a PowerShell relevance script that follows IBM BigFix best practices:
- Proper output format (TRUE/FALSE for BigFix consumption)
- BigFix client log integration for monitoring
- Event log integration for troubleshooting
- Comprehensive error handling and logging
- Fast execution optimized for frequent evaluations
π‘ TIP: For complete BigFix deployments, you need BOTH relevance and action scripts.
Consider using 'generate_bigfix_script_pair' to create both scripts together with matching logic.
IBM BigFix References:
- Relevance Language Guide: https://help.hcltechsw.com/bigfix/11.0/relevance/Relevance/c_relevance_language.html
- Action Scripts: https://help.hcltechsw.com/bigfix/11.0/platform/Platform/Console/c_creating_action_scripts.html
- Best Practices: https://help.hcltechsw.com/bigfix/11.0/platform/Platform/Console/c_best_practices_for_creating_fixlets.html
- Client Logging: https://help.hcltechsw.com/bigfix/11.0/platform/Platform/Installation/c_bes_client_logging.html
Args:
description: Clear description of what the script should check (e.g., 'Check if Chrome needs updating', 'Verify Windows patches are current')
relevance_logic: PowerShell code that determines relevance. Use 'Complete-Relevance -Relevant $true/$false -Message "status"' to indicate result
output_path: Optional file path where the script will be saved. If not provided, returns script content
timeout: Command timeout in seconds (1-300, default 60)
Returns:
Generated script content or path where script was saved
Example:
Generate a script to check if Chrome needs updating:
```
result = await generate_bigfix_relevance_script(
description="Check if Chrome browser needs updating to version 100.0.0.0 or higher",
relevance_logic=''',
try {
$app = Get-ItemProperty "HKLM:\Software\Microsoft\Windows\CurrentVersion\App Paths\chrome.exe" -ErrorAction Stop
$version = (Get-Item $app.'(Default)').VersionInfo.FileVersion
$needsUpdate = [version]$version -lt [version]"100.0.0.0"
Complete-Relevance -Relevant $needsUpdate -Message "Chrome version: $version (Target: 100.0.0.0+)"
} catch {
Complete-Relevance -Relevant $true -Message "Chrome not found or inaccessible - installation needed"
}
''',
output_path="chrome_relevance.ps1"
)
```
Tips:
- Keep relevance logic fast and efficient (evaluated frequently)
- Return TRUE when action is needed, FALSE when compliant
- Always use Complete-Relevance function for proper BigFix output format
- Use try-catch blocks for robust error handling
- Test relevance logic thoroughly across different environments
- Use Write-BigFixLog for detailed progress tracking
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| description | Yes | ||
| relevance_logic | Yes | ||
| output_path | No | ||
| timeout | No |
Implementation Reference
- server.py:587-657 (handler)The main handler function for the 'generate_bigfix_relevance_script' tool, decorated with @mcp.tool(). It generates BigFix relevance scripts by populating a template with provided description and logic, using the shared generate_script_from_template helper.async def generate_bigfix_relevance_script( description: str, relevance_logic: str, output_path: Optional[str] = None, timeout: Optional[int] = 60 ) -> str: """Generate a BigFix relevance script to determine if computers need action. Creates a PowerShell relevance script that follows IBM BigFix best practices: - Proper output format (TRUE/FALSE for BigFix consumption) - BigFix client log integration for monitoring - Event log integration for troubleshooting - Comprehensive error handling and logging - Fast execution optimized for frequent evaluations π‘ TIP: For complete BigFix deployments, you need BOTH relevance and action scripts. Consider using 'generate_bigfix_script_pair' to create both scripts together with matching logic. IBM BigFix References: - Relevance Language Guide: https://help.hcltechsw.com/bigfix/11.0/relevance/Relevance/c_relevance_language.html - Action Scripts: https://help.hcltechsw.com/bigfix/11.0/platform/Platform/Console/c_creating_action_scripts.html - Best Practices: https://help.hcltechsw.com/bigfix/11.0/platform/Platform/Console/c_best_practices_for_creating_fixlets.html - Client Logging: https://help.hcltechsw.com/bigfix/11.0/platform/Platform/Installation/c_bes_client_logging.html Args: description: Clear description of what the script should check (e.g., 'Check if Chrome needs updating', 'Verify Windows patches are current') relevance_logic: PowerShell code that determines relevance. Use 'Complete-Relevance -Relevant $true/$false -Message "status"' to indicate result output_path: Optional file path where the script will be saved. If not provided, returns script content timeout: Command timeout in seconds (1-300, default 60) Returns: Generated script content or path where script was saved Example: Generate a script to check if Chrome needs updating: ``` result = await generate_bigfix_relevance_script( description="Check if Chrome browser needs updating to version 100.0.0.0 or higher", relevance_logic=''', try { $app = Get-ItemProperty "HKLM:\\Software\\Microsoft\\Windows\\CurrentVersion\\App Paths\\chrome.exe" -ErrorAction Stop $version = (Get-Item $app.'(Default)').VersionInfo.FileVersion $needsUpdate = [version]$version -lt [version]"100.0.0.0" Complete-Relevance -Relevant $needsUpdate -Message "Chrome version: $version (Target: 100.0.0.0+)" } catch { Complete-Relevance -Relevant $true -Message "Chrome not found or inaccessible - installation needed" } ''', output_path="chrome_relevance.ps1" ) ``` Tips: - Keep relevance logic fast and efficient (evaluated frequently) - Return TRUE when action is needed, FALSE when compliant - Always use Complete-Relevance function for proper BigFix output format - Use try-catch blocks for robust error handling - Test relevance logic thoroughly across different environments - Use Write-BigFixLog for detailed progress tracking """ params = { "SYNOPSIS": f"BigFix Relevance Script - {description}", "DESCRIPTION": description, "DATE": datetime.now().strftime('%Y-%m-%d'), "RELEVANCE_LOGIC": relevance_logic } if output_path: output_path = ensure_directory(output_path) return await generate_script_from_template("bigfix_relevance", params, output_path, timeout)
- server.py:159-195 (helper)Helper function used by generate_bigfix_relevance_script (and other tools) to load and populate PowerShell templates from the templates/ directory.async def generate_script_from_template( template_name: str, parameters: Dict[str, Any], output_path: Optional[str] = None, timeout: Optional[int] = 60 ) -> str: """Generate a PowerShell script from a template. Args: template_name: Name of the template to use (without .ps1 extension) parameters: Dictionary of parameters to replace in the template output_path: Where to save the generated script (optional) timeout: Command timeout in seconds (1-300, default 60) Returns: Generated script content or path where script was saved """ template_path = os.path.join(TEMPLATES_DIR, f"{template_name}.ps1") if not os.path.exists(template_path): raise ValueError(f"Template {template_name} not found") with open(template_path, 'r') as f: template_content = f.read() # Replace template variables script_content = template_content parameters['DATE'] = datetime.now().strftime('%Y-%m-%d') for key, value in parameters.items(): script_content = script_content.replace(f"{{{{{key}}}}}", str(value)) if output_path: with open(output_path, 'w') as f: f.write(script_content) return f"Script generated and saved to: {output_path}" return script_content
- server.py:587-587 (registration)The @mcp.tool() decorator registers the generate_bigfix_relevance_script function as an MCP tool.async def generate_bigfix_relevance_script(