AI Docs

How to use the Linux and Unix inventory scripts as a Pseudo Agent | v8+

2 min read

certero logo_cropped_png-01 1.png

Certero has had a command-line inventory script for Linux and other UNIX variants available for many years, the inventory script could be scheduled via ‘cron’ or other scheduling tools, the inventory data then had to be copied to a folder on the Certero Endpoint Server for processing.

For some organisations, the transferring of the inventory data could be a challenge due to security constraints or third-party tools being required to copy the file.

To enable the creation of a pseudo agent, Certero has added the functionality to enable the inventory data to be uploaded directly to the Certero Endpoint Server.

Approach

There are two commands that are available on most distros of Linux and other UNIX variants called 'curl' and 'wget' (N.B. These packages may not be installed by default), with the use of these commands a script can be created to run the command-line inventory and then upload the inventory data. The commands can also be used to download the latest version of the inventory script:

  • Download the latest script using curl

  • Run the inventory script

  • Upload the inventory data

To download the latest script (csinvcli.sh) using 'curl' the following command can be used:

curl -O https://<Endpoint Server>/CerteroEndPointServer/Client/<Variant>/csinvcli.sh

i.e. For Linux

curl -O https://<Endpoint Server>/CerteroEndPointServer/Client/Linux/csinvcli.sh

Available variants are: Aix, Hpux, Linux and Solaris

N.B. A ‘-k’ parameter may need to be used when using 'https' to communicate with internal endpoint servers where the certificate may be self-signed and the target device may not trust it.

Running the inventory script:

chmod +x ./csinvcli.sh
./csinvcli.sh

Uploading the inventory data:

curl --header "Content-Type: application/octet-stream" --data-binary @<INVENTORY FILE> "https://<Endpoint Server>/CerteroEndpointServer/Client/Upload?tenantId=<TENANT ID>&e=tgz"

N.B. To ensure the upload has been successful the http status code needs to be checked for 200 response

See the example for Linux below:

#!/bin/bash
TENANT_ID=01234567-89AB-CDEF-0123-456789ABCDEF
ENDPOINT=https://certero.anycorp.local/CerteroEndpointServer
run_curl_command () {
CURL_OUTPUT=$(eval curl -w httpcode=%{http_code} $1 2> /dev/null)
CURL_RETURN_CODE=$?
if [ ${CURL_RETURN_CODE} -eq 0 ]; then
CURL_RETURN_CODE=$(echo "${CURL_OUTPUT}" | sed -e 's/.*\httpcode=//')
fi
return $CURL_RETURN_CODE
}
echo
echo "Tenant ID: ${TENANT_ID}"
echo "Endpoint server: ${ENDPOINT}"
echo
# Download inventory script
echo "Downloading latest inventory script"
run_curl_command "-O ${ENDPOINT}/Client/Linux/csinvcli.sh"
HTTP_STATUS_CODE=$?
if [ ${HTTP_STATUS_CODE} -ne 200 ]; then
echo "Failed to download Certero inventory script\n"
exit 1
fi
# Run inventory script
# If Certero for Oracle is in scope change the line ./csinvcli.sh to ./csinvcli.sh -m 1024
chmod +x ./csinvcli.sh
# If Certero for Oracle is in scope change the next line ./csinvcli.sh to ./csinvcli.sh -m 1024
./csinvcli.sh

RETURN_CODE=$?
if [ ${RETURN_CODE} -ne 0 ]; then
echo "An error occurred running the Certero inventory script\n"
exit 2
fi
# Upload inventory
echo "Uploading inventory"