Video Screencast Help

Custum Invetory for Mac

Created: 10 May 2013 • Updated: 13 May 2013 | 9 comments
This issue has been solved. See solution.

I have come across a script to get the filevault status on a Mac.  I have also created several custom inventory items for PCs.  My problem is that I don't have a clue to get the output from the script into the custom data class from the Mac.

I have come across some sample scripts but nothing really explaing how the data collected gets into the correct data class.  On a PC i would ahve to put in the GUIS of the data class for it to work.  As far as I can tell this works differently on a Mac.

 

Can anyone shed some light on this for me?

 

Script for filevault status I found on the internet:

#!/bin/sh

CORESTORAGESTATUS="/private/tmp/corestorage.txt"
ENCRYPTSTATUS="/private/tmp/encrypt_status.txt"
ENCRYPTDIRECTION="/private/tmp/encrypt_direction.txt"

# Get number of CoreStorage devices. The egrep pattern used later in the script
# uses this information to only report on the first encrypted drive, which should
# be the boot drive.
#
# Credit to Mike Osterman for identifying this problem in the original version of
# the script and finding a fix for it.
#

DEVICE_COUNT=`diskutil cs list | grep -E "^CoreStorage logical volume groups" | awk '{print $5}' | sed -e's/(//'`

EGREP_STRING=""
if [ "$DEVICE_COUNT" != "1" ]; then
  EGREP_STRING="^\| *"
fi

osversionlong=`sw_vers -productVersion`
osvers=${osversionlong:3:1}
CONTEXT=`diskutil cs list | grep -E "$EGREP_STRING\Encryption Context" | sed -e's/\|//' | awk '{print $3}'`
ENCRYPTIONEXTENTS=`diskutil cs list | grep -E "$EGREP_STRING\Has Encrypted Extents" | sed -e's/\|//' | awk '{print $4}'`
ENCRYPTION=`diskutil cs list | grep -E "$EGREP_STRING\Encryption Type" | sed -e's/\|//' | awk '{print $3}'`
CONVERTED=`diskutil cs list | grep -E "$EGREP_STRING\Size \(Converted\)" | sed -e's/\|//' | awk '{print $5, $6}'`
SIZE=`diskutil cs list | grep -E "$EGREP_STRING\Size \(Total\)" | sed -e's/\|//' | awk '{print $5, $6}'`

# Checks to see if the OS on the Mac is 10.7 or 10.8.
# If it is not, the following message is displayed without quotes:
# "FileVault 2 Encryption Not Available For This Version Of Mac OS X"

if [[ ${osvers} -lt 7 ]]; then
  echo "FileVault 2 Encryption Not Available For This Version Of Mac OS X"
fi

 

if [[ ${osvers} -ge 7 ]]; then
  diskutil cs list >> $CORESTORAGESTATUS
 
    # If the Mac is running 10.7 or 10.8, but does not have
    # any CoreStorage volumes, the following message is
    # displayed without quotes:
    # "FileVault 2 Encryption Not Enabled"
   
    if grep -iE 'No CoreStorage' $CORESTORAGESTATUS 1>/dev/null; then
       echo "FileVault 2 Encryption Not Enabled"
    fi
   
    # If the Mac is running 10.7 or 10.8 and has CoreStorage volumes,
    # the script then checks to see if the machine is encrypted,
    # encrypting, or decrypting.
    #
    # If encrypted, the following message is
    # displayed without quotes:
    # "FileVault 2 Encryption Complete"
    #
    # If encrypting, the following message is
    # displayed without quotes:
    # "FileVault 2 Encryption Proceeding."
    # How much has been encrypted of of the total
    # amount of space is also displayed. If the
    # amount of encryption is for some reason not
    # known, the following message is
    # displayed without quotes:
    # "FileVault 2 Encryption Status Unknown. Please check."
    #
    # If decrypting, the following message is
    # displayed without quotes:
    # "FileVault 2 Decryption Proceeding"
    # How much has been decrypted of of the total
    # amount of space is also displayed
    #
    # If fully decrypted, the following message is
    # displayed without quotes:
    # "FileVault 2 Decryption Complete"
    #

    if grep -iE 'Logical Volume Family' $CORESTORAGESTATUS 1>/dev/null; then

    # This section does 10.7-specific checking of the Mac's
    # FileVault 2 status

      if [ "$CONTEXT" = "Present" ]; then
        if [ "$ENCRYPTION" = "AES-XTS" ]; then
       diskutil cs list | grep -E "$EGREP_STRING\Conversion Status" | sed -e's/\|//' | awk '{print $3}' >> $ENCRYPTSTATUS
      if grep -iE 'Complete' $ENCRYPTSTATUS 1>/dev/null; then
        echo "FileVault 2 Encryption Complete"
            else
        if  grep -iE 'Converting' $ENCRYPTSTATUS 1>/dev/null; then
          diskutil cs list | grep -E "$EGREP_STRING\Conversion Direction" | sed -e's/\|//' | awk '{print $3}' >> $ENCRYPTDIRECTION
            if grep -iE 'Forward' $ENCRYPTDIRECTION 1>/dev/null; then
              echo "FileVault 2 Encryption Proceeding. $CONVERTED of $SIZE Encrypted"
                  else
              echo "FileVault 2 Encryption Status Unknown. Please check."
               fi
               fi
             fi
        else
            if [ "$ENCRYPTION" = "None" ]; then
              diskutil cs list | grep -E "$EGREP_STRING\Conversion Direction" | sed -e's/\|//' | awk '{print $3}' >> $ENCRYPTDIRECTION
                if grep -iE 'Backward' $ENCRYPTDIRECTION 1>/dev/null; then
                  echo "FileVault 2 Decryption Proceeding. $CONVERTED of $SIZE Decrypted"
                elif grep -iE '-none-' $ENCRYPTDIRECTION 1>/dev/null; then
                  echo "FileVault 2 Decryption Completed"
                fi
            fi
        fi
      fi 
fi
fi
    # This section does 10.8-specific checking of the Mac's
    # FileVault 2 status

      if [ "$ENCRYPTIONEXTENTS" = "Yes" ]; then
        if [ "$ENCRYPTION" = "AES-XTS" ]; then
       diskutil cs list | grep -E "$EGREP_STRING\Fully Secure" | sed -e's/\|//' | awk '{print $3}' >> $ENCRYPTSTATUS
      if grep -iE 'Yes' $ENCRYPTSTATUS 1>/dev/null; then
        echo "FileVault 2 Encryption Complete"
            else
        if  grep -iE 'No' $ENCRYPTSTATUS 1>/dev/null; then
          diskutil cs list | grep -E "$EGREP_STRING\Conversion Direction" | sed -e's/\|//' | awk '{print $3}' >> $ENCRYPTDIRECTION
            if grep -iE 'forward' $ENCRYPTDIRECTION 1>/dev/null; then
              echo "FileVault 2 Encryption Proceeding. $CONVERTED of $SIZE Encrypted"

                  else
            if grep -iE 'backward' $ENCRYPTDIRECTION 1>/dev/null; then
                       echo "FileVault 2 Decryption Proceeding. $CONVERTED of $SIZE Decrypted"
                          elif grep -iE '-none-' $ENCRYPTDIRECTION 1>/dev/null; then
                            echo "FileVault 2 Decryption Completed"
               fi
                  fi
               fi
            fi 
         fi
       fi
      if [ "$ENCRYPTIONEXTENTS" = "No" ]; then
        echo "FileVault 2 Encryption Not Enabled"
      fi

# Remove the temp files created during the script

if [ -f /private/tmp/corestorage.txt ]; then
   rm /private/tmp/corestorage.txt
fi

if [ -f /private/tmp/encrypt_status.txt ]; then
   rm /private/tmp/encrypt_status.txt
fi

if [ -f /private/tmp/encrypt_direction.txt ]; then
   rm /private/tmp/encrypt_direction.txt
fi

 

 

Operating Systems:

Comments 9 CommentsJump to latest comment

JAunmc's picture

Update:

So I ran the sample script and it returned custom inv into altiris.

So I know the agent is working crrrectly.

 

I cloned the sample and changed the command line but Still get no results.  Can someone tell me what the Delimiters are?  Can somebody check this?

 

. `aex-helper info path -s INVENTORY`/lib/helpers/custominv_inc.sh
#
# Sample script for custom inventory
# The first line of code should be always included at the begin of the script
# Actual script for collecting inventory data begins after the following label:
# SCRIPT_BEGINS_HERE
#!/bin/sh
echo Filevault2Status
echo "Delimiters=\" \" "
echo string256
echo FileVault_Status

diskutil cs list | grep -E "\Conversion Status" | awk '{print $3 " "}'
fi

dougj's picture

Hi, 

In your script above, the data class is: Filevault2Status. This data class will only populate one column, which is: FileVault_Status. The dataclass must be created in the NS console, same as for windows custom inventory data classes. It will not be created on-the-fly when the data is loaded into the symantec_cmdb. 

The delimiters depend on the data. by defalt, the delimiter is a space. Usually, you don't need to modify this, especially in this case since you only have one column of data. 

Ensure that the data class is created with the 'exact' name specified in the script, rerun it and see if data is populated into the db table. 

Hint: For testing purposes, you can comment out the first line that includes the custosminv_inc.sh. Doing that will echo everything to the screen without sending the data to the NS. You can then tell if the the correct data is being returned. 

SOLUTION
JAunmc's picture

Great.  Working now.  I was wondering, do I always need to use the {print $1 " "} command or will it take the output of any script?

What about an echo?

JAunmc's picture

Also the output of another script is a line of text.  How can I set the Delims to take the entire line and use it instead of just one word?

dougj's picture

Any output command will work, including echo. Two things to keep in mind: 

   1. Each output line in your script logic will be a row in the database. 

   2. Any output created by your own script logic will be picked up by the custom inventory helper, which will attempt to parse it as either the dataclass description, etc. or as actual data. So, be sure to redirect any output in your own logic. 

 

As for delimiters, you can do something like: 

    echo "Delimiters=\"^\""

And, then you can output your data as: 

    echo $var1"^"$var2"^"$var3...

 

You just need to pick a delimiter that will not appear in your data/variables. 

JAunmc's picture

Tried your Delimiters but it still only gives me the first word.

 

This is the line im trying to read:

echo "^" "FileVault_2_Decryption_Proceeding._$CONVERTED_of_$SIZE_Decrypted" "^"
 

I added the "^" before and after and changed the Delimiters to  echo "Delimiters=\"^\""

If I run the script from a terminal window with the altiris bits commented out it gives me:

^ FileVault_2_ Decryption_Proceeding._(49.7 GB)_of_(158.8 GB)_Decrypted ^

This is what I get in Altiris:

FileVault_2_ Decryption_Proceeding._

I replaced thespaces with _ in the hopes it would catch the entire line.  I would like to leave the spaces in and do my reporting using SQL. How do I tell it to take the entire line of output into the table and not just the first word?  I wish I understood this better.
 

dougj's picture

Using single quotes around my variable gave the desired output including the entire string. I believe that single quotes preserves everything in a string while double quotes tries to process things within the string. So, the "$..." is probably being interpreted and processed as a separate, null varaible. 

 

------------------

Sampel script with single quotes: 

 

#. `aex-helper info path -s INVENTORY`/lib/helpers/custominv_inc.sh
#
# Sample script for custom inventory
# The first line of code should be always included at the begin of the script
# Actual script for collecting inventory data begins after the following label:
# SCRIPT_BEGINS_HERE
#!/bin/sh
echo Filevault2Status
echo "Delimiters=\"%\" "
echo string256
echo FileVault_Status
 
var='FileVault_2_Decryption_Proceeding._$CONVERTED_of_$SIZE_Decrypted'
echo $var
 
------------------
Output: 
 
Filevault2Status
Delimiters="%" 
string256
FileVault_Status
FileVault_2_Decryption_Proceeding._$CONVERTED_of_$SIZE_Decrypted
 
 

 

JAunmc's picture

Thanks for all your help.  The script is now working like I want it.  Final script posted velow:

. `aex-helper info path -s INVENTORY`/lib/helpers/custominv_inc.sh
#
# Sample script for custom inventory
# The first line of code should be always included at the begin of the script
# Actual script for collecting inventory data begins after the following label:
# SCRIPT_BEGINS_HERE
#!/bin/sh
echo Filevault2Status
echo "Delimiters=\"%\" "
echo string256
echo FileVault_Status

CORESTORAGESTATUS="/private/tmp/corestorage.txt"
ENCRYPTSTATUS="/private/tmp/encrypt_status.txt"
ENCRYPTDIRECTION="/private/tmp/encrypt_direction.txt"

# Get number of CoreStorage devices. The egrep pattern used later in the script
# uses this information to only report on the first encrypted drive, which should
# be the boot drive.
#
# Credit to Mike Osterman for identifying this problem in the original version of
# the script and finding a fix for it.
#

DEVICE_COUNT=`diskutil cs list | grep -E "^CoreStorage logical volume groups" | awk '{print $5}' | sed -e's/(//'`

EGREP_STRING=""
if [ "$DEVICE_COUNT" != "1" ]; then
  EGREP_STRING="^\| *"
fi

osversionlong=`sw_vers -productVersion`
osvers=${osversionlong:3:1}
CONTEXT=`diskutil cs list | grep -E "$EGREP_STRING\Encryption Context" | sed -e's/\|//' | awk '{print $3}'`
ENCRYPTIONEXTENTS=`diskutil cs list | grep -E "$EGREP_STRING\Has Encrypted Extents" | sed -e's/\|//' | awk '{print $4}'`
ENCRYPTION=`diskutil cs list | grep -E "$EGREP_STRING\Encryption Type" | sed -e's/\|//' | awk '{print $3}'`
CONVERTED=`diskutil cs list | grep -E "$EGREP_STRING\Size \(Converted\)" | sed -e's/\|//' | awk '{print $5, $6}'`
SIZE=`diskutil cs list | grep -E "$EGREP_STRING\Size \(Total\)" | sed -e's/\|//' | awk '{print $5, $6}'`

# Checks to see if the OS on the Mac is 10.7 or 10.8.
# If it is not, the following message is displayed without quotes:
# "FileVault 2 Encryption Not Available For This Version Of Mac OS X"

if [[ ${osvers} -lt 7 ]]; then
  var='FileVault 2 Encryption Not Available For This Version Of Mac OS X'
  echo $var
fi

 

if [[ ${osvers} -ge 7 ]]; then
  diskutil cs list >> $CORESTORAGESTATUS
 
    # If the Mac is running 10.7 or 10.8, but does not have
    # any CoreStorage volumes, the following message is
    # displayed without quotes:
    # "FileVault 2 Encryption Not Enabled"
   
    if grep -iE 'No CoreStorage' $CORESTORAGESTATUS 1>/dev/null; then
       var='FileVault 2 Encryption Not Enabled'
       echo $var
    fi
   
    # If the Mac is running 10.7 or 10.8 and has CoreStorage volumes,
    # the script then checks to see if the machine is encrypted,
    # encrypting, or decrypting.
    #
    # If encrypted, the following message is
    # displayed without quotes:
    # "FileVault 2 Encryption Complete"
    #
    # If encrypting, the following message is
    # displayed without quotes:
    # "FileVault 2 Encryption Proceeding."
    # How much has been encrypted of of the total
    # amount of space is also displayed. If the
    # amount of encryption is for some reason not
    # known, the following message is
    # displayed without quotes:
    # "FileVault 2 Encryption Status Unknown. Please check."
    #
    # If decrypting, the following message is
    # displayed without quotes:
    # "FileVault 2 Decryption Proceeding"
    # How much has been decrypted of of the total
    # amount of space is also displayed
    #
    # If fully decrypted, the following message is
    # displayed without quotes:
    # "FileVault 2 Decryption Complete"
    #

    if grep -iE 'Logical Volume Family' $CORESTORAGESTATUS 1>/dev/null; then

    # This section does 10.7-specific checking of the Mac's
    # FileVault 2 status

      if [ "$CONTEXT" = "Present" ]; then
        if [ "$ENCRYPTION" = "AES-XTS" ]; then
       diskutil cs list | grep -E "$EGREP_STRING\Conversion Status" | sed -e's/\|//' | awk '{print $3}' >> $ENCRYPTSTATUS
      if grep -iE 'Complete' $ENCRYPTSTATUS 1>/dev/null; then
       var='FileVault 2 Encryption Complete'
                       echo $var
            else
        if  grep -iE 'Converting' $ENCRYPTSTATUS 1>/dev/null; then
          diskutil cs list | grep -E "$EGREP_STRING\Conversion Direction" | sed -e's/\|//' | awk '{print $3}' >> $ENCRYPTDIRECTION
            if grep -iE 'Forward' $ENCRYPTDIRECTION 1>/dev/null; then
             var="FileVault 2 Encryption Proceeding $CONVERTED of $SIZE Encrypted"
                              echo $var
                  else
              var='FileVault 2 Encryption Status Unknown. Please check.'
                              echo $var
               fi
               fi
             fi
        else
            if [ "$ENCRYPTION" = "None" ]; then
              diskutil cs list | grep -E "$EGREP_STRING\Conversion Direction" | sed -e's/\|//' | awk '{print $3}' >> $ENCRYPTDIRECTION
                if grep -iE 'Backward' $ENCRYPTDIRECTION 1>/dev/null; then
                  var="FileVault 2 Decryption Proceeding. $CONVERTED of $SIZE Decrypted"
                  echo $var
                elif grep -iE '-none-' $ENCRYPTDIRECTION 1>/dev/null; then
                  var='FileVault 2 Decryption Completed'
                  echo $var
                fi
            fi
        fi
      fi 
fi
fi
    # This section does 10.8-specific checking of the Mac's
    # FileVault 2 status

      if [ "$ENCRYPTIONEXTENTS" = "Yes" ]; then
        if [ "$ENCRYPTION" = "AES-XTS" ]; then
       diskutil cs list | grep -E "$EGREP_STRING\Fully Secure" | sed -e's/\|//' | awk '{print $3}' >> $ENCRYPTSTATUS
      if grep -iE 'Yes' $ENCRYPTSTATUS 1>/dev/null; then
        var='FileVault 2 Encryption Complete'
                        echo $var
            else
        if  grep -iE 'No' $ENCRYPTSTATUS 1>/dev/null; then
          diskutil cs list | grep -E "$EGREP_STRING\Conversion Direction" | sed -e's/\|//' | awk '{print $3}' >> $ENCRYPTDIRECTION
            if grep -iE 'forward' $ENCRYPTDIRECTION 1>/dev/null; then
              var="FileVault 2 Encryption Proceeding. $CONVERTED of $SIZE Encrypted"
                              echo $var
                  else
            if grep -iE 'backward' $ENCRYPTDIRECTION 1>/dev/null; then
                       var="FileVault 2 Decryption Proceeding. $CONVERTED of $SIZE Decrypted"
                       echo $var
                          elif grep -iE '-none-' $ENCRYPTDIRECTION 1>/dev/null; then
                            var='FileVault 2 Decryption Completed'
                            echo $var
               fi
                  fi
               fi
            fi 
         fi
       fi
      if [ "$ENCRYPTIONEXTENTS" = "No" ]; then
        var='FileVault 2 Encryption Not Enabled'
                        echo $var
      fi

# Remove the temp files created during the script

if [ -f /private/tmp/corestorage.txt ]; then
   rm /private/tmp/corestorage.txt
fi

if [ -f /private/tmp/encrypt_status.txt ]; then
   rm /private/tmp/encrypt_status.txt
fi

if [ -f /private/tmp/encrypt_direction.txt ]; then
   rm /private/tmp/encrypt_direction.txt
fi

dougj's picture

Glad it's working. Looks like a great script. Hope you don't mind that I keep a copy! Good job.