Eric Partington

Gathering Stats with Salt - BIOS/iDRAC/PERC Edition

Blog Post created by Eric Partington Employee on Aug 29, 2018

A recent advisory was sent out for firmware updates to a number of base components in NetWitness.

 

RSA NetWitness Availability of BIOS & iDRAC Firmware Updates

 

There were three components that were mentioned that needed potential updates and instructions to update them were provided in the Advisory.

 

How do you do gather the state of the environment quickly with the least amount of steps so that you can determine if there is work that needs to be done?

 

Chef to the rescue ...

You might need these tools installed on your appliances to run later commands (install perccli and ipmitool)

 

From the NW11 head server (node0)

salt '*' pkg.install "perccli,ipmitool" 2>/dev/null

then you can query for the current versions of the software for PERC, BIOS and iDRAC

salt '*' cmd.run 'hostname; /opt/MegaRAID/perccli/perccli64 /c0 show | grep "Product Name"; /opt/MegaRAID/perccli/perccli64 /c0 show | grep "FW Package Build"; /opt/MegaRAID/perccli/perccli64 /c1 show | grep "Product Name"; /opt/MegaRAID/perccli/perccli64 /c1 show | grep "FW Package Build"' 2>/dev/null
salt '*' cmd.run 'hostname; ipmitool -I open bmc info | grep "Firmware Revision"' 2>/dev/null
salt '*' cmd.run 'hostname; ip address show dev eth0 | grep inet; dmidecode -s system-serial-number; dmidecode -s bios-version; dmidecode -s system-product-name;' 2>&-

 

The output will list the host, and the version of the software that exists which can be used to determine if an update is required to your NetWitness Appliances.

 

Ideally this is in Health and Wellness where policies can be written against it with alerts (and an export to csv function would be handy).

Outcomes