A recent advisory was sent out for firmware updates to a number of base components in NetWitness.
RSA NetWitness Availability of BIOS & iDRAC Firmware Updates
There were three components that were mentioned that needed potential updates and instructions to update them were provided in the Advisory.
How do you do gather the state of the environment quickly with the least amount of steps so that you can determine if there is work that needs to be done?
Chef to the rescue ...
You might need these tools installed on your appliances to run later commands (install perccli and ipmitool)
From the NW11 head server (node0)
salt '*' pkg.install "perccli,ipmitool" 2>/dev/null
then you can query for the current versions of the software for PERC, BIOS and iDRAC
salt '*' cmd.run 'hostname; /opt/MegaRAID/perccli/perccli64 /c0 show | grep "Product Name"; /opt/MegaRAID/perccli/perccli64 /c0 show | grep "FW Package Build"; /opt/MegaRAID/perccli/perccli64 /c1 show | grep "Product Name"; /opt/MegaRAID/perccli/perccli64 /c1 show | grep "FW Package Build"' 2>/dev/null
salt '*' cmd.run 'hostname; ipmitool -I open bmc info | grep "Firmware Revision"' 2>/dev/null
salt '*' cmd.run 'hostname; ip address show dev eth0 | grep inet; dmidecode -s system-serial-number; dmidecode -s bios-version; dmidecode -s system-product-name;' 2>&-
The output will list the host, and the version of the software that exists which can be used to determine if an update is required to your NetWitness Appliances.
Ideally this is in Health and Wellness where policies can be written against it with alerts (and an export to csv function would be handy).
