I’ve been asked to gather enough data to generate a report indicating which Windows systems in our BigFix Environment are being “patched” with BigFix and which ones are NOT being patched with BigFix.
Basically they want 4 numbers …
Total Number of Windows Devices reporting to BigFix.
Number of Windows Devices that have received at least one patch in the last 90 days.
Number of Windows Devices that have NOT received at least one patch in the last 90 days.
Percentage of Windows Devices not being managed in BigFix.
#3 & #4 can be calculated from #1 & #2.
I can use number of bes computers to count the number of total Devices in our environment, but I’m having trouble limiting it to just Windows Devices.
I have no idea how to return the number of systems that have at least one Action result (or alternately, the number of systems with NO Actions then calculate the Number with at least one). To complicate matters, it wasn’t specified what constitutes “a patch”. I’m suspecting that I should plan to exclude content from “BES Support” and an Internal Site I use to hold custom management Tasks and Fixlets. Or alternately, only those actions where the Source Fixlet has a Source of “Microsoft” or “Oracle”
Any pointers or suggestions would be greatly appreciated
This is a bit fuzzy. There are actions taken within the last 90 days, or all actions that have a start time or end time within the last 90 days, or all actions that have had applied to a computer within the last 90 days.
There doesn’t seem to be an inspector that gives a time of execution of a bes action result for a computer. This seems like what you would be looking for, but it isn’t available.
It is very likely that to really answer this question completely, you would have to do SQL or DB2 queries using the DB API.
It would be much easier to list all computers that have executed an action with a start or end date within the last 90 days. This doesn’t give you the exact answer you are looking for, but it would give a higher estimation of the actual number.
I don’t think an “Exact” answer is needed.
I get the impression that they are trying to track down those groups who are not patching their systems through BigFix and are still using one of the multitude of WSUS servers on Campus, or , heaven forbid, Automatic Updates.
Here is a statement that maybe you can start with to determine if useful.
I write it with the set operator because if you want to follow up with a report to print all computers that are not managed by BigFix, then you can use the 2nd statement.
Hopefully the filtering logic is readable.
Don’t know, I guess give it a try.
( number of elements of item 0 of it,
number of elements of item 1 of it,
number of elements of item 0 of it - number of elements of item 1 of it,
integer floor of (
((number of elements of item 0 of it -
number of elements of item 1 of it) as floating point /
number of elements of item 0 of it as floating point) * 100 as floating point)
) of
(
set of bes computers whose (operating system of it starts with "Win"),
set of computers of results (
bes actions whose (
exists source fixlet of it and
(display name of site of source fixlet of it="Patches for Windows" or
name of site of source fixlet of it="Updates for Windows Applications") and
now - time issued of it < 90 * day),
bes computers whose (operating system of it starts with "Win")
)
)
A follow-up statement to then get all those computers not being managed.
(
(name of it, operating system of it) of
elements of (item 0 of it - item 1 of it)
) of
(
set of bes computers whose (operating system of it starts with "Win"),
set of computers of results (
bes actions whose (
exists source fixlet of it and
(display name of site of source fixlet of it="Patches for Windows" or
name of site of source fixlet of it="Updates for Windows Applications") and
now - time issued of it < 90 * day),
bes computers whose (operating system of it starts with "Win")
)
)