Automate the creation of a software distribution BigFix task

I need to create a new BigFix software distribution task, via powershell, upon delivery of new software sources.
I don’t understand how to use the REST API and how to set up the xml file for creating the task.
Any advice is grateful.

Hi Giorgio,

I think you’d need to add a little more context to what you are looking to do specifically.

Which type of software is it? What are you looking for the powershell to do? Why are you wanting to use the REST API and not a Policy Action?

Hi FatScottishGuy,

The choice is not mine but the Customer’s.
They have a third-party Vendor who often delivers new versions of their application to them and they want that when the vendor delivers a new version, an automatism creates the BigFix swd task and generates an email of the presence of the new task for subsequent deployment by BigFix Console operators. The delivery structure of the software released by the vendor will always consist of one setup and various support files and also one .bat file that contains the silent installation steps.
So I thought of creating a powershell script that through a trigger on the presence of a specific file creates a BigFix swd task that:

  • calculate sha1, sha256, size and insert them in the relative action
  • add the control relevance of the new version

All this starting from a task prototype previously created manually by the BigFix Console.
I hope I have explained the type of proposal to you in more detail.

I have never used rest-api before, but I see that it is possible to execute a post command related to the creation of a task:
- POST /api/tasks/{site type}/{site name} Creates a task in the specified site.
To which a BES.xsd file must be associated
I don’t understand how to make a REST-API function call and how to compile the BES.xsd file.
Of course, if you have a simpler idea / proposal, you are welcome.

Thank you for your interest.

Best regards

That’s development of a full-blown Application you’re asking for, probably more than we can do here in the Forum. If you’re not comfortable with the development involved in this, I’d recommend you engage our Services team or one of our integrator partners. If you’d like some contact information feel free to send me a private message.

This would compose of

  • A tool to scrape the vendor’s web page and look for an update.
  • Download the update, calculate the hashes for it.
  • Generate the Relevance to determine whether the install is applicable.
  • Generate the Action Script to perform the installation.
  • Generate a BigFix Task to download & install the software. This is an XML format described at
  • Import the Task to your console into a custom site. This is a REST API operation described at

If you want it to show up in the “Manage Software Distribution” dashboard, you’ll also need to assign a package ID for it, update Dashboard Variables to reference the package, and embed that package ID in a MIME Field of the Task you’re generating.

This is all definitely possible, and it’s the kind of work HCL is doing every day to publish patch content, but it’s definitely not trivial and probably not the best exercise for beginning to learn REST API.

1 Like

Hi Jason,

My problem is how the BES.xsd file should be compiled. There is no description of how and which fields to fill in depending on the type of use. Could you give me an example of how this file should be compiled for creating a task? I don’t understand if the fields I don’t need should be removed or just not filled in.

As a second option I was thinking of creating a prototype task of the first version delivered to me via BigFix Console and then exporting it to a .BES file so that, at the next software delivery, I could modify the changed fields via script. But I don’t know how to execute the modified .BES file automatically. Is it possible to do it from the command line, even just using the IEM cli?

Thank you


Yes exporting an existing Task (or Action) is a good way to get a reference to the format you need. Not all of the fields are required, but the order is important and that’s a common stumbling block. has a good reference on how to use the API,.see the “Tutorial” pages there.

If its any help, I have shared a fixlet I created that will do some of what you may be looking for, in my case it was downloading Defender MPAM and refresh and deploy a fixlet with the updated file information. Maybe there are some aspects you can use for your use case.