We use BigFix primarily for patching of infrastructure endpoints and operators currently manually compose and send courtesy emails 60-90 minutes in advance, listing the servers in scope to remind application support we are about to patch and reboot servers.
I am looking to automate those emails using WebReports.
There are client properties for each endpoint that define the start of maintenance window (as NN Days and NNNN hr/min after midnight patch Tuesday).
These settings are used to populate clients into automatic groups that are then used to target patching actions. eg: group name “05-0200” = + 5 days after @ 02:00AM
We also have an distribution list email address for each endpoint we send the email to.
These are the same values and data the operators are using to do the job.
The goal is to use these same client settings and WebReports to collect the list of machines that are within 90 minutes of a patch window (either by client settings or group membership) and send advance notice to the list of unique email addresses attached to the clients in scope.
I don’t have the session relevance and reporting skills needed at present so this would be a learning exercise.
At this point, I’m hoping to get input from some of the forum wizards if this even sounds feasible and if there is some helpful forum post (I have not yet located) to take hints from.
You can get the sending of email automation piece done from within Web Reports assuming your use case is not very complex - essentially, you need to create a report of your liking (if you can do with the default grid that will be best since you said you do not have session relevance skills but hypothetically it can work with default grid report or with a custom written one) and then when scheduling the report you put some dummy frequency (let’s say once an hour) but also add “Match Relevance conditions” with one of the options it has (for example “Generate report when relevance is true”) where you put a session relevance to match:
exists members whose (exist client setting whose (name of it “MaintWindowStart” and (now - value of it as string as time) <= 90 * minute) of it and exist client setting whose (name of it “MaintWindowEnd” and (now > value of it as string as time)) of it) of bes computer group whose (name of it = “GroupName”)
But I doubt you will be able to get the needed iterations/looping done just from within Web Reports… You essentially need this report to run per computer group and even per computer (if you have machines in the same groups with different emails and in different timezones)… Let’s say have 10 of those groups and each of them contains servers with the same exact DL email and the endpoints are in the same exact timezone, using the above you create one report for each (with filtered out group in both the report and the session relevance trigger) and the above just fires up the emails (you’d be hardcoding each of those values).
Anything more complex, you would really need some kind of external Automation Orchestration where you’d run the same exact session relevance against RestAPI that will give you the data equivalent to the report and then create the necessary loops/filters to go through the data and send the emails as needed. There are tools that offer Automation Orchestration of that kind; you can even write it in PowerShell or other scripts of your choice and schedule the execution of the automation to be done via BigFix action.
Maybe someone else can suggest something I didn’t think of but that’s my two cents.
Thanks for your input. I was hoping this could be done solely with BigFix/WebReports but It gives me food for thought about how else we might do this. Ansible is an option, not in my wheelhouse but I know a guy…