Hi, I am looking for a way to do a monthly BigFix user account audit. Would Web Reports be a good solution for this? We need User and Last logon date if any. Nothing to hard to do, I hope. We need a record of accounts that are needing to be decommissioned. I have not found anything in the forum about BigFix user account tracking.
thanks, Frank
Are you asking about tracking BigFix Operator Accounts, or normal user accounts on the endpoints?
BigFix Operator accounts
From the Web Reports QNA interface (https://webreportshost/webreports?page=QNA), you can query for properties of type "bes user" to see all of the properties available. Some interesting ones might be
q: (names of it, master flag of it, creation time of it, last login time of it as string | "never") of bes users whose (now - maximum of (last login times of it; creation time of it) > 30 * day)
This catches operators who haven’t logged in in 30 days, or if they’ve never logged on at all, they were created more than 30 days ago. You’ll want to treat the Master Operator accounts carefully as ideally those would not be logging on very frequently.
1 Like
thank you, this will help with identifying console operators that no longer need access
Note also that some context along these lines is also exposed through the Deployment Health Checks Dashboard (though JasonWalker’s approach certainly provides more detail, and is more flexible):
good deal, I need to file a monthly report. Thanks
Sorry, I may have jumped directly into Session Relevance when it wasn’t needed, because I’ve been discussing RESTAPI access all day.
For a report, all you really need to do is open Web Reports, Explore Data -> Operators, and sort by “Last Login”.
Or from the Console, view the Deployment Health Checks Dashboard as Aram stated (though that requires logging on with a Master Operator account).
1 Like