Hi,
We have recently installed BigFix patch management tools. Is there any GUI tool which can convert filters to bigfix commands used to pull reports etc?
1 Like
Can you explain a little more of what you mean by “filters” and “bigfix commands” and “reports”?
Do you mean within Web Reports?
What kind of things are you looking to add? Can you provide some examples?
There are sort of GUI tools for some things but it is hard for me to tell what you are looking for to suggest something.
Related:
thanks,
our requirement is to run webreports for patches applied from all baselines and missing patches from all baselines.
Also to check how many computers are applicable for given baseline.
1 Like
So you want to know what patches are not in any baselines? This can definitely be done, but you need to define the scope a bit more, otherwise the list could be very very long. Do you want a report of just the patches that are relevant on at least one system that are not found in any baseline?
Are you interested in ALL patches, or just OS patches, or just critical/important patches?
So you want a web report that lists the results of the patches applied across all baselines?
This is definitely already available in the BigFix console and should be pretty easy to add to web reports.
This isn’t a “report” but the raw session relevance required to give exactly this info for all baselines:
( applicable computer count of it, names of it) of bes baselines
This can be run in WebReports QnA or in the BigFix Console Presentation Debugger, or the Session Relevance Tester, or many other places.
This is the same idea, but only for baselines with at least 1 relevant system:
( applicable computer count of it, names of it) of bes baselines whose(applicable computer count of it > 0)
This is the same idea, but for only baselines whose name contains a string:
( applicable computer count of it, names of it) of bes baselines whose(name of it as lowercase contains "Sample Baseline" as lowercase)
Without a better idea of exactly what you are looking for, it is hard to point you in the right direction. I’m fairly certain that between some of the things I already have as well as others, we already have what you need or something close to it. In other cases we can help tweak or point you in the right direction.
See here: `BigFix Global Search` Dashboard and WebReport
I have a baseline status results console dashboard that also works as a WebReport here: bigfix-content/dashboards/BaselineStatusResults.ojo at main · jgstew/bigfix-content · GitHub
It definitely seems to be part of what you are asking for.
This is a good resource to learn how to write bigfix relevance and session relevance: https://developer.bigfix.com/
FYI I have been writing some session relevance partly inspired by this post and this one: Ansible with BigFix
As well as some of what I have been working on in general.
BigFix External Patch Sites: https://bigfix.me/relevance/details/3019288
display names of bes sites whose(external site flag of it AND exists display name whose(it starts with "Patches for" OR it starts with "Updates for") of it)
Mac & Windows BigFix External Patch sites: https://bigfix.me/relevance/details/3019289
display names of bes sites whose(external site flag of it AND exists display name whose( (it starts with "Patches for" OR it starts with "Updates for") AND (it contains "Windows" OR it contains "Mac") ) of it)
names of relevant patches from ibm for windows or mac: https://bigfix.me/relevance/details/3019290
names of fixlets whose( exists applicable computer of it AND fixlet flag of it ) of bes sites whose(external site flag of it AND exists display name whose( (it starts with "Patches for" OR it starts with "Updates for") AND (it contains "Windows" OR it contains "Mac") ) of it)
My published set of webreports is very small: https://github.com/jgstew/bigfix-content/tree/master/webreports
But my published set of dashboards is bigger, and most of them could be used as a web report: https://github.com/jgstew/bigfix-content/tree/master/dashboards
I also have been meaning to write up all the different options for testing BigFix Session Relevance.
thanks for the information so far, lot of material to read through 
Please do me one more favour.
- List patches of a particular baseline
- names of computer applicable for particular baseline [you have already provided count of]
Sorry I didn’t get back to this until now.
This is kind of what you want I think:
( "Baseline: " & name of it, concatenations " ;; " of names of components of component groups of it) of items 1 of (it, bes baselines) whose(id of item 1 of it = item 0 of it) of (maxima of ids of bes baselines)
This part of the above is just to get a baseline you have with the highest ID since I don’t have a way to reference a particular baseline universally in all root servers:
items 1 of (it, bes baselines) whose(id of item 1 of it = item 0 of it) of (maxima of ids of bes baselines)
References:
- https://developer.bigfix.com/relevance/reference/bes-baseline-component-group.html
- https://developer.bigfix.com/relevance/reference/bes-baseline-component.html
- https://developer.bigfix.com/relevance/reference/bes-fixlet.html
- https://developer.bigfix.com/relevance/search/?query=bes%20baseline
Related:
I have a query that extracts out the status of a baseline execution but I want to add component name and component results (state or status).
I have this query working:
<?Relevance
((name of action of it & "|" & state of action of it as string & "|" & time issued of action of it as string & "|" & name of computer of it as string & "|" & status of it as string & "|" & concatenation "~" of (ip addresses of computer of it as string) & "|" & hostname of computer of it as string & "|" & status of it as string & "|" & (exit code of it as string | "Missing")) of results of bes actions whose (name of it = "MY_BASELINE_EXECUTION_NAME"));(("<not reported>"& "|" & "<not reported>" & "|" & "<not reported>" & "|" & name of it as string & "|" & "<not reported>" & "|" & "<not reported>" & "|" & "<not reported>" & "|" & "<not reported>" & "|" & "<not reported>") of elements of (set of targeted computers of it - set of computers of results of it) of bes actions whose (name of it = "MY_BASELINE_EXECUTION_NAME"))
?>
But this query does not include component names or component results.
Got anything lying around to assist?