can I request fixlet to be installed on user machine via a api call?
Can you describe the use-case a bit more?
if there is remediation needed. take for example chrome to be update .we have a fixlet on BigFix. Can I do an api call to get bigfix to push the fix to the user and not wait for some one to push it to the user ? or some self service way to get the fix to the user? @JasonWalker
everything can be done with REST API but ⌠sometimes there is a simpler option .
Letâs say, I got a request to Install The Latest Google Chrome Update on all of the workstations on the Organization. The request should be as soon as possible when the Fixlet is available.
You could create a Task that will create a REST API procedure that will do the following:
- retrive the latest Google Chrome fixlet ID
- create and action upon the the previous fixlet ID for âAll Workstationsâ computer group
and then you execute it on Weekly etcâŚ
OR better yetâŚ
Create a Patch Policy that will include only Browser Updates - Refresh it Weekly and Distribute the Action for a Week to that specific Computer Group.
This is why @JasonWalker asked if you can elaborate on the use case
if I want to allow the user to press the button to trigger the request, can It be done ?
Have you looked at the Self Service App?
It allows for a UI that the end user can use to kick off fixlets that have already been offered but not applied to their endpoints.
@chercm please be more clear about your requirements and the use case you want to achieve.
Just like @Jared mentioned , you can execute a Fixlet as an âOfferâ and the user can accept the Offer or not
My situation is:
It is patching purposes . Instead of using the wide scale deployment , I would like the use to be aware that he is patching and to take ownership of the patching by clicking on one button from teams and the patch begins
A normal user can accept Offers that are sent by a BigFix Operator. A BigFix Operator has to send the action first though.
canât we just Rest API to instruct bigfix to push it in per request of the user ?
There are serious considerations around the credentials (that you would have to provide to the user, or embed into your script) and the permissions assigned to that credentials. Iâm not certain youâve considered the security aspects of what youâre asking.
Yes, the REST API can send actions, but it would still be necessary to choose which actions, targeting which machines.
It would be great for an integration with a ticketing system, say, ServiceNow, and keep the authorization in a CR workflow, with a defined set of allowable actions. But as far as just letting an end-user initiate any random action, no thatâs not something to pursue.
Consider this simplistic scenario:
- Establish a setting, like
Patch_Me
, as a condition for running the patch. - Create a baseline made up of the patch Fixlet and a custom task that removes the
Patch_Me
setting. - Then run the baseline, targeting the appropriate computers, make it open ended, and configure it to
Run only when
Patch_Me
matches
Yes
. - Finally, send an offer to the user, which if accepted, establishes or changes the
Patch_Me
setting toYes
. The offer will show up in the userâs BigFix UI dialog. - The multi-action group which is waiting for the correct conditions to be present on the computer will now run, installing the patch, and removing the
Patch_Me
setting.
The offer could be generated by API calls from your ticketing solution, and the baselines created by your operators to insure good quality control.
In a more complex Service Management scenario, the baseline `Run only when â setting value could be based on an approved Change Number, for instance.
This avoids the issues that @JasonWalker is referring to in the previous post.
What is the command to use ???
There is no command to use. The REST API is an application program interface. One would still have to write the program to use it.
But what youâre trying to do is infeasible
For documentation/reference of the REST API resource to programmatically deploy actions, please see:
- https://developer.bigfix.com/rest-api/api/action.html (in particular, note the POST method against /api/actions, and the included examples on that page that reference a SourcedFixletAction).
- https://developer.bigfix.com/rest-api/examples/create-action.html for simple code examples to create actions using cURL or python.
- https://developer.bigfix.com/rest-api/iem_cli/iem_samples.html#actions for examples of creating actions using the IEM Command Line Interface.
That said, Iâd like to try to better understand what problem or challenge you are attempting to solve, so, perhaps you could help answer a few questions please:
- Why would you like the users to be aware of the patching activity? Is it to help avoid disruption to their work? And/or is it to help with scalability, time, or something else (i.e. you mentioned âpass ownership of the patchingâ)?
- You also mention deploying patches/actions via TeamsâŚany reason youâd like to leverage that particular interface?
As others have described, while it is certainly possible to deploy patches via BigFixâs REST API, there may be alternative approaches to address the problem, and so, understanding the problem may help us provide appropriate guidance.
- Why would you like the users to be aware of the patching activity? Is it to help avoid disruption to their work? And/or is it to help with scalability, time, or something else (i.e. you mentioned âpass ownership of the patchingâ)? I want to create a self healing solution whereby the AI will be pushing some uninstall fixlet from bigfix to the required machine to uninstall the offending application.
- You also mention deploying patches/actions via TeamsâŚany reason youâd like to leverage that particular interface? it is for vulnerability remediation effort to patch applications that were downloaded by users and we need to fix it. rather than support placing them into group and also the remediation that is available on hcl with qualys, i want to use power automate and team to get the user to initailise or use AI to patch applications on the machine by itself.
Hope this answer your question
i noticed that the id and password is in clear text format .
You mentioned Qualys, if you have LifeCycle there is a BigFix integration with Qualys (and Tenable) which would allow you to take actions based on vulnerabilites identified in Qualys.
I understand that each etl to load data from bigfix to insight take 8 to 10 hours . We need to have hourly update or live update .Insight does not pull data automatically from sql at node and it does not support more than 1 high availability node .
@Aram anyway to fix these concerns ?
I understand that each etl to load data from bigfix to insight take 8 to 10 hours . We need to have hourly update or live update .Insight does not pull data automatically from sql at node and it does not support more than 1 high availability node .