I am trying to get the results from some custom analyses that I created in the BigFix console. I have found in the API’s where I can submit relevance for queries. But I would like to pull the results from the console. The analyses that I created are ran on about 10K devices. A live query would take a bit of time.
You should be able to go to “Analyses” and select the custom analysis that you created. Select the “Results” tab. It may take a few moments for the results to show up.
If you need the results in a spreadsheet, you can select all of the results then right-click and select “Copy Text with Headers” and paste the results in excel.
Is there a way to do this using the API’s? I’m trying to build automation around this.
Yes, you’ll be looking to retrieve a Session Relevance query to retrieve BES Property Result answers. I believe there are examples at https://developer.bigfix.com , please post back if you have difficulties.
The Analyses do not create a BES Property. I created the following Analysis, in my custom site:
if (exists service “CSFalconService”) then state of service “CSFalconService” else “Not Installed”
That will return: Running, Started, Stopped, etc. If the service does not exist it will return Not Installed.
I can see the results of this Analysis on the Results tab and I have a scheduled Web Report to email out a csv file. I am looking to see how I can retrieve the results of the analysis from the Console via an API.
So far all I have been able to find is how to send a Relevance Query via the API.
As Jason suggests, you can in fact retrieve the results of an Analysis (and its associated properties) via the REST API through Session Relevance. Please see the /api/query resource.
Here is a sample session relevance query that will return Computer Name and the value of a specific property (or ‘n/a’ if there is no result):
(name of it | "n/a", value of result from (bes property "Device Type") of it | "n/a") of bes computers
Here’s another sample session relevance query that will only return data if the given machine has a result for the property of interest:
(name of it | "n/a", value of result from (bes property "Device Type") of it | "n/a") of bes computers whose (exists value of result from (bes property "Device Type") of it)
We can adjust the output of this query quite a bit to match your requirements. By default, the query will return XML, but note that you can have it return JSON by including an optional output=json parameter in the request.
Here’s a sample URL you can place in a browser as a test (note that you’ll naturally have to adjust the server:port details):
https://<bigfix root server:port>/api/query?relevance=%28name%20of%20it%20%7C%20%22n%2Fa%22%2C%20value%20of%20result%20from%20%28bes%20property%20%22Device%20Type%22%29%20of%20it%20%7C%20%22n%2Fa%22%29%20of%20bes%20computers&output=json
1 Like
Thanks that worked! I had my head on this the wrong way. What is a good way to also pull back the ID of the computer as well?
You could try something like:
(id of it, name of it | "n/a", value of result from (bes property "Device Type") of it | "n/a") of bes computers whose (exists value of result from (bes property "Device Type") of it)
Thank you all, that works!! I really have been looking at analysis all wrong when it comes to the API’s.
Little late to this party 
, but seemed like an appropriate thread here. We created an analysis and are interested in obtaining the collected results via API. The specific analysis identifies Windows Server Roles installed.
The property of the analysis is:
if exists wmi then if (exists True whose (if True then (exists select object "* from Win32_ServerFeature" of wmi) else False)) = True then (string values of selects "name from Win32_ServerFeature" of wmi) else "WMI Class Not Found" else "Not a Windows OS"
Can we issue an API call to obtain the results?