Command Line Option to Remove Retired Server

Hi,
We are automating our retirement process for Windows servers. As a part of that automation, we’d like to have the server automatically removed from BigFix when we retire it.

I read the Computer Remover executable/utility is no longer supported in version 9.5. We want to automate this process and not manually do something through the GUI.

Anyone have any idea how we can do that? Even if it’s a SQl script to reach into the DB and remove it? Any help greatly appreciated.
Gina

The Computer Remover utility is now built into the BigFix Administration Tool. See the documentation regarding automatic computer cleanup here: https://www.ibm.com/support/knowledgecenter/en/SSQL82_9.5.0/com.ibm.bigfix.doc/Platform/Installation/c_clean_up_computer.html

You can schedule the execution of Computer Removal task by specifying a start date, and a repeat interval in hours.

I saw that, but unfortunately, we have a lot of other automated processes around servers that may not be responding, etc. Ideally, we want a command line way of removing a specific computer(s) as a part of our decommission process. We cannot wait for 30 days to expire, and we do not want servers left in our console that have not reported for 30 days. Maybe our best bet is to add the server name automatically to a text file, then schedule that Computer Remover utility to run every hour or something like that against that text file.

I found I can run this:
D:\Apps\BigFix Enterprise\BES Server\besadmin /removecomputers /run /removecomputerspath=“d:\temp\computers.txt”

BUT, it comes back with a message: Please, select one option

I have no idea what that means?

You should use the DELETE computers REST API to accomplish this: https://developer.bigfix.com/rest-api/api/computer.html

1 Like

This looks promising, thanks Steve! I have NO idea how to do use this Rest API, but I see there’s some intro stuff I’ll read through. If you have any hints for newbies like me, I’d greatly appreciate it (right now i have no idea where to even start with rest api!!).

The easiest way to use the REST API is probably through the IEM command-line utility. That way you can script the execution in a simple batch file. There is a section on that same site about the utility with some examples.

Thanks! I’ve been spending most of the day figuring this out. . . it seems in order to delete the computer I need to know its id. If I call /api/query?relevance=(ids of it) of bes computers whose (name of it as string starts with “compname”) this returns info like this:
4696851

How do I turn that around now and take it and put it in the DELETE computer/{4696851} command?

We do this using the command line utility on Linux, which can be found here on Windows '•%PROGRAM FILES%\BigFix Enterprise\BES Server\IEM CLI\iem.exe ’

First you need to authenticate, example

/opt/BESServer/bin/iem login -q --server=besservername --user=username–password=${userpw}

Then you can remove using this command

/opt/BESServer/bin/iem delete /api/computer/$serverid

1 Like

Hi! Thanks for that iem example. What I’m trying to do is do that automatically, meaning I want to query for the computer name so I can get the ID, then take that and pipe that into the command you supplied. Do you have an example of an IEM command to get the ID of a computer by name?

I think you already had the IEM command line for that…what you need now is probably pure Windows Batch scripting. I can’t test now (typing on a phone) but the basics should be something like

iem.exe (query to get computer id) > computerid.txt
For /F %%i in (computerid.txt) do iem.exe (command to remove computer id ‘%%i’)

Thanks Jason, that is exactly what i need, except my syntax for the query isn’t working in IEM, I was using http rest api to capture that, but when i use the iem cli i cannot figure out the syntax to get the computer id.

To add onto my last comment, I did run the iem query by doing this;
iem GET query --relevance="(ids of it) of bes computers whose (name of it as string starts with “compname”)"

This outputs this:
?xml version=“1.0” encoding=“UTF-8”?>
BESAPI xmlns:xsi=“http://www.w3.org/2001/XMLSchema-instance” xsi:noNamespaceSchemaLocation=“BESAPI.xsd”
_ Query Resource="(ids of it) of bes computers whose (name of it as string starts with “WSDEV1069”)"_
_ Result_
_ Answer type="integer"4696851_
_ /Result_
_ Evaluation_
_ Time>0.226ms_
_ Plural</Plurality_
_ </Evaluation_
_ </Query_

This is all great, except I just want that id of 4696851, how do I extract just that out of there so I can run:
iem DELETE /api/computer/4696851 ?

I am in the process of doing the same thing. The end solution will be triggered from a request in Service Now, remove the server, close the Service Now request.
My approach is the same, REST call to get the id, REST call to remove computer.
We are using ITPAM as the automation piece and I am leveraging JavaScript inside that to substring the id out of the REST response.

Maybe not the best way to do it but it works. This is not the exact code… But should work.

var pos1 = Response_From_Rest_Call.indexOf(“Answer type=“integer”", 0);
var pos2 = Response_From_Rest_Call.indexOf("
”, pos1 + 2);
var BigFix_id = Response_From_Rest_Call.substring(pos1 + 23, pos2);

I would be interested if there is a better way to do it.

I have PowerShell that I pass computer name, user, password and if found calls second PowerShell to perform the delete. IDcomputerAndDelete.ps1 with 3 arguments and if match for computer name calls deleteComputer.ps1 with computerID, user, password to remove endpoint. You would need to edit both PowerShell modules and replace to reference your BES Server.

I don’t see a way to attach PowerShell modules but if interested try messaging me.

This is what I’m using in a sh script:

curl -k --data-urlencode “relevance=(name of it & " " & id of it as string) of (bes computers whose (last report time of it < (now - 2 *day)))” --user username:password https://besservername:52311/api/query > /var/opt/BESServer/RemoveRetired/result.xml
cat /var/opt/BESServer/RemoveRetired/result.xml | grep Answer | awk -F">|<" ‘{print $3}’ > /var/opt/BESServer/RemoveRetired/serverlist.txt

That get’s me the name and id, then I do another query against our CI to see if the computers found have been marked as retired. I’m using grep to get answer from the xml result, you could use findstr in windows do do the same.

1 Like

Thanks to everyone for some very good ideas, this has definitely been a learning experience. I discovered there truly are several ways to do it, and ultimately, the best way for us was to do something similar to what you said Matt using curl. We actually use a product called vRO, which we define our workflows. Using this we configured a restapi to our BES server, ended up using javascript to parse out the computer id, then we’ll run it all together to delete the computer. We haven’t gotten to that last part yet, but through vRO and adding that restapi, we’re able to get the computer name by id then separately delete it, we just have to string it all together now. But using your examples was truly very helpful to test different scenarios. With vRO, using the https rest api is what we ultimately used in conjunction with javascript to pull the id.

1 Like