Computer Group Id and REST API

I am trying to make a report using the BFI REST API, I want to do it by group id, using the following statement :

curl -k -g ‘https://xxx:9081/api/sam/v2/software_instances?criteria={“and”:[[“computer_group_id”,“=”,82],[“is_present”,“=”,“1”],[“is_vulnerable”,“=”,“1”],[“is_suppressed”,“=”,“0”]]}&columns[]=computer_dns_name&columns[]=product_name&columns[]=product_release&columns[]=product_publisher_name&columns[][]=cve.base_severity&columns[]=cve.base_score&columns[]=cve.source_version&order[]=computer_dns_name&token=xxx&format=json

I know there is data that fulfills the criteria, but when I retrieve the data it looks like computer_group_id has the value 0 (All Computers Group), why is that ?

How can I else do the report ?

Below is picture showing my computer groups :


Thanks in advance

1 Like

I haven’t done much on the BFI API yet, but at first glance…is it because group number “82” isn’t quoted in your query? It seems to be the only value that isn’t…

@Spirillen It is my understanding that Computer Groups in BFI support Software Metric Utilization reporting (such as on PVUs) on particular subsets of computers, or to reduce the scope of reporting allowed for a particular User.

I think that the reason you see Computer Group ID 0 on your reports is that you are doing so with the authorization token from a User holding the Administrators role. Such users will always be associated with the All Computers group (ID 0).

As a test, I created a new BFI user and gave it the Auditors role so it had the right permissions to access the software_instance schema, and associated it with a computer group (ID 1, in my case). Each user in BFI can only be associated with one computer group.

When I re-ran the software_instance query using this new user’s authorization token, I got back results from computers in the computer group with ID=1.

Perhaps your REST API use case should be an RFE, since filtering by computer group is available in the UI.

1 Like

You were right, I changed to user to only have access to Computer Group Id 82 and now my report shows the servers from that computer group. My user does not have the Administrator role, but a readonly role, which allows “View Endpoints” and “View Hardware Inventory”, but for all computers.

Strange to me, that you can’t limit your reports using the defined Computer Groups, when you use the REST API and a user allowed to see all computers. I will make an RFE on this.

Thanks for the replies.

1 Like