Yes, you can do this using relevance and just create a few new properties. You might want to narrow which Fixlet sites you count relevant Fixlets for so you only get Fixlets related to patching or something like that. Also, if you are going to test these expressions you can’t do it through QnA since the tool doesn’t know about the sites/fixlets that the client has, you have to use real properties on real clients to test.
Examples:
Name: Number of Patches Needed Relevance: number of relevant fixlets of site
"http://sync.bigfix.com/cgi-bin/bfgather/bessecurity" Name: Total Number of Relevant Fixlets Relevance: number of relevant fixlets of sites
I believe this number will include all Fixlets, Tasks, and Analyses. You might want to filter the Fixlets to something like:
number of relevant fixlets whose (value of header “x-fixlet-source-severity” of it as lowercase = “critical”) of site “http://sync.bigfix.com/cgi-bin/bfgather/bessecurity”
Ben
Hey Ben,
How can I also include getting the number of relevant fixlets to show up for our Macintosh computers?
Ben, that worked exactly like you thought it would. I made minor changes to it because I wanted to also include all the fixlets, not just critical ones, and I also wanted to get the Windows Updates (not just patches) in there as well, so my property looks like this:
sum of number of relevant fixlets whose (value of header
"x-fixlet-source-severity" of it as lowercase >=
"<Unspecified>") of sites (
"http://sync.bigfix.com/cgi-bin/bfgather/bessecurity";
"http://sync.bigfix.com/cgi-bin/bfgather/macpatches";
"http://sync.bigfix.com/cgi-bin/bfgather/updateswindowsapps")
Be aware that this is an expensive property for the client to evaluate, so you should set it to only evaluate periodically instead of every report. Even if you set it to 5 minutes, this will be much better than every report.
Also, if you want all fixlets you don’t need the whose clause (this will be more accurate than your current query):
I would like to know how many critical MS patches are outstanding for each machine and the total size of those patches. Is it possible to get the total size of all relevant fixlets with x-fixlet-source-severity of “critical” within the “http://sync.bigfix.com/cgi-bin/bfgather/bessecurity” site?