Fixlet report of components of Baseline

(imported topic written by jeko1791)

Hi All,

I’ve found some similar topics on here but none that are what I am looking for exactly. We use Baselines for each month’s MS patches. The Baselines are stored in a custom site.

I’m trying to create a report that will show, of a specific Manual Group of computers, which Fixlets (components of a given Baseline) are still needed (Relevant) on each Computer in that group.

When I try to use Filters in a Computer Properties report, to add the Baseline name and Computer Group name (I’ve even tried adding both site names for the Baseline and Fixlets), and check the “Include Relevant Fixlets” checkbox, I get the list of computers, but no Fixlets from the Baselines listed. It seems that I’m trying to pull name of Fixlets from the Patches for Windows site when my Baseline is in a different site, so it’s not getting the names of the Fixlets correctly.

Any ideas?

(imported comment written by TommyG91)

I’m looking for the exact same thing! I also add MS patches to a baseline and then patch from that baseline. There are good built in reports based on all patches, but I need it based on my baseline only. We don’t put every patch on.

(imported comment written by BenKus)

Well… this isn’t exactly pretty, but here is how you can list each relevant <computer, fixlet> pair for a given baseline / group:

(name of item 1 of it, name of item 0 of it) of (source fixlets of components of component group of bes fixlets whose (baseline flag of it AND name of it = “July Patches”), members of bes computer group whose (name of it= “test group”)) whose (relevant (item 1 of it, item 0 of it))

Ben

(imported comment written by TommyG91)

Ben, thanks for the reply, I think that might get me started, but when I run this I get “The operator “bes fixlets” is not defined.”

Q: (name of item 1 of it, name of item 0 of it) of (source fixlets of components of component group of bes fixlets whose (baseline flag of it AND name of it = “April Critical Patches”), members of bes computer group whose (name of it= “US-Louisville”)) whose (relevant (item 1 of it, item 0 of it))

E: The operator “bes fixlets” is not defined.

Am I doing something wrong?

Thanks

Tom

(imported comment written by BenKus)

Hey Tom,

Evaluate it in the session relevance debugger:

http://support.bigfix.com/cgi-bin/kbdirect.pl?id=508

Ben

(imported comment written by TommyG91)

Ben,

Thank you again. I understand now that this won’t run in the relevance debugger. I did get it to run in the presentation debugger and in a report. Can I get one more bit of help on this one?

What I need is a report I can run against a group of computers to see patch compliancy against a baseline, and to get an idea of how many patches each computer needs. It seems like this would be a popular report, but I can’t seem to find any sample code. For example, the report would look like this, where the first number is how many patches need to go on, and the second number is how many patches (in the baseline) are relevant.

computername1 5/125

computername2 1/156

computername3 8/91

computername4 15/132

I know this is asking a lot, but if you can get me the snytax to get me just the above, I think I can hack at it enough to get the rest of what I need in the report. Once I get it done I will share the report.

Tom

(imported comment written by BenKus)

Try this:

(name of item 1 of it, number of elements of intersection of (relevant fixlet set of item 1 of it; item 0 of it) as string & “/” & number of elements of item 0 of it as string ) of (set of source fixlets of components of component group of bes fixlets whose (baseline flag of it AND name of it = “July Patches”), members of bes computer group whose (name of it= “test group”))

Ben

(imported comment written by Lee Wei)

Jeko17 and TommyG,

This is probably not what you are looking for exactly, but I just posted a baseline report that you might be able to use.

http://forum.bigfix.com/viewtopic.php?id=3600

Lee Wei

(imported comment written by TommyG91)

Lee & Ben,

Thanks for the info you’ve given me so far. I am still struggling with my report, but I have produced something that gives me this much:

computername1, 5/400

computername2, 12/400

computername3, 23/400

computername4, 6/400

Using this:

(name of item 1 of it, number of elements of intersection of (relevant fixlet set of item 1 of it; item 0 of it) as string & “/” & number of elements of item 0 of it as string ) of (set of source fixlets of components of component group of bes fixlets whose (baseline flag of it AND name of it = “July Patches”), members of bes computer group whose (name of it= “test group”))

So this tells me how many patches each server needs, compared to the number of patches in the baseline. Is it possible to parse the number patches each server needs, compared to the number of APPLICABLE patches in the baseline?

In BigFix terms, the 5, 12, 23, and 6 would be the “Applicable” number, but what I mean is… for a particular operating system, only 200 of those 400 are really applicable to that OS. So my report should really look something like:

computername1, 5/186

computername2, 12/210

computername3, 23/186

computername4, 6/125

This would give us a better figure on our % patched. 5/400 is really not true, because there are not 400 applicable patches relevant on that machine.

(imported comment written by jeko1791)

Lee Wei,

That report is very nice and very close to what we’re looking for to show our customer patch activity following a change window. How much effort would it be to add a field for Computer Group, where we could choose a Manual or Automatic Group and the report show the same output of each baseline Fixlet and status, but for all systems in that group?

(imported comment written by SystemAdmin)

Wow, that would be an incredible report. And if it contained some pretty charts and graphs like the “Progress of Top 10” reports, we’d have a great reporting tool!

(imported comment written by TommyG91)

jeko17

Lee Wei,

That report is very nice and very close to what we’re looking for to show our customer patch activity following a change window. How much effort would it be to add a field for Computer Group, where we could choose a Manual or Automatic Group and the report show the same output of each baseline Fixlet and status, but for all systems in that group?

Jeko,

This is exactly what I am using this for. Try this:

(imported comment written by TommyG91)

jspanitz

Wow, that would be an incredible report. And if it contained some pretty charts and graphs like the “Progress of Top 10” reports, we’d have a great reporting tool!

JS,

I’m a newbee, I am lucky I made it this far. I wouldn’t have been able to come up with this if not for Ben’s help. It’s ugly, but it works… sort of…

Tom

(imported comment written by AnujAttree)

Hi Tommy,

This code doesn’t seems to be working and giving error “object expected”. Can you please share complete report?

thanks,

Anuj

(imported comment written by AnujAttree)

Hi Mark,

I tried to run your report, however it generated error. Error details are given below. Can you please help me to remove the error and run the report?

Error:

++++++++++++++++++++++++++++++++++++++++++

Webpage error details

User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; MS-RTC LM 8; MS-RTC EA 2)

Timestamp: Mon, 12 Mar 2012 23:36:40 UTC

Message: Syntax error

Line: 91

Char: 24

Code: 0

URI: https://l98wad24.hewitt.com/webreports?page=CustomReportSourceWrapper&ReportID=72&ReportSource=7899ff3b7d438dccf3100b857ebc29b3e3995779&FilterParameters=7e1da2261c06de369fb28a7149d67569316bf17e

Message: Object expected

Line: 72

Char: 1

Code: 0

URI: https://l98wad24.hewitt.com/webreports?page=CustomReportSourceWrapper&ReportID=72&ReportSource=7899ff3b7d438dccf3100b857ebc29b3e3995779&FilterParameters=7e1da2261c06de369fb28a7149d67569316bf17e

++++++++++++++++++++++++++++++++++++++++++++

Thanks,

Anuj

(imported comment written by SystemAdmin)

TommyG:

It’s better than what I could have come up with! I’ll take it. Thx!

BigFix:

Is there a documented way to add such things to custom reports - easily?

(imported comment written by BenKus)

This thread is splitting…

Two answers:

TommyG:

TommyG

In BigFix terms, the 5, 12, 23, and 6 would be the “Applicable” number, but what I mean is… for a particular operating system, only 200 of those 400 are really applicable to that OS. So my report should really look something like:

computername1, 5/186
computername2, 12/210
computername3, 23/186
computername4, 6/125

There really isn’t a concept of “OS applicable” and so you can’t report off of it… You might ask “why not?”, but there are all sorts of problems with the definition of this concept… for instance, what if a patch is in an service pack, should you show it? what if a superseded patch is already installed? what about non-OS patches like Office? and many more quirks like this… So basically a Fixlet either is relevant or not and that is basically all you can report off in a report like this…

jspanitz

BigFix:
Is there a documented way to add such things to custom reports - easily?

Well… “easy” is a relative term…

To make pretty charts, you can use any technique you might use in web pages (note that the technique that TommyG is using above is basically get the data into a javascript array and then playing around with displaying it)…

We used to use Office Web Controls + javascript in older dashboards to build charts/graphs and these days we use Flex to build our charts/graphs/reports/dashboards because we like it better… If you have any experience with these technologies, it wouldn’t be hard to take the data in those arrays that TommyG cleverly made and make graphs from them…

But if you are new to those technologies, I wouldn’t call it easy at all… Personally my javascript skills are weak and my Flex skills are non-existent… Maybe Zak or Jesse can help you out…

I am happy you guys are exploring the flexibility and power of the custom reports and sharing it with others… That was the original intention when we built the custom reports engine (at one point we considered not opening it up to customers to customize).

Ben

(imported comment written by TommyG91)

jspanitz

TommyG:

It’s better than what I could have come up with! I’ll take it. Thx!

BigFix:
Is there a documented way to add such things to custom reports - easily?

If I wanted some good / advanced relevance training, what would be the class to take? CONTENT DEVELOPMENT (202) ?

(imported comment written by BenKus)

202 is a good course, but it doesn’t cover session relevance… we used to cover session relevance as part of our web reports class, but the overwhelming feedback from most people was that it was too advanced for the average web reports user…

So right now we don’t have a session relevance class…

Ben

(imported comment written by SystemAdmin)

Thought I would share this with everyone,

This report will allow you to choose a Baseline and a Computer group

and show each Computer and it’s corresponding relevant patches from the chosen Baseline

it also Links to each Bulletin article at Microsofts site, of course this only works for MS0X-XXX Microsoft Security Bulletins

this report also ties together several of the above posts

the output is

Server01

MS08-001…

MS09-002…

Server02

MS09-001…

MS09-002…

MS09-003…

MS09-004…

…