Help in creating Custom report table

Hello,

I’m new to the forum so I’m sorry if my question is not correct.
I’m trying to create a custom report using BigFix Web Reports, but I’m having problems getting the content’s format in a decent way.

I’ve used the following source code:

    <?Relevance
    (name of it as string, name of issuer of it as string, time issued of it as string, names of computers of results of 
    it as string) of bes actions whose (time issued of it > (now - 14*day) and name of issuer of it contains "admin")
    ?>

But what I’m getting if I try to export the report to CSV is a badly formatted file.
Is there any way to create a decent table and export it to CSV?
I’ve already

Thansk in advance for any help.

Could you provide an example of how it is being formatted poorly? I’m guessing when it is populating you might be having an issue with the dates and maybe some of the other columns being placed in multiple columns?

Hello and thanks for your time.

An example of the CSV generated is (between every new line there is a <br /br> that is not being shown when publishing the message here, but is visible in the CSV):

RTK Prestage 8GB_setelagoas_20190704, npoadmin, IBRSET01APCP610, ( Thu, 04 Jul 2019 18:23:52 +0200 )
NPO-PreStage_8GB, npoadmin, IBRSET01APCP610, ( Thu, 04 Jul 2019 18:23:52 +0200 )
NPO.TCAE.SETELAGOAS.W2K12.CREO4.20190705, npoadmin, IBRSET01APCP610, ( Fri, 05 Jul 2019 15:30:28 +0200 )
Prerequisite for OVAL full results Visual C++ 2010 redistributable x64 is not installed, npoadmin, IBRSET01APCP610, ( Fri, 05 Jul 2019 15:30:28 +0200 )
Windows Security: Clear the System Page File at Shutdown, npoadmin, IBRSET01APCP610, ( Fri, 05 Jul 2019 15:30:28 +0200 )
Windows Security: Microsoft Windows Malicious Software Removal Tool - Deploy, npoadmin, IBRSET01APCP610, ( Fri, 05 Jul 2019 15:30:28 +0200 )
Task: Windows Update Service - Start the service, npoadmin, IBRSET01APCP610, ( Fri, 05 Jul 2019 15:30:28 +0200 )
3125869: Vulnerability in Internet Explorer could lead to ASLR bypass - Enable the User32 Exception Handler Hardening Feature, npoadmin, IBRSET01APCP610, ( Fri, 05 Jul 2019 15:30:28 +0200 )
MS16-007: Security Update for Microsoft Windows to Address Remote Code Execution - Windows Server 2012 R2 Gold - KB3121461 (x64), npoadmin, IBRSET01APCP610, ( Fri, 05 Jul 2019 15:30:28 +0200 )
2868725: Security advisory: Update for disabling RC4 - Enable Workaround (Completely disable RC4), npoadmin, IBRSET01APCP610, ( Fri, 05 Jul 2019 15:30:28 +0200 )
3038256: Update for Embedded Lockdown Manager on Windows Embedded 8 Standard and Windows Embedded 8.1 Industry devices - Windows Server 2012 R2 - KB3038256 (x64), npoadmin, IBRSET01APCP610, ( Fri, 05 Jul 2019 15:30:28 +0200 )
3062591: Security advisory: Local Administrator Password Solution (LAPS) now available - GPO CSE (x64), npoadmin, IBRSET01APCP610, ( Fri, 05 Jul 2019 15:30:28 +0200 )

And it all gets inserted in a single line of the CSV, not multiple ones.
If I export it as HTML I get the following output:

RTK Prestage 8GB_setelagoas_20190704, npoadmin, IBRSET01APCP610, ( Thu, 04 Jul 2019 18:23:52 +0200 )
NPO-PreStage_8GB, npoadmin, IBRSET01APCP610, ( Thu, 04 Jul 2019 18:23:52 +0200 )
NPO.TCAE.SETELAGOAS.W2K12.CREO4.20190705, npoadmin, IBRSET01APCP610, ( Fri, 05 Jul 2019 15:30:28 +0200 )
Prerequisite for OVAL full results Visual C++ 2010 redistributable x64 is not installed, npoadmin, IBRSET01APCP610, ( Fri, 05 Jul 2019 15:30:28 +0200 )
Windows Security: Clear the System Page File at Shutdown, npoadmin, IBRSET01APCP610, ( Fri, 05 Jul 2019 15:30:28 +0200 )
Windows Security: Microsoft Windows Malicious Software Removal Tool - Deploy, npoadmin, IBRSET01APCP610, ( Fri, 05 Jul 2019 15:30:28 +0200 )
Task: Windows Update Service - Start the service, npoadmin, IBRSET01APCP610, ( Fri, 05 Jul 2019 15:30:28 +0200 )
3125869: Vulnerability in Internet Explorer could lead to ASLR bypass - Enable the User32 Exception Handler Hardening Feature, npoadmin, IBRSET01APCP610, ( Fri, 05 Jul 2019 15:30:28 +0200 )
MS16-007: Security Update for Microsoft Windows to Address Remote Code Execution - Windows Server 2012 R2 Gold - KB3121461 (x64), npoadmin, IBRSET01APCP610, ( Fri, 05 Jul 2019 15:30:28 +0200 )
2868725: Security advisory: Update for disabling RC4 - Enable Workaround (Completely disable RC4), npoadmin, IBRSET01APCP610, ( Fri, 05 Jul 2019 15:30:28 +0200 )
3038256: Update for Embedded Lockdown Manager on Windows Embedded 8 Standard and Windows Embedded 8.1 Industry devices - Windows Server 2012 R2 - KB3038256 (x64), npoadmin, IBRSET01APCP610, ( Fri, 05 Jul 2019 15:30:28 +0200 )
3062591: Security advisory: Local Administrator Password Solution (LAPS) now available - GPO CSE (x64), npoadmin, IBRSET01APCP610, ( Fri, 05 Jul 2019 15:30:28 +0200 )

The HTML format looks better, but I just noticed that both are returning the same computer name, even though I should have different ones. Is my relevance not correct?

Thanks for your time.

It’s a little rough and probably an prettier solution out there but this might be something that makes it a little easier to handle. Has issues with the comma separation portion of a CSV by default. Basically entered in an enter command in the beginning of each string. Also puts the break command into the CSV at the end but that can be removed with the find/replace function in excel. As far as the multiple lines with the same computer name is probably the default sorting that is performed when it generates a report. As a side note if you have top level actions with multiple actions it will list each individual action inside the top level action as well as the name of the top level action.

<?Relevance ("%0a" & name of it as string, name of issuer of it as string, time issued of it as string, names of computers of results of it as string) of bes actions whose (time issued of it > (now - 14*day) and name of issuer of it contains "admin") ?>

Hello Jbarter,

the relevance you gave me works really well and solved my issue!
Thanks a lot for your time.

Best regards.