Is there a way i can find out on how many machines are patched using Bigfix ?
I need to know and provide reports for machines which are patched using Bigfix.
Can we get this information ??
Can anyone suggest…?
It might help if your question was a bit more specific.
To ask if a computer has been Patched, it sounds like you are interested in how many computers have had an action run against them successfully, but your question could be interpreted several ways.
Hi Tim,
Yes you are correct.
We want to know on how many machines were targeted using Bigfix for patching and were successful ?
Also is there a way to fetch combined report for action with current status apart from fetching this detail using Action history ?
1 Like
Anyone, please suggest
Anyone, please suggest if there is a way to find out on how many machines are patched using Bigfix ?
Anyone, please suggest.
Hi. I’m still not exactly sure what you are asking.
Your question is so broad that any computer that has received even just a single patch Fixlet in the past five years can be a valid response for it.
Can you be more specific about what information you are looking for? An example might also help.
That’s true.
I need to find out details of all machines (any OS) which are getting patched using Bigfix since application setup.
In webreports you can create a report with these two properties “InstalledOn” and “HotfixID”. This will tell you what patch was installed and on which date. But If you want to classify, what patches are installed though BigFix vs Manual or an External solution. I think it will be hard or close to impossible.
I might be wrong too, I will leave that to the professionals and you can also open up a IBM case and discuss this directly with the IBM support.
Thanks !!
But i assume this can be achieved.
Awaiting response from professionals and experts in forum.
Check https://developer.bigfix.com for details on how to create custom reports using the API or Session Relevance.
Could you please guide on how to proceed with this, if possible ?
This doesn’t seems to be working…
Please suggest…
In short, what you’re asking for is most likely close to impossible; patch relevance only considers if the patch is installed or not, not how it was installed. It could have been deployed manually through running a downloaded MSU, it could have been installed by Windows Update or SCCM, or it could have been installed by BigFix; in all of these cases, the patch relevance would be considered False if the patch successfully installed.
Action reports in BigFix are useful in the short term (we use them to track success rate and pinpoint possible errors through Exit Codes), but for long term tracking they will be useless if, like us, you stop and delete your obsolete patching actions.
The only surefire way I’m aware of is to parse the Windows Update logs, as these will contain the source application and the source location of the installer. Considering Windows 10 no longer has a live Windows Update log, and even if it did parsing thousands and thousands of lines of logs is not exactly efficient, I consider this approach a non-starter.
Basically, I think it would be wise to re-evaluate the reasons why you believe you need this level of reporting and examine other options. For example, we track when Windows Update was last used to check for, download, and install updates; at least this way we can tell if someone used WU to patch their system.
So you mean to say that Windowsupdate.log on each machine has details on how patch was triggered on machine and from there we can find it out ?
…
Yes, but again, due to Windows 10 not having a live log, and because you would have to trawl literally thousands of lines of text files on each endpoint, this is hardly a recommended approach.
Got it, lets wait…for some more comments on it to decide further.
Agreed, what you are asking for is far too much work for far too little value.
Understand this forum is not official IBM support. Most of us don’t work for IBM. Those who do work for IBM or HCL here, are not here as part of their job. We’re enthusiasts.
When I decide which posts to answer, I use several criteria. Is the question interesting? Is the question something I can answer quickly (a simple how-to)? Is the question something that might be useful in my deployment? Is it something that would be useful to other people? Has the requester made an effort to solve the problem themselves, or are they asking for someone else to do their job for them for free? I’m afraid the report you are asking for just doesn’t meet any of those criteria.
I don’t think anyone is going to put much effort into such a report unless you hire out for custom software development, because this use case would not benefit anyone else and is too difficult for an easy answer.
2 Likes