Anyone, please suggest.
Hi. I’m still not exactly sure what you are asking.
Your question is so broad that any computer that has received even just a single patch Fixlet in the past five years can be a valid response for it.
Can you be more specific about what information you are looking for? An example might also help.
That’s true.
I need to find out details of all machines (any OS) which are getting patched using Bigfix since application setup.
In webreports you can create a report with these two properties “InstalledOn” and “HotfixID”. This will tell you what patch was installed and on which date. But If you want to classify, what patches are installed though BigFix vs Manual or an External solution. I think it will be hard or close to impossible.
I might be wrong too, I will leave that to the professionals and you can also open up a IBM case and discuss this directly with the IBM support.
Thanks !!
But i assume this can be achieved.
Awaiting response from professionals and experts in forum.
Check https://developer.bigfix.com for details on how to create custom reports using the API or Session Relevance.
Could you please guide on how to proceed with this, if possible ?
This doesn’t seems to be working…
Please suggest…
In short, what you’re asking for is most likely close to impossible; patch relevance only considers if the patch is installed or not, not how it was installed. It could have been deployed manually through running a downloaded MSU, it could have been installed by Windows Update or SCCM, or it could have been installed by BigFix; in all of these cases, the patch relevance would be considered False if the patch successfully installed.
Action reports in BigFix are useful in the short term (we use them to track success rate and pinpoint possible errors through Exit Codes), but for long term tracking they will be useless if, like us, you stop and delete your obsolete patching actions.
The only surefire way I’m aware of is to parse the Windows Update logs, as these will contain the source application and the source location of the installer. Considering Windows 10 no longer has a live Windows Update log, and even if it did parsing thousands and thousands of lines of logs is not exactly efficient, I consider this approach a non-starter.
Basically, I think it would be wise to re-evaluate the reasons why you believe you need this level of reporting and examine other options. For example, we track when Windows Update was last used to check for, download, and install updates; at least this way we can tell if someone used WU to patch their system.
So you mean to say that Windowsupdate.log on each machine has details on how patch was triggered on machine and from there we can find it out ?
…
Yes, but again, due to Windows 10 not having a live log, and because you would have to trawl literally thousands of lines of text files on each endpoint, this is hardly a recommended approach.
Got it, lets wait…for some more comments on it to decide further.
Agreed, what you are asking for is far too much work for far too little value.
Understand this forum is not official IBM support. Most of us don’t work for IBM. Those who do work for IBM or HCL here, are not here as part of their job. We’re enthusiasts.
When I decide which posts to answer, I use several criteria. Is the question interesting? Is the question something I can answer quickly (a simple how-to)? Is the question something that might be useful in my deployment? Is it something that would be useful to other people? Has the requester made an effort to solve the problem themselves, or are they asking for someone else to do their job for them for free? I’m afraid the report you are asking for just doesn’t meet any of those criteria.
I don’t think anyone is going to put much effort into such a report unless you hire out for custom software development, because this use case would not benefit anyone else and is too difficult for an easy answer.
2 Likes
Thanks !!
I was trying to find out the most feasible way to get this sorted.
You are going to need to solve this most likely with session relevance, either with the REST API, or a Console Dashboard, or Web Reports, or similar.
It would be helpful if you could provide a mock up of what you want the final result to look like with fake examples.
- Do you just want the number of computers?
- or the number of patches?
- or the number of computer times the number of patches?
- Or do you want a table view of ???
- How do you define a “patch”?
There are many existing web reports around patch reporting. There is also an add on compliance product that may help answer this question.
This console dashboard is kind of the opposite of what you are asking, it gives you only baselines with failures and shows you the components that have failures: https://github.com/jgstew/bigfix-content/blob/master/dashboards/BaselineStatusResults.ojo
This is probably not what you want, but it gives you a number representing the number of actions * number of computers targeted:
number of results of bes actions
You could filter this down to only the results that were “successful” and so on.
Thanks !!
I was looking for :-
. Number of computers patched using Bigfix irrespective of OS
. Out of patched how many are successful, failed etc…
If this can be retrieved in tabular view would be great.
I need to prove to management that people are using Bigfix but not showing management about the same as it might result in resource reduction 
Does this mean any action taken on a system using BigFix or only actions which are using content from External Patching Sites?
Are patches generally deployed using baselines?
Do you delete actions from BigFix? If so, then you won’t be able to get results for those using Session Relevance. If not, then you may have performance issues due to not clearing out old action data. If you clear out the action data, this means you will be much more able to report on BigFix over the past X days, rather than actually how much BigFix has been used from the beginning.
This is going to give you the biggest number in terms of how much bigfix has been “used” time number of systems: number of results of bes actions
This is the number of computers affected by bigfix actions: number of elements of set of computers of results of bes actions (this value should approach the total number of computers over time)
I want to fetch data from sites which have keywords like Patch or Enterprise as this will cover both custom and external sites.
Yes i do keep removing old data from Bigfix as part of maintenance activity.
Will the relevance mentioned below work for specific sites as this will get me entire data for machine on which any action was targeted.
The relevance I provided above could be used to filter down to just the patch sites stuff.