OS security patches not installed on which computers

(imported topic written by SystemAdmin)

With session relevance, trying to get list of OS security patches not installed by computer. The following works to get list of relevant Red Hat and Windows OS security patches not installed.

(id of it, source release date of it, source severity of it, name of it) of relevant fixlets whose (fixlet flag of it = TRUE AND Category of it contains “Security” AND (Name of SITE of it contains “Patch” OR Name of SITE of it contains “Enterprise Security”)) of bes computers

The following are columns of data that I want to add to the above.

(name of it) of bes computers

(ip address of it) of bes computers

(operating system of it) of bes computers

The following fails from BigFix Session Relevance Tester with msg Error: The operator “relevant fixlets” is not defined.

(id of it, source release date of it, source severity of it, name of it) of relevant fixlets whose (fixlet flag of it = TRUE AND Category of it contains “Security” AND (Name of SITE of it contains “Patch” OR Name of SITE of it contains “Enterprise Security”)) (name of it, ip address of it, operating system of it) of bes computers

How can I modify the first session relevance to get the name, ip address and operating of the bes computer that does not have OS security patch installed?

(imported comment written by Lee Wei)

To modify the first statement to include Computer information, I would do it this way:

color=red

(name of it, concatenations "; " of (ip addresses of it as string), operating system of it,[/color] (id of it, source release date of it, source severity of it, name of it) of relevant fixlets whose (fixlet flag of it = TRUE AND Category of it contains “Security” AND (Name of SITE of it contains “Patch” OR Name of SITE of it contains “Enterprise Security”))

color=red

of it) [/color]of bes computers

What we want is the “BES Fixlet Result” object. You can see that in Inspector Reference tab in the Sessions Relevance Tester.

Here is a different construct for your reference. On my system, it is about 3 times faster.

(
name of computer of it,
concatenation of (ip addresses of computer of it as string),
operating system of computer of it,
id of fixlet of it,
source release date of fixlet of it,
source severity of fixlet of it,
name of fixlet of it
) of
results
(
bes fixlets whose (fixlet flag of it = TRUE AND Category of it contains “Security” AND (Name of SITE of it contains “Patch” OR Name of SITE of it contains “Enterprise Security”)),
bes computers
)
whose (relevant flag of it)

Lee Wei

(imported comment written by SystemAdmin)

Thanks Lee for your help. This will be useful when starting to use TEM for patch management and need to import this data in our own OS Security Patch reporting tool.