The ‘Last Report Time’ is not maintained in the registry…nor is it an indication at all as to whether or not the BigFix Client patched or updated the machine.
Let’s maybe dig into more details on what you mean by:
What does your patch process with BigFix look like? What specifically would you like to check as it relates to ‘patch from BigFix’? (given that new patches are released all the time, what should this logic look like?) Asked maybe a different way, what specific questions would you like to be able ask the BigFix Client? For instance, one question might be: Are there any outstanding critical OS patches from the last 60 days?
At a high level, I see at least 2 potential paths for what I think you’re trying to do:
- Likely the better approach: Leverage the Client Compliance API I reference above in order to be able to ask very specific and granular questions as to the state of compliance of the device (could be patch-related compliance, could be other things included such as Endpoint Protection status, or a combination of things, etc…). The answer to these questions can be made available to you via the BigFix Client Compliance API to inform your 3rd-party agent.
- Alternatively, you could make some adjustments to your patching processes within BigFix to output a value in the registry (perhaps a timestamp?), either on an on-going basis as a policy, or after a patch attempt (or even a successful patch attempt with a bit more work).