REST API Get List of devices and if they have Critical Updates required

kkerr2005 2023-10-19 13:40:03 UTC #1

I would like to be able to retrieve a list of devices and if they have critical updates available from the REST API.

Is this possible?

Thanks

Aram 2023-10-19 14:06:51 UTC #2

It is possible, yes

For a bit more context, what types of Critical updates are you referring to? Patches, Software Updates, Configuration Updates, all of the above, something else?

kkerr2005 2023-10-19 14:14:01 UTC #3

Hi Thanks for the quick response , Patches for now

kkerr2005 2023-10-19 14:15:11 UTC #4

Last patch date would also be useful if that’s possible too?

Aram 2023-10-19 14:39:30 UTC #5

Here’s a sample session relevance query that can be used to return the computer names of devices with ‘critical’ Patch updates required:

unique values of names of applicable computers of bes fixlets whose (fixlet flag of it AND display name of site of it starts with "Patches" AND (source severity of it as lowercase = "critical" OR source severity of it as lowercase = "mandatory" OR source severity of it as lowercase = "high"))

This would be passed to the REST API via /api/query. You can also adjust the output to be XML or JSON as desired: https://developer.bigfix.com/rest-api/relevance_queries.html (see some examples there too).

For Last Patch Date (which is a bit trickier), we’d have to define that a bit better. For instance, last patched by BigFix, or last patched in general? If in general, which OSes are in scope? Only OS patches, or other types of patches as well?

kkerr2005 2023-10-19 14:50:26 UTC #6

Hey Aram, thank you for this, ill give it a go right away!

in terms of the last patch data , I really just want to check which devices are not patched from a OS perspective so Critical = No is good that means that all critical have been applied but I would like to see the last time that they were applied.

Hope that makes some sense?

Thank you