Here’s a sample session relevance query that can be used to return the computer names of devices with ‘critical’ Patch updates required:
unique values of names of applicable computers of bes fixlets whose (fixlet flag of it AND display name of site of it starts with "Patches" AND (source severity of it as lowercase = "critical" OR source severity of it as lowercase = "mandatory" OR source severity of it as lowercase = "high"))
This would be passed to the REST API via
/api/query. You can also adjust the output to be XML or JSON as desired: https://developer.bigfix.com/rest-api/relevance_queries.html (see some examples there too).
For Last Patch Date (which is a bit trickier), we’d have to define that a bit better. For instance, last patched by BigFix, or last patched in general? If in general, which OSes are in scope? Only OS patches, or other types of patches as well?