Is there any way to upload a file from the client to the BES server and have the file go into a custom directory using the API? I am using api/upload and having to deal with the sha isnt something I am wanting to do with the files I will be collecting from different systems.
Agreed. For reference, please see Archiving Client files on the BigFix Server and note also that 11.0.2 introduced a new REST API resource to be able to list and fetch uploaded files via the Archive Manager, which should be able to help you copy the file to a desired target other than the default that organizes them by Computer ID on the Root Server.
Iâve considered that approach as well, and it still kind of runs into the same issue for what I am needing to do. I was more curious if I was able to use the api to upload a file and it go to a staticly named directory, like BES Server\wwwrootbes\Uploads\MySpecialFiles\Filename.log for use in other processing. Sorry if I didnât explain this well enough.
You can achieve this by this way:
Use the archive manager , which will upload all the files in the respective SHA folders. You could use the identifier and move all the files with that particular tag into your desired folder using the powershell script.
I think I understand what youâre asking, but no, there is not a way to directly upload to an arbitrary path on the server.
The main reason for that is a security concern. âuploading a fileâ is controlled at the client side, and we donât want an arbitrary client to be in control of what path is used when a file is uploaded to the Server. That could leave potential for one client to overwrite another clientâs file(s), or, even worse, could expose an attack surface for a client to overwrite arbitrary files on the server (weâd have to take extra care in santizing the paths a client provides; every few years we see vulnerabilities in zip or tar or ftp based on path exploits. Imagine a client successfully uploading a file to overwrite ../../../besrootserver.exe or something like that)
By not allowing the client to control the path, thereâs an entire class of exploit that are taken out of play.
Agreed, that was a concern I had looking into this being an option to use. Would be super convenient⌠which is usually counterintuitive to being secure LOL! Iâve got some other options, but I wanted to rule the API out as being a valid path to take before I went there.
Oh actually I may have totally misread your use-case, as I was going through the âArchive/Upload Managerâ path.
If youâre trying to use /api/Uploads and finding that you donât like where it goesâŚwell, you donât have to go through the API for that. If youâre in control of the root server, you could always just âcopyâ files to the BES Server/wwwrootbes/Uploads directory, either by logging in to the server, or sharing out that path to SMB, or whatever.
No, you didnât misunderstand. I need to collect a file from some endpoints periodically, and I want to process them with an application I am working on. I was trying to use the api to put them all in one folder without needing to watch on the folder itself for subfolders being created.
Ah, I see, then the new API calls are probably what you would need to leverage.
âIn the PastââŚlike, a month agoâŚthere were a couple of ways to do this.
One method would be to use a regularly scheduled task on the root server to iterate through the Uploads folder, find the files of interest, and do something with them (the âUnmanaged Asset Importer Serverâ did something like this I believe).
Another method would be to query the SQL database directly to find the uploads of interest and then retrieve them, by querying/filtering on the âdbo.Uploadsâ table. I believe Inventory uses something like that.
Now the new REST API for the Archive Manager should allow you to list, find, and retrieve the files without needing direct access to either the server filesystem or to the SQL database at all.