RestAPI - Upload

Is there any way to upload a file from the client to the BES server and have the file go into a custom directory using the API? I am using api/upload and having to deal with the sha isnt something I am wanting to do with the files I will be collecting from different systems.


You can use the archive upload manager which will upload the file to the bes root server

Agreed. For reference, please see Archiving Client files on the BigFix Server and note also that 11.0.2 introduced a new REST API resource to be able to list and fetch uploaded files via the Archive Manager, which should be able to help you copy the file to a desired target other than the default that organizes them by Computer ID on the Root Server.


I’ve considered that approach as well, and it still kind of runs into the same issue for what I am needing to do. I was more curious if I was able to use the api to upload a file and it go to a staticly named directory, like BES Server\wwwrootbes\Uploads\MySpecialFiles\Filename.log for use in other processing. Sorry if I didn’t explain this well enough.

You can achieve this by this way:
Use the archive manager , which will upload all the files in the respective SHA folders. You could use the identifier and move all the files with that particular tag into your desired folder using the powershell script.

I think I understand what you’re asking, but no, there is not a way to directly upload to an arbitrary path on the server.

The main reason for that is a security concern. ‘uploading a file’ is controlled at the client side, and we don’t want an arbitrary client to be in control of what path is used when a file is uploaded to the Server. That could leave potential for one client to overwrite another client’s file(s), or, even worse, could expose an attack surface for a client to overwrite arbitrary files on the server (we’d have to take extra care in santizing the paths a client provides; every few years we see vulnerabilities in zip or tar or ftp based on path exploits. Imagine a client successfully uploading a file to overwrite ../../../besrootserver.exe or something like that)

By not allowing the client to control the path, there’s an entire class of exploit that are taken out of play.

Agreed, that was a concern I had looking into this being an option to use. Would be super convenient… which is usually counterintuitive to being secure LOL! I’ve got some other options, but I wanted to rule the API out as being a valid path to take before I went there.

Oh actually I may have totally misread your use-case, as I was going through the ‘Archive/Upload Manager’ path.

If you’re trying to use /api/Uploads and finding that you don’t like where it goes…well, you don’t have to go through the API for that. If you’re in control of the root server, you could always just “copy” files to the BES Server/wwwrootbes/Uploads directory, either by logging in to the server, or sharing out that path to SMB, or whatever.

No, you didn’t misunderstand. I need to collect a file from some endpoints periodically, and I want to process them with an application I am working on. I was trying to use the api to put them all in one folder without needing to watch on the folder itself for subfolders being created.

Ah, I see, then the new API calls are probably what you would need to leverage.

“In the Past”…like, a month ago…there were a couple of ways to do this.

One method would be to use a regularly scheduled task on the root server to iterate through the Uploads folder, find the files of interest, and do something with them (the ‘Unmanaged Asset Importer Server’ did something like this I believe).

Another method would be to query the SQL database directly to find the uploads of interest and then retrieve them, by querying/filtering on the ‘dbo.Uploads’ table. I believe Inventory uses something like that.

Now the new REST API for the Archive Manager should allow you to list, find, and retrieve the files without needing direct access to either the server filesystem or to the SQL database at all.