Sync baseline through API

Hey guys,

I am looking and searching around to try to find out a way to sync a baseline either through API or find out how to kick off some component from the baseline synchronization dashboard to sync the baseline in an automate way.
Any advice will be appreciate.

Thanks…
Diego

1 Like

We don’t have an API specifically for baseline syncing yet, so your syncing automation process would be something like this:

For each component of the baseline
  compare existing relevance and actionscript against the source fixlet
  if the same
    copy existing component XML into new baseline XML
  else
    copy source fixlet XML into component XML for the new baseline
    set some flag indicating sync was required
if sync flag was set
  submit fixlet update for the baseline's id using the new baseline XML

Hi Steve,

Yeah that’s what I thought, and thanks for the answer! Would be good to have either an API or a task to sync it. So we could simple call this task in an automate way.
Just for future references if someone falls in the same case, this is the relevance I used to check the components:

Queries are in the form of "BigFix Session Relevance"
my $query = “(name of it) of it whose ( (relevance of source fixlet of it != relevance of it) or (script of action of it != script of action of source fixlet of it) ) of (components of
component groups of bes fixlets whose (baseline flag of it AND name of it starts with “Custom Baseline - AutoPatch RedHat”))”;

It ll highlight the components out of sync, then is just a matter to regenerate the baseline components.

If you automate the creation of the baselines in the first place, and then just replace the old baselines with new ones every time, then you don’t need to sync them.

Related:

right, and that’s exactly what I am doing. But I was wondering if there could be a way to simulate that magic sync all components button from the baseline through a API or something else.
Instead of keep re-generating the baseline every time I found a component out of sync.

1 Like

I do agree, it would be nice to be able to hook into the existing functionality.

If you look at the source code of the baseline sync dashboard, you should find a bunch of javascript that does the detection of components out of sync, which uses session relevance to do this. This might be able to be repurposed into a Node.js app, though the javascript relevance provider is a complicated part, which I’m not sure if that can be used easily. I don’t know the source for it is already available in the files or not.

You could have a script that periodically checks the automatically generated baselines for an out of sync state using session relevance (this is in the dashboard or elsewhere and can be reused) and then automatically regenerates the baseline when it detects the out of sync state and then notifies you so that you can deploy it. You could even automate the stopping of the previous baseline and the starting of the new one, but I figure you’d probably want to review it before deploying.

In some ways I actually like the idea of creating a new baseline and archiving the old one so that you have a history of the baselines that were deployed and when, particularly for helping to solve issues that might come up do to an update.

1 Like

This will allow you to automatically and dynamically generate a baseline based upon a Session Relevance query that returns the set of fixlet objects you want to build the baseline from. Generating a new baseline from the same dynamic set of fixlets is similar to syncing them.

2 Likes

If you use this method, be sure you are running the AuditTrailCleaner periodically, as the build up of a lot of old custom content (even when deleted) can have an impact on BigFix performance over time.

3 Likes

Any updates on this that anyone is aware of? Is there an ability to sync baselines via REST API, or some other programmatic way?

Hello, through API I didn’t find a way to sync the baselines … what I did to turn around this capability was to use SOAP API to verify if the baseline had any superseded component, and if so I am re-generating the baseline updating this component to its latest version.
The relevance to identify the outdated components would be something like that.

(name of it) of it whose ( (relevance of source fixlet of it != relevance of it) or (script of action of it != script of action of source fixlet of it) ) of (components of component groups of bes fixlets whose (baseline flag of it AND name of it starts with “Custom Baseline - AutoPatch RedHat”))"

PS: My baseline generation is a combination of bash/java/perl scripts. I am running this in a perl to produce an output to input my baseline generation script. If you want I can share the perl too.

Hi, yeah, detecting the out-of-sync baselines is the easy part. Can you share how you’re building out your baselines that you then PUT over the top of your existing out-of-sync baseline?

We use code that is part of this java library:

It reads the baseline, searches for the source fixlets in your environment, re-generates the baseline components and formats them so that for the most part Bigfix sees them as synchronized. There are some edge cases where Bigfix will still think they are not synchronized, but that is usually trivial formatting differences.

If you do end up using that library, feel free to open issues on it if you have problems synchronizing baselines.

1 Like

So, it’s 4 years later since last activity on this thread. Is there still no way to programatically sync a baseline using an API?

Sure there is. That is exactly the example given at https://developer.bigfix.com/rest-api/api/baseline.html