Using API to deploy patch

Hi,

Could it be possible to use API to deploy patch or take action?
Could anyone have an example for it?
I can not find the API to take action for bigfix.

Thanks.

Hello @bearandy

There are many options how to do this and depends on the type of action (type of target, scheduling of the action, etc).

One easy possibility is to combine CURL and XML (CURL to submit the request and XML to define the action)

For example, if you wanted to submit an “empty” action to three computers whose IDs are known in advance

curl -k -X POST -d @myaction.xml https://<ip address of your server>:52311/api/actions --header "Content-Type:text/xml" -u <userName>:<password>

where myaction.xml is a file whose content could be something like:

<?xml version="1.0" encoding="UTF-8"?>
<BES xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="BES.xsd">
<SingleAction>
<Title>my_CURL_action</Title>
<Relevance>true</Relevance>
<ActionScript MIMEType="application/x-Fixlet-Windows-Shell">// Enter your action script here
</ActionScript>
<SuccessCriteria Option="RunToCompletion"/>
<Settings><PreActionShowUI>false</PreActionShowUI>
<HasRunningMessage>false</HasRunningMessage><HasTimeRange>false</HasTimeRange><HasStartTime>false</HasStartTime>
<HasEndTime>true</HasEndTime><EndDateTimeLocalOffset>P2D</EndDateTimeLocalOffset><HasDayOfWeekConstraint>false</HasDayOfWeekConstraint>
<UseUTCTime>false</UseUTCTime><ActiveUserRequirement>NoRequirement</ActiveUserRequirement><ActiveUserType>AllUsers</ActiveUserType>
<HasWhose>false</HasWhose><PreActionCacheDownload>false</PreActionCacheDownload><Reapply>false</Reapply><HasReapplyLimit>true</HasReapplyLimit>
<ReapplyLimit>3</ReapplyLimit><HasReapplyInterval>false</HasReapplyInterval><HasRetry>false</HasRetry><HasTemporalDistribution>false</HasTemporalDistribution>
<ContinueOnErrors>true</ContinueOnErrors><PostActionBehavior Behavior="Nothing"/><IsOffer>false</IsOffer></Settings><SettingsLocks>
<ActionUITitle>false</ActionUITitle><PreActionShowUI>false</PreActionShowUI><PreAction><Text>false</Text><AskToSaveWork>false</AskToSaveWork>
<ShowActionButton>false</ShowActionButton><ShowCancelButton>false</ShowCancelButton><DeadlineBehavior>false</DeadlineBehavior>
<ShowConfirmation>false</ShowConfirmation></PreAction><HasRunningMessage>false</HasRunningMessage><RunningMessage>
<Text>false</Text></RunningMessage><TimeRange>false</TimeRange><StartDateTimeOffset>false</StartDateTimeOffset>
<EndDateTimeOffset>false</EndDateTimeOffset><DayOfWeekConstraint>false</DayOfWeekConstraint><ActiveUserRequirement>false</ActiveUserRequirement>
<ActiveUserType>false</ActiveUserType><Whose>false</Whose><PreActionCacheDownload>false</PreActionCacheDownload><Reapply>false</Reapply>
<ReapplyLimit>false</ReapplyLimit><RetryCount>false</RetryCount><RetryWait>false</RetryWait><TemporalDistribution>false</TemporalDistribution>
<ContinueOnErrors>false</ContinueOnErrors><PostActionBehavior><Behavior>false</Behavior><AllowCancel>false</AllowCancel><Deadline>false</Deadline>
<Title>false</Title><Text>false</Text></PostActionBehavior><IsOffer>false</IsOffer><AnnounceOffer>false</AnnounceOffer><OfferCategory>false</OfferCategory>
<OfferDescriptionHTML>false</OfferDescriptionHTML></SettingsLocks>
<IsUrgent>false</IsUrgent>
<Target>
<ComputerID>xxxxxxxxxxxx</ComputerID>
<ComputerID>yyyyyyyyyyyy</ComputerID>
<ComputerID>zzzzzzzzzzzz</ComputerID>
</Target></SingleAction></BES>

Let me know if this helps
Regards

Thanks for your information.
And Which parameter is the specific fixletID we could type in to deploy?

@bearandy
you can refer to this page:

https://developer.bigfix.com/rest-api/api/action.html

in the POST of api/actions, the 2nd example should fit for you.

Let me know if this works fine
Regards

1 Like

Hi,
Thanks for reply.
But the example seems to create a new custom action.
We want to select or directly use the exists fixlet to take action.
How should we put the parameter on it?

Thanks.

In that case you’d want to import a SourcedFixletAction XML file.

Import details are at https://developer.bigfix.com/rest-api/api/import.html

That’s not entirely obvious, but luckily that is exactly the example given for the “hints” to the import resource at https://developer.bigfix.com/rest-api/restapi_request_new.html

For a standard user, you’ll import to /api/import/operator/[operator_name] , or for a master operator import to /api/import/master

Hi, dcosenti

  Could we do the test for Web API? like the screen.

  I always get 401 Unauthorized.   How could we test on it?

Thanks.

@bearandy
make sure the you are working with an operator having the proper authorities.
One easy option would be to use a Master Operator

Yes, I use admin.
I can use it by GET. But using POST will show 401 Unauthorized. I do not know why…
Anyone also gets the same issue?

Thanks.

Let’s confirm permissions:

  • Can you confirm that the Console Operator account that you are leveraging has the ability to deploy actions?
  • Does the user have read access to the site of the source Fixlet?
  • Does the user have mgmt rights against the target(s)?
1 Like

Hi, Aram

 There is only one account on my test bigfix server environment.
 It is full access for the account. 
 And I use curl command is OK.   But I use the Web API POST would always show 401.

Thanks.

I’m not familiar with that particular client that you are using, but it seems you may not be passing in the authorization correctly.

Just in case, can you please try the api/login from your REST client, as shown in the following example ?

https://your-server:52311/api/login

It should prompt for a user and password or return “ok” if you are already logged in.

Hi,

I already tried it. And also show OK. But the POST still fail.

Thanks.

Start small and work your way forward. From the screenshot, it looks like maybe you’re trying to POST to actions, but I don’t see an action XML in the Body.

Before trying a POST, see whether you can do a GET for /api/actions.

Hi, Jason

  Yes. I can use GET to get it.

  And I use XML on it. It is still fail.

Thanks.

Ok, that’s off to a good start. Shows that your authentication header is correct, anyway.

Now to check whether you have permissions to send actions and create custom content. In the console, try using the same operator to take an action from that fixlet, and also try to create a new fixlet. Let us know for each case whether it works.

Hi, Jason

  I use https://my-server:52311/api/login.  And the authentication is OK.
  So I can confirm that the account is correct and it is admin permission.

Thanks.

Why send an content-type header of application/json when posting the XML?

Hi, Jason

  It is automatically add by itself.   So how should I change it?

Thanks.