WebUI API / Patch Policy

Austin4778 2020-04-14 17:28:27 UTC #1

Was curious if there was a method via API to pull patch policies and or their detail (schedule, targeted endpoint/group, etc)? We have a large amount of patch policies and would like to identify a better way to manage the policies if possible.

ctan 2020-04-15 00:36:44 UTC #2

I second this request. We’re trying to develop the detection and are hitting some roadblocks.

One of the ways that I was hoping to get this to work was to get a list of the actions, and get the computers from there. BUT unfortunately the source fixlet of it appears to not exist, so I can’t get the applicable computers.

What I would like is to get the relevant actions of these actions… here’s my session relevance start, any ideas?

(id of it, name of it, state of it) of bes actions whose (multiple flag of it is true and name of it starts with “PP_”)

Austin4778 2020-04-15 14:42:39 UTC #3

I am making some headway here after looking at the REST API resources. I ended up landing within the Database and can pull all the Patch Policies set and their configuration. The specific DB tables you want to look at under the BFENTERPRISE

webui.apPOLICY
webui.apPREVIEW
webui.apTARGET

It has always been a pain point for us with client unlocking/locking in essence to Patch Policies. I am now able to take the results from these DB Tables -> Feed it into a node.js reader -> create unlock/lock actions automatically via API based on patch policies running/not running.

Aram 2020-04-15 14:59:04 UTC #4

There is not an official API for Patch Policies that I am aware of, but your use case makes good sense. I’d recommend creating an Idea (RFE) here if you haven’t done so already: https://bigfix-ideas.hcltechsw.com/ideas