0 Votes

Determine which relevant fixlets are not already contained by one of your Baselines
Log In or Register to download the BES file, and more.


Relevance

 
  * Session Relevance
Show indented relevance
(id of it, names of sites of it, names of it) of elements of (set of ((fixlets of bes sites whose (name of it is contained by ("Enterprise Security|Updates for Windows Applications"))) whose (fixlet flag of it AND applicable computer count of it > 0 AND name of it as lowercase does not contain "superseded") whose (exists (applicable computers of it) whose (it is contained by set of members of (bes computer groups whose (name of site of it = "MY_CUSTOM_BASELINE_SITE" and name of it = "MY_COMPUTER_GROUP"))))) - set of (source fixlets of components of component groups of fixlets whose (baseline flag of it) of (bes custom sites whose (name of it = "MY_CUSTOM_BASELINE_SITE"))))

Property Details

ID2997224
Status
TitleDetermine which relevant fixlets are not already contained by one of your Baselines
Keywordsrelevant fixlets, session relevance, bes computers, bes computer groups, baseline, list of fixlets, bes sites
DescriptionPatch Management is hard. There doesn't seem to be an easy way in the BigFix Console, to list "which fixlets are relevant to at least one of my computers, and is not already in one of my patch baselines". Grabbing all relevant fixlets to add to the "next patch baseline" will duplicate older fixlets, if there's even a single computer out there that has not applied a previous Patch Baseline. Instead of adding a lot of old Fixlets to the new Patch Baseline, that machine should just apply the older Patch Baseline. But it's a tedious job to build computer groups, exclude the older / unpatched systems, wait for them to check-in, and then grab the relevant fixlet lists. And when you do that, you miss out on fixlets those unpatched computers need, that are not included in the old Patch Baseline. This Session Relevance, which can be used in the Presentation Debugger or possibly in Web Reports, will build a list of all Fixlets from the given sites, that are not already superseded (according to their name), and are relevant to at least one of the computers in your given group. This doesn't make it easy, I'd still like an automated way to grab this fixlet list and add the fixlets to a new baseline, but at least having an idea of how large the scope is is helpful.
Added by
Last Modified by on 9/12/2013 3:50:39 PM
Counters 39 Downloads
User Rating 1 star 2 star 3 star 4 star 5 star * Average over 3 ratings. ** Log In or Register to add your rating.

Sharing

Relevance Image Sharing:

<a href='https://bigfix.me/cdb/relevance/2997224'><img src='https://bigfix.me/cdb/relevanceimage/2997224?width=400' border='0'></a>
Social Media:
Share this page on Yammer

Comments

Log In or Register to leave comments!
jgstew -
please post on forum.bigfix.com and mention `@jgstew` so that I see it for help with this
Xanuri -
I have been trying to figure out how to create a report that is based off of a specific baseline and shows what computers are relevant to what fixlets within that baseline. Can any of you help me with this?
jgstew -
There is now an ability to share Dashboards on BigFix.me so it would be useful if you could share your baseline creation dashboard through that option.
JasonWalker -
Ahh, I take that back. I'm not sure how this "Personal Sites" thing works on bigfix.me, but see if you can get my "Windows Patch Baseline Creator v4.ojo" Site File at http://bigfix.me/site/details/59?sc=true&f=true A .ojo file is an XML file containing embedded HTML, JavaScript, and Relevance. If you create a Custom Site in your BigFix Console, you can upload Site Files to it. A .ojo file is evaluated when you upload it to your Site, and this one will create a new Dashboard. Before you attach any file to your Site, be sure to review it to understand exactly what it's doing. You'll need to modify my .ojo file to change the Site Names referenced in it to match whatever site you're creating your Patch Baselines in. You'll see also that when I create a new Baseline from this, I am embedding default Relevance and Category to match "Win7", which you'll need to modify when creating baselines for other operating systems (I never extended it to fix the default Relevance and Category based on the selections on the dashboard page). Also, if you click "Create Baseline" before selecting an OS, it fails. When I create the Baseline, I only use a reference to the components. You'll need to switch to the Components tab in the new baseline, and click the "Sync All Components" to bring in the "real" relevance & action for all components. This dashboard saves me hours of clicking each month. Hope it helps!
JasonWalker -
Unfortunately it's not that easy. If you look at the last line of the description - "This doesn't make it easy, I'd still like an automated way to grab this fixlet list and add the fixlets to a new baseline, but at least having an idea of how large the scope is is helpful." The closest you can *easily* get is to switch the Presentation Debugger into HTML view, and change the result to (p of link of it) of .... That gives you "clickable" Fixlet links to bring up the fixlet itself. But there's no button there to "Add to baseline...". In my environment, I created a Custom Dashboard (.ojo file) that uses Javascript to create a baseline from the results. The Dashboard uses a lot of embedded HTML tags so I can't put it in this comment, and I don't see a spot to upload Dashboards to bigfix.me.
jdcordel -
Question from someone fairly new to BigFix. I was able to take this relevance and use it in the debugger and get results from it. Where/how can I use this relevance so I can create a baseline(s) from it?
JasonWalker -
Avi - Great comment, probably worth uploading your own session relevance. I actually switched to that method myself (filtering on OS instead of Group Membership) some time ago as well. When I originally authored this, there was a greater divide between a few of our administrative groups; there were "my" computers and "their" computers, even if they both ran the same OS versions. That divide was reduced and I too have observed faster evaluations when looking at computer properties like Operating System rather than group memberships.
JasonWalker -
jgstew: Agree on creating smaller baselines, and that was a big part of the reason for this. By filtering out the components that are already included in another baseline, I can reduce my baseline sizes somewhat by removing any overlapping components. Here I can also build baselines based on relevant components separated by operating systems (one set of baselines for Win7, another for Win2008, etc.). Where there are a huge number of relevant baseline components, I can grab the first hundred, put them in a baseline, run the query again, and get the next batch of fixlets (minus the hundred I just put into a baseline). I have another relevance I plan to upload, that uses the Presentation Debugger's "Render HTML" feature to grab the source fixlets for the next baseline, in XML format that I can copy/paste into an XML Baseline Template, then import back into the console. Reduces my baseline creation time from hours to under a minute.
Avi -
Hi Jason, i've went ahead and modified this relevance to fit my groups / baselines / customsite and came up with this: (applicable computer count of it, source release date of it, source severity of it, id of it, names of it) of elements of (set of ((fixlets of bes sites whose (name of it is contained by ("Enterprise Security"))) whose (fixlet flag of it AND applicable computer count of it > 0 AND name of it as lowercase does not contain "superseded" AND name of it as lowercase does not contain "unsupported" AND source severity of it is contained by ("Important|Critical")) whose (exists (applicable computers of it) whose (it is contained by set of members of (bes computer groups whose (name of site of it = "ZIM Custom content" and name of it = "Windows 7 computers"))))) - set of (source fixlets of components of component groups of fixlets whose (baseline flag of it) of (bes custom sites whose (name of it = "Workstations")))) what it does is it searches for patches that are important / critical in patches for windows (english) that are applicable to computers that are members of a specific group ( in my case "windows 7 computers" in custom site called "zim custom content") - then it reduces all fixlets that are part of all baselines in a custom site. my impression, this is good relevance but it takes quite a while (2 minutes on average) to return results, so i went ahead even further changed it to be this: (id of it, names of it, applicable computer count of it, number of applicable computers whose (operating system of it contains "Win7") of it as string, number of applicable computers whose (operating system of it contains "WinXP") of it as string) of elements of ((set of (bes fixlets whose (fixlet flag of it AND (name of site of it contains "Enterprise") AND source severity of it is contained by ("Critical|Important") AND name of it does not contain "Unsupported" AND name of it does not contain "CORRUPT" AND number of applicable computers whose (operating system of it contains "Win7") of it >=1))) - (set of (source fixlets of components of component groups of fixlets whose (baseline flag of it) of (bes custom sites whose (name of it = "Workstations"))))) seeing how i really only need to know what patches who are important / critical that the number of applicable computers of it that have windows 7 is larger than 1 and - then reduces all fixlets that are part of all baselines in a custom site. the result, while this won't check on computers part of group (in my case the group was based on operating system and was quite big) it will get me the result i needed in 80 ms on average. thanks again!
jgstew -
This is definitely useful, but it is not recommended to have more than 300 components in a single baseline.
Avi -
Thanks
JasonWalker -
I updated the relevance to the newer form. If anyone is interested my first cut at this was: (id of it, names of sites of it, names of it) of (((fixlets of bes sites whose (name of it is contained by ("Enterprise Security|Updates for Windows Applications"))) whose (fixlet flag of it AND applicable computer count of it > 0 AND name of it as lowercase does not contain "superseded" AND it is not contained by set of (source fixlets of components of component groups of fixlets whose (baseline flag of it) of bes custom sites whose (name of it="CM_Windows")))) whose (exists (applicable computers of it) whose (it is contained by set of members of (bes computer groups whose (name of site of it = "CM_Windows" and name of it = "FDOC_Org3000_Windows_All")))))