9 Replies Latest reply on Sep 18, 2020 4:31 PM by Lisa Keeler

    is there a way to perform a 'generic' query with an endpoint name, instead of an IP address, and then sort that result by the latest scan results?

    David Hicks
      Share This:

      Hello,

       

      I'm still pretty new to BMC Discovery, but am learning pretty quickly. I appreciate all of the info and discussion groups I have been seeing and it has significantly helped me to resolve a large portion of my questions. So, thank you very much!

       

      I ran a generic search by an endpoint name, not IP address, and received back the results just fine. However, I received the last 5+ months of data when all I really needed was the most recent scan results.

       

      After looking a bit deeper into the query results, I also noticed that the results were for a device name, instead of a host. This leads me to ask the following question:

       

      is there a way to perform a 'generic' query with an endpoint name, instead of an IP address, and then sort that result by the latest scan results?

       

      My goal is to design a Unix script that can query the datastore as many times, with just a 'Name', and then sort that search result with the latest scan session.

       

      For instance, I ran:

       

      tw_query --username=system --password="<PASSWORD> " "search DeviceInfo where * has subword 'ABC123-DEFG456'.

       

      However, I extracted this information from the Browser UI only after 'first' placing the name "ABC123-DEFG456" in the global search function at the top right corner of the Browser UI.

       

      When the results came back, and I clicked upon the "Custom +" feature at the top left of the screen, then went to "Raw Query", is only at that time, did I find out that the endpoint was a Device.

       

      This tells me that BMC Discovery must be performing a generic 'query' against the datastore, in order to 'find' (per sey) the endpoint in question.

       

      I would like to understand what type of a query that translates to, so I can - in turn - incorporate that query into my Unix shell script, so I can automate this type of a task when you have like 100+ endpoints you are trying to 'find', within Discovery.

       

      Can anyone please assist me in translating this into a search query either on the UI side, or using the "tw_query" function, please?

       

      Lisa Keeler Andrew Waters

       

      Thank you,

      David Hicks