I am wanting to build out a detailed Splunk Dashboard. Is there a way in the API to get a list or count of devices needing a patch based on severity? Like showing all the machines with Critical Patches
If you call
reports/prepatch you get this:
And below a list of the devices.
Is that what you are looking for?
So is the prepatch per machine or per total count? I have pulled that but I only seem to get a few machines… But yes that does seem to be closer to my goal… Thanks!
Total is how many total patches need to be pushed (This could be the same patch listed multiple times adding up)
Then each is the count below that for the same.
So in my screenshot. The 4 other, could be 4 separate patches, or the same patch needed on 4 machines.
That’s what I need Thanks