/build/static/layout/Breadcrumb_cap_w.png

Smart Label test is not matching specified conditions

I'm building a smart label to find patches meeting certain criteria. I'm testing for:

Publisher = Microsoft Corp.
Impact is Critical
Status is Active
Superseded is No

but the very second and fourth returns say "Yes" in the "Superseded" column.

Just for kicks, I changed the "Impact" setting to "is not" "Critical", and that set of criteria returns one hit that is Critical Impact and Superseded. See picture.

i5u15s.png

If I simplify the criteria, the returns still don't match:



2 Comments   [ + ] Show comments
  • Change the view from Applicable Packages to All Patches, see if that helps.

    (Upper right corner of your screenshot) - Channeler 6 years ago
    • I've added a picture with simpler criteria, and the change you suggested. Still not matching. - kentwest 6 years ago
      • save it with the initial criteria.

        Go to Security > Catalog

        Select the smart label filter on the Catalog, Make sure you are showing Individual Patches, see if it shows more there - Channeler 6 years ago
  • I opened a ticket with Quest, and they came back with a similar answer to that of Channeler, but with enough information that I now understand why it's doing that.

    The two options, "Applicable Packages" and "All Packages" search bundles of patches, not individual patches. The third option, "Individual Patches", of course only searches individual patches.

    When you search in a bundle/package, some of the patches in that bundle will match the search criteria, and some won't, and therefore might return results you don't expect. For example, searching for "Impact = Critical" in a package/bundle that contains both critical and non-critical patches might return that bundle (depending on how the search is worded); essentially that particular field in such a case is useless. I suggested that in such a search that field's result be returned as something like "Not Applicable" rather than a deceptive "Critical" or not, and he believes there's a uservoice request for just that sort of solution to the potential confusion.

    TL:DR - Search on "Individual Patches" instead of on the "Applicable Packages" or "All Packages" bundles, when you need results to be precise to a patch's characteristics. - kentwest 6 years ago

Answers (1)

Answer Summary:
Posted by: kentwest 6 years ago
Second Degree Brown Belt
0

Top Answer

I opened a ticket with Quest, and they came back with a similar answer to that of Channeler, but with enough information that I now understand why it's doing that.

The two options, "Applicable Packages" and "All Packages" search bundles of patches, not individual patches. The third option, "Individual Patches", of course only searches individual patches.

When you search in a bundle/package, some of the patches in that bundle will match the search criteria, and some won't, and therefore might return results you don't expect. For example, searching for "Impact = Critical" in a package/bundle that contains both critical and non-critical patches might return that bundle (depending on how the search is worded); essentially that particular field in such a case is useless. I suggested that in such a search that field's result be returned as something like "Not Applicable" rather than a deceptive "Critical" or not, and he believes there's a uservoice request for just that sort of solution to the potential confusion.

TL:DR - Search on "Individual Patches" instead of on the "Applicable Packages" or "All Packages" bundles, when you need results to be precise to a patch's characteristics.

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ