/build/static/layout/Breadcrumb_cap_w.png
07/31/2019 180 views

I have two questions as it pertains to patching.  First, a bit of background:


We have created a custom report to attempt to identify any devices that have patches which have been attempted 5 times and have failed.  This means that KBOX will not patch them again unless we have some sort of manual intervention. The patch SQL code is:


 SELECT M.NAME AS ComputerName,

 PP.TITLE AS DISPLAY_NAME,

 STATUS,

 STATUS_DT AS Date,

 DEPLOY_STATUS,

 DEPLOY_ERROR_CODE,

 IP, MAC,

 M.USER_LOGGED as USER_LOGGED

FROM PATCHLINK_MACHINE_STATUS MS

JOIN KBSYS.PATCHLINK_PATCH PP ON PP.UID = MS.PATCHUID

JOIN MACHINE M ON M.ID = MS.MACHINE_ID

WHERE (MS.DEPLOY_ATTEMPT_COUNT = 5 and MS.Status NOT LIKE  'PATCH%') 

ORDER BY M.NAME


My two questions are:


1) Are we looking at the correct data?  Is this the best way to identify these devices that require manual intervention, and which patches are missing?

2) There are some results that show a Status of NOTPATCHED but a Deploy Status of SUCCESS and a DEPLOY error code of 0, but because it has a Deploy Try of 5, it shows up on our list.  It also shows up in the Error Deployment status of the device.  I'm trying to understand how to modify our logic and know if we need to take action on this or not and why it shows as both successful and unsuccessful).

Thanks!

0 Comments   [ + ] Show comments

Comments


There are no answers at this time