/build/static/layout/Breadcrumb_cap_w.png

OVAL Scan - systematic patching?

 Is there a way to use the results of an OVAL scan to apply a patch?  I dont see how I can make a label which includes devices with vulnerabilities?

Asked 2 years ago 0 views
0 Comments   [ + ] Show comments

Answers (1)

Posted by: IgorAngelini 2 years ago
Second Degree Blue Belt
0
Try this query, just add/remove OR/AND on the subquery to filter machines that have the vuns you want:


SELECT MACHINE.ID AS TOPIC_ID,
       MACHINE.NAME AS SYSTEM_NAME
       
FROM MACHINE

LEFT JOIN OVAL_STATUS
     ON   OVAL_STATUS.MACHINE_ID = MACHINE.ID


WHERE MACHINE.ID IN ( SELECT MACHINE.ID

                      FROM MACHINE
                     
                      LEFT JOIN OVAL_STATUS OS
                      ON OS.MACHINE_ID = MACHINE.ID
                     

                      WHERE OS.ID = "962747" -- filter here
                      OR    OS.ID = "962749"
                     
                      GROUP BY MACHINE.ID
                    )

GROUP BY MACHINE.ID
Comments:
  • Please excuse my ignorance, what is a "vun"? Is this a report? Sorry not following. What is os.id?

    I guess what I was asking was if I find a machine with an adobe reader vulnerability can I proactively automate patching it? I mean systematically.. We push software updates via Workspace One but if there is a straggler Id like to target it with kace if possible. Workspace One is not the most accurate at determining installed status. - barchetta 2 years ago
    • "Vulnerabilities"

      Just go on OVAL Scan > Show Summary Results and find the vulnerabilities that you want. Look for the Definition ID and plug it in the subquery.

      OS is just a Alias I gave to the OVAL_STATUS table -> LEFT JOIN OVAL_STATUS OS

      This can be used as a report on its own, but you could create a SQL Smart Label and label devices with it (That's why I aliased the MACHINE.ID as TOPIC_ID and MACHINE.NAME as SYSTEM_NAME)

      Then you can use that label to send patches - IgorAngelini 2 years ago
      • thanks.. I think Im remembering now, you can create a label based off a sql script. I know service desk in and out but just learning patching. We are doing on prem servers now with kace sma.. and as much as I am dissapointed with service desk (understatement) patching is working VERY well. Thanks for this. - barchetta 2 years ago

Posted by:

barchetta 4th Degree Black Belt
Ninja since: 3 years ago

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

View more:

KACE Product Support Questions
question

Related Questions

Link

Related Links

Post

Related Posts

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ