Best Practices Question

Which systems have a specific patch installed

04/05/2018 1666 views
I'm looking for a report that shows a specific patch or set of patches (Microsoft Rollup patches specifically) installed.  I don't know why it's been so difficult to find this. I've looked at it manually by looking at the patch itself and then looking at the systems listed under it.  The problem is the systems listed are NOT all of the systems with the  patch installed. KACE shows 26 systems with the patch installed but there are actually hundreds with it installed.  Evidently detection is not working or something to that effect.  At this point I'm trying to actually interrogate each system for what is installed.  If I have to do a SQL report for each patch it would be fine. I just want to search each machine and see which machines have a specific MS  KBxxxxxxx patch installed.

Appreciate any help you can provide

0 Comments   [ + ] Show comments


All Answers

You should be able to find those machines using an advanced search in the inventory. The trick is to use Software Titles contains KB# instead of looking at the patching tables. The results under the patching catalog seem to be based on a combination of what is included in the list of patches to be deployed, and which KACE has deployed. This means that if you have identified a patch that you don't want to be deployed and removed it from your patching schedules, the catalog will no longer accurately report where it is installed. It will still show up in the list of installed "software", however.
Answered 04/06/2018 by: chucksteel
Red Belt

Thanks this did help out.  I think the real issue in the end is that our patching schedules are not working because there are too many machines trying to be patched in one schedule.  Looking at breaking these up into manageable groups.  KACE support won't help unless you move to "professional services" so we may go that route since the patching doesn't seem to be working.
Answered 04/18/2018 by: kenrinc
Senior Yellow Belt

  • How many machines are being patched and what are your settings for the schedule? Our largest patching schedule include about 1,300 machines without issue.
    • Were patching about 800 machines at once. Quest tech support verified that you should be doing blocks of 200 machines.
      • Interesting. What is your schedule setup like? You can see an overview of how our patching works here:

        On the backend we have separate detect schedules for each group, these run the morning before systems patch in the evening.
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ