Documentation update

   

To provide a better user experience, we have now created a separate documentation space for BMC Helix Automation Console (previously called BMC Helix Vulnerability Management).
Users of BMC Helix Automation Console can find the latest documentation at BMC Helix Automation Console. .

Using the Patch Dashboard

This topic explains the data shown on each widget and provides instructions to drill down to a widget to view additional metrics. 

To view information about vulnerabilities, see Using the Vulnerability Dashboard.

Viewing the Patch Dashboard

Widgets on the dashboard display metrics about the assets and the patches (missing or installed). You can drill down to a widget to view additional data related to the metrics. The dashboard data refreshes after each policy scan. 

To view metrics based on any of the following options, select a filter, and click Apply

  • Operating System
  • Severity
  • Patch Policy: The metrics from the latest policy scan are displayed.
  • Risk Score: A range of numeric values similar to severity. 
  • Risk Owner: Security group that owns the set of missing patches.
    Patch Policy, Risk Score, and Risk Owner filters are not applicable to the Patch Trend widget. 

Tip

Click Export at the top right corner to download the current dashboard metrics as a PDF file.

Patch Compliance

This widget shows the percentage of installed and missing patches on all assets in your environment.

How is patch compliance percentage calculated?

The patch compliance percentage is calculated based on the total number of patches in a catalog and the total number of patches already installed. 

To drill down for more information, click the bar graph on any of the Windows or Linux graphs.

In the following image, the number of installed and missing patches and the total number of assets scanned by the policy are displayed for each policy.

Remediating missing patches

To create a remediation operation for the missing patches, do the following: 

  1. On the Patch Dashboard, select a patch policy and click Apply
    The Remediate option is enabled.


    OR
    On the Patch Compliance widget, click either Windows or Linux bar graph and select a patch policy from the list.

  2. On the Remediation Action panel, click Remediate.
    The Create Operation page appears. 

  3. Continue to create an operation for installing missing patches identified by the policy. 
    For details, see Working with operations.

Assets Distribution by Risk Score

This widget shows the total number of assets and their classification as per the patch risk scores (severity levels). Assets with missing patches of different risk scores (severity levels) are counted as belonging to the highest level. 

For example, out of 100 assets, if 10 assets have patches with a Critical, High, and Medium risk score, those 10 assets appear in the Critical bracket. If 20 assets have missing patches with a High and Low risk score (severity), those assets appear in the High bracket. 

To view more information, do the following:

  1. Click the bar graph to see additional information such as the assets and the missing patches according to severity. 
  2. Click any severity level icon to see assets as per the severity level. 

Assets Distribution by SLA

This widget shows the number of assets with missing patches based on their service level agreements (SLA). Using this data, you can plan remediation steps based on your organizational standards. 

If assets are approaching an SLA level, they appear in Approaching SLA. Assets with a severity level other than Critical appear in Exceeding SLA (Other). Assets that have reached a critical severity appear in the Exceeding SLA (Critical) graph.  

To view the total number of missing patches on each asset according to the SLA level, do the following:

  1. Click the bar graph on the widget. 
  2. Click any SLA level to see the assets based on the SLAs. In the following figure, all assets are in the Within SLA bracket. 

Missing Patches by Stage

After you run a patch policy, you create an operation to remediate the missing patches. This widget shows the number of missing patches for which an operation is created (Awaiting Execution) against the number of missing patches where the operation is yet to be created (Awaiting Attention). It also shows the number of missing patches for which remediation operations are created, change request approval is pending (Awaiting Approval). 

To view more information, click the bar graph. Patch name, CVE IDs, severity, and the number of impacted assets are displayed.

Patch trend

This widget shows a cumulative patch remediation trend for the last thirteen weeks, which includes the number of missing and installed patches on the assets. 

This graph also shows: 

  • Average Days Awaiting Attention: Average number of days since patches are identified as missing and not yet remediated. 
  • Average Days Awaiting Approval: Average number of days in which a remediation operation is in the Awaiting Approval stage. 
  • Average Days Awaiting Execution: Average number of days in which a remediation operation is scheduled for the missing patches but not executed yet. 
  • Average Days to Close: Average number of days it takes from identifying a patch as missing to successfully remediating it. 

To view more information, do the following:

  1. Click the bar graph.
  2. Click Missing Patches or Remediated Patches to view the patches in each category. 

Patch Trend data is refreshed every day at 12AM UTC. 

Patch Policy, Risk Score, and Risk Owner filters are not applicable to the Patch Trend widget. If you apply any of these filters, the widget data is not filtered and the widget displays the filters that are not applied. 

Top 10 Missing Patches

This widget shows the top ten missing patches and the total number of impacted assets. This metric also shows the SLA level for the patches.

Click the Impacted Assets link to see the asset names for each missing patch.

Top 10 Business Services at Risk

This widget shows the top ten business services or applications with a maximum number of missing patches on the impacted asset. This data is generated after patch policies run on those assets. 

BMC Discovery sends data about business services at risk to Automation Console. 

Why do I not see the Top 10 Business Services at Risk?

To view this data, you must ensure that the BMC Discovery connector is configured. For more information, see Configuring the BMC Discovery connector.

Top 10 Risk Owners

This widget shows the top ten owners (security groups) with a maximum number of missing patches and the number of impacted assets. This data is refreshed after each patch policy run and after missing patches are remediated.

To view more information, do the following:

  • Click the link under Number of Missing Patches to view a list of patches and their severity.
  • Click the link under Impacted Assets to view the list of impacted assets. 
Was this page helpful? Yes No Submitting... Thank you

Comments