Patching results - Viewing and using

A Patching operation performs patch analysis on servers based on a patch catalog that is set up in BMC Server Automation. The Patching operation lists the patches that are missing and targets that are not patched correctly. When the operation identifies target servers with incorrect patch configurations, you can remediate those servers by automatically creating a job that deploys the missing patches.

Results of a Patching operation provide:

• A pie chart showing the percentage of targets that are missing patches, are fully patched, or failed analysis.
• Statistics about the operation's start and end time, duration, status, and number of targets fully patched. 

• A series of tabs providing information and functionality relating to:
  

  • • Missing patches
    • Unpatched targets
    • Failed targets
    • Log messages
    • Remediation operations

Patching operations run on the following platforms. When viewing patch results, the actions you can take are essentially the same across all platforms. Any differences are described below.

• IBM AIX
• Microsoft Windows
• Oracle Solaris
• Red Hat
• SUSE

Missing patches

The Missing Patches tab lists all patches that are missing on one or more target servers. Select one or more of those patches, and the Targets list at right shows the targets where that patch is missing. Using this tab, you can run a remediation operation to deploy all missing patches to all target servers. On Microsoft Windows targets, you can run a remediation operation that deploys a missing patch to all servers where the patch is missing or to a single server.

For Windows patching, the Missing Patches tab categorizes patches. For other operating systems, the tab lists patches by  name.

To search for patches or targets

In the Search Patches box, enter a text string of any length. The Patches list shows all missing patches with names that include that text string. If you leave the box blank, the page shows all missing patches. Search for unpatched targets in a similar way, using the Search Targets box.

To remediate missing patches

To begin remediation, choose one of the following actions:

• To remediate all missing patches for all targets, select the Actions icon  at the top of the Missing Patches list and then select Remediate All Patches For All Targets.
  The New Remediation dialog box opens.
• (Windows) To remediate all targets for one missing patch, select a patch in the Missing Patches list. Then, select the Actions icon  at the top of the Targets list at right and select Remediate All Targets For This Patch.
  The New Remediation dialog box opens. Note that some rules do not support remediation.
• (Windows) To remediate one target for one missing patch, select a patch in the Missing Patches list. Then, in the Targets list, find the target to remediate, click , and select Remediate Selected Target For Patch. 
  The New Remediation dialog box opens.

Use the New Remediation dialog box, as described below.

1. For Depot Group, use the folder icon to navigate to a depot group that can store the BLPackage created for this remediation operation.
2. For Job Group, use the folder icon to navigate to a job group that can store the job created for this remediation operation.
3. To specify Deploy job settings for the remediation operation, perform the following steps:
   1. Click the Deploy Template tab, which shows a list of Deploy jobs that can be used as templates for the remediation operation.
      The list of possible Deploy templates can be defined for a portal security group or the entire site.
      
      
   2. Select a Deploy job in the list of templates.
      The Deploy job appears in the Deploy Template field. To remove a Deploy template, select the Deploy job again from the list of possible Deploy jobs. 
   3. Optionally, inspect the settings of the template by clicking Details. The portal lists settings for the selected job, such as its logging level and reboot settings. To return to the list of template jobs, click Templates.
      
       

   4. If you have selected a Deploy template that is defined as an Advanced Deploy job in BMC Server Automation, you can schedule the individual phases of the remediation operation (that is, simulate, stage, and commit). Take the following steps:

      1. Click the Phase schedules and Execution tab.
         
         
          
      2. Take any of the following actions:

      • 
        
        • If you do not want to schedule the phases of the remediation action, select Do not execute. 
        • If you want to schedule all phases to run sequentially, select Execute phases sequentially... and then specify a time when execution begins.
        • If you want to schedule each phase individually, select Execute phases as specified below and then provide an execution time for each phase. You can also specify that a particular phase is not scheduled.
4. Click Create to save the remediation operation so it can be run later (using the Remediation Options tab), or click Execute to save the remediation operation and run it immediately.
   You can also click the Rule Summary and Target Summary tabs to see what rules are included in the remediation operation and the targets where the operation runs.

To obtain information about a patch

Select a patch in the Missing Patches list and click the information icon  at the top of the list at right. The portal displays a description of the patch.

_{Back to top}

Unpatched targets

The Unpatched Targets tab lists all target servers that are missing patches. Select one of those targets and the list at right shows the patches it lacks. From this tab, you can run a remediation operation to deploy all missing patches to all target servers or to a single server. On Microsoft Windows, you can run a remediation operation that deploys a single patch to a single server.

To search for targets or patches

In the Search Targets box, enter a text string of any length. The Targets list shows all unpatched targets with names that include the text string. If you leave the box blank, the page shows all unpatched targets. Search for missing patches in a similar way, using the Search Patches box.

To remediate targets

To begin remediation, choose one of the following actions:

• To remediate all missing patches for all targets, select the Actions icon  at the top of the Unpatched Targets list and then select Remediate All Patches For All Targets. 
  The New Remediation dialog box opens.
• To remediate all missing patches for one target, select a target in the Unpatched Targets list. Then select the Actions icon  at the top of the Patches list at right and select Remediate All Patches For This Target. 
  The New Remediation dialog box opens. 
• (Windows) To remediate one missing patch for one target, select a target in the Unpatched Targets list. Then, in the Patches list, find the patch to remediate, click , and select Remediate Selected Patch For Target. 
  The New Remediation dialog box opens.

Use the New Remediation dialog box, as described below.

_{Back to top}

Failed targets

The Failed Targets tab shows all targets where the patching operation could not run. Select one of the targets in the list and the message list at right shows all messages that were generated when attempting to run the patching operation on that target.

To search for targets or messages

In the Search Targets box, enter a text string of any length. The Targets list shows all failed targets with names that include that text string. If you leave the box blank, the page shows all failed targets. Search for messages that apply to a selected target in a similar way, using the Search Messages box.

To filter messages

At the top of the message list, select a message type, such as Error or Warning. The list shows only messages of that type.

_{Back to top}

Log messages

The Run Log tab lists all messages generated during a run of an operation.

To filter messages

At the top of the list, select a message type, such as Error or Warning. The Run Log list shows only messages of that type.

To search for messages

In the Search Messages box, enter a text string of any length. The list shows all log messages with names that include that text string. If you leave the box blank, the page shows all messages. 

To refresh the list of messages

Select the Actions icon  at the top of the Run Log list and then select Refresh.

_{Back to top}

Remediation operations

The Remediation Operations tab provides a list of remediation operations that you can execute and manage. A remediation operation is an automatically generated Deploy operation that can deploy patches to target servers requiring patches. You can create a remediation operation using the Missing Patches tab or the Unpatched Targets tab.

Executing a remediation operation

In the list of remediation operations, find the row for the operation you want to run and click Execute . 

Deleting a remediation operation

In the operations list, move your cursor over the remediation operation you want to delete and click Delete. A dialog box asks you to confirm the deletion.

Displaying detailed information about the most recent run

In the operations list, find the operation for which you want information and click View Results. A results page for the remediation operation shows the results of the Batch operation that was automatically created for remediation purposes. (The Batch operation executes one or more Deploy operations to actually deploy patches.) A drop-down list lets you choose to display one of the Deploy operations instead of the Batch operation.

For more information on viewing results for a remediation operation, see

• Batch-results-Viewing-and-using
• Deploy-results-Viewing-and-using

Displaying a history of all remediation operation runs

In the operations list, click the name of a remediation operation. The Run Results page opens and shows the history of all runs of the remediation operation. A remediation operation is a Batch operation consisting of child Deploy operations. The data reported for remediation operations is derived from Deploy job results.

In the list of operation runs, the data at bottom provides:

• Start time
• End time
• Duration
• Status—Click to see detailed results for that run of the Deploy operation.

Executing a remediation operation from operation history

To execute a remediation operation while viewing operational history, click Execute  at top right of the operation runs page.

_{Back to top}