Creating or modifying a Patch Analysis operation

A Patch Analysis operation allows you to check the patching configuration of servers and deploy required patched to correct deficiencies. 

For target servers running all supported operating systems, you can create a Patch Analysis operation based on an existing Patching job created in BMC Server Automation. For target servers running Microsoft Windows or Red Hat Linux, you can define a Patch Analysis operation based on a customized list of patches that you define. 

After you run a Patch Analysis operation, you can view results to identify servers where patches are missing. Using those results, you can run remediation operations to deploy any missing patches. Then, you can run your original Patch Analysis operation again to determine if all target servers are now correctly patched.

This topic describes the full capabilities available when you create a Patch Analysis operation. It includes the sections listed below:

• • To create or modify a Patch Analysis operation
  • Content
  • Patches
  • To select patches for analysis
  • Targets
  • Notifications
  • Schedule and Run

To create or modify a Patch Analysis operation

1. To create or modify a Patch Analysis operation, do one of the following actions from the operations list page:
   • Click the Create Operation drop-down list and select a type of operation.
   • Position your cursor over an existing operation and click Edit.
     
     The Create Operation page opens. It presents the steps you must follow to create or modify an operation. Headings in a ribbon of chevrons at the top of the page identify each step. After you provide all required information, proceed to the next page by clicking Next (at bottom left) or clicking the next chevron.
     
     At any time you can click Back (at bottom left, not the browser's Back button) to display the previous page in the process.
     
     The blue boxes at right summarize the information provided for each step in the process.
     
     

2. Complete the options on the Definition page.
   

    

   Note

   If you are creating a Patch Analysis operation for Red Hat targets, by default the operation only examines existing patches on targets and compares them to the patches you want to analyze. If an outdated version of the patch exists, the operation flags it.

   You can adjust this behavior so the operation looks for both missing and outdated patches. To do so, use BMC Server Automation to modify the definition of the Patching Job created by this operation. On the Analysis Options page, select Install Mode rather than Update Mode.

   This limitation does not apply to patch analysis for Microsoft Windows servers.

3. Depending on whether you chose to create a Patch Analysis operation from an existing Patching job or a patch catalog, complete the wizard pages listed below:

   If you are using an existing Patching job, select:	If you are using a patch catalog, select:
   a.Content	Not applicable
   b. Patches(view only)	a.Patches
   c. Targets(view only)	b. Targets
   d. Notifications (view only)	c. Notifications (optional)
   e. Schedule and Run (view only)	d. Schedule and Run (optional)

4. When you have finished defining the operation, take any of the following actions:
   • Click Execute Now to save the operation and run it immediately.
   • Click Finish to save a new operation or Update to save a modified operation.

 The following sections describe in detail each step in the Operation wizard.

Content

The Content page specifies the Patching job that becomes the basis of the Patch Analysis operation.

The Content page is only available when you use the Definition page to specify that the Patch Analysis operation is based on an existing job. 

Find content (in this case a Patching job) by using any of the procedures described below:

Patches

From the Patches page, you select the patches you want to analyze.

The Patches page is only editable when you use the Definition page to specify that the operation is based on a patch catalog.

To identify the patches used in a Patch Analysis operation, you specify patches to include and patches to exclude. You can specify individual patches, patch groups, and patch smart groups that are based on patch characteristics. The Patch Analysis operation compiles an "include" list and an"exclude" list and removes any patch from the include list if it also appears in the exclude list. Some organizations call the include list a "white list" and the exclude list a "black list."

This approach lets you use smart groups, which can be powerful tools for collecting patches. (Patch smart groups are defined in BMC Server Automation.) However, because smart group content is generated dynamically, multiple groups can potentially include the same patch. If the same patch appears in both an include and an exclude list, the patch is not included in the Patch Analysis operation. Remember, the include list minus the exclude list determines the list of patches to analyze.

To select patches for analysis

1. In the drop-down list at top left, select the patch catalog that contains the patches you want to analyze.
   Patch catalogs must be created in BMC Server Automation. 
2. When you make a patch catalog selection, you are prompted to select a job group. Navigate to the job group in BMC Server Automation where you want to store this operation. Select it and click OK.
   The window displays the patches, organized by patch group, that are included in the patch catalog. 

3. Select the patches and patch groups you want to include or exclude. If necessary expand a patch group to see the patches it contains. For each item you want to include or exclude, click the slider to the right to include it and click the slider to the left to exclude it.
   The Selected Patches list shows the patches you have chosen.
   If necessary, click in the Search box and enter a text string to show only patches with names that contain that text string.

   Failed to execute the [confluence_note] macro.

4. Optionally, you can modify the list of selected patches by clicking the icon to the right of an item, which removes the item from the list.
   

   

   You can also click the slider in the center to remove an include or exclude selection and return it to a neutral status. 

Targets

The Targets page specifies the targets that an operation acts on when it executes. For targets, you can choose servers, server groups, components, or component groups.

The Targets page is only editable when you use the Definition page to specify that the operation is based on a patch catalog.

Notifications

The Notifications page defines notifications that are generated based on conditions you specify. For example, you can instruct the portal to send an email when an operation fails or aborts.

The Notifications page is only editable when you use the Definition page to specify that the operation is based on a patch catalog.

Schedule and Run

The Schedule & Run page is where you schedule the execution of an operation. From this page, you can also run an operation immediately.

The Schedule & Run page is only editable when you use the Definition page to specify that the operation is based on a patch catalog.