/build/static/layout/Breadcrumb_cap_w.png

Ways to Manually Patch/See why patches fail in K1000

I'm trying to help bring Critical Patch Compliance as high as possible in our systems. I'm still very new to the patching systems in place in Kace, but I was wondering if there was any way to see why a patch has failed to deploy on certain systems. The pre-existing reports are a bit of a deluge of information and are difficult for me to parse. I also would like to know if there's a way to deploy a patch on the spot rather than waiting for a scheduled time. 

Any other advice on keeping critical patch compliance high would be appreciated.

Thank you!

1 Comment   [ + ] Show comment
  • how to enable agent debug log on - rahimpal 7 years ago

Answers (1)

Posted by: rrjustin 8 years ago
Senior Yellow Belt
0
Hi Evmorr12,

I believe most of your questions are covered in the K1000 management appliance documentation, however I'll take a stab at answering some of your questions.

1. Yes, you can review why patches failed, however it requires a few steps. First step being that for each machine patch detection or deployment fails on, you need to enable the agent debug log on. Once enabled, either manually run patching against that workstation or wait for the next patch cycle to complete. The agent should automatically upload debug logs to K1000. In addition to the debug logs, KACE technical support can provide additional assistance and a kapturestatelauncher utility that can collect additional details from the computer and upload the logs to the server.

2. You can manually force a patch schedule to run by navigating to the patch schedules menu, selecting the check box next to the appropriate schedule you want to run, and then selecting the "choose action" drop down > run.

3. You can customize all reports, and create new reports using the new report wizard or SQL editor.

4. In terms of patching, I patch all available patches whether they're critical or recommended unless there's known issues regarding the patch being deployed. Only deploy patches to workstations in smart label groups, do not run patching on critical appliances during business hours. For example, patching runs in my organization every Tuesday at 10pm for Desktop computers only (over 300), Laptops download patches during business hours but prompt the user when to install them, and servers patch once a month unless there is a critical security patch during non-production hours.

For a full detailed analysis of the K1000, I highly recommend reading the full documentation for the K1000 management appliance which will cover every aspect of the system, including patching and reporting as well as reviewing the Dell KACE tutorial videos hosted on the KACE web site which are free and offer additional insight into advanced topics around the K1000.

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ