/build/static/layout/Breadcrumb_cap_w.png
01/08/2019 508 views

Anyone have success with a Report that shows when a patch was last installed for each device under all device labels? (Regardless if KACE patched it or not.) Would it be better to focus on a script or could this be added as a SQL line in one of the reports? I see a script that calls a Text file for a server list but I would like to avoid having to keep a text file up to date. Ideally is a report that shows each computer name with the latest date of the last patch next to it. And that's it. 

3 Comments   [ + ] Show comments

Comments

  • For a specific patch or just any patch?
  • Any patch
  • Do you run a patching schedule that detects patches on a regular basis? If you want to report on any possible installed patch, regardless of whether it is detected by the SMA, then that will be complicated. If you are running a detect cycle then it will be possible to know the last date that a patch was detected fairly easily.
    • I run detects but yes regardless if it was detected by the SMA. And yeah the only way I found was to run a PS script. I was hoping KACE had a way to detect the last patch installed regardless of running a detect job. I understand the idea behind this request, if a patch was last installed in 2017 we know its way out of date but this could produce false results. For example, if AV definition was updated recently now the machine is recently "patched". But im having to research this anyways.

All Answers

0

would creating a CIR work?

ShellCommandTextReturn(cmd /c wmic qfe get) and do a report on that?

Answered 01/09/2019 by: SMal.tmcc
Red Belt

  • I can look into this, thanks
0

This is a report based on the asset history and software table. It reports the last software detected on the machine that is marked in the software table as a patch:

SELECT MACHINE.NAME, ASSET_HISTORY.ASSET_ID, 
MAX(ASSET_HISTORY.TIME), 
ASSET_HISTORY.VALUE1
FROM  ASSET_HISTORY
JOIN ASSET ON ASSET.ID = ASSET_HISTORY.ASSET_ID
JOIN MACHINE ON ASSET.NAME = MACHINE.BIOS_SERIAL_NUMBER
JOIN SOFTWARE ON SOFTWARE.DISPLAY_NAME = ASSET_HISTORY.VALUE1
WHERE CHANGE_TYPE = "Detected"
AND FIELD_NAME = "SOFTWARE"
AND SOFTWARE.IS_PATCH = 1
GROUP BY ASSET_ID
ORDER BY MACHINE.NAME

I'm not sure how accurate it will be, but it might be a good place to start.

Answered 01/10/2019 by: chucksteel
Red Belt