Relevance or Session Relevance to Find the Last OS patch like Cummulative or Security Monthly roll up successfully installed on machine

Hi Team,

Is there a way to check what was the successful OS patch installed on a machine - I am specifically targeting CU or Security Monthly roll up. Need to know for which month and on which date this patch was installed.

Example April Month “kb4549951” was installed on a server in May and after that my server is not patched till now.

There are various server’s like this - So I would like to fetch a report for these machines so that I can let client know that your server was compliant till April 2020 and after that it was never patched.

I created various relevance to check patches installed in last 2 months but it list out all patches which were installed in that span of time. So is there a way to know this. I might sound silly, but this is my ask here.

Thanks

@jas.itpro - you could do something like this:

(minimum of source release dates of items 1 of (item 1 of it , elements of item 0 of it)
whose (relevant (item 0 of it, item 1 of it)), name of item 1 of it)
of
(item 1 of it, elements of item 0 of it)
of ( set of applicable computers of elements of it, it) of
set of bes fixlets whose (id of site of it = 2 and (it contains “Monthly Rollup” OR it contains “Cumulative Update”) of name of it)

This will give you the oldest CU or Monthly Rollup relevant on the machine. The logic behind this can be problematic though, because in theory a client could have missed a patch in January but patched everything else since then.

The flip side of it would be to look when was the last CU or Monthly Rollup patch applied on the system:

((it as string) of minimum of source release dates of items 1 of (item 1 of it , elements of item 0 of it) whose (remediated flag of result (item 0 of it, item 1 of it)) | “n/a”, name of item 1 of it)
of(item 1 of it, elements of item 0 of it)
of ( set of applicable computers of elements of it, it) of
set of bes fixlets whose (id of site of it = 2 and (it contains “Monthly Rollup” OR it contains “Cumulative Update”) of name of it)

(Please note that this second query has to be evaluated in Web Reports and not the Console)

@Marjan @jas.itpro the mention relevance is not working for me.
Can you please check and Update.
if possible paste the screenshot of the result here.

Then I will try to replicate the same in my environment.

@Marjan I am not able to run it either on Fixlet debugger or via webrport in custom tab.

Were you able to run it ? If yes, kindly let us know how ?

@mukesh and @jas.itpro – My apologies, I should have been clearer. You can run these queries in Web Reports QNA. Url should be

> https://<your WR server name>:<port>/webreports?page=QNA

For more information on how to run session queries please refer to: https://developer.bigfix.com/tools/qna_wr.html#:~:text=You%20can%20run%20the%20QnA,page%3DQNA

1 Like