I have a question and this might not be in the correct category of the forums.
We have many RHEL servers that state in BigFix that no patches are needed and also why executing YUM. When you go into our RHEL site there are 50 plus patches that it states are available from Critical to informational. Is there a reason why BigFix does not show these patches in the fixlets?
It is frustrating to know that I now have two places that I am going to have to monitor for patches. RHEL can apply the patches from their site but it would be nice to see them all in one place.
Can you please confirm that your RHEL endpoints are subscribed to the correct RHEL patch external sites?
If there’s no subscribed computers, then this is expected behavior.
An additional item, have you configured the RHSM Download Plugin to work with the RHEL patch external sites? If not, you’ll have to complete those steps before you can patch your RHEL endpoints via BigFix.
Yes I am subscribed to the Patches for RHEL. I get a lot of patches per month but the particular patches on the red hat site are not available in BigFix or when you run YUM.
This is one of the systems in question.BigFix states no patches are needed. Yum states no patches are needed but in total there 82 that Redhat states are needed:
These are not the total amount needed but a subset of the ones the the RedHad subscription site states are needed:
I would presume that BigFix should be pulling all of the patches “Optional or not”. I will probably have to open a ticket with BigFix on this to see why and how we could get these included if possible. Patching two different ways does not make sense.
Most (maybe all) of those should have fixlets.
I see from your console view that only 1 computer is subscribed to your RHEL patch site and only 8 fixlets are displayed…have you tried clicking “Show Non-Relevant Content” at the top of the console? That will display all fixlets, even if they have no applicable computers; and ensure this specific machine is subscribed to your patching sites.
From what URL are you listing these patches? I wonder whether it is actually checking whether your machine already has them installed?
1 Like
