How to get Windows server patch information in discovery ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-15-2019 11:27 PM
Hello All,
Need a idea How to fetch server patching information.Whether servicenow OOB discovery covering this feature?
I.e. - windows server patch (patch number, date of patch implemented etc).
please share your valuable ideas, this would be a great help.
Thanks,
Senthil
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-16-2019 06:14 AM
There is a feature under the Discovery Configuration Console that handles this behavior ::
https://docs.servicenow.com/bundle/london-it-operations-management/page/product/discovery/concept/c_DiscoveryConfigurationConsole.html?cshalt=yes#t_FilterSoftwareToDiscover
However if that does not bring in the level of detail that you require, you'll need to create your own pattern/probe to go after this information.
In the past this has helped me (from our Share portal) ::
https://developer.servicenow.com/app.do#!/share/contents/5702374_windows_security_patches?v=1&t=PRODUCT_DETAILS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-22-2022 05:21 AM
Hello Ryan ,
Could you please guide me as well. I mean how using the below link it helps you to extract the detail patch number, date of patch implemented.
https://developer.servicenow.com/app.do#!/share/contents/5702374_windows_security_patches?v=1&t=PRODUCT_DETAILS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-22-2022 09:31 PM
It seems that Enhancement request is raised for same.
Details are below
When Discovery runs to discovery a computer (cmdb_ci_computer), the OS Security Patches are not included in the data collected in OOB, refer to KB0668792.
Customer should be advised that the requirement requires a customization particularly in the "Windows - Installed Software" probe and sensors.
https://<instance-name>.service-now.com/nav_to.do?uri=discovery_probes_wmi.do?sys_id=df4905820a0a0ba500b7ea51b460326c
The list of registry locations that our probe pulls from are listed in the WMI Fields related list at the bottom of the record. The probe script and associated sensor process the data from these registry locations.
If you would like to see all Windows hotfixes, patches, and security patches then you would need to add the appropriate registry locations to the WMI list and customize the script of the probe and sensor to process the additional data.
There is a current Enhancement Request for this: FTASK27183.
Regards
RP
