To discover Patch on the Windows servers

Suman21
Tera Expert

We have requirement to Discovery the Patches(cmdb_ci_patches) table. However, I would like to know

if the discovery will be able to give us the information like.. what is the patch installed, Patch version, last installed patch.

There are some postings in community regarding this but it's almost 3 years back.. I am expecting Servicenow might have upgraded it in new versions.

If not, what is the best way to scan the patches and update to CMDB.

1 ACCEPTED SOLUTION

Robin J_
Tera Guru

Hello Suman21,
Came across this thread and what you can do is create an extension for Windows* pattern to catch this using "win32_quickfixengineering" - for reference: https://powershell.one/wmi/root/cimv2/win32_quickfixengineering

Example from a demo environment we have:

RobinJ__1-1671017352350.png

 

We have created an extension for "Windows OS - Servers" pattern:

RobinJ__2-1671017441934.png

 
Step "Get HotFixID":

RobinJ__3-1671017468048.png


Step "Set HotFixID":

RobinJ__4-1671017497730.png


Also referring to the earlier link, there is a lot of other values from "win32_quickfixengineering" which probably cover your use case(s)/need(s):

RobinJ__5-1671017550536.png



Kind regards,
Robin

View solution in original post

15 REPLIES 15

Robin J_
Tera Guru

Hello Suman21,
Came across this thread and what you can do is create an extension for Windows* pattern to catch this using "win32_quickfixengineering" - for reference: https://powershell.one/wmi/root/cimv2/win32_quickfixengineering

Example from a demo environment we have:

RobinJ__1-1671017352350.png

 

We have created an extension for "Windows OS - Servers" pattern:

RobinJ__2-1671017441934.png

 
Step "Get HotFixID":

RobinJ__3-1671017468048.png


Step "Set HotFixID":

RobinJ__4-1671017497730.png


Also referring to the earlier link, there is a lot of other values from "win32_quickfixengineering" which probably cover your use case(s)/need(s):

RobinJ__5-1671017550536.png



Kind regards,
Robin

Hi Robin,

Thank you so much for the information.. This is very much valuable information.

I have one dumb question.. The attribute "Latest HotFixID Installed " needs to be created first?

Hi again Suman21,
No worries. Yes I created a custom field for the CI class (cmdb_ci_win_server)

RobinJ__0-1671090799055.png

 

Kind regards,

Robin

Hi Robin,

As Suggested I have created the Attribute and run the discovery on the one of the server.

But I am getting error message below for payload :

 

2022-12-15 03:09:00: Identification CI Errors:
Update failed with error: Commit was not attempted due to other errors.,In payload missing minimum set of input values for criterion (matching) attributes from identify rule for table [cmdb_ci_win_server]. Add these input values in payload item '{"className":"cmdb_ci_win_server","values":{"u_latest_hotfixid_installed":"KB5017270","os":"Windows 2019 Standard","fqdn":"br506fs110.tycoelectronics.net","os_domain":"TE-NET","cpu_manufacturer":null,"ip_address":"148.174.140.27","model_id":null,"sys_class_name":"cmdb_ci_win_server","manufacturer":null,"discovery_source":"ServiceNow","name":"br506fs110","dns_domain":"tycoelectronics.net","classifier":"5456b6e25fd2230049d89cb3de7313e7","host_name":"br506fs110"},"internal_id":"5466aa95333f19d4cedae0567fc9e375","sys_object_source_info":{},"settings":{},"sys_ire_info":{},"display_values":{}}',Too many other errors,In payload missing minimum set of input values for criterion (matching) attributes from identify rule for tabl

 Any idea how to fix it.. Did you face this kind of issue?

I have added this attribute to CI Identifiers under Windows Server but still no luck.

Suman21_0-1671103052706.png

 

 

Hi again Suman21,
On what table is this? I have not created anything similar like this. Only a new empty field on the CI class and extending the Windows OS - Servers pattern. I am wondering about "Referenced field". I assume that is why. Where do "cluster_name" come from?

If you tell which table I can check in the instance 🙂 But I assume that is empty.
I did not tweak/alter any identification stuff. Also remember to do "Pattern Sync to Mid server".

Kind regards,

Robin