- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-27-2022 01:51 AM
We have requirement to Discovery the Patches(cmdb_ci_patches) table. However, I would like to know
if the discovery will be able to give us the information like.. what is the patch installed, Patch version, last installed patch.
There are some postings in community regarding this but it's almost 3 years back.. I am expecting Servicenow might have upgraded it in new versions.
If not, what is the best way to scan the patches and update to CMDB.
Solved! Go to Solution.
- Labels:
-
Discovery
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎12-14-2022 03:32 AM
Hello Suman21,
Came across this thread and what you can do is create an extension for Windows* pattern to catch this using "win32_quickfixengineering" - for reference: https://powershell.one/wmi/root/cimv2/win32_quickfixengineering
Example from a demo environment we have:
We have created an extension for "Windows OS - Servers" pattern:
Step "Get HotFixID":
Step "Set HotFixID":
Also referring to the earlier link, there is a lot of other values from "win32_quickfixengineering" which probably cover your use case(s)/need(s):
Kind regards,
Robin

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-27-2022 02:36 AM
Hey,
ServiceNow does not discover installed patches per ootb. There is however a KB article regarding this topic:
If you would like to discover these patches, follow the "Additional Information" in above mentioned KB article.
Regards
Fabian
ps.: I would personally not recommend looking for all patches, but rather the ones useful to you/your customer. Otherwise you will get a lot of useless data out of the registry. (e.g. only look for the most recent patch levels)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-27-2022 06:08 AM
Thanks for the reply.
If the patches is OOB does not discover.. then what is the cmdb_ci_patches table is for?
what does that table captures?
Also the KB0668792 does not show up anymore.. Hope SNOW has removed it.
We wanted only to capture latest patch updates done on the server.
What was the last patch installed and when.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-27-2022 11:29 PM
I may have misphrased my comment a bit. ONLY security patches and hotfixes are not discovered. Everything else is.
Check under "Discovery Definition" -> "Configuration Console". You should find some configuration options regarding windows software. Per ootb. patches and hotfixes are blacklisted based on their prefix. If you remove that prefix, you should be able to collect patches.
Regards
Fabian
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-01-2024 06:25 AM
Thanks @Fabian Kunzke , its seems to be easiest way to get the patch details.
I poke around different ways as well such as by extending the Windows OS pattern using WMI query and also seen the KB0695180. but these ways need bit time to execute.
I have removed the filter keys on Configuration console and its done my work.
One question: Will it be any impact on Discovery timeline ?