We then installed all the patches that our Windows Patch Analysis says were required, and now WSUS says one patch is still not installed (KB973825) and our analysis says it isn't required.
I verified this patch exists in my catalog. How do I investigate this patch from the Shavlik side? I need to figure out why WSUS considers this a Critical patch, and Shavlik doesn't recognize that it's missing.
There can be difference between WSUS and BBSA patching. See the thread https://communities.bmc.com/communities/message/214931#214931 for this. Also see the KBs for more information on this: https://kb.bmc.com/infocenter/index?page=content&id=KA325243&actp=search&viewlocale=en_US&searchid=1333000502183 and https://kb.bmc.com/infocenter/index?page=content&id=KA305738&actp=search&viewlocale=en_US&searchid=1333000502183
Regarding this particular patch, send across the c:\trace.txt file.
I have uploaded trace.txt and trace.txt.old. The reference to KB973825 is in trace.txt.old but I cannot understand the syntax. Can someone translate what the log is saying? I need to show the customer why WSUS says it's needed and Shavlik says it isn't.
Thank you for the KB links prabhathandoo. That is excellent information to provide to the customer.
in the trace.txt old I see the refernce for this patch:
2012-03-28 18:50:05.850 T 0eac:0ebc MultiMachineScanner.cpp:543 Scanning for [Q973825]
This means it atleast does indicate that it is attempting to scan it. but then it (shavlik engine) may have wrongly detected it as installed or....may have declared it as "effectively installed".
What does this patch show up in the BSA Patch analysis? You will need to find out the status for this qnumber as reported by the shavlik engine. fire the blpatchcheck2 manually on the target for this. then if it is installed/effectivelty installed, only shavlik can justify why they think so.
This will help you understand whats in a trace.txt and how to read it.
I found the issue for this particular KB973825 patch. WSUS considers it a "Security Patch" and Shavlik categorizes it as a "Non-Security Patch." We were not checking for Non-Security Patches in the analysis job so it was not looking for it. When we checked that option and re-ran the job it found it.
Thank you very much for your assistance and the links to the KB articles.
See the https://kb.bmc.com/infocenter/index?page=content&id=KA292433&actp=search&viewlocale=en_US&searchid=1333011832329 to see how to run the PAJ Manually.
Its something like
Blpatchcheck2 0 hfnetcheck6b.xml output.xml
Output.xml will have the output.
Hfnet … should be downloaded from Shavlik site…
Good luck mate. If your concern is to explain to the customer, see the earlier kbs that i sent on WSUS v/s BBSA and also refer to trace.txt to validate. That kb should help too.
Feel free to refer to the right windows patching troublehooting guide.
I'm working on deploy guides now, let me hear your feedback on these.
KA363243 - BBSA Windows Patch Troubleshooting: Analysis Job reports an unexpected patch as Missing
KA366513 - BBSA Windows Patch Troubleshooting: Analysis Job does not report Missing expected patch
KA325243 - BBSA Windows Patch Troubleshooting: Analysis Job Results conflict with 3rd-party Vendors
KA366615 - BBSA Windows Patch Troubleshooting: Windows Hotfix Patch is not found in the Catalog