If we know the specific patch details that needs to be deal with then during patch deployment we can choose that. However, if any dependency are there then deployment will fail and log will indicate the dependency details.
Lets say you wish to deploy patch X and it has dependency on patch Y but you have not included Patch Y in your list then patch deployment of X will fail with some error like required patch missing or not included.
you can run a patching job and include only the patches you need to deploy. that should include any required dependencies. then build packages and jobs from the result of the patching job.
Thanks Bill & Manoj,
But is it Automatic or manual in remediation job. I think we need to modify remediation package to handle like this scenarios manually?
Customer wanted to know if vendor says only latest patch required then BSA should identity and create remediation job only for last patch automatically.
1 of 1 people found this helpful
Which OS you looking to patch ? Bladelogic captures patch release/build dates in some of the OS Platforms using which one can create Patch smart group. The Same group can be used for Patch Analysis but whenever we go for remediation or Auto-remediation it will try for all patches within that group which are missing on servers. There is no out of the box way to control latest patch from missing list of patches.
"if vendor says only latest patch required then BSA should identity and create remediation job only for last patch automatically."
"For any vendor if latest last 5 patches missing from server. And vendor says no need to apply all 5 patches only apply last one"
I'm not sure how you expect to automate something that is coming from your customer that is entirely arbitrary. BSA will, buy default analyze for the latest patches available from the OS vendor. I'm not sure what "last 5 patches" means here - most OS have patches for specific problems across a variety of OS components, so getting the last 5 would leave your system unpatched for many things that might have patches available but are not the 'last 5'.
As Swapnil mentions you can create a patch smart group that contains the patches you want and use that in the patching job filters, or you could directly include the patches in the patching job filters.
most customers will either looks for all patches of a certain level (eg 'Critical') or they may filter for specific patches.
Hi Bill, Swapnil,
Sorry for confusion.
I wanted to say when “Vendor says” means somewhere vendor metadata will specify dependency or patch upgrade path (I was not sure how metadata looks and how does BSA interpret it.)
Last 5 was just example I used, I wanted to say from last one month server is not patched and Administrator found total 5 (4 individual + 1 major service pack) patches released to address different problem, but latest patch is major patch which addresses all 5 patches issue.
Customer wanted to know behavior of BSA in this scenario does BSA analysis job shows missing 5 patches and create remediation job for all 5 or it will create remediation job only for last one.
I think make sense to filter patches and then Analyse.
There’s an option in the patching job to include or exclude service packs. I would suggest you first check only for service packs and apply them, and then do the analysis. I don’t believe bsa will see the individual patches in a service pack (there’s no meta about that) so it would package both the individual patches and the SP in your example.
Yeah, that’s the logical workaround so will never face this issue. First will Analyze for service pack and then probably individuals minor patches.
Thanks Bill & Swapnil for your help.