When you created the catalog, it contained no patches and was just a shell. Hotfixes, Bulletins, and Irelevant patches are just smart groups that filter the individual hotfixes/bulletins that are in the Patch Catalog in the same way that server smart groups filter servers by various criteria. You can expand these smart groups to see how many hotfixes/bulletins are in them. You need to run a Catalog Update job to populate the catalog with items that match the filters you have provided. Typically you will need to run this catalog update job once a month after all of the new Microsoft patches have been published (typically takes a day or two after patch Tuesday).
'Analyze Using This Catalog' will just go through the process of creating the job you already created. The only benefit of doing it this way is that it fills in the first step (the catalog to be used) automatically.
'Update Catalog' updates the metadata for hotfixes/bulletins. The 'Download' option actually downloads the executables. This is generally unnecessary as Patch Remediation jobs do this automatically for any hotfix that has not already been downloaded and is needed for packaging up the hotfixes for remediation. If you were doing analysis and remediation on the fly it might save you some time, but we typically set up our patching jobs hours in advance of actually running them as our patching windows are limited and we can save some time by doing all of the analysis prior to the window.
Thank you very much. I've been creating patch catalogs, read a couple of documents floating around and am confused about a couple of things and hopefully someone can answer my questions below (hopefully, the last of them).
After I create a catalog, right-click on new catalog, and select update catalog, do I even need to EVER use the download option and if so, why?
Under jobs, when you select new, then patch jobs, then click on windows patching job, is that the same thing as a patch analysis?
Finally, how many directories are really needed on your file server when creating a new patch catalog? The reason I ask, is that when asked where your helper files are you need to specify a path. Then you're asked for a repository and whatever you type there, gets automatically filled in for your payload.
You can download the catalogs during the CUJ if you don't want to do it at runtime of the remediation job creation, or if you don't want to grant the users write access on the catalog.
jobs -> windows patching jobs is the same thing as patch analysis.
on the file server only 1 directory for the catalog is created under storage/patch/catalog for each catalog. on the server holding the patch payloads there will be 1 directory for each catalog. for the windows 'helper' location you only need to specify a temp dir so the cuj can decode the shavlik xmls.
what do i have to do, in order to have to new patches downloaded as part of the CUJ automatically ?
Check the ‘download from vendor’ option in the catalog configuration – it’s right above the box where the filters are defined.
we are using offlines catalogs in our environment, and never spent much attention to that tickbox, as we thought it is not relevant for offline catalogs.
However, this explains, why the catalogs behave different in two environments.
in one Env we have that option ticked, but not on the other.
Unfortunately it seems to be set forever once the catalog is created and cannont be changed afterwards.
Anyway thanks for clarification.