In KBox Detect and Deploy Patches, the deployment detail does not updates in 6 to 7 hours. Is there any way this information could be fetched earlier?
In KBox Detect and Deploy Patches, the deployment detail of computers does not updates in 6 to 7 hours. Is there any way this information could be fetched earlier so that if there is any problem identified then it could be fixed the same working day?
Answers (2)
When it comes to detecting patches, it is the Detect schedule itself that updates info in a machine's Security > Patching Detect/Deploy Status section. Force Inventory Update does not update this section. (It does update the Software > Installed Patches via Inventory section, but that is unused by the K1000 patching feature.)
Are you saying the results of a patch detect schedule are taking 6-7 hours to appear? At the bottom of the Patch Schedule: Edit Detail page, each machine's Phase will be "completed" after the detect operation is complete. Are you seeing "complete" for all machines targeted by the schedule?
Or are you saying that machine inventory doesn't update for 6-7 hours after starting a patch detect? If a detect runs for hours, it will delay other operations until it completes, such as inventory every Run Interval. Make sure you limit the patches being detecting as this will result in shorter detect times. Simply selecting Detect All Patches will look for thousands of patches that are not applicable for any given operating system and would cause the detect to run longer than necessary.
How often are your machines set to update their inventory? You may have them set to update on an infrequent basis which is causing the behaviour you're seeing.
Comments:
-
You could test this on a machine that was patched like this:
1) Click the Force Inventory Update button on one of the machines in question
2) Scroll down to Security > Patching Detect/Deploy Status
3) See if any patch schedules and times are listed for the machine
4) Click on the All link under Deployment Status to check the status of the patches (deployed or not)
If things look good after forcing inventory, you may just need to adjust your check-in time to a smaller window (I do 3 hours here, but am running < 350 machines).
Another idea if detects are taking a long time to run would be to create more granular detect groups. Some ideas on that here in another post I did a while ago:
http://www.itninja.com/question/ldap-patching-sql-reports-using-all-three-for-efficient-managed-patching-and-other-cool-tric
I've changed a few things since writing this, but the core part on using focused and restricted patch & machine groups is the same.
John - jverbosk 12 years ago