Applicable Patch Listings
Log In or Register to download the BES file, and more.

3 Votes

Description

Sums the counts of applicable fixlets from multiple sites; currently "Enterprise Security" and "Updates for Windows Applications".

"Correctable" fixlets are defined as fixlets with a default action.  Generally a fixlet with no default action is not correctable directly (for instance, it's simply a warning that an outdated product is present; or the correction requires a Microsoft support contract, etc.)

The individual breakdowns by Severity include "Correctable" fixlets only.

The list of relevant fixlets may be truncated by the maximum size of a result set.

This analysis works around two issues in the BigFix-provided data at the cost of some ugly relevance code:

  1. Because there are variations in the Severity among the sites and even among fixlets within the site, uses a Regex to force severities to alphabetic characters only.  For instance, some fixlets mark Severity as "N/A", others as "n.a."
  2. Because a large number of fixlets fail to specify an "X-Fixlet-Type" value of "Fixlet", instead leaving it blank, this analysis looks for "X-Fixlet-Type" which are not a Baseline, Analysis, or Task.

This analysis should not be the only means of verifying your systems are up-to-date, but does provide a good overview.  There are some valid security patches that do not have a Default Action, and thus would not be detected by this analysis.

Keywords: relevant, fixlet, patch, critical, important, moderate, low, regex, unique, distinct, multiplicity, sum, count, headers, site, X-Fixlet-Type, X-Fixlet-Default-Action, set of


Property Details

ID2994555
StatusProduction - Fully Tested and Ready for Production
TitleApplicable Patch Listings
DomainPTCH
Keywordsrelevant, fixlet, patch, critical, important, moderate, low, regex, unique, distinct, multiplicity, sum, count, headers, site, X-Fixlet-Type, X-Fixlet-Default-Action, set of
Added by on 8/6/2013 10:09:53 AM
Last Modified by on 8/6/2013 10:09:53 AM
Counters 7393 Views / 191 Downloads
User Rating 1 star 2 star 3 star 4 star 5 star * Average over 2 ratings. ** Log In or Register to add your rating.

Properties

Number of sites examined
Period 1 day
 
  * Results in a true/false
Show indented relevance
number of sites whose (name of it is contained by set of ("Enterprise Security";"Updates for Windows Applications"))
Number of relevant fixlets
Period 6 hours
 
  * Results in a true/false
Show indented relevance
number of relevant fixlets whose (not exists (headers "X-Fixlet-Type" of it) whose (value of it is contained by set of ("Task";"Analysis";"Baseline"))) of sites whose (name of it is contained by set of ("Enterprise Security";"Updates for Windows Applications"))
Number of correctable fixlets
Period 6 hours
 
  * Results in a true/false
Show indented relevance
number of relevant fixlets whose (not exists (headers "X-Fixlet-Type" of it) whose (value of it is contained by set of ("Task";"Analysis";"Baseline")) and exists headers "X-Fixlet-Default-Action" of it) of sites whose (name of it is contained by set of ("Enterprise Security";"Updates for Windows Applications"))
All relevant fixlets by severity
Period 6 hours
 
  * Results in a true/false
Show indented relevance
concatenation "; " of (multiplicity of it as string & " " & it) of unique values of (concatenation "" of matches (regex "[a-z]") of ( if exists headers "X-Fixlet-Source-Severity" of it then values of headers "X-Fixlet-Source-Severity" of it as lowercase else "undefined")) of relevant fixlets whose (not exists (headers "X-Fixlet-Type" of it) whose (value of it is contained by set of ("Task";"Analysis";"Baseline")) ) of sites whose (name of it is contained by set of ("Enterprise Security";"Updates for Windows Applications"))
Correctable fixlets by severity
Period 6 hours
 
  * Results in a true/false
Show indented relevance
concatenation "; " of (multiplicity of it as string & " " & it) of unique values of (concatenation "" of matches (regex "[a-z]") of ( if exists headers "X-Fixlet-Source-Severity" of it then values of headers "X-Fixlet-Source-Severity" of it as lowercase else "undefined")) of relevant fixlets whose (not exists (headers "X-Fixlet-Type" of it) whose (value of it is contained by set of ("Task";"Analysis";"Baseline")) and exists headers "X-Fixlet-Default-Action" of it) of sites whose (name of it is contained by set of ("Enterprise Security";"Updates for Windows Applications"))
Critical
Period 6 hours
 
  * Results in a true/false
Show indented relevance
number of (concatenation "" of matches (regex "[a-z]") of (values of headers "X-Fixlet-Source-Severity" of it as lowercase)) whose (it = "critical") of relevant fixlets whose (not exists (headers "X-Fixlet-Type" of it) whose (value of it is contained by set of ("Task";"Analysis";"Baseline")) and exists headers "X-Fixlet-Default-Action" of it) of sites whose (name of it is contained by set of ("Enterprise Security";"Updates for Windows Applications"))
High
Period 6 hours
 
  * Results in a true/false
Show indented relevance
number of (concatenation "" of matches (regex "[a-z]") of (values of headers "X-Fixlet-Source-Severity" of it as lowercase)) whose (it = "high") of relevant fixlets whose (not exists (headers "X-Fixlet-Type" of it) whose (value of it is contained by set of ("Task";"Analysis";"Baseline")) and exists headers "X-Fixlet-Default-Action" of it) of sites whose (name of it is contained by set of ("Enterprise Security";"Updates for Windows Applications"))
Important
Period 6 hours
 
  * Results in a true/false
Show indented relevance
number of (concatenation "" of matches (regex "[a-z]") of (values of headers "X-Fixlet-Source-Severity" of it as lowercase)) whose (it = "important") of relevant fixlets whose (not exists (headers "X-Fixlet-Type" of it) whose (value of it is contained by set of ("Task";"Analysis";"Baseline")) and exists headers "X-Fixlet-Default-Action" of it) of sites whose (name of it is contained by set of ("Enterprise Security";"Updates for Windows Applications"))
Moderate
Period 6 hours
 
  * Results in a true/false
Show indented relevance
number of (concatenation "" of matches (regex "[a-z]") of (values of headers "X-Fixlet-Source-Severity" of it as lowercase)) whose (it = "moderate") of relevant fixlets whose (not exists (headers "X-Fixlet-Type" of it) whose (value of it is contained by set of ("Task";"Analysis";"Baseline")) and exists headers "X-Fixlet-Default-Action" of it) of sites whose (name of it is contained by set of ("Enterprise Security";"Updates for Windows Applications"))
Low
Period 6 hours
 
  * Results in a true/false
Show indented relevance
number of (concatenation "" of matches (regex "[a-z]") of (values of headers "X-Fixlet-Source-Severity" of it as lowercase)) whose (it = "low") of relevant fixlets whose (not exists (headers "X-Fixlet-Type" of it) whose (value of it is contained by set of ("Task";"Analysis";"Baseline")) and exists headers "X-Fixlet-Default-Action" of it) of sites whose (name of it is contained by set of ("Enterprise Security";"Updates for Windows Applications"))
Unspecified
Period 6 hours
 
  * Results in a true/false
Show indented relevance
number of (concatenation "" of matches (regex "[a-z]") of ((if exists it then values of it as lowercase else "unspecified") of headers "X-Fixlet-Source-Severity" of it)) whose (it is contained by set of ("na";"";"unspecified";"undefined")) of relevant fixlets whose (not exists (headers "X-Fixlet-Type" of it) whose (value of it is contained by set of ("Task";"Analysis";"Baseline")) and exists headers "X-Fixlet-Default-Action" of it) of sites whose (name of it is contained by set of ("Enterprise Security";"Updates for Windows Applications"))
Names of relevant fixlets
Period 6 hours
 
  * Results in a true/false
Show indented relevance
(id of it as string & " " & ((first 40 of it & "..." & last 15 of it) of (value of header "Subject" of it) | "") as string) of relevant fixlets whose (not exists (headers "X-Fixlet-Type" of it) whose (value of it is contained by set of ("Task";"Analysis";"Baseline")) and exists headers "X-Fixlet-Default-Action" of it) of sites whose (name of it is contained by set of ("Enterprise Security";"Updates for Windows Applications"))

Relevance

isWindows (Relevance 1172)
Used in 1112 fixlets and 524 analyses   * Results in a true/false
Show indented relevance
windows of operating system

Sharing

Social Media:
Share this page on Yammer

Comments

Log In or Register to leave comments!
Sieg -
Very nice for auditing