Patches
Patch issues
A patch is a security update for an operating system. Nanitor gets the information of a missing patch from the Nanitor agent that is installed on the assets. The Nanitor agents checks against a missing patch on the operating system and Nanitor raises an issue if a patch is missing on the asset. The check performed by the Nanitor agent includes information about the patch itself with the link to the patch provider.
Nanitor collects information on when the patch was released from the vendor and when the missing patch is discovered in Nanitor. These dates can be different when an asset is newly added to Nanitor after a patch has been released by the vendor and the patch still exists on the asset where the Nanitor agent has been installed on. The patch age in Nanitor is computed by the date from when the patch was first (or lastly) discovered in Nanitor (not the patch release date) and the current date. A missing patch can (and will probably) exist on multiple assets. As such a patch issue is only considered to be solved when the patch is removed from all assets where it exists.
Since a patch issue can "pop up" multiple times during the Nanitor journey. This is the case when a patch issue has been flagged as resolved but at a later time, an asset is added to Nanitor where the same patch is missing.
Patch report
The patch status report can be accessed from the reports menu.
The patch report is grouped by existing labels. Since an asset can belong to multiple labels the same patch can be listed in multiple labels. The total amount of existing patches are listed in the overview section along with information about overdue patches where the first or last discovery date of the missing patch is older than 30 days.
The report will additionally give you information on which assets the patches are missing. Pressing on the links provided in the report will lead you to a list of issues/assets with an applied filter.
Eg the report shows all P1 patches. P1 issues have a priority score between 60 and 80. In the same way I could take out a report on patch issues that have been resolved within the last 30 days.
Patch Events
Nanitor keeps track of a wide range of activities to be able to track the history of issues. Patches are no exception in this matter.
In the activity log you can filter on the following patch events
- Patch installed on assets. A patch has been resolved on an asset
- Patch issue created. This is the case for the first asset discovered with a missing patch
- Patch issue resolved. The patch has been installed on all affected assets
- Patch status changed on asset. The priority rating on a patch issue has been raised due to the age of the missing patch on the asset.
- Patch uninstalled on asset. A previously installed patch has been uninstalled. This is most likely the case when an installed patch has caused trouble on an asset.