Articles in this section

Patches Catalog

Overview

The Patches Catalog is a very important part of JetPatch. 

The page contains all of the applicable patches for your environment - both Windows and Linux. This is also the page where you begin creating remediation plans, either manually or automatically.

Navigate to Patches → Patches Catalog from the left menu.

Tip: It is highly recommended to pause and try out the filters yourself as you follow along with this guide.

 

Patches Discovery

 

Patches Catalog

 

Patch Titles

Patch titles are clickable and redirect the user to the Operating System vendor for more information about the patch.

Needed On

Displays the number of endpoints that require the patch to be installed. 

Clicking on the number redirects the user to a filtered Endpoint Management screen, which displays full information about those endpoints.

Patches Catalog Filters

The Patches Catalog offers many different filters to help you find exactly the patches you want to prioritize for your environment:

  • Search – Filter by the full name, KB article, or Advisory ID. You can include or exclude the searched value by switching the component option on top of the Search input.
  • Approval Status – Filter by the patch approval status. Useful for looking at patches that have been approved.
  • Not in Repository – Refers to patches that came from the vulnerability scanner, but JetPatch is unfamiliar with.
  • Operating System – Filter by the operating system.
  • Endpoint Name – Show patches related to a specific endpoint.
  • Endpoint Group – Show patches related to endpoints in a specific group.
  • Remediation Plan – Show patches that may already be part of a Remediation Plan.
  • Show Patches – Filter by patch status. By default, this is set to Not Installed, but you can also filter on: Needed, In Progress, Installed, Failed, or All.
  • More Filters:
    • From Date / To Date – Filter by patch release date range.
    • Released Before – Find patches released more than X days ago. For example, entering 10 shows patches older than 10 days.
    • Released In The Last – Find patches released within the last X days. For example, entering 10 shows patches released in the last 10 days. Useful for finding patches around the last Patch Tuesday.
    • Severity – Filter by patch severity level.
    • Category – Focus on specific patch categories, such as security patches only.
    • Vulnerability – Sort on all patches pulled from your vulnerability report.
    • Product – Filter by specific versions of operating systems or third-party applications.
Tip: Pause here and explore the filters to find the patches most relevant to your environment.

 

Patch Bundles

Often, you will find yourself using the same patch filters over and over again. 

Patch Bundles (Saved Filters) allow you to save your filter configurations for future use, so you can quickly return to them without having to reapply all the filters each time.

Create a new Patch Bundle

  1. Apply all the filters you want
  2. Click on the button and choose "Save As..." 
  3. Fill in the details and click on "Save."

Choose an Existing Patch Bundle

  1. Click on the Patch Bundles button and choose the required filter.
Note: The table information and filters will update to reflect the selected bundle. The Patch Bundles button will display the name of the selected filter to indicate which bundle is active.

Update an Existing Patch Bundle

  1. Click on the Patch Bundles button and choose the required filter.
  2. Make your changes to the table filters.
  3. Click on the Patch Bundles button again (the button text will have changed to the name of the chosen filter).
  4. Click Update.
Note: The “Update” button will be disabled if the current filter is used by a Compliance Rule and/or an Automatic Remediation Plan.

Fix a Broken Patch Bundle

A broken Saved Filter can result from deleting an Endpoint, Endpoint Group, or Vulnerability that the Saved Filter is based on. If you have a broken Saved Filter, the system will notify you by adding a red exclamation mark in the left menu.

  1. In the Patches Catalog, click the Patch Bundles button and choose the broken filter.
  2. Remove the “INVALID” that appears on the problematic table filter.
  3. Click the Patch Bundles button again.
  4. Click Update.

List of Patch Bundles

To see the full list of saved filters, click the Patch Bundles button and choose Manage Patch Bundles

From here, you can edit the filter information (Name and Description) or delete a filter (only if it is not part of an Automatic Remediation Plan or Compliance Rule).

 

Patch Bundle Uses

The most effective uses for Patch Bundles are:

  • Compliance Rules – Use a Patch Bundle to define which patches should be excluded from compliance calculations.
  • Automatic Remediation Plan Creation – Use a Patch Bundle to define which patches should be included in automatically generated remediation plans.

Create a Remediation Plan

  1. Apply the relevant filters to find the patches you want to include.
  2. Select the patches you want to remediate.
  3. Click the ‘Create’ button.

You will then be directed to the Remediation Plan wizard to complete its creation.

You will then be directed to the Remediation plan wizard to complete its creation. 

Reports

  1. Apply the relevant filters to find the patches you want to include.
  2. Select the patches you want to remediate.
  3. Click the ‘Create’ button.

You will then be directed to the Remediation Plan wizard to complete its creation.

The available reports are:

  • Patches Catalog Report (CSV) – Downloads extended information on the filtered patches.
  • Patches Compliance (CSV) – Describes the status of the filtered patches across the environment(see article for more information)

Related articles

Comments

0 comments

Please sign in to leave a comment.