If no detect schedule has been ran, either
- Run a Detect you already have created
or
- Create a new Detect schedule
Configure Detect-only patch schedules
Procedure
- Go to the Patch Schedule Detail page:
- Log in to the K1000 adminui, http://K1000_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
- On the left navigation bar, click Security.
- On the Patch Management panel, click Schedules.
- Display the Patch Schedule Detail page by doing one of the following:
- Click the name of a patch schedule.
- Select Choose Action | New.
- In the Configure section, specify options for the Detect-only schedule.
Name
A name that identifies the schedule. This name appears on the Patch Schedules page.
Action
Select Detect. The page updates to the appropriate options.
All Devices
Run the schedule on all devices. If the Organization component is enabled on your appliance, this schedule includes all devices in the selected organization. Use caution with this setting. It is usually better to test patch actions on a limited number of devices, and to limit patch actions to selected devices or device labels. This limitation ensures that patch actions are applied appropriately.
Device Labels
Restrict the patch actions to the devices in the labels that you select. Limiting the run to labels, especially Smart Labels, helps to ensure that patches are applied appropriately.
Devices
Run detect patch actions on the devices that you select. To search for devices, begin typing in the field.
Operating Systems
Select the operating systems of the devices on which you want to run the actions. The default is all operating systems.
- In the Detect section, specify options for the Detect-only schedule.
All Patches
Detect all available patches. This process can take a long time. Also, it might detect patches for software that is not installed on, or required by, managed devices. For example, if managed devices use anti-virus applications from only one vendor, you might not need to detect patches for all anti-virus vendors. All Patches, however, detects all missing patches regardless of whether they are required by managed devices. To refine patch detection, set up labels for the patches you want to detect, then use the Patch Labels option.
Patch Labels
Restrict the action to the patches in the labels that you select. This is the most commonly used patch detection option. To select labels, click Edit. To use this option, you must already have labels or Smart Labels for the patches you want to detect.
- In the Schedule section, specify options for the Detect-only schedule.
None
Run in combination with an event rather than on a specific date or at a specific time. This option is useful if you want to patch servers manually, or perform patch actions that you do not want to run on a schedule.
Every _ hours
Run at a specified interval.
Every day/specific day at HH:MM
Run daily at a specified time, or run on a designated day of the week at a specified time.
Run on the nth of every month/specific month at HH:MM
Run on the same day every month, or a specific month, at the specified time.
Custom
Run according to a custom schedule.
Use standard 5-field cron format (extended cron format is not supported):
* * * * *
| | | | +────────day of week (0-6)(Sunday=0)
| | | +────────month (1-12)
| | +────────day of month (1-31)
| +────────hour (0-23)
+────────minute (0-59)
Use the following when specifying values:
- Spaces ( ): Separate each field with a space.
- Asterisks (*): Include the entire range of values in a field with an asterisk. For example, an asterisk in the hour field indicates every hour.
- Commas (,): Separate multiple values in a field with a comma. For example, 0,6 in the day of the week field indicates Sunday and Saturday.
- Hyphens (-): Indicate a range of values in a field with a hyphen. For example, 1-5 in the day of the week field is equivalent to 1,2,3,4,5, which indicates Monday through Friday.
- Slashes (/): Specify the intervals at which to repeat an action with a slash. For example, */3 in the hour field is equivalent to 0,3,6,9,12,15,18,21. The asterisk (*) specifies every hour, but /3 restricts this to hours divisible by 3.
Examples:
15 * * * * Run 15 minutes after every hour every day
0 22 * * * Run at 22:00 every day
0 0 1 1,6 * Run at 00:00 on January 1 and June 1
30 8,12 * * 1-5 Run weekdays at 08:30 and 12:30
0 2 */2 * * Run every other day at 02:00
Timezone
The timezone to use when scheduling the action. Select Server to use the timezone of the appliance. Select Agent to use the timezone of the managed device.
Run on next connection if offline
Run the action the next time the managed device connects to the appliance, if the device is currently offline. This option is useful for laptops and other devices that are periodically offline. If this option is not selected, and the device is offline, the action does not run again until the next scheduled time.
Delay run after reconnect
Delay the schedule by a specified amount of time. The time delay period begins when the patch action is scheduled to run.
End after
The time limit for patching actions.
For example, if you schedule patches to run at 04:00, you might want all patching actions to stop at 07:00 to prevent bandwidth issues when users start work. To do so, you could specify 180 in the minutes box.
When this time limit is reached, any patching tasks that are in progress are suspended, and their status on Security logs is Suspended.
Suspended tasks resume where they left off when the next scheduled patching action begins.
- Click Save.
The Detect-only schedule is created. If you add devices that match the Smart Label criteria, they are automatically included in the patching schedule.