Check for missing patches, Validating vpm patch agent installation – HP Insight Vulnerability and Patch Manager Software User Manual
Page 92
Troubleshooting 92
This message occurs because the Microsoft information pertaining to the patch location is incorrect
and the patch cannot be downloaded. HP is working to correct the metadata at the HP/Radia website
for these older patches, however this is ongoing maintenance. These corrections will automatically be
downloaded each time a patch acquisition is run. No updates are needed to Vulnerability and Patch
Management Pack.
Patches appear in a scan report but are not successfully
deployed
This can occur in the following situations:
•
A vulnerability scan has identified vulnerabilities, patches were selected for deployment based
on the scan, and one or more of the selected patches were not located in the patch repository.
Generally, some of the patches will install successfully, while others do not install for an
extended time. Patches might not be available in the patch repository because all of the
necessary operating systems were not selected for patch acquisition or only some of the patches
have been acquired.
•
The VPM Patch Agent has not been successfully installed on the system being patched.
•
A patch deployment is attempted on a system for which the patch is not applicable. Vulnerability
and Patch Management Pack applies patches to target systems based on the operating system
characteristics and patch vulnerabilities. For example, a patch cannot be deployed when a Red
Hat patch is selected for deployment on a Windows target system.
Check for missing patches
Be sure that a patch acquisition has been selected for all operating systems in the server environment.
Different Microsoft patches can exist for each operating system associated with an advisory. To
validate if a patch has been acquired, click the advisory link to the operating system vendor. The
patches for each operating system are listed. Check the C:\Program Files\HP\VPM\Radia\
IntegrationServer\Data\Patch\Microsoft\<bulletin number> directory to see if each patch has been
acquired.
Check the file C:\Program Files\HP\VPM\Radia\IntegrationServer\Logs\patch-acquire.log for a
history of the last patch acquisition, including any errors. Patches downloaded through HTTP might
have been acquired successfully, but those requiring FTP are failing. If this occurs, validate the proxy
and firewall settings to be sure they are configured properly to enable FTP traffic.
Validating VPM Patch Agent installation
Check the VPM events to see if a successful Installed VPM Patch Agent event exists for the system to
be patched. If no event is present or if a Failed VPM Patch Agent Install event exists, select
Deploy>Vulnerability and Patch Manager>VPM Patch Agent to deploy the agent.
After the VPM Patch Agent installation and patch acquisition have been verified, reinitiate the patch
installation by selecting Deploy>Vulnerability and Patch Manager>Validate Installed Patches.
Patch installation status reports are not current or do not match
information displayed in scan reports
Information displayed in patch reports is obtained during the most recent patch deployment task. If
this information is not current, update the patch installation status by validating installed patches. For
information, see the “