Network & Systems Management Solutions Providers

Blog

4 Sep

By Ecmel Ozdemir

SolarWinds Patch Manager & Orion Platform Integration

SolarWinds Patch Manager is a patch management tool that enables reporting, deployment and management of Microsoft and third party patches on servers and workstations. Patch Manager is a standalone application but it can easily be integrated with the SolarWinds Orion platform to show the current status of the WSUS servers, patches, servers and desktop devices.

 

In the first of a two part article, I will show you how to integrate Patch Manager with the SolarWinds Orion platform and describe the out-of-the-box views on Orion. Lastly, we will go further and look at how to create views, reports and alerts on Orion Platform based on Patch Manager data. The benefit of this is that patching state and actions can have a direct impact on the health and status of a server and the applications upon it.

 

Patch Manager and Orion Platform Integration Configuration

To integrate Patch Manager with Orion the web console integration should be installed on the Orion server as described and then Patch Manager location details should be added to the Orion Configuration Screen:

 Setup Web Console

 

Orion Views for Patch Manager

After successfully integrating Patch Manager with Orion platform, it is possible to see data from Patch Manager with three different perspectives:

  • WSUS perspective shows data based on WSUS servers
  • Node perspective shows data based on the device
  • Patch perspective shows data based on the update

 

“Patch Summary” view will show the overview data across each of these entities and provides a great insight into the key information on patching levels. ‘Some’ might say this is better than the default view in Patch Manager’s own GUI.

 Patch Manager Summary

 

On this summary view, it is possible to see list of WSUS servers, list of managed patches, list of nodes, list of latest tasks and list of top missing patches. Pie chart resources allow to see high level information about device status for servers and workstations.

 

As is the way in the Orion GUI entity links allow to drilldown to see more details:

 

    • “WSUS Servers” resource provides list of WSUS servers that Patch Manager is integrated. 

WSUS Server

 

WSUS Server Details

 

  • “Nodes Managed by WSUS Servers” resource provides list of devices managed by WSUS servers and these devices are grouped as Server or Workstation according to their OS types: 

Nodes Managed by WSUS Servers

 

Icon on the left side of the device name shows the status of this device if it is currently monitored by SolarWinds Orion. The icon means that device is not currently monitored in Orion which is a good way to identify if you have servers that should be monitored by Orion, which of course they should. Clicking on one of the node names shows all the patch details for the selected node. 

 

WSUS Node Details

  • “All Patches” resource shows the list of patches grouped by solution vendor and the recorded severity:

All Patches

 

A great feature is the ability to identify the details of the patches by clicking on the name:

 

Update Details -
 Java Runtime Environment

 

Advanced Features

Until now, we see the default visual features of the Patch Manager and Orion integration provided by SolarWinds out-of-the-box. In addition to these, we can go forward by the help of the SWQL queries. Let’s focus on these advanced features.

 

As we saw before, SolarWinds provides “WSUS Node Details” view to see Patch Manager details for each node. If a node is already managed by SolarWinds then it is meaningful to add Patch Manager resources to standard Orion node detail views. 

 

In any node detail view, we can add Patch Manager resources by clicking on “Customize Page” button on the right top corner of the node details page: 

 

Then we should click on “Add Resources” button on any column, group resources by “Classic Category” and select “Patch Manager Nodes”. Now we can select any of the resources on the new screen related with Patch Manager.

 

Add Resource

 

It is beneficial to see the latest patches, missing patches and a general patch overview for the node so decided to add 3 resources: 

 

Add Resource

 

Now we are able to see patch information and monitoring information at the same page on Node Detail view as below:

 

Windows Node Details

 

SolarWinds Orion Reporting

Patch Manager provides Reporting feature but it is also a good idea to use Orion Reporting platform to create reports on patches and devices.

 

Following example shows all the patches that have arrived in last 30 days with the approval and installation status for each node. Patch and node details are given in the list and charts show the number of patches for the same time period with approval status and installation status respectively.

 

You can download this example report here: Report - SolarWinds Patch Manager Status for Devices

 

Patch Status for Devices

 

Orion Alerting

Currently, it is not possible to create alerts on Patch Manager and there is no out-of-the-box solution on Orion platform for alerting in relation to patch management. So let’s define an alert for the nodes monitored by Orion platform according to the information from Patch Manager.

 

This is an example alert definition to check devices monitored in Orion and has approved but non-installed updates.

 

Edit Alert

 

Create a new blank alert in Orion and define a title and description. As this is a non-time urgent alert, set the poll interval to 60 minutes. Severity can be set as Warning, Serious or Critical according to your perception of the problem.

 

At the trigger condition step, choose “Custom SWQL Alert (Advanced)” with the query set to alert on Node level as below:

 

Edit Alert Patch Manager

 

This is the actual where condition of the query:

 

where Nodes.NodeID in (

                select distinct NodeID from Orion.Nodes n

                inner join

                Orion.PM.NodesWithIPAddresses pmn

                on pmn.NodeID=n.NodeID

                inner join

                Orion.PM.WsusNodes w

                on w.IPAddress=pmn.IPAddress

                where w.NotInstalledApprovedCount>0

)

 

“Reset Condition” and “Time of Day” steps can be at the default state. For the trigger action step, an email action can be defined as below:

 

Configure Action Send An Email Page

 

Subject:

Patch Manager - ${N=SwisEntity;M=Caption} has approved but uninstalled updates

 

Message:

Alert was triggered at  ${N=Alerting;M=AlertTriggerTime;F=DateTime}

${N=SwisEntity;M=Caption} has <font color=red><b> ${N=SWQL;M=select distinct w.NotInstalledApprovedCount from Orion.Nodes n inner join Orion.PM.NodesWithIPAddresses pmn on pmn.NodeID=n.NodeID inner join Orion.PM.WsusNodes w on w.IPAddress=pmn.IPAddress where w.NotInstalledApprovedCount>0 and NodeID=${N=SwisEntity;M=NodeID}} </b> </font> approved but uninstalled updates.

 

View full device details here: ${N=SwisEntity;M=DetailsUrl}.

View full alert details here: ${N=Alerting;M=AlertDetailsUrl}

Click here to acknowledge the alert: ${N=Alerting;M=AcknowledgeUrl}

 

After adding email action, we can go to the summary step with “Next” button and submit the alert.

 

When the email is triggered, resulting email will be seen as below:

 

Patch Manager Email

 

As SWQL gives us independence to combine any kind of data on Orion, you can create various reports or alerts according to your requirements. 

 

Be sure to come back next week for the concluding part of this article.

 

Consultancy Services for SolarWinds Customers

Prosperon Networks are a leading IT Solutions provider specialising in Network and Systems Management monitoring solutions for SMB to Enterprise networks. We provide a range of Professional Services to support our portfolio and are recognised as an authority within the UK for designing, installing and maintaining management solutions from SolarWinds. Contact us today to learn how we can add value to your SolarWinds platform.

Request A Call Back

 



18 Sept5 Day Administrator Course for SolarWinds

Training covers all core Orion products & SCP Exam…

20 Nov5 Day Administrator Course for SolarWinds

Training covers all core Orion products & SCP Exam…