how to create an outstanding patch per machine report for Satellite 6

Latest response

Does anyone know how to create a report for Satellite 6 the will display the same type of information that is displayed when I go out the REDHAT and look at my classic registration list. It lists how many Errata and how may packages need to be applied to the registered host. We find this info useful for planning and checking on our patch needs. Is there any help out there with this as the books are not a real big help.

Bob

Responses

I just got word from support that this is part of Satellite 6.1 but they are looking for a way to do this earlier.

Bob

https://access.redhat.com/discussions/528013 latest comment

@matthias: That is for Satellite 5.

I have created a script for Satellite 6. See https://access.redhat.com/discussions/1395523.

There are still open tickets for a bunch of these kind of things (but also a load of resolved ones) in the Katello issue tracker.

http://projects.theforeman.org/projects/katello/issues

I'd certainly expect this kind of functionality in 6.1 with more to come later. I'm waiting for the ability to report outstanding errata for a Production system by looking at all Errata that have arrived in the Library. Reporting against the current environment is OK, but doesn't then show Errata that are still only in Dev or Test for example.

Untill 6.1 is release and if it is not bugged, you might want to use "yum updateinfo list available"

The old way, on all of your servers then parse the results.

Is this feature available in Redhat Satelite 6.2?

This is trivial to do with Satellite 6.2 and newer:

Firstly, get a list of hosts. use the hammer host list command. Optionally, provide a search query to limit the number of hosts to a host collection or other subset of hosts

#HOST_LIST=$(hammer --output csv host list --search "host_collection = Infrastructure"| cut -f 2 -d ','| tail --lines=+2)

Then given that list of hosts, show their errata

#for host in $HOST_LIST; do echo $host; hammer host errata list --host $host; done
auth01.example.com
---|------------|------|-------|------------
ID | ERRATUM ID | TYPE | TITLE | INSTALLABLE
---|------------|------|-------|------------
kvm01.example.com
---|------------|------|-------|------------
ID | ERRATUM ID | TYPE | TITLE | INSTALLABLE
---|------------|------|-------|------------
monitoring.example.com
---|------------|------|-------|------------
ID | ERRATUM ID | TYPE | TITLE | INSTALLABLE
---|------------|------|-------|------------
rhevm.example.com
------|----------------|----------|----------------------------------|------------
ID    | ERRATUM ID     | TYPE     | TITLE                            | INSTALLABLE
------|----------------|----------|----------------------------------|------------
16931 | RHBA-2018:0597 | bugfix   | tzdata enhancement update        | true
16891 | RHSA-2018:0592 | security | Important: slf4j security update | true
------|----------------|----------|----------------------------------|------------
rhv-hypervisor1.example.com
------|----------------|--------|---------------------------|------------
ID    | ERRATUM ID     | TYPE   | TITLE                     | INSTALLABLE
------|----------------|--------|---------------------------|------------
16931 | RHBA-2018:0597 | bugfix | tzdata enhancement update | true
16882 | RHBA-2018:0580 | bugfix | glusterfs bug fix update  | true
------|----------------|--------|---------------------------|------------
rhv-hypervisor2.example.com
------|----------------|--------|---------------------------|------------
ID    | ERRATUM ID     | TYPE   | TITLE                     | INSTALLABLE
------|----------------|--------|---------------------------|------------
16931 | RHBA-2018:0597 | bugfix | tzdata enhancement update | true
16882 | RHBA-2018:0580 | bugfix | glusterfs bug fix update  | true
------|----------------|--------|---------------------------|------------

You can get creative with the API if you want, but this works too.

Thanks for the commands. but, Trivial? Really? Your definition of that word might need an edit.

Hi Rich, thanks a lot. Is it also possible to get list of installed errata (possibly with dates)?

Ho w can we create reports in satellite 6.2 ? I do not see any proper documentation

Satellite 6.3:

! /bin/bash

HOSTS=$(hammer host list | cut -d "|" -f2 | grep -v '---' | grep -v 'NAME') for HOST in $HOSTS; do hammer host errata list --host $HOST >> Errata_Reports.txt done

Quick fix on this since the inverse grep wasnt working.

! /bin/bash

HOSTS=$(hammer host list | cut -d "|" -f2 | awk '!/----------------/ && !/NAME/') for HOST in $HOSTS; do hammer host errata list --host $HOST >> host_errata_report.txt; done

Could do it with: grep -v -e '^---' -e 'NAME'; but nm look at this:

for h in $(hammer --output csv host list --organization myOrg|sed 1d|cut -f2 -d,); do echo -n $h,; hammer --output csv host errata list --host $h|sed 1d|wc -l ; done

Hopefully this is amusing for others to decipher...

Thanks for all the hints and mix of bash styles -- this is exactly what I needed. I plan to feed it to a JSON report for "all is well" alongside the CSV output for "what went wrong" detail. (I have to say, though, it's sorely in need of optimization because it's excruciatingly slow.)

If you want counts:

hammer --csv host errata list --host $content_host | awk -F',' '$3!="Type" {print $3}' | sort | uniq -c
    327 bugfix
     62 enhancement
     68 security

for i in hammer host list|cut -d'|' -f 2 | sed -e '1,3d'| sed -e '$d'; do echo -e $i hammer host errata list --host $i --search "type=security=Critical"; done | grep true | awk '{print $1}'

you can schedule cron job and send you alerts saying the following hostnames need Critical Security updates to be applied.

Hi, I like to inform this thread that Satellite 6.5 now has a reporting engine. Please see https://www.youtube.com/watch?v=sBciejh1G80

Hi, I'm looking for a customized patch compliance report based on monthly content-view. We create new content-views every month to patch the servers. Any help will be highly appreciated