Satellite 6 Errata Report Script

Latest response

I have created a python script to report errata from Satellite 6. You can view via organization(s) or via host collection(s) and you can filter on any combination of organization(s), host collections(s), lifecycle environment(s), errata type(s), severity level(s). See the help (-h).

Tip: Create a read only account on Satellite and change the script to have that as the default username and password. Then you don't need to specify a username of password on the commandline.

Have fun with it and use it any way you like. I use it to run in a cron job and mail it to people.

Fred

Attachments

Responses

BTW, keep in mind this will only report on errata that have been published and promoted and are visible to the systems. If you want to have insights on errata that are synced fron RHN but not yet published nor promoted in any environment you must wait for sat 6.1

Hi Fred, Good Day !..

Can I know that whether the same script works on Satellite 6.1.8 version ?

I have tried to run this script and it was not successfull as it shows " No errata found for this selection"

But from the Satellite GUI , i can see that many errata are exist on registered hosts.

Kindly Advise.

Fred, Anythoughts on the below error. i am trying to understand the API and the script but cant quite figure it out.

/usr/lib/python2.7/site-packages/urllib3/connectionpool.py:769: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html InsecureRequestWarning)

Errata for organization 'AHS': Traceback (most recent call last): File "./testreport.py", line 136, in main() File "./testreport.py", line 89, in main for system in systems['results']: KeyError: 'results'

Thanks,

This line in his code is causing that message

    r = requests.get(location, auth=(username, password),verify=False)

The way to remove it would be to replace 'verify=False' with the path to the certificate for your Satellite server which effectively enables verification or I believe this will disable the warning

import requests
requests.packages.urllib3.disable_warnings()

Obviously the more secure option is to use the path to your certificate, but your risk may vary.

Will, Thanks, i was able to add in the server cert!

I had hopes this would also fix the issue listed below (hoped it was a permissions issue)

Traceback (most recent call last): File "./testreport.py", line 136, in main() File "./testreport.py", line 89, in main for system in systems['results']:

This is line 89: for system in systems['results']:

I am looking for a potential syntax error, and comparing to similar lines in the script.

Any thoughts? im a python beginner (scratch)

Thanks,

Cody The output you've got there doesn't tell enough... But I'd guess that it is not getting back a proper list of systems.

you can insert the following just before that line

print json.dumps(systems,indent=4)
# loop through the systems fetched from the collection *or* the organization
        for system in systems['results']:

And this should print out the results from systems to give you a better idea of what you are getting back (if anything).

Will, Thanks for taking the time to help with this for me! I added the additional line, it is giving some additional details now.

Errata for organization 'AHS': { "displayMessage": "Expect initializer to return hash if a group of attributes is defined by lazy_accessor", "errors": [ "Expect initializer to return hash if a group of attributes is defined by lazy_accessor" ] } Traceback (most recent call last): File "./testreport.py", line 136, in main() File "./testreport.py", line 89, in main for system in systems['results']: KeyError: 'results'

Welp, i figured why i am getting that error, because a location doesnt exist in the API any longer.

This line here is always null as it deosnt exist

systems = get_json(sat_api + "host_collections/" + str(collection['id']) + "/systems/", args.username, args.password)
curl -k -X GET -u user:pass https://<SERVER>/katello/api/host_collections/1/systems

This file lives in public 404.html 
 div class="dialog"

      The page you were looking for doesn't exist.
      You may have mistyped the address or the page may have moved.

    If you are the application owner check the logs for more information.

ah so that'll be because of the changes in the API from in the 6.2.0 release. They changed the way host_collections are reported and the host_collectoins//systems call has been deprecated.

you need to retrieve systems['host_ids'] from https:///katello/api/host_collections/ now.

Maybe this will help (or confuse), but its a function I use to retrieve and return a dictionary of host collection members

def get_hc_members(hc_id,hosts_dict):
  hc_members = get_json(KAT_API + "/host_collections/" + str(hc_id))
  for host_id in hc_members['host_ids']:
    # Get the host name
    host_name = get_host_name(host_id)
    hosts_dict.append({
      "id": host_id,
      "host_name": host_name
    })
  return hosts_dict

I wish the comments had a like button so I could like this, so instead I will just to the following:

+1, like.



I wish the comments had a like button so I could like this, so instead I will just to the following: +1, like.

+1, like. ;-)

This is a great report, i am looking to dump these types of results into a pivot table or some way to tabulate them. IE client name with number of errata that can be clicked on to see what ones are missing. or a list of errata that list the number of clients that require them.

I think a better way to explain is a manager style report.

I dont know Python, but im trying to figure it out.

Thanks,

+1 Very handy!

Hi Thank for the script, but however, when I run it I am getting this error; " /usr/lib/python2.7/site-packages/urllib3/connectionpool.py:769: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html InsecureRequestWarning) Traceback (most recent call last): File "./errareport.sh", line 138, in main() File "./errareport.sh", line 62, in main for org in orgs['results']: KeyError: 'results' " Can you help?

Hi I some managed to remove the errors, but I am now getting "No errata found for this selection" Can you help?

David, What was your fix to remove the insecure request warning?

I had this working prior to my upgrade to 6.2.1

If you are on a not newest version of python,

import requests
requests.packages.urllib3.disable_warnings()

will remove the insecure warnings.

So we will need a replacement for this line

Page 106 in OLD API GUIDE

GET /katello/api/v2/host_collections/:id/systems Which does not seem to exist in the new new API. for 6.2.x

Hi all,

It seems my satellite_errata_report script is not working anymore. I will look into it when time allows. I am however in a very busy period so no guarantees. I might have an alternative though: There has been an effort to collect various scripts for satellite on github. The location is https://github.com/RedHatSatellite. I have made another script that reports security errata's based on CVE's and it shows in what life cycle environment they are. This script is on this github repo. It's called satellite-host-cve and you can find it here: https://github.com/RedHatSatellite/satellite-host-cve. There are lot's of other scripts there so please take a look.

When I find the time to fix the satellite_errata_report script I will also upload it to the satellite github repository. If someone else is able to fix it, please let me know and I will upload it to the github repository.

Thanks for your support.

Fred

Fred,

Do you have a newer Satellite 6 Errata Report Script somewhere? github? I have a Sat 6.2 customer looking for a way to get an errata report.

Does anyone have the script for 6.1? This section from script for 6.0, seem not to give results. " if args.collection:

                    # Loop through the host collections, skip the one we don't want
                    collections = get_json(sat_api + "organizations/" + str(org['id']) + "/host_collections/", args.username, args.password)
                    for collection in collections['results']:
                            if collection['name'].lower() not in args.collection:
                                    continue
                            print "\n" + prefix + "Errata for Host Collection '%s':" % collection['name']
                            prefix = "  - "

                            # Get the systems in this host collection
                            systems = get_json(sat_api + "host_collections/" + str(collection['id']) + "/systems/", args.username, args.password)
                            systems_fetched = True

"

in case someone needs: I needed to send me allerts whenever there is a Critical Security patch is available on any of our servers. Here is the simple "script" for it:

for i in hammer host list|cut -d'|' -f 2 | sed -e '1,3d'| sed -e '$d'; do echo -e $i hammer host errata list --host $i --search "type=security=Critical"; done | grep true | awk '{print $1}'

Basically what is does is pulls all the host names into $i and searches for Critical Security updates for each server. If it found the patch for Critical Security type, the it will print out the name of the host " grep true" and awk '{print $1}' the output of this script will be the list of the hostnames which need the update. Simply execute this script and send alert email every week.

Hope you found it helpful.

EDIT: OBE