Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Customize Patch "Compliance by Computer" + Automation Policy

Created: 26 Mar 2013 • Updated: 26 Mar 2013 | 4 comments

I have done some research and have see several different approaches to this problem.  My goal is to clone the "Windows Compliance by Computer" report and create one report for all Workstations (or Windows XP, 7) and another for all Servers (Windows 2003, 2008, etc).  Once each report is created I'll attach it to a automation policy.  

I have successfully edited some minor parameters such a Release_Date_From and have successfully setup a automation policy.  My issue is how to tweak the cloned report for either OS types or workstations or servers?  

Methods I've tried are editing the Report Parameters, Operating_System but under the default value how would I include more than 1 OS?

I also read about using the FilterCollection parameter, as I do have filters that match my criteria but have not managed to get this to work.  Can you use created filters in this parameter?

Any guidance for any of these questions would be appreciated.

Rick

Operating Systems:

Comments 4 CommentsJump to latest comment

andykn101's picture

I think the Patch reports are based on stored procedures rather than straight SQL code, so for any major customisation you'd have to find the stored procedure code and mess with that.

Can you find a report that has already got a Filter as a parameter?

Authorised Symantec Consultant (ASC) with Endpoint Management Limited, an Authorised Symantec Delivery Provider based in the UK.

Connect Etiquette: Please "Mark as Solution" posts that fix your problem.

Rick D's picture

I did see some ideas on creating a new store procedure but this method would possible change with following updates to the stored procedures....and more importantly I'm not a SQL expert.  

I did find this How To with relation to canned reports and changing the FilterCollection: 

http://www.symantec.com/docs/HOWTO42228 

Basically it communicates that if you get the GUID of another filter you can replace the default, which is "All Windows Computers with Software Update Plug-in Installed", to another filter.

Rick D's picture

OK the above link worked creating new filters and using the GUID to replace the default in the report.

Is there a way to sort the report by compliance?

Is there a way to remove computers that are 100% compliant?

Is the only way to resolve the two questions by changing the stored procedure or is there another method?

Thanks for help or direction with any of these questions,

Rick

Rick D's picture

OK final result.  I ended up using stored procedures as suggested.

Using a combo of these posts.

Filters

http://www.symantec.com/docs/HOWTO42228 

Create 2 filters to included "All Windows Computers with Software Update Plug-in Installed" and then exclude Servers on one and Workstations on another.  Cloned the Computer By Compliance report and using the above link and using the GUID from the new filters I successfully filtered the report by server and workstation.

I then used the below steps to allow me to sort the report by compliance and Active updates:

Stored Procedures (2 different posts same stored procedure)

http://www.symantec.com/connect/blogs/patch-compli...

http://www.symantec.com/connect/downloads/windows-...

I then edited the stored procedure to sort by compliance instead of computer (simply changed the entry "ORDER BY [Computer Name]" to [Compliance]

Voila