Introduction

A patch baseline is a collection of missing patches ready for installation on your instances. You can choose a subset of the packages that address the key vulnerabilities from a given feed. The chosen set of packages forms the patch baseline.

You can create baselines based on one of the following categories:

Static baseline

OpsRamp allows you to choose a list of patches from the available list that forms the baseline. The list of patches in the baseline does not change unless updated by the user.

Dynamic baseline

Dynamic baselines consist of a set of patches that meet the selected filter criteria. The list of patches in a dynamic baseline varies as the available patches change when the filters are applied dynamically with the change.

Creating patch baselines

To configure the baseline for Windows and Linux devices:

  1. Select a client from the All Clients list.
  2. Go to Automation > Patch Configuration> Patch Baselines.
  3. From Patch Baselines, click + Add.
  4. From Add Patch Baseline, go to Select Patches for New Patch Baseline and provide details for the following parameters:
    • Name: Refers to the name of the Patch Baseline.
    • Description: Refers to the information related to the patch baseline
    • Client: Refers to the client to apply the baseline.
    • Feed: Refers to the installed Windows and Linux integration feed.
  5. Go to Select Patches to Include and provide one of the following options.
    • Include Selected Patches.
    • Include patches that satisfy the below rules(Dynamically applied).
  6. If you have selected Include Selected Patches, you can select the desired patches from the available list of patches.
  7. If you have selected Include patches that satisfy the below rules, do the following actions:
    1. From the available conditions, configure a policy.
    2. After configuring the policy, go to Select Patches to Exclude.
    3. From select Patches to Exclude, you can select the desired patches from the available list of patches.
  8. Click Save.

Patch Baselines screen displays the configured baselines.

After configuring the baselines, you can use them while performing the following patch activities:

  • View missing patches.
  • Patch compliance configuration.

After configuring the Patch Baseline, you can view the baseline details on the Patch Baselines page.

Viewing patch baselines

View the configured patch baselines in Patch Management > Patch Baselines.

The following table describes patch baseline attributes.

View Patch Baseline
AttributeDescription
NamePatch Baseline Name.
Last Updated ByName of the author who updated the baseline.
Last Updated TimeThe time and date of the recently updated baseline.
Included CountThe number of patches included in the baseline.
Excluded CountThe number of patches excluded in the baseline.
EnabledEnable or Disable the configured baselines.