Search for	Example	Results
A single word	`cat`	Topics that contain the word "cat". You will also find its grammatical variations, such as "cats".
A phrase. You can specify that the search results contain a specific phrase.	`"cat food"` (quotation marks)	Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase.

Search for	Operator	Example
Two or more words in the same topic	`AND` `and` `+` (plus symbol) `&` (ampersand)	`cat AND dog` `"cat food"+milk` `"cat food"&"dog food"`
Either word in a topic	`OR` `or` `\|` (pipe)	`cat OR dog` `cat \| dog`
Topics that do not contain a specific word or phrase	`NOT` `not` `!` (exclamation point)	`NOT cat` `! dog`
Topics that contain one string and do not contain another	`^` (caret)	`cat ^ mouse`
A combination of search types	`( )` parentheses	`cat + (dog \| mouse)` `cat \| dog + (! mouse)`

Server Automation10.51

Administer > Audit and compliance > Compliance > Patch compliance > Patch compliance status criteria

Patch compliance status criteria

Patch compliance status is determined by the following criteria:

Patch Compliance—Single Server: If at least one item in a patch policy does not match what is discovered (or does not exist) on the server the policy is attached to, the server’s patch compliance status is Non-Compliant . The details pane of a Device explorer window shows the Patch category as Non-Compliant and the summary column indicates how many rules (patch policy items) are Non-Compliant out of the total number of rules.

For example, if a patch policy contains 10 items and 6 of the items are Non-Compliant, the patch policy’s status is Non-Compliant and the summary description reads: “6 of 10 Rules Out of Compliance.”

If more than one patch policy targets a single server and if at least one of those policies is Non-Compliant, then the aggregate compliance status for Patch is also displayed as Non-Compliant as well. You can expand the Patch category of the details pane to see which of the policies are not in compliance, including a breakdown of how many rules in each policy are either in or out of compliance.
Patch Policy—Rule Exception: If a rule exception is applied to one of the patch policy items, the server’s Patch compliance displays a compliance status of Partial-Compliant . Patch is the only compliance category that allows rule exceptions at the policy level.
Patch Compliance—Device Groups: A patch policy attached to a group of servers is considered Compliant if more than 5% of the servers in the group attached to the policy have a status of Non-Compliant . If this is the case, the aggregate compliance for patch policy displays as Non-Compliant. Another way to understand Non-Compliant for a device group is to remember that when less than 95% of the servers are Compliant, a status of Non-Compliant will display.

However, if more than 2%, but less than or equal to 5%, of all servers in a group have the status of Non-Compliant for that category, then the status is Partial-Compliant . Another way to understand Partial-Compliant for a device group is to remember that when less than 98% but at least 95% of the servers are Compliant, a status of Partial-Compliant will display.

If less than 2% of all servers in a group have a Patch Policy status of Non-Compliant for that category, then the overall status is Compliant. Another way to understand Compliant for a device group is to remember that at least 98% of the servers are Compliant.

The details pane for a group of servers in the Compliance view shows whether the patch policies are compliant or not. This information does not expand to show a breakdown of individual servers and policies.

You can modify the thresholds used to determine compliance for groups of servers.

Remediating patch compliance for servers

Note This section does not apply to ESXi.

When you remediate patch compliance for one or multiple servers, you can choose to remediate either all of the policies attached to the servers or choose to remediate individual policies.

To remediate patch policies on one or multiple servers:

In the Device Explorer, in the navigation pane, select Devices > Servers > All Managed Servers.
From the View drop-down list, select Compliance.
Select one or more servers.
In the details pane of the Compliance view, expand the Patch category and select a patch policy that is attached to the selected servers. Or, select the top level Patch category if you want to remediate all of the patch policies attached to the selected servers.
Click Remediate and then complete the steps in the Remediate wizard.

Remediating patch compliance for device groups

When you remediate patch policies on one device group, you can remediate all the policies attached to all device groups. However, when you select a group, you can only remediate all patch policies attached to all groups and any sub-groups.

To remediate patch policies on one or multiple device groups:

In the Device Explorer, in the navigation pane, select Devices > Device Groups.
From the View drop-down list, select Compliance.
Select one or more device groups.
In the details pane of the Compliance view, expand the Patch category and select a policy that is attached to the selected groups. Or, select the top level Patch category if you want to remediate all of the policies attached to the selected groups.
Click Remediate and then complete the steps in the Remediate wizard.

Send Help Center feedback