Search for	Example	Results
A single word	`cat`	Topics that contain the word "cat". You will also find its grammatical variations, such as "cats".
A phrase. You can specify that the search results contain a specific phrase.	`"cat food"` (quotation marks)	Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase.

Search for	Operator	Example
Two or more words in the same topic	`AND` `and` `+` (plus symbol) `&` (ampersand)	`cat AND dog` `"cat food"+milk` `"cat food"&"dog food"`
Either word in a topic	`OR` `or` `\|` (pipe)	`cat OR dog` `cat \| dog`
Topics that do not contain a specific word or phrase	`NOT` `not` `!` (exclamation point)	`NOT cat` `! dog`
Topics that contain one string and do not contain another	`^` (caret)	`cat ^ mouse`
A combination of search types	`( )` parentheses	`cat + (dog \| mouse)` `cat \| dog + (! mouse)`

Server Automation10.51

Administer > Audit and compliance > Compliance > Software compliance > Software compliance remediation

Software compliance remediation

The Compliance view allows you to view all software policies attached to a server or to groups of servers, and to remediate those servers that are out of compliance. This enables you to ensure that a server’s software configuration complies with the software policy definition.

For each software policy item—such as software, packages, patches, scripts, and application configurations—software remediation installs (or for a script, executes) those items on the target server. If the items do not exist on the server, they get installed. If the items existed but did not match the policy, they get updated with the correct version.

For example, you have a software policy that consists of several packages, patches, scripts, and an application configuration, all organized in the order in which they are to be installed and executed. First, you remediate the software the policy on a server to make sure the server is in compliance with your company’s software installation standards. Over time, some of the items in the software policy get updated—such as a new set of packages gets added—and, for whatever reason, a software item on the server was uninstalled.

When you perform a software compliance scan, the scan determines the server’s compliance status by comparing the software policy contents with the actual software installed on the server. Even if only one software item attached to one of the servers is not in compliance with the policy, the server will have a software compliance status of Non-Compliant .

When you remediate a server or group of servers, the patches, packages, and application configurations specified in the policy are installed and applied in the order specified in the policy. For a group of servers, remediation has the same results, only the remediation operation applies to all servers in the group, including all servers contained in any sub-groups.

Remediating software compliance for servers
Remediating software compliance for groups

Remediating software compliance for servers

When you remediate software compliance for a single server or for multiple servers, you can choose to remediate all of the policies attached to the servers or choose to remediate individual policies.

You can select the Software Aggregate policy, which remediates all software policies for all servers selected. If a group is selected, it remediates against all direct server children in that group. If a single software policy is selected in the details pane, the entities selected in the summary pane have that policy remediated.

To remediate software policies on a single server:

In the navigation pane, select Devices > Servers > All Managed Servers.
Select a server in the content pane.
Right-click and then select Open to open the Device Explorer.
In the navigation pane, select ManagementPolicies > Compliance.
In the details pane of the Compliance view, expand the Software category and select an individual software policy or the top level Software category. This selection enables you to remediate policies that are attached to the server.
Click Remediate and then complete the steps in the Remediate wizard. If SA does not find devices to remediate, a warning dialog displays.

To remediate software policies on multiple servers:

In the navigation pane, select Devices > DeviceGroups, and then select a group.
From the View drop-down list, select Compliance.
In the content pane, select servers.
In the details pane of the Compliance View, expand the Software category and select a software policy that is attached to the selected servers. Or, select the top level Software category if you want to remediate all of the software policies attached to the selected servers.
Click one of the following buttons to remediate software policies:
- Remediate: Launches the Remediate wizard that allows you to remediate the selected software policy or policies against the selected server or servers.
- Scan Device: Displays the Scan for Compliance window where you first select the types of policies you want scanned and then click Scan to launch the job. This processes scans the selected servers for all Audit, Audit Policy, Software, Patch, and Configuration policies attached to the servers, and does not have any effect on the audits that target this server.
  
  To monitor the scan’s progress, refresh the Compliance window (press F5).

You can also choose Action > Scan to view a scan’s progress.

Remediating software compliance for groups

When you remediate software policies for a single group of servers or for multiple groups of servers, you can remediate all policies attached to all servers in the single group or in multiple groups. However, when you select a group or multiple groups, you can only remediate all software policies attached to all servers in the group and any sub-groups.

To remediate software policies for a single group of servers or for multiple groups of servers:

To remediate software policies for a single server in the Device Explorer, in the navigation pane, select Devices > Servers > All Managed Servers.
In the content pane, select a server.
Right-click and then select Open to open the Device browser.
In the navigation pane, select ManagementPolicies > Compliance.
In the details pane of the Compliance view, expand the Software category and select an individual software policy or the top level Software category. This selection enables you to remediate all policies attached to the server.
Click Remediate and then complete the steps in the Remediate wizard.

Or, in the content pane that shows a list of servers that belong to the group, select multiple servers by selecting the check box next to each server. (Optional) Select Check All Rows to select all servers.
To remediate software policies for multiple servers, in the navigation pane, select Devices > DeviceGroups, and then select a group.
From the View drop-down list, select Compliance.
In the details pane of the Compliance view, expand the Software category and select a software policy that is attached to the selected servers. Or, select the top level Software category if you want to remediate all of the software policies attached to the selected servers.
Click one of the following buttons to remediate software policies:
- Remediate: Launches the Remediate wizard that allows you to remediate the selected software policy or policies against the selected server or servers.
- Scan Device: Displays the Scan for Compliance window where you first select the types of policies you want scanned and then click Scan to launch the job. This processes scans the selected servers for all Audit, Audit Policy, Software, Patch, and Configuration policies attached to the servers, and does not have any effect on the audits that target this server.

To monitor the scan’s progress, refresh the Compliance window (press F5).

You can also choose Action > Scan to view a scan’s progress.

Send Help Center feedback