Patch Report (By Patch)

Apr 5, 2012
Oct 1, 2013

I apologize if this has been addressed previously but within VM, we really like the Patch template since it is the only 'online' report and can be run to filter by Patch.  However, we are unsure if the timeframe filters contain ALL the results from X amount of days or simply the most current set of results.


For instance, in the Patch template...your filter choices for time are 7 days, 14 days, etc.  There is nothing sooner than 7 days to choose from.  If I have scanned once on a particular asset group...and then patched the next day...and rescanned a few days later, will my results show all patches that needed to be addressed from every scan I've done in the past 7 days...or will the Patch report consider my "fixed/closed" trending from my very latest scan when displaying all the Patches that need to be addressed?  Unfortunately this trending choice is not an option with the Patch template as it is with scan template trending filters. 


From what I see, the Patch template gives you all the findings in the timeframe you select, regardless if they were fixed/closed or not.  When we run this report...and I have 100 patches I need deploy on Wednesday...but I patch on Thursday and remediate 50 of the patches (even my trending report in my scanning template shows me this), and I scan again on Patch template still shows me that 100 patches are needed (since it's in my 7 day window of reporting) and the report also confirms this by saying "targets scanned since (insert date here that was 7 days ago)".