Daily Patch reports - AMS Accelerate Operations Plan

Daily Patch reports

These reports provide patching details.

Patch details

This report provides patch details and maintenance window coverage of various instances.

This report provides:

  • Insights on Patch groups and its types.

  • Insights on Maintenance Windows, duration, cutoff, future dates of maintenance window executions (schedule) and Instances impacted in each window.

  • Insights on all the operating systems under the account and number of instances that operating system is installed.

Field Name Dataset Field Name Definition
Report Datetime dataset_datetime The date and time the report was generated.
Account Id aws_account_id AWS Account ID to which the instance ID belongs
Account Name account_name AWS account name
Instance Id instance_id ID of EC2 instance
Instance Name instance_name Name of EC2 instance
Production Account prod_account Identifier of AMS prod, non-prod accounts, depending on whether account name include value 'PROD', 'NONPROD'.
Account Status account_status AMS account status
account_sla AMS account service tier
Instance Platform Type instance_platform_type Operating System (OS) type
Instance Platform Name instance_platform_name Operating System (OS) name
Stack Type instance_stack_type AMS stack (AMS infrastructure within customer account) or Customer stack (AMS managed infrastructure that supports customer applications)
Instance Patch Group Type instance_patch_group_type

DEFAULT: default patch group w/ default maintenance window, determined by AMSDefaultPatchGroup:True tag on the instance

CUSTOMER: customer created patch group

NOT_ASSIGNED: no patch group assigned

Instance Patch Group instance_patch_group Patch group name used to group instances together and apply the same maintenance window
Instance State instance_state State within the EC2 instance lifecycle
Maintenance Window Id window_id Maintenance window ID
Maintenance Window State window_state Maintenance window state
Maintenance Window Type window_type Maintenance window type
Maintenance Window Next Execution Datetime

window_next

_execution_time

Next time the maintenance window is expected to execute
Last Execution Maintenance Window last_execution_window The latest time the maintenance window was executed
window_next_exec_yyyy Year part of window_next_execution_time
window_next_exec_mm Month part of window_next_execution_time
window_next_exec_D Day part of window_next_execution_time

window_next

_exec_HHMI

Hour:Minute part of window_next_execution_time
Maintenance Window Duration (hrs) window_duration The duration of the maintenance window in hours
Maintenance Window Coverage mw_covered_flag If an instance has at least one enabled maintenance window with a future execution date, then it’s considered covered, otherwise not covered
Patch Baseline Id patch_baseline_id Patch baseline currently attached to instance
Patch Status patch_status Overall patch compliance status. If there is at least one missing patch, instance is considered noncompliant, otherwise compliant.
Compliant - Critical compliant_critical Count of compliant patches with "critical" severity
Compliant - High compliant_high Count of compliant patches with "high" severity
Compliant - Medium compliant_medium Count of compliant patches with "medium" severity
Compliant - Low compliant_low Count of compliant patches with "low" severity
Compliant - Informational compliant_informational Count of compliant patches with "informational" severity
Compliant - Unspecified compliant_unspecified Count of compliant patches with "unspecified" severity
Compliant - Total compliant_total Count of compliant patches (all severities)
Noncompliant - Critical noncompliant_critical Count of noncompliant patches with "critical" severity
Noncompliant - High noncompliant_high Count of noncompliant patches with "high" severity
Noncompliant - Medium noncompliant_medium Count of noncompliant patches with "medium" severity
Noncompliant - Low noncompliant_low Count of noncompliant patches with "low" severity
Noncompliant - Informational

noncompliant

_informational

Count of noncompliant patches with "informational" severity
Noncompliant - Unspecified

noncompliant

_unspecified

Count of noncompliant patches with "unspecified" severity
Noncompliant - Total noncompliant_total Count of noncompliant patches (all severities)

Instances that missed patches

This report provides details on instances that missed patches during the last maintenance window execution.

This report provides:

  • Insights on missing patches at the patch id level.

  • Insights on all the instances which have at-least one patch missing along with attributes such as patch severity, unpatched days, range, and release date of the patch.

Field Name Dataset Field Name Definition
Report Datetime dataset_datetime The date and time the report was generated.
Account Id aws_account_id AWS Account ID to which the instance ID belongs
Account Name account_name AWS account name
Customer Name Parent customer_name_parent
Customer Name customer_name
Production Account prod_account Identifier of AMS prod, non-prod accounts, depending on whether account name include value 'PROD', 'NONPROD'.
Account Status account_status AMS account status
Account Type account_type
account_sla AMS account service tier
Instance Id instance_id ID of EC2 instance
Instance Name instance_name Name of EC2 instance
Instance Platform Type instance_platform_type Operating System (OS) type
Instance State instance_state State within the EC2 instance lifecycle
Patch Id patch_id ID of released patch
Patch Severity patch_sev Severity of patch per publisher
Patch Classification patch_class Classification of patch per publisher
Patch Release Datetime (UTC) release_dt_utc Release date of patch per publisher
Patch Install State install_state Install state of patch on instance per SSM
Days Unpatched days_unpatched Number of days instance unpatched since last SSM scanning
Days Unpatched Range days_unpatched_bucket Bucketing of days unpatched