Using Automation to Remediate Patches

After identifying the devices at risk, create an automated process that pushes the correct patches to the devices.

1. Open Automation Settings

  1. Click Automations.
  2. Click Add Automation.

2. Select a Template

  1. Navigate to Category > Workspace ONE UEM > OS Updates.
  2. In OS Updates: Create Your Own, click Get Started to base the new automation on an empty template.

3. Define Automation Settings

For the purpose of this exercise, you will use KB4503308 to automate the deployment.

  1. Enter a name for the automation. For example, Windows Patch Remediation.
  2. Under Filter (If), select Windows Patch KB Number.
  3. Select Equals.
  4. Enter the KB Number 4503308.
  5. Click + to add a second filter.
  6. Select Windows Patch Update Status.
  7. Select Includes.
  8. Select Available.

4. Review Impacted Devices

Based on the filter conditions, Intelligence reports the number of devices where patch 4503308 is not installed.

Click View to see the filter results.

5. Add an Action

  1. Scroll down to the Action (Then) section, and click the + icon.
  2. Select Workspace ONE UEM from the available connections.
  3. Scroll down and select the Approve Patch action.

6. Define Action Settings

  1. For Revision ID, enter ${winpatch_revision_id}. This will automatically assume the KB number from the filter condition.
  2. Click the toggle to enable automation.
  3. Click Save.

7. Enable Automation

Click Save & Enable.

8. Confirm Automation is Created

Confirm that your new automation has been created and has a status of Enabled.

0 Comments

Add your comment

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.