How to determine missing patches from HIP check

How to determine missing patches from HIP check

12091
Created On 09/26/18 13:51 PM - Last Modified 01/18/24 23:23 PM


Objective


To determine missing patches from HIP check.

Environment


  • Palo Alto Firewalls
  • Supported PAN-OS
  • HIP Check

Procedure


When the patch list of the HIP object is long, it is difficult to find which required patches are missing.

 

  1. Copy the missing patches from HIP Check logs and save it in a text file called patches.txt. 
Hip-check-01
 
  1. Use the following shell command to scan the Palo Alto Networks running config for each of the missing patches.
    $ for k in `cut -d$'\t' -f2 patches.txt`; do echo $k; grep $k running-config.xml; done
Hip check 02
In this example, KB2952664 is missing.

 

 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClvwCAC&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language