Nodes are "Never reported" in Patch Manager, was working in the past, no errors can be found.
0
We can see from the log that there is no error and the ports are uploaded.
7/29/2023 18:04:58 root [INFO]: Downloading payload from https://s3.dualstack.ca-central-1.amazonaws.com/aws-ssm-ca-central-1/patchbaselineoperations/linux/payloads/patch-baseline-operations-1.110.tar.gz
07/29/2023 18:04:59 root [INFO]: Attempting to import entrance file os_selector
07/29/2023 18:05:00 root [INFO]: Running with snapshot id = 844701c1-40a3-4e96-9b9f-044b4c2810ca and operation = Install
07/29/2023 18:05:00 root [INFO]: Instance Id: i-0b30ac178427ba81f
07/29/2023 18:05:00 root [INFO]: Region: ca-central-1
07/29/2023 18:05:00 root [INFO]: Product: AmazonLinux2
07/29/2023 18:05:00 root [INFO]: Patch Group: Prod-V4
07/29/2023 18:05:00 root [INFO]: Operation type: Install
07/29/2023 18:05:00 root [INFO]: Snapshot Id: 844701c1-40a3-4e96-9b9f-044b4c2810ca
07/29/2023 18:05:00 root [INFO]: Patch Baseline: {u'approvedPatchesEnableNonSecurity': False, u'baselineId': u'pb-0e361d625a5f7789d', u'name': u'V4-Prod-Default-Baseline', u'modifiedTime': 1658982765.712, u'description': None, u'rejectedPatches': [], u'globalFilters': {u'filters': []}, u'sources': [], u'approvalRules': {u'rules': [{u'enableNonSecurity': True, u'filterGroup': {u'filters': [{u'values': [u'*'], u'key': u'SEVERITY'}]}, u'approveAfterDays': 7, u'complianceLevel': u'HIGH', u'approveUntilDate': None}]}, u'createdTime': 1631712589.673, u'rejectedPatchesAction': u'ALLOW_AS_DEPENDENCY', u'approvedPatchesComplianceLevel': u'UNSPECIFIED', u'operatingSystem': u'AMAZON_LINUX_2', u'approvedPatches': [], u'accountId': u'REDACTED'}
07/29/2023 18:05:00 root [INFO]: Reboot Option: RebootIfNeeded
07/29/2023 18:05:00 root [INFO]: Unable to initialize exit code reporting: No metrics ID from server
07/29/2023 18:05:00 root [INFO]: Checking if it is a Patch Policy execution.
07/29/2023 18:05:00 root [INFO]: This execution has been identified as a Patch Classic execution.
07/29/2023 18:05:00 root [WARNING]: Unable to gain necessary access for possible kernel updates, code: 1.
07/29/2023 18:05:01 root [INFO]: Loading patch snapshot from snapshot.json
....
07/29/2023 18:06:23 root [INFO]: Saving inventory to local configuration directory
07/29/2023 18:06:23 root [INFO]: Start to upload patch compliance.
07/29/2023 18:06:23 root [INFO]: Summary: {'ContentHash': '9cc2f407869c08a771c9d7e42ce42eb82db2a1c500078ecc974b6a615ac2b02c', 'TypeName': 'AWS:PatchSummary', 'SchemaVersion': '1.0', 'CaptureTime': '2023-07-29T18:06:23Z', 'Content': [{'OperationStartTime': '2023-07-29T18:05:01Z', 'BaselineId': u'pb-0e361d625a5f7789d', 'InstalledPendingRebootCount': '0', 'FailedCount': '0', 'MissingCount': '0', 'NotApplicableCount': '21715', 'RebootOption': u'RebootIfNeeded', 'OperationEndTime': '2023-07-29T18:06:23Z', 'SecurityNonCompliantCount': '0', 'PatchGroup': u'Prod-V4', 'ExecutionId': '5fd74d0d-0e01-4da5-a9a8-ea408e9eb570', 'InstalledRejectedCount': '0', 'OtherNonCompliantCount': '0', 'InstalledOtherCount': '16', 'CriticalNonCompliantCount': '0', 'SnapshotId': u'844701c1-40a3-4e96-9b9f-044b4c2810ca', 'InstalledCount': '491', 'OperationType': u'Install'}]}
07/29/2023 18:06:23 root [INFO]: Attempting full upload
07/29/2023 18:06:23 root [INFO]: Upload complete.
07/29/2023 18:06:23 root [INFO]: Report upload successful.
07/29/2023 18:06:23 root [INFO]: Inventory upload was successful.
07/29/2023 18:06:23 root [INFO]: Reboot is not required
07/29/2023 18:06:23 root [INFO]: Inventory upload was successful.
07/29/2023 18:06:23 root [INFO]: Reboot is not required
This seems to have started in July, as I can see one of my VM has a report date of 2023-07-04 2:13:48 AM and it is the last one. The other VMs are elastic beanstalk instances, so they get rebuild often.
1 Antwort
- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
0
Issue resolved itself after contacting paid support.
Troubleshooting steps from AWS: 2] I can confirm the same from our internal tools "i-" "i-" shows zero patches,
-
Checking 'AWS-RunPatchBaseline' executions, against these target instances reported executed successfully.
-
Reviewing the stdout logs for i-*****************:
------------
08/04/2023 06:21:21 root [INFO]: Summary: {'ContentHash': '3515510bff85ff31b28e8cd913ba517a1be8a30c160321715bb6fc1de600bbc9', 'TypeName': 'AWS:PatchSummary', 'SchemaVersion': '1.0', 'CaptureTime': '2023-08-04T06:21:20Z', 'Content': [{'OperationStartTime': '2023-08-04T06:19:55Z', 'BaselineId': u'pb-05dd323b4921148bc', 'InstalledPendingRebootCount': '0', 'FailedCount': '0', 'MissingCount': '0', 'NotApplicableCount': '21764', 'RebootOption': u'RebootIfNeeded', 'OperationEndTime': '2023-08-04T06:21:20Z', 'SecurityNonCompliantCount': '0', 'PatchGroup': u'Dev-V4', 'ExecutionId': '0a12ca7d-0e27-4b64-92f7-1af8a1a3956b', 'InstalledRejectedCount': '0', 'OtherNonCompliantCount': '0', 'InstalledOtherCount': '15', 'CriticalNonCompliantCount': '0', 'SnapshotId': u'c849638d-57bc-4a4a-a2c8-932e6eed7ac3', 'InstalledCount': '483', 'OperationType': u'Install'}]}
08/04/2023 06:21:21 root [INFO]: Report is unchanged, attempting partial upload
08/04/2023 06:21:21 root [INFO]: Upload complete.
08/04/2023 06:21:21 root [INFO]: Report upload successful.
08/04/2023 06:21:21 root [INFO]: Inventory upload was successful.
08/04/2023 06:21:21 root [INFO]: Reboot is not required
08/04/2023 06:21:21 root [INFO]: Inventory upload was successful.
------------
- We can observe patching task was done and compliance information was uploaded successfully. Compliance information is uploaded via PutInventory API call. Looking at cloudtrail logs 'PutInventory API' calls are successful. [1]
beantwortet vor 10 Monaten
Relevanter Inhalt
AWS OFFICIALAktualisiert vor einem Jahr- AWS OFFICIALAktualisiert vor 2 Jahren
- AWS OFFICIALAktualisiert vor einem Jahr
- AWS OFFICIALAktualisiert vor einem Jahr