Create errata reports using Spacewalk, Red Hat Satellite or SUSE Manager

Errata report

Sometimes it is necessary to break down the patch status of the Linux landscape.

Especially if the administrator's work is subjected to security standards a constant documentation of maintenance tasks is often necessary.

Using Spacewalk, Red Hat Satellite or SUSE Manager available patches are described as errata. Those errata are also specified depending on their type (security fix, bugfix, feature enhancement,...).

Instead of determining the available errata manually per system you also use the Spacewalk utility spacewalk-report and automate this process. If this tool is not available on your system you might need to install the software package spacewalk-reports using your distributions package manager.

The tool spacewalk-report offers particular reports an - if you run the utility without specifying a parameter all available reports are listet. Specifying the switch --list-fields-info lists all colums of the particular report:

1# spacewalk-report
2# spacewalk-report --list-fields-info errata-systems

The reports are generated in CSV format and can easily be processed further.

The report errata-systems might be the most interesting one because he shows errata information per system. Unfortunately one very important informtion is missing: the short description of the erratum (e.g. apache bugfix). This information is part of the errata-list-all report:

1# spacewalk-report errata-systems|head -n1
2advisory,server_id,profile_name,hostname,ip_address,ipv6_address
3
4# spacewalk-report errata-list-all|head -n1
5advisory,type,cve,synopsis

Fortunately this information can be combined using the universal weapon awk:

1#!/bin/sh
2export LANG=C
3spacewalk-report errata-list-all|tail -n +2|awk -F, '{print $1","$NF}'|sort -k1 -t","> errata_all
4spacewalk-report errata-systems| tail -n +2|sort -k1 -t","> errata_systems
5echo "hostname,ip,errata,synopsis" > /tmp/errata-report-latest.csv
6join -t, -1 1 -2 1 errata_systems errata_all|awk -F, '{print $3","$5","$1","$NF}' 2>/dev/null 1>/tmp/errata-report-latest.csv
7rm errata_all errata_systems

The first line generates and sorts a list of all available errata (important for the cut command in line 4). The second line generates a list of all applicable errata for all registered systems. Both lines are removing the column descriptions as these are regenerated in the third line. The last line combines the information of both reports and selects the first (errata), third (hostname), fifth (IP address) and last column (description). In the third line creates column descriptions so that the report can easily be processed using another tools (e.g. Microsoft Excel).

As cronjob this tool assists the administrator to plan maintenace much better - in this case the report is sent per mail:

1$ cat /etc/cron.weekly/spacewalk_report.cron
2#!/bin/sh
3MAILTO=root
4
5# create report of current errata/system errata
6/opt/tools/errata_report.sh
7cat /tmp/errata-report-latest.csv

🙂

Translations: