WebSphere Application Server & Liberty

 View Only
  • 1.  Automation: Get Info about the latest Fix- und Securitypatches ?

    Posted Mon November 06, 2023 09:32 AM

    Hallo,

    We have to provide our customers with a monthly report of the latest fix and security patches.

    At the moment we do this MANUALLY, i.e. someone has to work through FixCentral every month or check the security bulletins

    We would like to automate this and wonder whether IBM offers a way to query this via Rest-Service, for example.
    This is not only about WebSphere but also other product areas such as Enterprise Content Management, etc.

    Regards
    Michael



    ------------------------------
    Michael Pressler
    ------------------------------


  • 2.  RE: Automation: Get Info about the latest Fix- und Securitypatches ?

    Posted Mon November 06, 2023 10:10 AM

    MyNotifications can create feeds and knows about different document types (like fixes or security bulletins) and produces email and RSS feeds.

    https://www.ibm.com/systems/support/myview/subscription/css.wss/

    Note: There is some recent unintuitive behavior change where some notifications about a "parent product" are sent to child product/component subscriptions. Depending on the products/subscriptions you look at, you may see some results of a "parent product" when you expect to see info about a separately installable component. In the WAS world, WAS/IHS has this relationship -- currently IHS subscriptions include WAS results.



    ------------------------------
    Eric Covener
    ------------------------------



  • 3.  RE: Automation: Get Info about the latest Fix- und Securitypatches ?

    Posted Thu November 09, 2023 12:07 PM

    It's a great suggestion (i.e. query via Rest Service).

    We have similar requests from Auditors/Regulators periodically.

    At least for WAS, if you check the "Fix list for IBM WebSphere Application Server v8.5" list, it provides you a summary of the Fixpack, Total Number of APARs, and Total Number of Security APARs. Any more detail info (specific Fixpack and vulnerability APARs) requires MANUAL work. 

    IBM has WSA (WebSphere Automation) designed to help with Vulnerability, it could be leveraged for this kind of reporting. For non-WSA users, it's all manual work. 



    ------------------------------
    Joe Molina
    ------------------------------