Issue in CheckMK Patch Day Plugin when processing regex

[DirkHoelscherKH]

If I exclude some "unwanted updates" in the agent rules of CheckMK plugin "Windows Patch Day”, the regex expression does not work as expected. If the exclude is (to exclude updates with the shown KB-numbers) it don't exclude these updates in the agent output. The $filter_regex in windows_patch_day.ps1 has the value (?i)^(KB2267602|KB4052623) so it looks right.

If the exclude in agent rule is the content of $filter_regex will be escaped as This completely destroys the regex expression.

Used version is 2.3.1 on Checkmk Enterprise Edition 2.3.0p12

Is this a bug or how exactly are the unwanted updates has to be defined?

[Yogibaer75]

Ok then i need to modify the description for the input field to "infix" and not a complete regex. A complete regex here makes no sense as the Powershell plugin already defines the regex. [regex] $filter_regex ='(?i)^(' + (($filterstring |ForEach-Object {[regex]::escape($_)}) -join "|") + ')'

[DirkHoelscherKH]

Thank you. That sounds like a solution.

But how can updates be specified that should not be taken into account by the plugin (e.g. the Defender's multiple daily updates)? If a KB number is entered for each field (see first post), these updates are not filtered out.

[Yogibaer75]

The problem is with 2.3 API i cannot prefill the fields with some values like in 2.2. Here is a screenshot from 2.2 values - this should also work in 2.3. You don't need to use the KB number also the name of the ignored update is possible.

[DirkHoelscherKH]

Thanks. The exclusions work with the single names of the updates.

[DirkHoelscherKH]

A small suggestion for improvement: if the update insall-histroy is empty (because no updates have been installed or all updates are filtered out by regex), the service displays “Item not found in monitoring data” because the agent output is empty It would be nice if this message were intercepted, as otherwise the service will be displayed as “vanished” the next time dicsovery is run. Thank you.

[Yogibaer75]

The problem for the empty output is not so easy to solve. There are two possible reasons.

• installed patch like 23H2 or similar --> result empty list of updates also without filter
• set filter like in your example an nothing else is installed

What i can fix is the "Item not found" at check time. The discovery is not so easy to change as empty data means no section and in result no service is found. I would recommend if this is a problem to set this as enforced service.

[Yogibaer75]

Uploaded new version that should fix the UNKN problem. 2907704 The vanished service problem will be fixed the next days. I have an idea how to do this.