This report provides patch details and maintenance window coverage of various instances.
This report provides:
• Insights on Patch groups and its types.
• Insights on Maintenance Windows, duration, cutoff, future dates of maintenance window executions (schedule) and Instances impacted in each window.
• Insights on all the operating systems under the account and number of instances that operating system is installed.
Field Name Dataset Field Name Definition
Report Datetime dataset_datetime The date and time the report
was generated.
Account Id aws_account_id AWS Account ID to which the
instance ID belongs
Account Name account_name AWS account name
Daily Patch reports
Field Name Dataset Field Name Definition
Instance Id instance_id ID of EC2 instance
Instance Name instance_name Name of EC2 instance
Production Account prod_account Identifier of AMS prod,
non-prod accounts, depending on whether account name include value 'PROD', 'NONPROD'.
Account Status account_status AMS account status
account_sla AMS account service tier
Instance Platform Type instance_platform_type Operating System (OS) type Instance Platform Name instance_platform_name Operating System (OS) name
Stack Type instance_stack_type AMS stack (AMS infrastructure
within customer account) or Customer stack (AMS managed infrastructure that supports customer applications) Instance Patch Group Type instance_patch_group_type DEFAULT: default patch group
w/ default maintenance window, determined by
AMSDefaultPatchGroup:True tag on the instance
CUSTOMER: customer created patch group
NOT_ASSIGNED: no patch group assigned
Instance Patch Group instance_patch_group Patch group name used to group instances together and apply the same maintenance window
Instance State instance_state State within the EC2 instance
lifecycle
Maintenance Window Id window_id Maintenance window ID
Maintenance Window State window_state Maintenance window state
Maintenance Window Type window_type Maintenance window type
Maintenance Window Next
Execution Datetime window_next
_execution_time
Next time the maintenance window is expected to execute
Last Execution Maintenance
Window last_execution_window The latest time the maintenance
window was executed window_next_exec_yyyy Year part of
window_next_execution_time
Field Name Dataset Field Name Definition window_next_exec_mm Month part of
window_next_execution_time window_next_exec_D Day part of
window_next_execution_time window_next
_exec_HHMI
Hour:Minute part of
window_next_execution_time
Maintenance Window Duration
(hrs) window_duration The duration of the maintenance
window in hours
Maintenance Window Coverage mw_covered_flag If an instance has at least one enabled maintenance window with a future execution date, then it’s considered covered, otherwise not covered Patch Baseline Id patch_baseline_id Patch baseline currently
attached to instance
Patch Status patch_status Overall patch compliance status.
If there is at least one missing patch, instance is considered noncompliant, otherwise compliant.
Compliant - Critical compliant_critical Count of compliant patches with
"critical" severity
Compliant - High compliant_high Count of compliant patches with
"high" severity
Compliant - Medium compliant_medium Count of compliant patches with
"medium" severity
Compliant - Low compliant_low Count of compliant patches with
"low" severity
Compliant - Informational compliant_informational Count of compliant patches with
"informational" severity
Compliant - Unspecified compliant_unspecified Count of compliant patches with
"unspecified" severity
Compliant - Total compliant_total Count of compliant patches (all severities)
Noncompliant - Critical noncompliant_critical Count of noncompliant patches with "critical" severity
Noncompliant - High noncompliant_high Count of noncompliant patches with "high" severity
Noncompliant - Medium noncompliant_medium Count of noncompliant patches with "medium" severity
Daily Patch reports
Field Name Dataset Field Name Definition
Noncompliant - Low noncompliant_low Count of noncompliant patches with "low" severity
Noncompliant - Informational noncompliant _informational
Count of noncompliant patches with "informational" severity
Noncompliant - Unspecified noncompliant _unspecified
Count of noncompliant patches with "unspecified" severity
Noncompliant - Total noncompliant_total Count of noncompliant patches (all severities)
Instances that missed patches
This report provides details on instances that missed patches during the last maintenance window execution.
This report provides:
• Insights on missing patches at the patch id level.
• Insights on all the instances which have at-least one patch missing along with attributes such as patch severity, unpatched days, range, and release date of the patch.
Field Name Dataset Field Name Definition
Report Datetime dataset_datetime The date and time the report
was generated.
Account Id aws_account_id AWS Account ID to which the
instance ID belongs
Account Name account_name AWS account name
Customer Name Parent customer_name_parent
Customer Name customer_name
Production Account prod_account Identifier of AMS prod,
non-prod accounts, depending on whether account name include value 'PROD', 'NONPROD'.
Account Status account_status AMS account status
Account Type account_type
account_sla AMS account service tier
Instance Id instance_id ID of EC2 instance
Instance Name instance_name Name of EC2 instance
Instance Platform Type instance_platform_type Operating System (OS) type
Field Name Dataset Field Name Definition
Instance State instance_state State within the EC2 instance
lifecycle
Patch Id patch_id ID of released patch
Patch Severity patch_sev Severity of patch per publisher
Patch Classification patch_class Classification of patch per
publisher
Patch Release Datetime (UTC) release_dt_utc Release date of patch per publisher
Patch Install State install_state Install state of patch on instance per SSM
Days Unpatched days_unpatched Number of days instance
unpatched since last SSM scanning
Days Unpatched Range days_unpatched_bucket Bucketing of days unpatched
Monthly billing report
Monthly billing report.