Compliance Column Updates Randomly (Or Not At All)
The Update Management screen under automation accounts either updates randomly (windows machines going green and then gray) or not at all (Linux machines never get assessed).
Linux OMS agents have a heartbeat according to logs, and the overview shows assessment summary, but drilling in returns no data and logs on the machine are inconclusive at best (503 errors show up).
It doesn't seem like a firewall issue since Windows machines work (though IP Tables is a possibility, though assessments showed up when agent was initially installed, just not after update)
There needs to be a way to a) force assessment from the portal and b) get more detailed log information for debugging. This feature looks great and seems to work for scheduling updates, but assessment is currently unreliable for me.
Anonymous
shared this idea
We have made improvements to the UX to display more detailed statuses such as “not ready” and providing the last assessed time. In the backend we have also made substantial improvements to the logging.
If you are interested in forced assessment from the portal, please support the feedback item dedicated to that item (https://feedback.azure.com/forums/905242/suggestions/32252446).
2 comments
-
We are still working on the Linux issue. For Windows, we added some more troubleshooting to the Machines page to help identify reasons why machines may not be getting assessments.
-
Anthony
commented
An update to this (I am OP) - it seems like OMS Agent on Linux (and maybe Windows?) doesn't play nice with hardening standards like PCI and CIS. In some anecdotal testing, we've notice non-hardened systems seem to be ok with the agent, but hardened systems don't assess. A settings guide would be helpful as we don't see anything obvious in the logs.