uberAgent Explained: Update Inventory
This post is part of a series of articles that highlight and explain specific aspects of uberAgent’s functionality.
uberAgent is a Splunk agent for Windows end-user computing analytics focused on user experience and application performance. It provides deep insights into the user logon process, helps identify bottlenecks caused by slow backend systems, and very much more. But how does inventory data fit in?
Knowing exactly which patches and updates are installed is critical for security. There cannot be any doubt as to whether your machines are patched correctly or not. Update inventory data provides a solid foundation to base decisions on and helps answer questions like these:
- What is the state of our security?
- Are we vulnerable?
- Is our patching process working correctly?
- Do all systems have the required updates?
- Are functionality updates available on all machines?
- Are bugfixes deployed throughout?
Software update inventory data is available in two different places: on the Single Machine Inventory dashboard, which is accessible by clicking a machine’s entry on the Machine Inventory dashboard, and on the Update Inventory dashboard, which can be found in the Applications menu. The former provides detailed information about one machine’s operating system, installed applications, and installed updates. The latter gives you an overview of the installed updates on all your machines.
uberAgent collects the following information for each patch and update:
- Update name
- Associated product name
- Update GUID
- Install state
- Install date
A full list of all metrics collected by uberAgent can be found here.
The software update inventory functionality does not have to be configured specifically, just install uberAgent and it will immediately start collecting all this great data.
In case you want to modify the default configuration, e.g. in order to change the data collection frequency, take a look at the first article in this series.
uberAgent is an innovative Windows and macOS user experience monitoring (UXM) and endpoint security analytics (ESA) product. UXM highlights include detailed information about boot and logon duration, application unresponsiveness detection, network reliability drill-downs, process startup duration, application usage metering, browser performance, web app metrics, and Citrix insights. ESA comes with a sophisticated activity monitoring engine, the uAQL query language, detection of risky activity, DNS query monitoring, hash calculation, registry monitoring, and Authenticode signature verification.
About vast limits
vast limits GmbH is the company behind uberAgent, the innovative user experience monitoring and endpoint security analytics product. vast limits’ customer list includes organizations from industries like finance, healthcare, professional services, and education, ranging from medium-sized businesses to global enterprises. vast limits’ network of qualified solution partners ensures best-in-class service and support anywhere in the world.