Speed Up Detection Scans by Excluding Drives and Paths

  • 3001164
  • 25-Apr-2006
  • 25-Sep-2013

Environment

Novell ZENworks Patch Management Agent 6.x

Situation

Detetion scan is taking a long amount of time. 

Resolution

In Update Agent 6.3 and above, full-disk scans may be initiated if detection fingerprints do not specify the exact location of a file. If a particular computer has a large array of disks or directories with large amounts of files (e.g., Exchange Servers), it may be desirable to exclude these drives or directories to further increase the efficiency of the DAU. 

The following procedure will import a multi-string registry value (REG_MULTI_SZ) PathExemption which will allow you to exclude specified paths or drives from a DAU. This process must be performed on each machine on which you wish to exclude drives or paths.

1. Download exemption.zip.
2. Extract the contents of the Zip file to a local folder.
3. In the local folder, double-click on the extracted file exemption32.reg for x86 machines, or exception64.reg for x64 machines.
4. Respond to the prompt to install the executable.
5. Launch Windows Registry Editor as follows:For Windows NT 4.0 and Windows 2000, go to Start > Run > type regedt32 > click OK. Regedt32 is required to properly edit the REG_MULTI_SZ value type on the Windows NT 4.0 and Windows 2000 operating systems. For more information, refer to Microsoft KB141377. For all other operating systems, go to Start > Run > type regedit > click OK.
6. Browse to HKEY_LOCAL_MACHINE\SOFTWARE\Patchlink.com\Gravitix\Agent\Policy 
(For x64 machines browse to HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Patchlink.com\Gravitix\Agent\Policy).
7. Locate the Value Name PathExemption.
8. Edit the Value Data by double-clicking on the PathExemption value. Enter each directory path or drive letter you wish to exclude on a separate line (e.g., C:\Images or E:\).


9. To verify the entries are being recognized by the agent after the next detection, open the PatchLink Detection Agent.log from the machine in question (located in the root of the agent directory) and look for the following entry near the top of the log:

2008/04/08 15:29:34.0916,0,Active Options
2008/04/08 15:29:35.0057,0, Detection Agent Character Set = MBCS
2008/04/08 15:29:35.0213,0, Inventory Mode = 1 (Enabled)
2008/04/08 15:29:35.0228,0, Detection Agent Mode = 0 (Normal)
2008/04/08 15:29:35.0228,0, Detection Agent Priority = -1 (Unspecified - DAgent mode will determine)
2008/04/08 15:29:35.0228,0, Detection Mode = 1 (Single Pass)
2008/04/08 15:29:35.0228,0, File Scan Mode = 1 (Enabled)
2008/04/08 15:29:35.0244,0, PLUS Communication = Enabled
2008/04/08 15:29:35.0244,0, Logging level = 0 (None)
2008/04/08 15:29:35.0260,0, Path Exclusion List
2008/04/08 15:29:35.0260,0, C:\Images
2008/04/08 15:29:35.0260,0, D:\Reports
2008/04/08 15:29:35.0260,0, E:\
2008/04/08 15:29:35.0260,0, Log File Name = C:\Program Files\PatchLink\Update Agent\PatchLink Detection Agent.log More Information

  • When an Update Agent is performing a DAU, the process DAGENT.EXE is loaded and remains active until the detection is completed. Terminating this process will stop a detection from completing, but will not damage the Update Agent. Users may use this technique to stop detections on problematic machines during the troubleshooting process.
  • Double clicking on DAGENT.EXE in the root of the Update Agent directory will initiate a DAU (using your user credentials instead of the Update Agent Service user credentials). Users may use this technique to start detections on problematic machines during the troubleshooting process.
  • If the Update Agent is unable to download the OSPack from the Update Server during a detection, the agent will revert to a multi-pass scan, which can dramatically decrease the efficiency of a DAU as well as degrade performance of the Update Server. To determine if a Single-Pass Scan is being performed, open the PatchLink Detection Agent.log and look for the following entry near the top of the log:

2008/04/10 15:42:16.0046,0,Beginning single pass fingerprint evaluation
2008/04/10 15:42:16.0171,0, OS Pack file '/UpdateStorage/OSPacks/Microsoft Windows Server 2003 Enterprise x64 Edition.osp' has not been modified - using locally cached version

If an entry exists that the OS Pack could not be downloaded, it is recommended to:

    - check the Update Server ISAPI registry value to verify the agents are pulling the information correctly: 

HKEY_LOCAL_MACHINE\SOFTWARE\PatchLink.com\Update\ISAPI\STORAGE1 Server = /UpdateStorage/%A%/%P%/
        
    - verify the UpdateStorage directory in IIS is configured for anonymous access.

Cause

Background In Update Agent version 6.2 and below: Discover Applicable Updates (DAUs) run in 8 separate passes and scan entire disks and paths, causing these detections to take longer to complete, depending on the size of the disk(s) in question. Beginning in Update Agent version 6.3, the Single-Pass DAU alleviated slow DAU performance by targeting scans for specific files in specific locations. Likewise, the OS Pack is utilized, which is a Update Server-generated file containing all detection information for each operating system. These two enhancements greatly increase the overall speed of the DAU process, so it is highly recommended End-Users upgrade to Update Server 6.3 or above to take advantage of these efficiencies.

Change Log

25-Sept-2013  tgordon  Modified Resolution to add file and steps for fix. Removed pointer to Lumensions Knowledgebase article. Added cause.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.