Patch Status (sec-updates)
Checks for pending security updates and warns about operating systems that have reached or are approaching end-of-life.
Configuration
| Parameter | Type | Default | Description |
|---|---|---|---|
enabled | bool | true | Enable/disable module |
security_updates_warning | int | 1 | Number of pending updates to trigger a warning |
security_updates_error | int | 10 | Number of pending updates to trigger an error |
eol_warn_days | int | 90 | Days before EOL to issue a warning |
eol_overrides | dict | {} | Override EOL dates (e.g., {"Ubuntu 22.04": "2027-04-01"}) |
YAML Example
sec_updates:
enabled: true
security_updates_warning: 1
security_updates_error: 5
eol_warn_days: 180Diagnostic Codes
| Code | Severity | Meaning | Recommendation |
|---|---|---|---|
| 2001 | 0–2 | System patch status | Install updates promptly (apt upgrade / Windows Update) |
| 2002 | 1–2 | Operating system approaching EOL or is EOL | Plan upgrade to a supported version |
| 2090 | 1 | No package manager detected | Check distribution |
Platform Support
- Linux: Uses
apt,dnf, oryumfor update checks. EOL dates from internal database. - Windows: Checks via Windows Update API.