First Server Setup
This guide provides a detailed walkthrough of connecting your first server to PatchCTL, including verification steps and initial configuration.
Before You Begin
Ensure you have:
- Completed the Quick Start Guide or have the agent installed
- Your server appearing in the PatchCTL dashboard
Understanding the Initial Scan
When a new agent connects, it performs several operations:
- System identification - Hostname, IP, OS version, hardware specs
- Package scan - Full inventory of installed packages
- Update check - Available updates from configured repositories
- CVE correlation - Matching packages against known vulnerabilities
This initial scan typically completes within 2-5 minutes.
Verifying Server Data
Basic Information
In the dashboard, click on your server to view its details:
| Field | Description |
|---|---|
| Hostname | Server's hostname |
| IP Address | Primary network interface IP |
| OS | Distribution and version |
| Kernel | Running kernel version |
| Agent Version | Installed PatchCTL agent version |
| Last Seen | Time since last heartbeat |
Hardware Information
The agent collects system specifications:
- CPU - Model and core count
- RAM - Total and available memory
- Disk - Root filesystem usage
Package Information
Navigate to the Packages tab to see:
- Total installed packages
- Packages with available updates
- Security updates available
Configuring Server Tags
Tags help organize your fleet for targeting schedules and filters.
Adding Environment Tags
- Click Edit on the server details page
- Select an Environment:
productionstagingdevelopmenttesting
Adding Custom Tags
- Click Add Tag
- Enter a tag name (e.g.,
web-server,database,us-east) - Click Save
Use consistent tag naming across your fleet. Common patterns:
- Role:
web,db,cache,worker - Location:
us-east,eu-west,datacenter-1 - Team:
platform,security,data
Running Your First Patch
Manual Patch (Single Server)
- From the server details page, click Actions → Install Updates
- Review the list of available updates
- Choose update type:
- All updates - Install everything available
- Security only - Only security-related packages
- Click Install
- Monitor progress in the Activity tab
Viewing Patch Results
After patching completes:
- Check the Activity tab for the operation status
- View Packages tab to confirm updates applied
- Note if a reboot is required (kernel updates, etc.)
Next Steps
With your first server connected and verified:
- Add more servers - Scale your fleet
- Create schedules - Automate patching
- Review CVEs - Prioritize vulnerabilities
- Invite team members - Collaborate on patch management
Common Questions
How often does the agent check in?
The agent sends a heartbeat every 5 minutes and performs a full package scan every 6 hours.
Can I force an immediate scan?
Yes. From the server details page, click Actions → Refresh to trigger an immediate heartbeat and package scan.
What data is sent to PatchCTL?
The agent sends:
- System identification (hostname, IP, OS)
- Hardware specs (CPU, RAM, disk)
- Installed packages and versions
- Available updates
The agent does not send:
- File contents
- User data
- Network traffic
- Command output (beyond patch results)