New-PatchBaseline Command | Vmware PowerCLI Reference


This cmdlet creates a new patch baseline. Patch baselines can be applied to either hosts or virtual machines. Depending on the patch criteria you select, patch baselines can be either dynamic or static (fixed). You can specify explicitly the patches you want to include in the baseline through the IncludePatch parameter. Also, you can use the SearchPath* parameters to filter the patches you want to include by their properties, product, vendor, severity, and release date. Note that patches that have been excluded through the ExcludePatch parameter will not be included even if they correspond to the filter defined by the SearchPatch* parameters.


-Name < String >
[-Description < String > ]
[-ExcludePatch < Patch[] > ]
[-IncludePatch < Patch[] > ]
[-ProgressAction < ActionPreference > ]
[-SearchPatchCategory < UpdateCategory[] > ]
[-SearchPatchEndDate < DateTime > ]
[-SearchPatchProduct < String[] > ]
[-SearchPatchSeverity < PatchSeverity[] > ]
[-SearchPatchStartDate < DateTime > ]
[-SearchPatchVendor < String[] > ]
[-Server < VIServer > ]
[-TargetType < BaselineTargetType > ]


Required Parameter Name Type Position Features Description
Dynamic SwitchParameter named
Specifies if the new patch baseline is dynamic. Dynamic baselines consist of a set of patches that meet certain criteria. The contents of a dynamic baseline varies as the available patches change. You can also exclude or add specific patches. Do not use this parameter if the -Static parameter is set.
Name String named
Specifies a name for the new patch baseline.
optional Description String named
Specifies a description of the patch baseline.
optional ExcludePatch Patch[] named
Specifies the software patches you want to exclude from the dynamic baseline. Once excluded, a patch cannot be included even if it corresponds to the filter defined by the SearchPatch* parameters.
optional IncludePatch Patch[] named
For static baselines, specifies the patches you want to include in the baseline. These patches will be added in the CurrentPatches property of the returned baseline object. For dynamic baselines, specifies patches you want to add to the baseline in addition to the patches specified by the search criteria parameters. The patches supplied through the IncludePatch parameter are stored in the InclPatches property of the baseline. These patches are also added in the baseline's CurrentPatches property that contains the patches specified by the search criteria parameters and the patches provided by the IncludePatch parameter. Patches specified by the ExcludePatch parameter are not included in the CurrentPatches property of a baseline.
optional ProgressAction ActionPreference named
optional SearchPatchCategory UpdateCategory[] named
Specifies the categories of the patches you want to include in the new baseline. The valid values are SecurityFix, BugFix, Enhancement, and Other.
optional SearchPatchEndDate DateTime named
Indicates that you want to include only patches released before the date specified by this parameter.
optional SearchPatchProduct String[] named
Specifies software products of the patches you want to include in the new baseline.
optional SearchPatchSeverity PatchSeverity[] named
Specifies the severity of the patches you want to include in the new baseline. The available values are NotApplicable, Low, Moderate, Important, Critical, HostGeneral, and HostSecurity.
optional SearchPatchStartDate DateTime named
Indicates that you want to include only patches released after the date specified by this parameter.
optional SearchPatchVendor String[] named
Specifies the software vendor of the patches you want to include in the new baseline.
optional Server VIServer named
  • pipeline
Specifies the vSphere servers on which you want to run the cmdlet. If no value is given to this parameter, the command runs on the default servers.
optional TargetType BaselineTargetType named
Specifies the object target type of the new patch baseline. The valid value is Host. This parameter is deprecated and will be removed in a following release.
-IncludePatch < Patch[] >
-Name < String >
[-Description < String > ]
[-Extension ]
[-ProgressAction < ActionPreference > ]
[-Server < VIServer > ]
[-TargetType < BaselineTargetType > ]


Required Parameter Name Type Position Features Description
IncludePatch Patch[] named
For static baselines, specifies the patches you want to include in the baseline. These patches will be added in the CurrentPatches property of the returned baseline object. For dynamic baselines, specifies patches you want to add to the baseline in addition to the patches specified by the search criteria parameters. The patches supplied through the IncludePatch parameter are stored in the InclPatches property of the baseline. These patches are also added in the baseline's CurrentPatches property that contains the patches specified by the search criteria parameters and the patches provided by the IncludePatch parameter. Patches specified by the ExcludePatch parameter are not included in the CurrentPatches property of a baseline.
Name String named
Specifies a name for the new patch baseline.
Static SwitchParameter named
Specifies if the new patch baseline is static. Static (fixed) baselines consist of a specific set of patches that do not change as patch availability changes. Do not use this parameter if the -Dynamic parameter is set.
optional Description String named
Specifies a description of the patch baseline.
optional Extension SwitchParameter named
Specifies if the new patch baseline is of Extension type. Do not use this parameter if the -Dynamic parameter is set. Extension baselines can be only static (fixed) and are used to perform installation of extensions. An extension is any additional software that can be installed on the host or patched if the additional software already exists on the host.
optional ProgressAction ActionPreference named
optional Server VIServer named
  • pipeline
Specifies the vSphere servers on which you want to run the cmdlet. If no value is given to this parameter, the command runs on the default servers.
optional TargetType BaselineTargetType named
Specifies the object target type of the new patch baseline. The valid value is Host. This parameter is deprecated and will be removed in a following release.



Example 1

$patch = Get-Patch -SearchPhrase "nexus" -Severity critical -Product "embeddedESX 4.0.0" -After 10.11.2009

New-PatchBaseline -Name Baseline -IncludePatch $patch -TargetType Host

Creates a new patch baseline named "Baseline" that includes patches with the specified parameters.

Example 2

$patches = Get-Patch -SearchPhrase "ESX40-MMODE" 

New-PatchBaseline -Name Baseline -Description "This is my first baseline" -Static -IncludePatch $patches -TargetType Host

Creates a static baseline for host patches, which contain the word "ESX40-MMODE" in their properties.

Example 3

$patches = Get-Patch -SearchPhrase "ESX40-MMODE" -Severity critical -Product "esx 4.0.*" -After 10.11.2007

New-PatchBaseline -Name Baseline -Description "Contains all esx 4.0 critical patches after 10.06.2007" -Static -IncludePatch $patches -TargetType Host

Creates a static baseline for critical host patches, that have "ESX40-MMODE" in their names, and product name starting with "esx 4.0."

Example 4

New-PatchBaseline -Dynamic -Name Baseline -TargetType Host -SearchPatchVendor *VMware*

Creates a dynamic patch baseline containing host patches from vendors whose names contains "VMware".

Related Commands


This cmdlet initializes staging of patches.

This cmdlet retrieves the available patches.

This cmdlet downloads new patches into the Update Manager repository.


This cmdlet retrieves patch baselines.

This cmdlet creates a new patch baseline.

This cmdlet modifies the properties of a patch baseline.