How often the OnGuard agents trigger/check for available windows patch?
The OnGuard agent triggers the windows update agent every one hour to check for missing patch from the windows patch update server. The missing patches will be installed automatically if the auto remediation is enabled in the ClearPass server. The agent retains the last known health status for patch management until the next trigger.
The interval of one hour to check the missing patch is the default behavior when the "Scan Interval" is not configured in the Posture Policies. The scan interval can be configured under Configuration >> Posture Policies >> Posture Plugins as shown below.
The "Grace Period" in the above screen capture can be configured to ignore the missing patch for the period of time, if required.