Here is an example bash script that monitors whether a policy package is only updated (published) or also already installed - 

#!/bin/shJQ=${CPDIR}/jq/jqGATEWAYS_FILE="gateways.json"PACKAGES_FILE="packages.json"PACKAGE_FILE="package.json"mgmt_cli -r true show gateways-and-servers limit 500 details-level full --format json > $GATEWAYS_FILEINSTALLED_PACKAGES=($($JQ -r '.objects[] | .name as $name | .policy | select(. != {}) | [.["access-policy-name"], .["access-policy-installation-date"]["posix"], $name] | @csv' $GATEWAYS_FILE))if [ $? -ne 1 ]; then  echo 'Checking for available packages statuses...'  mgmt_cli -r true show packages limit 500 details-level full --format json > $PACKAGES_FILE  if [ $? -ne 1 ]; then    PACKAGES_NAMES=($($JQ '.packages[] | .name' $PACKAGES_FILE))    for PACKAGE in ${PACKAGES_NAMES[@]}; do      echo 'Checking for package '"$PACKAGE"'...'      mgmt_cli -r true show-package name $PACKAGE --format json > $PACKAGE_FILE      if [ $? -ne 1 ]; then        IS_INSTALLED=false        PUBLISH_TIME=($($JQ -r '.["meta-info"]["last-modify-time"]["iso-8601"]' $PACKAGE_FILE))        PUBLISH_TIME_POSIX=($($JQ -r '.["meta-info"]["last-modify-time"]["posix"]' $PACKAGE_FILE))        echo 'Last publish time: '"$PUBLISH_TIME"        for INSTALLED_PACKAGE in ${INSTALLED_PACKAGES[@]}; do          IFS=',' read -ra INSTALLED_PACKAGE_DATA <<< "$INSTALLED_PACKAGE"          INSTALLED_PACKAGE_NAME=${INSTALLED_PACKAGE_DATA[0]}          if [ $INSTALLED_PACKAGE_NAME == $PACKAGE ]; then            INSTALLED_PACKAGE_TIME_POSIX=${INSTALLED_PACKAGE_DATA[1]}            INSTALLED_PACKAGE_GW=${INSTALLED_PACKAGE_DATA[2]}            if [ $PUBLISH_TIME_POSIX -lt $INSTALLED_PACKAGE_TIME_POSIX ]; then              IS_INSTALLED=true              echo 'The update is already installed on gateway: '"$INSTALLED_PACKAGE_GW"            fi          fi        done        if [ "$IS_INSTALLED" == false ]; then          echo 'Not yet installed!'        fi      fi    done  fifi‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

Robert.