Patching Compliance Automation


Hello Experts,
Hope you all are keeping well & I pray for your good health.

We have a in house automation requirement to integrate sccm with Hafid System (Ticketing Tool).
We are patching more than 10,000 servers by divide them into category based on their criticality.

So we have around 2,000 servers which are very critical & on those servers we deploy monthly patches as available
so that server owner could raise change & install it within a defined change window to avoid unforeseen downtime.

For those servers, we want to have them a automated ticket raised through tool once owner doesn’t patch those servers within a defined timeline.
I highly appreciate, if anyone is doing so & could provide some references & support in implementing the same for our ORG.

Thank you in advance


Answers ( 4 )


    I have not personally worked on exact requirement but have been engaged in some discussions earlier in similar purpose.
    Options to explore are
    If you are using service now as ticketing tool, lot of orchestration options can be leveraged to automate to trigger ticket.
    Need to have integration between MECM and Servicenow and you can relay upon either state messages to measure the compliance of specific server and then trigger servicenow orchestration to open up ticket or you may have to explore some scheduled jobs which can run compliance sql query for a specific server and trigger a ticket if non complaint

    Best answer
  1. Hello – We had some discussion about getting status from SCCM DB to ServiceNow database to automate.

    My recommendation is to look at State messages in SCCM to understand the pattern of patching reporting.

    Once you identify the state messages, then you would be able to trigger some action in your ticketing system. Does that make sense?

    Some examples are

Leave an answer

Sorry, you do not have permission to answer to this question .