Report for windows update for business patching
Question
Hi All,
We are using windows update for business for doing desktop patching.
Its showing the report in log analytics workspace but is it possible to generate the report from sccm using the hardware inventory ? customer requirement is to get the installed patch details from sccm
Answers ( 8 )
Correct . But is there any script or query which will show list of patches installed / failed on machines .
So we can generate patching report same like sccm complience report
Anoop makes a great point about WUfB.
The idea around WUfB is that clients in the Enterprise receive patches from Microsoft just like any consumer Windows device would do. So, your reporting and compliance monitoring doesn’t apply here.
The question is what you mean by WUfB patch deployment in SCCM world…
Are you using intune to deploy patches or policies are coming down from Intune?
I don’t know how you can deploy WUfB policies using SCCM. Am I missing something?
Are you in a co-managed scenario?
Are you in a scenario… where you are deploying software updates using sccm… but asking clients to get patch content from internet?
If so, that is NOT WUfB…
We are using ring method and patches ate getting deployed via intune
And in log analytics it is showing the patching report
But as it is not showing the live data customer wants patch installation detail with the help of sccm hardware inventory
Telemetry and Log analytics
Try this https://docs.microsoft.com/en-us/mem/intune/protect/windows-update-compliance-reports
Does this help?
Hello Ketan,
I have one SQL Query which will get patch status from SQL DB,
SELECT Distinct
v_R_System.Netbios_Name0 AS ‘Name’,
V_R_System.Resource_Domain_OR_Workgr0 as Domain,
v_GS_OPERATING_SYSTEM.caption0 as ‘Operating System’,
v_UpdateInfo.BulletinID AS ‘MS BulletinID’,
v_UpdateInfo.ArticleID AS ‘KB ArticleID’,
v_UpdateInfo.Title,
v_UpdateInfo.DateRevised,
case v_UpdateComplianceStatus.Status
when ‘2’ then ‘Patch Required’
when ‘1’ then ‘Patch Not Required’
when ‘3’ then ‘Compliant’
When ‘0’ then ‘Unknown’
Else ‘Null’
END AS ‘Patch Status’
FROM v_R_System AS v_R_System
INNER JOIN v_GS_WORKSTATION_STATUS AS v_GS_WORKSTATION_STATUS ON v_R_System.ResourceID = v_GS_WORKSTATION_STATUS.ResourceID
INNER JOIN v_UpdateComplianceStatus AS v_UpdateComplianceStatus ON v_UpdateComplianceStatus.ResourceID = v_R_System.ResourceID
INNER JOIN v_UpdateInfo AS v_UpdateInfo ON v_UpdateInfo.CI_ID = v_UpdateComplianceStatus.CI_ID
INNER JOIN v_RA_System_SystemOUName AS v_RA_System_SystemOUName ON v_R_System.ResourceID = v_RA_System_SystemOUName.ResourceID
inner join v_fullcollectionmembership on v_fullcollectionmembership.resourceid=v_R_System.resourceid
inner join v_GS_OPERATING_SYSTEM on v_GS_OPERATING_SYSTEM.ResourceID = v_R_System.ResourceID
where
v_UpdateInfo.ArticleID in ( ‘3181988’ ,’4130489′)
and v_fullcollectionmembership.collectionId= ‘SMS0001’
Hello Ketan, You can check this Reference link for details-
https://www.anoopcnair.com/download-a-custom-report-to-find-out-all-patches-installed-to-a-system-via-software-updates-and-std-package/
Unfortunately the custom RDL Is not yet available for download!!
Yes, you should able to get the information and you can get that from SQL.
make a query and generate it.
did you check default reports which are available.