SCCM Patching + Audit Assurnace
While we are doing sccm patching monthly basis. How do we provide assurance to business that all systems and servers are updated with MS patches? Is there any report which can give assurance that machines are getting updated “Successfully” ?
Answers ( 3 )
Compliance can be happen against a given SUG or patch. Otherwise it’s an open ended questions and will change every month and machine to machine. With cumulative updates, it’s easier to maintain compliance and bring all machines to same patch level. However it can be lot of work to fix all non-compliant machines to bring to same patch level.
Thank you for the prompt responses,
I had gone through SCCM builtin SRS reports but there is no such single report give then details which are the systems successfully patched till now and which are yet to be patches.
As per my observation complaint report based on the scan status even if the sccm client is unhealthy state it shows as compliant so its very challenging to give assurance to business that all systems and servers are updated with MS patches.
Is there any custom report or way to find in a single report and confirm ?
Well there are many reports (Default reports) that provide the details about patching etc…
Have you checked the SSRS reports? Have you checked any of these?
Otherwise you can use the third party products to analyse the patch compliance on top of SCCM. You can also use that ….
Software Updates – A Compliance
Compliance 1 – Overall compliance
This report returns the overall compliance data for a software update group. 08:42:44
Compliance 2 – Specific software update
This report returns the compliance data for a specified software update. 08:42:45
Compliance 3 – Update group (per update)
This report returns the compliance data for software updates defined in a software update group. 08:42:45
Compliance 4 – Updates by vendor month year
This report returns the compliance data for software updates released by a vendor during a specific month and year. To limit the amount of information returned, you can specify the software update class and product. 08:42:46
Compliance 5 – Specific computer
This report returns the software update compliance data for a specific computer. To limit the amount of information returned, you can specify the vendor and software update