Forum Discussion
log analytics how to pull all updates installed on a server with names
What have you got so far, have you created a Log Analytics workspace and deployed agents to the server(s).
There is an update management solution you can deploy.
https://docs.microsoft.com/en-us/azure/automation/automation-update-management
You can use the Update Management solution in Azure Automation to manage operating system updates for your Windows and Linux machines in Azure, in on-premises environments, and in other cloud environments. You can quickly assess the status of available updates on all agent machines and manage the process of installing required updates for servers.
Example queries can be found here:https://docs.microsoft.com/en-us/azure/automation/automation-update-management-query-logs
CliveWatson
Then you for the response Clive.
I have a Windows and Linux OMS agent installed. i am able to pull data from Windows OMS agent and apply updates and see what updates and patches are missing. these are non-azure vms, so from my on-prem to azure. i can only see updates on the boxes since the agent was installed. nothing before that. i have also tried to quarry to pull list of all the patches that have been applied. i have not been successful in that. i would like to at least get name of patches that are applied and maybe date with it.
if i can get some help i would appreciate it.
That is how the agent works, data is from installation time. If you wanted older data you'd have to use the Log Analytocs api to import it, but that's not a trivial piece of work.
Hi Clive, I've got Update Management setup and it works in terms of installing updates. I want a way to ascertain what patches and versions (as well as packages with versions for Linux) are installed on a particular box. This can then be compared against an external database of patch information to ascertain if any patches have been installed outside of the approval process.
The information in Log Analytics does not appear to provide this, though I haven't worked much with Log Analytics so it's possible I don't know how. I have searched online and can't find the answer, hence commenting here.
Is there a way to query an API or something and get a JSON back, please? Or indeed go direct to the VM agent? Anything that shows that current state of the VM would be helpful, ideally with some audit information.
Thanks,
Neil.
- Did you look at the examples? https://docs.microsoft.com/en-us/azure/automation/update-management/query-logs
CliveWatson thank you, sir! that helps alot coming from an MVP. i can take that let the boss know i was right the first time.
