Mar 03 2020
12:15 PM
- last edited on
Apr 08 2022
10:19 AM
by
TechCommunityAP
Mar 03 2020
12:15 PM
- last edited on
Apr 08 2022
10:19 AM
by
TechCommunityAP
been trying to get a list of all the updates that are installed on a server ? just cant find anything on it. im new to this so if anyone can help
Mar 03 2020 03:04 PM
What have you got so far, have you created a Log Analytics workspace and deployed agents to the server(s).
There is an update management solution you can deploy.
https://docs.microsoft.com/en-us/azure/automation/automation-update-management
You can use the Update Management solution in Azure Automation to manage operating system updates for your Windows and Linux machines in Azure, in on-premises environments, and in other cloud environments. You can quickly assess the status of available updates on all agent machines and manage the process of installing required updates for servers.
Example queries can be found here:https://docs.microsoft.com/en-us/azure/automation/automation-update-management-query-logs
Mar 05 2020 11:24 AM
@CliveWatson
Then you for the response Clive.
I have a Windows and Linux OMS agent installed. i am able to pull data from Windows OMS agent and apply updates and see what updates and patches are missing. these are non-azure vms, so from my on-prem to azure. i can only see updates on the boxes since the agent was installed. nothing before that. i have also tried to quarry to pull list of all the patches that have been applied. i have not been successful in that. i would like to at least get name of patches that are applied and maybe date with it.
if i can get some help i would appreciate it.
Mar 06 2020 01:10 AM
That is how the agent works, data is from installation time. If you wanted older data you'd have to use the Log Analytocs api to import it, but that's not a trivial piece of work.
Mar 06 2020 07:42 AM
@CliveWatson thank you, sir! that helps alot coming from an MVP. i can take that let the boss know i was right the first time.
Dec 03 2020 01:46 AM
Hi Clive, I've got Update Management setup and it works in terms of installing updates. I want a way to ascertain what patches and versions (as well as packages with versions for Linux) are installed on a particular box. This can then be compared against an external database of patch information to ascertain if any patches have been installed outside of the approval process.
The information in Log Analytics does not appear to provide this, though I haven't worked much with Log Analytics so it's possible I don't know how. I have searched online and can't find the answer, hence commenting here.
Is there a way to query an API or something and get a JSON back, please? Or indeed go direct to the VM agent? Anything that shows that current state of the VM would be helpful, ideally with some audit information.
Thanks,
Neil.
Dec 07 2020 12:30 AM
Dec 09 2020 09:13 AM
@CliveWatsonHi Clive. Thanks for the reply. Yes I saw those and they do provide useful information but from what I can see it all pertains to what Update Management did rather than the current status of a machine. I wanted a way to ascsertain what updates/packages were on a machine regardless of how they were installed, which I don't seem to be able to find. It doesn't look like manually installed updates/packages would be logged anywhere. Or have I missed the query?!
Neil.
Dec 10 2020 02:15 AM
@neilashbysenior I think Usage only shows the required updates, not what is there. Others may know more as I'm not familiar with the data itself.
Oct 21 2021 02:48 AM
@neilashbysenior Did you find a solution for this topic? I am experiencing the same issue. The idea is to check if certain KBs are installed, to ensure that some CVEs are patched...
Apr 05 2022 06:58 AM