Update Management through OMS Gateway ?
Hi Guys, A pretty confusing topic for me. Now i have a lot of VMs in Azure, they dont have internet access but they are configured to connect to log analytics through the OMS gateway which is basically acts like a proxy for them, it works perfectly i can collect all the logs needed and perf counters no problem here. i enabled update management on these servers as well. so then i have to allow hosts in the OMS gateway using Add-OMSGatewayAllowedHost powershell command. which i did as per the documentation here https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-oms-gateway#configure-for-automation-hybrid-workers i believed that it should use the OMS GatewayProxy to access the Update repository and get the assessment and can push the updates now, but i checked and the VMs seems to not be working like this and might need actually another proxy settings to get to the update service from Microsoft. My questions are: - should i add the update service URLs to the allowed hosts in oms gateway ? and then would the VMs connect to the Update services through just the OMS proxy. Update catalogue URLs microsoft.com *.update.microsoft.com windowsupdate.com *.download.windowsupdate.com microsoft.com *.download.microsoft.com com *.windowsupdate.com microsoft.com windows.com live.com (this is required if you have connected a Microsoft Account) microsoft.com *.mp.microsoft.com - Or does the VMs still need to set up a proxy that have access to the internet?! if anyone have experience with this would be great to share. Thanks Ahmed AtefOMS Update management - How to "read" logs?
Hi community, i onboarded some first machines so that they will report update status to azure and get some update schedules assigned. Now i'm asking myself how i can read the logs. Let me outline one example: I noticed that on one machine there was a security update missing. After one week (because of the assigned update schedule (weekly)) the machine was back in a healthy state. Now i would like to figure out how can i find a good, readable log to see when and which update was exactly have been installed. One further question: In former times we've implemented a WSUS and for this a GPO which configured this WSUS as a source for our servers. Now I'm setting up azure update management. It seems that the earlier configuration made per gpo will be overwritten by the azure config, is this correct?
