I'm having a tough time, and I'm wondering if anyone might be able to help. I'd like to design a better patch management for Windows report. Unfortunately, the reports that are similar to what I want to use (Windows Compliance by Bulletin, Software Bulletin Details) use stored procedures, which I don't think are supposed to be modified.
Here's what I'd like to be able to do:
- Daily or weekly, or as often as I'd like, run the report
- The report can show all bulletins, but has parameters for Staged, Policies, Applicable, and Vulnerable
- I'd probably like to set the defaults for policies to 0, applicable to >0, the other two to % (any)
- The report would tell me what I need to stage and what I need to add to a policy by highlighting bulletins that are not staged or have no policies, but do apply to computers
Currently, I accomplish this by exporting the Software Bulletins Detail to a spreadsheet, then sorting to remove any where 'Applies To' is equal to 0 (I do not need to stage something which does not apply to anyone in my environment), then sorting to remove anything where Policies is greater than 0 (typically, a bulletin is approved for test, then modified for test+pilot, then modified for full release, so seeing a '1' here means I've done my job).
At this point, I sort by Staged, and for all where Staged is False, I begin staging. With the bulletins staged, I then find this entire list (Applies to >0 but Policies=0) manually by scrolling through the entire Software Bulletin Details report.
If I had the above report, I could immediately run the report to find Staged=False, Applies>0, Policies=0, select everything, right-click, and Stage, then refresh the report with Staged=True, Applies>0, Policies=0, right-click, and create a Software Update Policy.
How have others solved this challenge?