Patch Management Solution

 View Only

  • 1.  Need a detailed patch compliance report in SMP 7.1

    Posted Nov 05, 2012 09:48 AM

    Management has requested a report that shows each computer and all missing updates for that computer.  All computers in the environment (about 500 servers) should be listed in the report, so for instance it will look like the following:

    Computer1,Patch1.exe

    Computer1,Patch2.exe

    Computer2,Patch2.exe

    Computer3,Patch1.exe

    Computer3,Patch4.exe

    Computer3,Patch9.exe

    ...and so on.

    I thought one such report existed in NS6 but could be mistaken.

    I've informed mgmt that they can use a "Windows Compliance by Computer" report, then right-click a specific computer and choose "View Not Installed Updates," but that apparently isn't good enough for them.

    So, if anyone can point me to an existing report or post some SQL that I can create a custom report from, I'd be eternally grateful.

    Thanks!



  • 2.  RE: Need a detailed patch compliance report in SMP 7.1

    Posted Nov 05, 2012 04:33 PM
    Have you tried using the IT Analytics component of the Altiris suites? IT Analytics is designed to allow users to create their own custom reports in cases where the standard reports do not meet their needs.


  • 3.  RE: Need a detailed patch compliance report in SMP 7.1

    Posted Nov 06, 2012 09:40 AM

    Thanks for the suggestion.  I've been meaning to dig into ITA but haven't had the opportunity to do so yet. 



  • 4.  RE: Need a detailed patch compliance report in SMP 7.1

    Posted Nov 06, 2012 10:03 AM

    I think IT Analytics may work, but I am not certain.



  • 5.  RE: Need a detailed patch compliance report in SMP 7.1
    Best Answer

    Posted Nov 08, 2012 08:04 PM

    There is a view that shows this information.  If you go to Home > Patch Compliance and look at the "Microsoft vulnerabilities" web part, you can click on the number next to "Vulnerable" and it will bring up a view that shows the patch per each computer that is missing (so the computer name shows up multiple times, and it has a patch name listed next to it as well as severity info, etc.).  The info can be exported from here.  I haven't found where this report actually lies in the Reports section (if it does at all). 



  • 6.  RE: Need a detailed patch compliance report in SMP 7.1

    Posted Nov 09, 2012 08:01 AM
      |   view attached

    Nicoled18 - that worked!  Thanks so much - I really appreciate it.

    To add a little more detail for others who may want to do this:

    1. If you don't see the web part NicoleD refers to ("Microsoft Vulnerabilities") on your "Patch Management" portal under "Home," you may have to add one.  I simply edited "My Portal" and added that web part.
    2. After doing so, you'll see the web part displayed as a summary chart.  Click on the number to the left of "Vulnerable"
    3. A "Windows Vulnerabities by Severity - Detail" report will be generated in a new browser window; you can narrow the results down by vendor and export it the familiar options (spreadsheet, etc.).

    Thanks again Nicole18!  I suspect this is a stored procedure and if I find it and am able to parse through the T-SQL code and create a custom report, I'll share the XML.

    (Click on the image below to see the entire image.)



  • 7.  RE: Need a detailed patch compliance report in SMP 7.1

    Posted Nov 12, 2012 04:48 PM

    Yeah all of the patching stuff is in stored procedures, I have tried to parse through them before but my limited SQL knowledge just made me get confused because the stored procedures reference other stored procedures and there are temp tables, etc.... very very convoluted.  I did work with one of our DBA's at one point to create some reports that show patch information but they were more rollup style reports than individual machines.. once our server becomes responsive (things decided to take a real dump in our altiris environment today with no prompting - basically a normal day) I'll take a peek and see if it's anything that might be useful to post up here.