Video Screencast Help

Need a detailed patch compliance report in SMP 7.1

Created: 05 Nov 2012 • Updated: 13 Nov 2012 | 6 comments
This issue has been solved. See solution.

Management has requested a report that shows each computer and all missing updates for that computer.  All computers in the environment (about 500 servers) should be listed in the report, so for instance it will look like the following:







...and so on.

I thought one such report existed in NS6 but could be mistaken.

I've informed mgmt that they can use a "Windows Compliance by Computer" report, then right-click a specific computer and choose "View Not Installed Updates," but that apparently isn't good enough for them.

So, if anyone can point me to an existing report or post some SQL that I can create a custom report from, I'd be eternally grateful.


Comments 6 CommentsJump to latest comment

Michael Grueber's picture

Have you tried using the IT Analytics component of the Altiris suites? IT Analytics is designed to allow users to create their own custom reports in cases where the standard reports do not meet their needs.

jbonbright's picture

Thanks for the suggestion.  I've been meaning to dig into ITA but haven't had the opportunity to do so yet. 

Michael Grueber's picture

I think IT Analytics may work, but I am not certain.

nicoled18's picture

There is a view that shows this information.  If you go to Home > Patch Compliance and look at the "Microsoft vulnerabilities" web part, you can click on the number next to "Vulnerable" and it will bring up a view that shows the patch per each computer that is missing (so the computer name shows up multiple times, and it has a patch name listed next to it as well as severity info, etc.).  The info can be exported from here.  I haven't found where this report actually lies in the Reports section (if it does at all). 

jbonbright's picture

Nicoled18 - that worked!  Thanks so much - I really appreciate it.

To add a little more detail for others who may want to do this:

  1. If you don't see the web part NicoleD refers to ("Microsoft Vulnerabilities") on your "Patch Management" portal under "Home," you may have to add one.  I simply edited "My Portal" and added that web part.
  2. After doing so, you'll see the web part displayed as a summary chart.  Click on the number to the left of "Vulnerable"
  3. A "Windows Vulnerabities by Severity - Detail" report will be generated in a new browser window; you can narrow the results down by vendor and export it the familiar options (spreadsheet, etc.).

Thanks again Nicole18!  I suspect this is a stored procedure and if I find it and am able to parse through the T-SQL code and create a custom report, I'll share the XML.

(Click on the image below to see the entire image.)

MS Vuln Webpart Screenshot.JPG
nicoled18's picture

Yeah all of the patching stuff is in stored procedures, I have tried to parse through them before but my limited SQL knowledge just made me get confused because the stored procedures reference other stored procedures and there are temp tables, etc.... very very convoluted.  I did work with one of our DBA's at one point to create some reports that show patch information but they were more rollup style reports than individual machines.. once our server becomes responsive (things decided to take a real dump in our altiris environment today with no prompting - basically a normal day) I'll take a peek and see if it's anything that might be useful to post up here.