Patch Management Solution

 View Only

  • 1.  Compliance Reporting

    Posted Oct 24, 2016 09:26 AM

    I have recently switched from using WSUS to Altiris for Microsoft Patching.  We run a one month delay on applying patches where we give the current (Oct) patches to a set of Pilot machines.  While the bulk of our machines received last months updates (Sept).  I have been working on this conversion since June, so reporting is a little complicated.

    Because I am a month behind the number of updates per machine is all over the place.  For windows 7 one machine may have 11 required updates, while another has 7.  Windows 10 machines may only have 4 updates.  The number applied is also all over the place.  For Windows 10 some machines only have 1 applied and 3 outstanding.  Windows 7 is anywhere from 11 applied all the way down to 3.  Since I run one month back for most machines the bulk of them are never going to be 100%.

    My thought on how to resolve this was to get a list of all installed and uninstalled updates by computer, copy it to a spreadsheet and do a formula by machine of updates before a specific date and after a specific date.  For example:

    • Installed Count = Updates installed that were released on or before a specific date (8/9 - August Patch Tuesday)
    • Not Installed Count = Updates NOT installed that were released on or before a specific date (8/9 - August Patch Tuesday)  
    • Total Applicable Updates = Installed Count + Not Installed Count. 
    • Compliance % = Installed Count / Total Applicable Updates

    Now the big question is how do I get a report of All Installed Updates by Computer and All Not Installed Updates by Computer.  I know there is a drill down on the Windows Compliance by Computer report to see Installed and Not Installed by Computer, but I don't know where that is located.  I also need to run it against all computers at one time and not on a computer by comptuer basis.



  • 2.  RE: Compliance Reporting

    Posted Oct 26, 2016 03:50 AM

    As a starting point:

    Reports | Software | Patch Management | Compliance | Windows Compliance by Computer 
    Windows Compliance by Computer

    Stored Procedure: spPMWindows_ComplianceByComputer

    If you Clone this Report you can then Edit it
    Cick on the Drilldowns

    URL: /Altiris/Reporting/Report.aspx?ItemGuid=ABC1B23D-5B59-4e42-8A18-501E8AC6CC35

    Open this in another browser window/tab
    Report: Applicable Updates
    Clone this
    Search for this in SQL

    SELECT * FROM vItem WHERE Name LIKE '%Applicable Updates%'

    Get the Guid for the clone (Copy of #) and use it

    /Altiris/Reporting/Report.aspx?ItemGuid={GUID}

    Now Edit this Report

    Stored Procedure: spPMWindows_ApplicableComputers