Solved

WSUS 3.0 - Report showing success rates of workstation patches,

Posted on 2014-11-25
8
413 Views
Last Modified: 2016-02-20
Hi Experts,
I've been tasked with providing management with a report showing success rates of WSUS patches for our desktop fleet (3000 workstations)
What is the best/closet report I can provide them with using the WSUS reporting feature that can highlight this,
Many thanks in advance
0
Comment
Question by:craigleenz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
8 Comments
 

Author Comment

by:craigleenz
ID: 40464941
anything guys?
0
 
LVL 63

Expert Comment

by:btan
ID: 40465924
See if this help - After 24 hours, you can use the WSUS reporting feature to determine whether the updates have been deployed to the computers. To check the status of an update section (on "Update Status Summary report") from below
http://technet.microsoft.com/en-us/library/cc708475(v=ws.10).aspx

For accessing reporting feature of WSUS, you are required to install report viewer from Microsoft, not sure they have changed though as it is based on .net still @ http://www.microsoft.com/downloads/details.aspx?FamilyID=a941c6b2-64dd-4d03-9ca7-4017a0d164fd&displaylang=en
0
 

Author Comment

by:craigleenz
ID: 40465980
thanks for you response, however, I don't believe (based on articles I've been reading) that the report I'm wanting to produce for our client in possible using the native built in reporting in WSUS
probably a 3rd party tool or PowerShell could get me close,
I need a report summary showing a pie chart of how compliant all our workstations are, makes sense?
0
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

 
LVL 63

Expert Comment

by:btan
ID: 40466091
In forum, it shared that if you have Office Web Components installed on the reporting point, you can modify our reports to create those management graphs
https://social.technet.microsoft.com/Forums/systemcenter/en-US/866c686b-9662-4f1b-99f4-08922f7c84e3/snazzy-and-useful-patch-reports-lacking-in-sccm

This one used the script to crawl out the compliance check against update if you are interested
http://blogs.technet.com/b/wsus/archive/2008/06/20/baseline-compliance-report-using-public-wsus-views.aspx

then probably I suggest Solarwinds which has quite nice reporting stats which is useful for overall summary awareness http://www.solarwinds.com/patch-manager.aspx
OR Nessus is another candidate http://www.tenable.com/sc-dashboards/wsus-monitoring
0
 

Author Comment

by:craigleenz
ID: 40474855
sorry, none of these suggestion helped me,
0
 

Accepted Solution

by:
craigleenz earned 0 total points
ID: 40474863
the following power shell script resolved the issue for me
_________________________________________________________________________________________________________________________
function Connect-WSUS{
      param(
            [Parameter(Mandatory=$True,Position=1)] [string]$server
      )
      
      [void][reflection.assembly]::LoadWithPartialName("Microsoft.UpdateServices.Administration")
      $wsus = [Microsoft.UpdateServices.Administration.AdminProxy]::getUpdateServer($server,$False)
      $wsus
}

$wsus_server = "%servername%"
$wsus_target_group = "All_Workstations"
$report_file = "C:\scripts\wsus-ALL_Workstations_ByUpdate_Summaries.csv"

if (Test-Path $report_file) {Remove-Item -Path $report_file -Force}

$wsus = Connect-WSUS($wsus_server)

$group = $wsus.getcomputertargetgroups() | where-object {$_.Name -eq $wsus_target_group}

#build a new update scope, and limit our scope to only updates released to our target group.
$updatescope = New-Object "Microsoft.UpdateServices.Administration.UpdateScope"
$updatescope.ApprovedComputerTargetGroups.add($group)

write-host "getting updates approved for target group $wsus_target_group"
$updates = $wsus.getupdates($updatescope)

write-host "retrieved $($updates.count) updates"
write-host "Getting summaries " -NoNewline
$i = 0
$summaries = @()
foreach ($update in $updates) {
    $summary = $update.getsummaryforcomputertargetgroup($group)

    $properties = @{
        "UpdateID"=$update.Id.updateid;
        "Title"=$update.Title;
        "IsSuperseded"=$update.IsSuperseded;
        "KB"=$update.KnowledgeBaseArticles -join ';';
        "CreationDate"=$update.CreationDate;
        "NACount"=$summary.NotApplicableCount;
        "InstalledCount"=$summary.InstalledCount;
        "DownloadedCount"=$summary.DownloadedCount;
        "InstalledPendingRebootCount"=$summary.InstalledPendingRebootCount;
        "FailedCount"=$summary.FailedCount;
        "UnknownCount"=$summary.UnknownCount
    }
    $summaryobject = New-Object –TypeName PSObject –Prop $properties
    $summaryobject = $summaryobject | select Updateid,Title,IsSuperseded,KB,CreationDate,NACount,InstalledCount,DownloadedCount,InstalledPendingRebootCount,FailedCount,UnknownCount
    $i++
    write-host "." -NoNewline
    if ($i % 20 -eq 0) {write-host "$i/$($updates.count) done"}
    $summaries += $summaryobject
}

write-host "Now Outputting file : $report_file"
$summaries | export-csv $report_file -NoTypeInformation
0
 
LVL 63

Expert Comment

by:btan
ID: 40475026
thanks for sharing. on related for your interest, you can find PS script samples for
- Find Last Installed Update via Windows Update Using WSUS
- Find Last Installed Update via Windows Update Using Remote COM or PSRemoting

For further fields to extract from summaryobject, you can check out this blog too
0
 

Author Closing Comment

by:craigleenz
ID: 40484407
none of the suggestion offered by other experts helped me,
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Decommissioning DNS server question 3 58
Automatic Windows Service stops by itself 6 101
Recover from a ISCSI Share In Windows 2 58
VMWare 101 9 81
Microsoft Windows Server Update Service (WSUS) is free for everyone, but it lacks of some desirable features like send an e-mail to the administrator with the status of all computers on the WSUS server. This article is based on my PowerShell script …
This article explains how to install and use the NTBackup utility that comes with Windows Server.
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question