tabreed
asked on
PowerShell script to get download & install wsus report
Dear Experts,
We have implemented the WSUS server and we are sending the windows updates using group policy to all the domain users.
We have enabled the Notify for download and notify for install.
Now our management wants to know every month how many users are downloaded & install the windows updates.
how can I create the PowerShell script to get this information? Please advice.
Thanks
We have implemented the WSUS server and we are sending the windows updates using group policy to all the domain users.
We have enabled the Notify for download and notify for install.
Now our management wants to know every month how many users are downloaded & install the windows updates.
how can I create the PowerShell script to get this information? Please advice.
Thanks
Users don't download updates the machine does, and as mentioned WSUS has a lot of reporting built in that you can tap into
I found this: http://tomtalks.uk/2013/09/list-all-microsoftwindows-updates-with-powershell-sorted-by-kbhotfixid-get-microsoftupdate/
It will list all updates installed. This thing you need to do If cross-reference your list of KB's that installed during your time frame.
I added the date field and sorted it by newest to oldest. You will need to somehow combined all your machines on your network and build some reporting mechanism to find what machines are getting updates and which ones are not.
It will list all updates installed. This thing you need to do If cross-reference your list of KB's that installed during your time frame.
I added the date field and sorted it by newest to oldest. You will need to somehow combined all your machines on your network and build some reporting mechanism to find what machines are getting updates and which ones are not.
# Gives a list of all Microsoft Updates sorted by KB number/HotfixID
# By Tom Arbuthnot. Lyncdup.com
$wu = new-object -com “Microsoft.Update.Searcher”
$totalupdates = $wu.GetTotalHistoryCount()
$all = $wu.QueryHistory(0,$totalupdates)
# Define a new array to gather output
$OutputCollection= @()
Foreach ($update in $all)
{
$string = $update.title
$date = $update.Date
$Regex = “KB\d*”
$KB = $string | Select-String -Pattern $regex | Select-Object { $_.Matches }
$output = New-Object -TypeName PSobject
$output | add-member NoteProperty “HotFixID” -value $KB.‘ $_.Matches ‘.Value
$output | add-member NoteProperty “Title” -value $string
$Output | Add-Member NoteProperty "Date" -Value $date
$OutputCollection += $output
}
# Oupput the collection sorted and formatted:
$OutputCollection | Sort-Object date -Descending | Format-Table -AutoSize
Write-Host “$($OutputCollection.Count) Updates Found”
# If you want to output the collection as an object, just remove the two lines above and replace them with “$OutputCollection”
# credit/thanks:
# http://blogs.technet.com/b/tmintner/archive/2006/07/07/440729.aspx
# http://www.gfi.com/blog/windows-powershell-extracting-strings-using-regular-expressions/
ASKER
Thanks, Please advice what will be the script statement to get which machines are got updates and which ones are not.
Please advice
Please advice
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
To do what you want you need to know what updates needed to be installed to confirm that they have downloaded and installed it.
My recommendation is not to even give this option to the users and force a schedule download and install using GPO and WSUS.