Script to get patch status of All Virtual machines from respective subscriptions

Varma 1,145 Reputation points
2024-04-15T07:30:09.2133333+00:00

Script to get patch status of All Virtual machines from respective subscriptions

Please share

Azure Update Manager
Azure Update Manager
An Azure service to centrally manages updates and compliance at scale.
224 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. SwathiDhanwada-MSFT 17,636 Reputation points
    2024-04-22T05:53:29.3933333+00:00

    @Varma Thanks for reaching out. You can get requested information using Azure Resource Graph queries. I would request you check this document where sample queries are mentioned on how to retrieve the patch status.

    For instance, the following query returns a list of update installations for Windows Server with their status for your machines from the last seven days. Results include the time when the update deployment was run, the resource ID of the installation, machine details, and other related deployment details.

    patchinstallationresources
| where type has "softwarepatches" and properties !has "version"
| extend machineName = tostring(split(id, "/", 8)), resourceType = tostring(split(type, "/", 0)), tostring(rgName = split(id, "/", 4)), tostring(RunID = split(id, "/", 10))
| extend prop = parse_json(properties)
| extend lTime = todatetime(prop.lastModifiedDateTime), patchName = tostring(prop.patchName), kbId = tostring(prop.kbId), installationState = tostring(prop.installationState), classifications = tostring(prop.classifications)
| where lTime > ago(7d)
| project lTime, RunID, machineName, rgName, resourceType, patchName, kbId, classifications, installationState
| sort by RunID

    Let me know if you have questions on this.