update management questions on azure :

shashi kaushal 46 Reputation points
2021-01-18T20:04:53.787+00:00

1)Monitoring agent is seen as extension and agent being installed on the VM when you enable
update management on the VM . and i also see that the VM is linked to the Log analytics workspace .

Is this the only agent that is responsible for sending all the updates to the Logs analytics workspace , including the patching details ?
If yes how this agent gets information about the patches that are missing on the machine ? is that he queries the
windows update.log to check what patches are installed ? if yes how does it gets the information about missing updates ?

2)Now when we get the report in the update management that yes these patches are missing and these patches needs
to be installed . When we scedule , is that hybrid runbook worker corresponding to the VM, push patches to the VM ?
am i correct on this ? Or is that hybrid runbook worker just has the list what patches are missing
and it calls windows update agent through monitoring agent installed within the Vm to get the patches deployed ?

Azure Automation
Azure Automation
An Azure service that is used to automate, configure, and install updates across hybrid environments.
1,258 questions
0 comments No comments
{count} votes

Accepted answer
  1. Stanislav Zhelyazkov 24,686 Reputation points MVP
    2021-01-19T09:00:20.617+00:00

    Hi,

      • Yes. The information is taken from the local Windows Update Service. If Windows Update service is configured with WSUS available updates will be reported from WSUS to Windows Update service and from there to Update management.
    1. Once VM is onboarded to Update Management a system hybrid worker is automatically registered with each VM onboarded. Every system hybrid worker is in its own Hybrid worker group. Once you schedule update the hybrid worker will pick the job and execute it. Updates are installed again trough Windows Update service. If you are not excluding or including specific updates everything that the Windows Update service reports as available for install and recommended will be installed. I believe optional updates are not installed.

    In short the service interacts with the Windows Update service rather having its own mechanism for detecting and installing updates.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.