This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 63%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGC%3C/text%3E%3C/svg%3E)
We would like to know which servers have not gotten patched in the last 60 days,
Can we do this with:
1) The SCCM MP?
2) Monitoring a specific Event ID
3) Monitoring a log file such as https://learn.microsoft.com/en-us/mem/configmgr/core/plan-design/hierarchy/log-files#BKMK_SU_NAPLog or https://info.adaptivedge.com/blog/understanding-sccm-sup-process
4) Having access to the Software Updates - Compliance report in SCCM
Thanks
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 66%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAM%3C/text%3E%3C/svg%3E)
Hi,
We can use powershell script based monitor, to achieve our goal.
$api = New-Object -comObject "MOM.ScriptAPI"
$PropertyBag = $api.CreatePropertyBag()
$LastPatchDate = Get-HotFix | Sort-Object InstalledOn | Select-Object -Last 1 | Select -Expandproperty InstalledOn
$rv = ((Get-Date) - $LastPatchDate).TotalDays
$PropertyBag.AddValue("Days",$rv)
$PropertyBag
Here's some screenshots from my lab test.
script
criteria (we may set it to 60 in our situation)
alert generated due to servers not patched more than 400 days
and I've confirmed that value "255.xxx" and "328.xxx" did not generate the alert since the criteria is set to 400 or higher (in our situation, we can set the criteria to 60).
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 45%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJV%3C/text%3E%3C/svg%3E)
I know Compliance report in SCCM should provide you this information.
Hi JaiVerma-7010 thanks for your reply.
But can I generate an alert from the Compliance report? Event better send it to SCOM?
Thanks
Hi, @George Christianis
Thank you for posting in Microsoft Q&A forum.
Here is an article that you can enable SCCM email notification on reports:
https://systemcenterdudes.com/configure-sccm-email-notifications-on-alerts-and-reports/
(Please note: Information posted in the given link is hosted by a third party. Microsoft does not guarantee the accuracy and effectiveness of information.)
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
There is no update for a couple of days. May we know the current status of the problem? Is there any other assistance we can provide?
Thank you AllenLiu-MSFT for your response.
Ideally I would like to find a way to get these alerts into our SCOM console.
Since we would like to have all alerts in one central place.
People don't always look at their emails.
Thanks