Send info about available updates to slack

Nasimjon Tohirov 231 Reputation points
2022-06-06T07:15:41.997+00:00

Hey everyone,
I have some questions about the Logic app or the Azure function.
Is it possible to send notifications about critical updates in Update management?
I made update management, but I want to send if I have critical updates or security patches, then send to slack.
I can do it with cronjob and bash script., but I think Microsoft does make it better ))).
Just manual if you have.
Thanks, in advance.

Regards,
Nasimjon.

Azure Logic Apps
Azure Logic Apps
An Azure service that automates the access and use of data across clouds without writing code.
2,854 questions
Azure Automation
Azure Automation
An Azure service that is used to automate, configure, and install updates across hybrid environments.
1,121 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. AnuragSingh-MSFT 20,016 Reputation points
    2022-06-08T11:42:08.917+00:00

    Hi @Nasimjon Tohirov ,

    Welcome to Microsoft Q&A! Thanks for posting the question.

    I see that you are using Azure Automation Update Management and would like to send notification to Slack for Critical updates available. The following guidelines should help you achieve it using Logic Apps. The basic flow is:
    Query Log Analytics Workspace for details --> Post message on slack channel.

    The high-level steps are:

    1. Create Logic Apps in Azure --> use the "Recurrence trigger" to ensure that the Logic Apps run at regular interval. Please note that the "Azure Automation Update Management's" compliance scan is done once every 12 hours on Windows machine and every 1 hour on Linux machine. Therefore, set the recurrence trigger keeping these timelines in mind. For more information, please refer to About Update Management

    2. Use the "Run query and list results" activity from "Azure Monitor Logs connector". Connect to the Log Analytics workspace which is linked with Azure Automation account. You can get the details of it by going to "Linked Workspace" in "Azure Automation Account" in portal.

    3. The details of updates are available in Update table. The link here contains the columns available which can be used for your query. A sample query is given below: 

    Update  
| where UpdateState == 'Needed' and Classification in ('Critical updates', 'Security updates', 'Critical and security updates')  
| project Computer, Product, Title, KBID

    You may also refer to this link for some additional sample queries that can be used.

    4. Once you have finalized the query, use it in the activity as available in Step 2. above.

    5. The final step is to send the queried result to Slack. You can use the Post message (V2) activity from Slack connector for Azure Logic Apps.

    Hope it helps. Please let me know if you have any questions.

    ---
    Please 'Accept as answer' and ‘Upvote’ if it helped so that it can help others in the community looking for help on similar topics.