MSEndpointMgr

Windows Update Compliance Workbook Community Edition

If you are looking for a dashboard that will show a full breakdown of Windows patching across your estate, including errors, safehold issues, delivery optimization figures, and Windows 11 readiness, then look no further. Our Windows Update Compliance (Community Edition) workbook does just this, and it is now available on our GitHub repo!

Log Analytics Reporting Solution

Today log analytics is starting to be the go to solution for reporting, and there are many reasons for that, including ease of log ingestion, simply query code, and availability to the the workbook from virtually anywhere. With Update Compliance we also have the ability to have a source of all things “Windows Update” in terms of logging, and this is how we have constructed a workbook that provides the following reports;

  • Update Summary
    • Patching Trendline (Previous 30 days)
    • Missing Security Patches (Previous 30 days)
    • Devices – Multiple Missing Patches (Previous 30 days)
    • Update Alerts (Previous 30 days)
    • Updates Over Time – 0-30, 31-60,61-90,91-120,120+
  • Details by Device
    • Quality Updates by Device
  • Details by Update
    • Trendline – Update Status
    • Detailed Status by Update
  • Update Issues
    • Quality Update Issues
    • Safeguard Hold Events
  • Delivery Optimization
    • Graphs: Content Types, DO Mode, Content Distribution
    • Bandwidth Savings
  • Feature Updates
    • Windows Supported Build State
    • Windows Build Versions
    • Windows Build – By Manufacturer
    • Feature Update Trendline
  • Patching Alerts
    • PrintNightmare
  • Windows 11 Readiness

Dashboard Sample Screenshots

Below are some screenshots showing samples of the data that is displayed within the workbook;

Update Summary

Feature Updates

Delivery Optmization

Feature Updates

Windows 11 Readiness

Pre-Requisites

In order to obtain data from both Update Compliance and from Intune, you must have the following configured;

Azure Components

Client Configuration

  • Telemetry Configuration (Including Commercial ID)

    Recommendation: Create a settings catalog policy containing the following;
  • Internet access (firewall exclusions as per Microsoft Endpoint IP’s and URLs and Windows Update URLs)

Workbook Source Code

The code for the workbook is available free to the community on our GitHub repo – Reporting/UpdateComplianceCommunityEdition.json at main ยท MSEndpointMgr/Reporting (github.com)

Simply copy the code and follow the below to create the workbook in your environment;

Azure Portal Option

  • Log into the Azure Portal – https://portal.azure.com
  • Select the Resource Group where your Logs are being sent through to
  • Click on Workbooks, then click on the “+ New” button

Endpoint Manager Admin Center Option

  • Log into the Endpoint Manager Admin Center – https://endpoint.microsoft.com
  • Click on Reports – Workbooks
  • Click on Workbooks, then click on the “+ New” button
  • Click on the code button “</>”
  • Paste in the JSON code obtained from our repo and click “Apply”
  • Click on the “Save” icon and give your workbook a name;

Community Effort

We would love to hear your feedback on this workbook, and we will be continuing to add features to it over time, so please keep an eye on the GitHub repo.

Maurice Daly

Maurice has been working in the IT industry for the past 20 years and currently working in the role of Senior Cloud Architect with CloudWay. With a focus on OS deployment through SCCM/MDT, group policies, active directory, virtualisation and office 365, Maurice has been a Windows Server MCSE since 2008 and was awarded Enterprise Mobility MVP in March 2017. Most recently his focus has been on automation of deployment tasks, creating and sharing PowerShell scripts and other content to help others streamline their deployment processes.

Jan Ketil Skanke

Jan Ketil is an Enterprise Mobility MVP since 2016 and are working as a COO and Principal Cloud Architect at CloudWay in Norway. He has been in the industry for more than 20 years working for both Microsoft Partners and Microsoft. He loves to speak about anything around Enterprise Mobility and Secure Productivity. He is also the lead for the community conference Experts Live Norway. Jan Ketil has presented at large industry conferences like Microsoft Ignite, Microsoft Ignite The Tour, Microsoft Inspire, Experts Live Europe, Techmentor HQ (3rd best session 2019) and NIC Conference in Oslo.

Sandy Zeng

Sandy is an Enterprise Mobility MVP since 2018. She is an experienced Information Technology Specialist for over 10 years. Skilled in Microsoft Endpoint Manager (ConfigMgr and Intune), Windows 10 and security. Sandy's interests are mostly related to Microsoft Technologies, she has passions learning new skill sets to improve her professional career and also as her hobbies. She uses her expertise to help customers achieve their goals and solve their issues.

Sandy founded the https://sandyzeng.com blog and is now a blogger on MSEndPointMgr.

1 comment

Sponsors

Categories

MSEndpointMgr.com use cookies to ensure that we give you the best experience on our website.