/bundles/itninjaweb/img/Breadcrumb_cap_w.png

Is anyone else running into issues when deploying MS Security Patches where the install date of the patches that were previously deployed/installed (mostly Office related patches) will update each month when you view them in Add/Remove Programs even though it is the same KB installed?


Also here is a powerBI query I am trying out for viewing patch status over last 2 months. Let me know if you have something more effective. 

SELECT
DATE_FORMAT(PP.RELEASEDATE, '%Y-%m-%d') AS RELEASED,
PP.IDENTIFIER,
PP.TITLE,
COUNT(*) AS TOTAL,
CAST(SUM(IF((MS.STATUS = 'PATCHED'), 1, 0)) AS Int) AS PATCHED,
CAST(SUM(IF((MS.STATUS = 'NOTPATCHED'), 1, 0)) AS Int) AS Missing,
CAST(SUM(IF((MS.DEPLOY_ATTEMPT_COUNT >= MS.MAX_DEPLOY_ATTEMPT
          and MS.STATUS != 'PATCHED'
        or MS.STATUS = 'FAIL'
        or (MS.DEPLOY_STATUS = 'FAIL' and MS.STATUS != 'PATCHED')), 1, 0)) AS Int) AS ERROR
FROM PATCHLINK_MACHINE_STATUS MS
JOIN KBSYS.PATCHLINK_PATCH PP ON PP.UID = MS.PATCHUID
WHERE PP.RELEASEDATE >= DATE_SUB(CURDATE(),INTERVAL 60 DAY)
AND PP.IS_APP =0 and PP.IS_SUPERCEDED=0
GROUP BY PP.UID
ORDER BY 1 DESC, 5 DESC


5 Comments   [ + ] Show comments

Comments

  • With 54 views and not one comment so far, is it safe to assume no one else has questions about the efficacy of patching?
  • I've seen it, but it doesn't bother me. We're just concerned with if patches have been installed or not.
  • It seems off, maybe the new v9 build will fix that and patching will be better
  • Patches are also reported in Software, so maybe you could build a report around when they were installed (detected in inventory).
  • Do you happen to have the SQL that would be able to create a report? I created a PowerBI dashboard for patching and capture the status for the last 60 days, as I posted originally. I am curious to what the report would look like if it were based on installed software vs the patching section of the K1000.

There are no answers at this time

Share