Windows update Monitoring Script

jacob.johnson

I have been working on getting the windows update template days since last update installed, to work consistently for a while now.

The script did not account for update history missing, and the datediff cmd was getting error for server updated today. 

I added logic for missing history and gave it a statistic of 1242, with message of Update History Does not Exist,  then I updated datedif to use new-TimeSpan fixing the statistic for servers updated in the last 24 hours.

The issue I have now is windows 2016 servers are set to install Definition update for windows defender automatically, I need to exclude 'definition update' from the $objEntry list because the fact the definition update was installed is not releavent to if the server was actually patched.

any ideas on how to filter out 'Definition Update for Windows Defender' in the objsearcher?

try {
    Get-Service wuauserv |Set-Service -StartupType Automatic |Start-Service
    $objSession = New-Object -com "Microsoft.Update.Session"
    $objSearcher= $objSession.CreateUpdateSearcher()
    $colHistory = $objSearcher.QueryHistory(0, 1)
    }
catch
    {
    Write-Host "ERROR: $($Error[0])";
    exit 1;
    }

Foreach($objEntry in $colHistory)
    {
    $patch = $objEntry.Title
    $patchdate = $objEntry.Date.tostring("yyyy.MM.dd")
    }
if ($patchdate -eq $null)
    {
    Write-Host "Message: Update history does not exist."
    Write-Host "Statistic:" 1242
    exit 0
    }
$today = get-date -uformat "%Y.%m.%d"

try {
    $patchdiff = New-TimeSpan -End $today -Start $patchdate
    }
catch
    {
    Write-Host "ERROR: $($Error[0])";
    exit 1;
    }

Write-Host "Message: Last installed update:" $patch
Write-Host "Statistic:" $patchdiff.Days
exit 0

austinjpoirier

$updatesdeadline = get-wmiobject -namespace root\ccm\clientsdk -query 'Select * from CCM_SoftwareUpdate' -ErrorVariable WMIError | Select ArticleID, StartTime | Group StartTime | Select Name, Count

If ($WMIError -like "*invalid namespace*")

  {

    Write-Host "Message.Total: SCCM Client may not be installed ($WMIError)"

    Write-Host "Statistic.Total: 999"

    Exit 5

  } ElseIf ($WMIError)

   {

    Write-Host "Message.Total: $WMIError"

    Write-Host "Statistic.Total: 999"

    Exit 5

   }

   Else

  {

    $updatesdeadline = get-wmiobject -namespace root\ccm\clientsdk -query 'Select * from CCM_SoftwareUpdate' -ErrorVariable WMIError | Select ArticleID, StartTime | Group StartTime | Select Name, Count

    $updatesTotalCount = (get-wmiobject -namespace root\ccm\clientsdk -query 'Select * from CCM_SoftwareUpdate' | measure-object).Count

    $loopcounta = 0

    $loopcountb = 0

If ($updatesdeadline -eq $null) {

    Write-Host "Message.Total: There are no available updates"

    Write-Host "Statistic.Total: 0"

    Exit 0 #Component is Up

    }

    Else

    {

        Write-Host "Message.Total: Total Number of Available Updates"

        Write-Host "Statistic.Total: $updatesTotalCount"

  #          Foreach ($deadline in ($updatesdeadline | Select -ExpandProperty Name)) {

  #          $loopcounta++

  #          $DTdeadline = ([System.Management.ManagementDateTimeConverter]::ToDateTime($deadline))

  #          Write-Host "Message.Deadline${loopcounta}: $DTdeadline"

  #        }

           

  #          Foreach ($count in ($updatesdeadline | Select -ExpandProperty Count)) {

  #          $loopcountb++

  #          Write-Host "Statistic.Deadline${loopcountb}: $count"

  #        }

        # Clear-variable loopcounta, loopcountb   

        Exit 2 #Component is Warning

    }

  }

This is my script to see Windows Updates pending on servers. If Updates are pending it will show the app as 'yellow'/warning. It looks in the reg key values for Software Center (SCCM).