This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Report for number of critical and security patches not installed for servers only

I need to create a report to count the number of critical and security patches are needed for servers only. I created a report, but only a very small portion of my servers showed up and I know there are several that are not patched. 

  • Knowing how you defined the report would help in assisting you to troubleshoot the report, but I think the easiest way to get a report showing number of Critical Updates and Security Updates needed by machine type {Server | Workstation | Domain Controller } is to do the following:

    1. Open the report Computer Update Status Approved Updates Not Installed in the Report Builder.
    2. Change the datasource for all existing entries (6 columns; 2 filters) from "Computer Update Status" to "Computer Update Status With Approval Information". (Do this by right-clicking on the field name hyperlink, and drilling through the fly-out menu to select the same field from the new datasource.) You'll also need to redefine the filter criteria. Approval Action = '0'; Installation State = '2'.
    3. Add a field to the column list for "Computer Role". (Optional for reporting, but very useful for debugging!)
    4. Add a filter to the filter list for "Computer Role". Set filter to EQUALS "Server".
    5. Add a field to the column list for "Update Classification Title"
    6. Add a filter to the filter list for "Update Classification Title" IN LIST {Critical Updates; Security Updates}


    Once you're there, and are satisfied that the report is returning the correct raw data necessary to do the count() aggregation, you can now apply the count functionality:

    1. Delete the Update Title column. (You can also delete the Domain or Workgroup, Name (Update Server), Update Approval Action (Friendly Name), and Update Installation State (Friendly Name) columns if you wish).
    2. Add a second instance of the "Update Classification Title" column.
    3. Click on the arrow next to the newly added column and select Aggregation -> Count from the fly-out menu.
    4. Reset the sort order to Computer Name by clicking on the "Not Sorted" hyperlink and select Sort -> Ascending from the fly-out menu.

    The report should now show you one line for each computer/update classification title { Critical Updates; Security Updates }.

    If you want a composite count for both classifications, simply delete the "Update Classification Title" column, which will then aggregate by Computer Name only, rather than Computer Name + Update Classification Title.