Are you using Azure Automation Update Management? If not why not? It’s free for your Azure VMs. You can also use the Log Analytics portion by itself to track Update status. That said, the default dashboards are just OK, but are impossible to use with multiple subscriptions. Especially if you have multiple Log Analytics workspaces and you want to aggregate all your subscriptions into one dashboard. I have a Azure Automation Update Management Workbook that will do exactly that. If you’re not familiar with Workbooks you can read more about them here.
The queries I use are slightly modified from the ones provided by Microsoft.
I have three Workbooks exported on to my github. One is Windows only, one is Linux only and one has both together. The example screen grabs are from the Windows only, the video at the bottom shows both, though I’ve made a few changes since that was recorded.
The first section shows the updates needed count by classification and the top 5 machines needing update by count.
The next section is the meat and potatoes. We have a heat map based on update count, whether or not its scoped to Azure Automation Update Management, OS Type, Environment being Azure or Non-Azure, and last Assessed time. LastUpdateAgentSeenTime doesn’t appear to work at the moment.
Finally the best part any record you select will populate the bottom widget with the updates needed by that particular computer. This uses export parameter from the above widget to populate the Computer name for the below query.
Modify the Heatmap
I realize my thresholds might not be your thresholds so to modify them simply click Edit at the top of the workbook.
Then click Edit below the widget, then select Column Settings.
This will bring up a new blade to the side, this is where you can set the color palette and threshold for the heat map.
Azure Automation Update Management Workbook
Query Multiple Subscriptions at Once
You no longer need to do this. I have updated the workbooks in the github so Workspaces is now a parameter. Update 2/11/2020 -BY
For every query you have to set the Log Analytics workspace, if they’re not set you need to set Data source to Logs and Rerource type to Log Analytics, from there you can select all of the workspaces you want to query.
That’s it. The workbook will now query all the selected workspaces and join the data automagically. If you’ve spent any amount of time querying more than one workspace before than you know how much a of a time saver this is.
Below are some improvements I will make when available or as time permits.
- Color Palette of pie charts, at present you cannot set them. The dev team for Workbooks is aware of this and working on it
- Heatmap for ScopedtoSolution, at present you can set a heatmap for boolean value, but it doesn’t work unless you change true and false to 1 and 0.
- get LastUpdateAgentseenTime working
- Scope the entire workbook to the subscription(s) you want. As it is currently I have not found a way to scope all queries to all workspaces, you have to set it each time you create a new query.
I have implemented many of these improvements. You can find the latest workbooks at my github. https://github.com/scautomation/Azure-Automation-Update-Management-Workbooks Update 02/11/202 – BY