Azure Automation Update Management Workbook

Are you using Azure Automation Update Management? If not why not? It’s free for your Azure VMs. You can also use the Log Analytics portion by itself to track Update status. That said, the default dashboards are just OK, but are impossible to use with multiple subscriptions. Especially if you have multiple Log Analytics workspaces and you want to aggregate all your subscriptions into one dashboard. I have a Azure Automation Update Management Workbook that will do exactly that. If you’re not familiar with Workbooks you can read more about them here.

The queries I use are slightly modified from the ones provided by Microsoft.

 

I have three Workbooks exported on to my github. One is Windows only, one is Linux only and one has both together. The example screen grabs are from the Windows only, the video at the bottom shows both, though I’ve made a few changes since that was recorded.

 

Windows Workbook

The first section shows the updates needed count by classification and the top 5 machines needing update by count.

Azure Automation Update Management Workbooks

The next section is the meat and potatoes. We have a heat map based on update count, whether or not its scoped to Azure Automation Update Management, OS Type, Environment being Azure or Non-Azure, and last Assessed time. LastUpdateAgentSeenTime doesn’t appear to work at the moment.

 

Azure Automation Update Management Workbooks

Finally the best part any record you select will populate the bottom widget with the updates needed by that particular computer. This uses export parameter from the above widget to populate the Computer name for the below query.

Azure Automation Update Management Workbooks

Modify the Heatmap

I realize my thresholds might not be your thresholds so to modify them simply click Edit at the top of the workbook.

Azure Automation Update Management Workbooks

Then click Edit below the widget, then select Column Settings.

Azure Automation Update Management Workbooks

This will bring up a new blade to the side, this is where you can set the color palette and threshold for the heat map.

Azure Automation Update Management Workbooks

Install

For now you’ll have to copy and paste the Gallery Template of the Workbook you want to use. You’ll need to find and replace “replaceYourWorkspace” “replaceYourResourceGroup” and “replaceYourSubscription” or you can import and fix after the fact.
I would like to parameterize the ARM template for automated deployments, but the export has the workspace inside the serialized data. So if you have the time and know what you’re doing feel free to improve that and submit a pull request.

Azure Automation Update Management Workbook

 

Query Multiple Subscriptions at Once

For every query you have to set the Log Analytics workspace, if they’re not set you need to set Data source to Logs and Rerource type to Log Analytics, from there you can select all of the workspaces you want to query.

That’s it. The workbook will now query all the selected workspaces and join the data automagically. If you’ve spent any amount of time querying more than one workspace before than you know how much a of a time saver this is.

Improvements

Below are some improvements I will make when available or as time permits.

  • Color Palette of pie charts, at present you cannot set them. The dev team for Workbooks is aware of this and working on it
  • Heatmap for ScopedtoSolution, at present you can set a heatmap for boolean value, but it doesn’t work unless you change true and false to 1 and 0.
  • get LastUpdateAgentseenTime working
  • Scope the entire workbook to the subscription(s) you want. As it is currently I have not found a way to scope all queries to all workspaces, you have to set it each time you create a new query.

 

1 thought on “Azure Automation Update Management Workbook”

Leave a Comment