Monthly MS Patch WEB Report

(imported topic written by sureshhan91)

Hi Need Your Help.

How to Generate Monthly Microsoft security Patch Compliance Report ? ?

We need to generate the same every month wise.


Suresh H

(imported comment written by BenKus)

Hi Suresh,

Have you looked at the BigFix Web Reports. It seems that the “Issue Assessment” report would be a good place to start…


(imported comment written by sureshhan91)

Thanks Ben Kus

This is very helpfull to Generate the Monthly web report


Hi, I am new to the forum and struggling to create a MS patch report by with results by update. I found this old thread but I couldn’t find any report called “Issue Assessment”. Can someone help me please

thanks Kathryn

Welcome Kathryn!

That particular report no longer exists (it didn’t really work very well, and there are now better approaches). Could you share with us what sort of report you are looking for or data you are trying to return?

I need to prepare a monthly report in Excel showing the install status on workstations only for each update with totals for installed, not relevant, failed, needed (or similar terms). Including the approval status and the release date of the update in the report would also be helpful as well if it can be done. Let me know if you can help.
Thanks Kathryn

This sort of report is typically prepared via the Explore Data -> Content section of Web Reports. You can create the following filters at a minimum:

Content, Site, is, Patches for Windows (English) - assuming this is the site of interest
Content, Type, is, Fixlet
Computer, Device Type, contains, workstation

You can then click the ‘Edit Columns’ button to add columns of interest such as Applicable Computer Count, Remediated Computer Count, and Source Release Date (while also removing columns that are not needed). I’m not sure about the ‘approval status’ in your environment (is this data available in the Console?).

You can then of course export the report to CSV to load into Excel, and tweak further as desired.

Thanks for the info. I managed to do all that but all I get is a list of machines and machine related info. I looked at the columns but cant see how do add all the list of fixlet names and status counts. Sorry to be a bit thick but this is all fairly new to me. Do you know how to do this last bit as am nearly there now :smile:

If you are seeing machine data (rather than Fixlet data by default), I wonder if you are in the Explore Data → Computers section rather than Explore Data → Content:

It’s also possible that the following may be useful as another method (though slightly more complex) to report on this:

Thanks Aram for clarification. The report is finally starting to look like something I can use. Last thing I need to know is how to narrow this huge list (file is over 40MB) to just updates that have been deployed. I tried adding a filter to only have updates with an open action and applied the filter but it doesnt seem to have any affect. Could this be because we tend to deploy our patches in bundles using baselines? I did try changing to show baselines but then I only get the overall status for the baseline when I really need the results for the individual components.

Btw I dont seem to be able to access this, it jsut keeps timing out

This is what I have setup. It gives me a quick and consise report of all MS Security Bulletins where I have applicable machines. I also run one for servers.