Friday 9 August 2019

SQL Query to find Missing Security & Critical Updates

SQL Query to find Missing Security & Critical Updates

select
    CS.Name0 AS 'Computer',
CS.UserName0 AS 'Last User',
ws.lasthwscan as 'Last HW scan',
MAX(os.LastBootUpTime0) AS 'Last Reboot (not accurate)',
MAX(MP_ALL.Patches_Missing) AS 'Total',
MAX(MP_CRITICAL.Patches_Missing) AS 'Critical',
MAX(MP_SERVICEPACKS.Patches_Missing) AS 'Service Packs',
MAX(MP_SECURITY.Patches_Missing) AS 'Security Updates',
MAX(System_OU_Name0) AS 'Machine OU',
MAX(OS.Caption0) AS 'Win OS',
MAX(OS.CSDVersion0) AS 'Service Pack',
MAX(OS.InstallDate0) AS 'Image Date',
MAX(OS.TotalVisibleMemorySize0) AS 'RAM MB',
CS.Manufacturer0 AS 'Manufacturer',
CS.Model0 AS 'Model'


from
    v_UpdateComplianceStatus UCS
left outer join dbo.v_GS_COMPUTER_SYSTEM  CS
on CS.ResourceID = UCS.ResourceID
left join v_gs_workstation_status ws
on ws.resourceid=CS.resourceid
left join v_fullcollectionmembership FCM
on FCM.resourceid = CS.resourceid

left join v_RA_System_SystemOUName SOU
on SOU.ResourceID = CS.ResourceID
left join v_GS_Operating_System OS
on OS.ResourceID = CS.ResourceID

LEFT JOIN (
select
CS.resourceid,
sum(case when UCS.status=2 then 1 else 0 end) As 'Patches_Missing'
from
v_UpdateComplianceStatus UCS
left outer join dbo.v_GS_COMPUTER_SYSTEM  CS
on CS.ResourceID = UCS.ResourceID
join v_CICategories_All catall2
on catall2.CI_ID=UCS.CI_ID
join v_CategoryInfo catinfo2
on catall2.CategoryInstance_UniqueID = catinfo2.CategoryInstance_UniqueID and catinfo2.CategoryTypeName='UpdateClassification'
left join v_gs_workstation_status ws
on ws.resourceid=CS.resourceid
left join v_fullcollectionmembership FCM
on FCM.resourceid=CS.resourceid
WHERE
UCS.Status = '2'
and FCM.collectionid = 'PRI00306'
Group by
CS.resourceid,
ws.lasthwscan,
FCM.collectionID
) MP_ALL ON MP_ALL.resourceid = CS.resourceid

LEFT JOIN (
select
CS.resourceid,
sum(case when UCS.status=2 then 1 else 0 end) As 'Patches_Missing'
from
v_UpdateComplianceStatus UCS
left outer join dbo.v_GS_COMPUTER_SYSTEM  CS
on CS.ResourceID = UCS.ResourceID
join v_CICategories_All catall2
on catall2.CI_ID=UCS.CI_ID
join v_CategoryInfo catinfo2
on catall2.CategoryInstance_UniqueID = catinfo2.CategoryInstance_UniqueID and catinfo2.CategoryTypeName='UpdateClassification'
left join v_gs_workstation_status ws
on ws.resourceid=CS.resourceid
left join v_fullcollectionmembership FCM
on FCM.resourceid=CS.resourceid
WHERE
UCS.Status = '2'
and FCM.collectionid = 'PRI00306'
and catinfo2.CategoryInstanceName = 'Critical Updates'
Group by
CS.resourceid,
ws.lasthwscan,
FCM.collectionID
) AS MP_CRITICAL ON CS.resourceid = MP_CRITICAL.resourceid

LEFT JOIN (
select
CS.resourceid,
sum(case when UCS.status=2 then 1 else 0 end) As 'Patches_Missing'
from
v_UpdateComplianceStatus UCS
left outer join dbo.v_GS_COMPUTER_SYSTEM  CS
on CS.ResourceID = UCS.ResourceID
join v_CICategories_All catall2
on catall2.CI_ID=UCS.CI_ID
join v_CategoryInfo catinfo2
on catall2.CategoryInstance_UniqueID = catinfo2.CategoryInstance_UniqueID and catinfo2.CategoryTypeName='UpdateClassification'
left join v_gs_workstation_status ws
on ws.resourceid=CS.resourceid
left join v_fullcollectionmembership FCM
on FCM.resourceid=CS.resourceid
WHERE
UCS.Status = '2'
and FCM.collectionid = 'PRI00306'
and catinfo2.CategoryInstanceName = 'Security Updates'
Group by
CS.resourceid,
ws.lasthwscan,
FCM.collectionID
) AS MP_SECURITY ON CS.resourceid = MP_SECURITY.resourceid


WHERE
    UCS.Status = '2'
and FCM.collectionid = 'PRI00306'

Group by
CS.resourceid,
CS.Name0,
CS.UserName0,
CS.Manufacturer0,
CS.Model0,
ws.lasthwscan,
FCM.collectionID
Order by
MAX(MP_ALL.Patches_Missing) DESC,
CS.Name0,
ws.lasthwscan,
FCM.collectionID


at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

SCCM SQL Query to get Bit-locker Recovery Key

  SELECT cm.Name, ck.RecoveryKeyId, cv.VolumeGuid, cvt.TypeName AS 'Volume Type', RecoveryAndHardwareCore.DecryptString(ck...