Share via

How to generate WSUS reports for installed update from three years back??

Mohamed khairy 146 Reputation points
2024-07-31T07:41:00.05+00:00

Hi everybody

we have a compliance requirement to maintain logs for installed Windows patches for a certain number of years. Do we have an option to export WSUS reports for certain years?

For example, generate WSUS reports for installed updates on certain computer groups for 3 years back. could we achieve this using WSUS and if yes, how?

Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
3,743 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
13,040 questions
Windows Server Management
Windows Server Management
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Management: The act or process of organizing, handling, directing or controlling something.
435 questions
0 comments
Accepted answer
  1. S Krishnaramanan 75 Reputation points
    2024-07-31T10:54:03.38+00:00

    Using PowerShell to Export WSUS Reports

    PowerShell can help automate the process of generating and exporting WSUS reports. Below is a script to help you retrieve installed updates for the last three years:

    # Import the WSUS module
Import-Module UpdateServices
# Connect to the WSUS server
$wsusServer = Get-WSUSServer -Name "YourWSUSServerName" -Port 8530
# Specify the date range (last three years)
$startDate = (Get-Date).AddYears(-3)
# Get the computer groups you want to report on
$computerGroups = $wsusServer.GetComputerTargetGroups() | Where-Object { $_.Name -eq "YourComputerGroupName" }
# Get updates that were installed in the specified date range
$updates = $wsusServer.GetUpdates() | Where-Object { $_.UpdateClassificationTitle -eq "Updates" -and $_.CreationDate -ge $startDate }
# Create an empty array to store the report data
$reportData = @()
# Iterate through each update and get the installation status for each computer group
foreach ($update in $updates) {
    foreach ($group in $computerGroups) {
        $statusSummary = $update.GetUpdateInstallationInfoPerComputerTargetGroup($group.Id)
        foreach ($status in $statusSummary) {
            $reportData += [PSCustomObject]@{
                'ComputerGroup' = $group.Name
                'UpdateTitle' = $update.Title
                'UpdateDate' = $update.CreationDate
                'Installed' = $status.InstalledCount
                'NotInstalled' = $status.NotInstalledCount
                'Unknown' = $status.UnknownCount
            }
        }
    }
}
# Export the report data to a CSV file
$reportData | Export-Csv -Path "C:\Path\To\Export\WSUSReport.csv" -NoTypeInformation
Write-Host "WSUS report generated and exported successfully."

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Wagner Bauler Azevedo 0 Reputation points
    2024-09-30T19:42:17.2566667+00:00

    Here it shows following message when connecting to the server:

    Get-WSUSServer : The request failed with HTTP status 403: Forbidden

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.