Azure Update Manager | Alert

Hello Andrea Longhitano

Thank you for posting your query on Microsoft Q&A platform.

Azure Update Manager alerting for assessment and patching failures is currently available only in Preview, and Microsoft has not published a GA timeline.

As a supported alternative, customers can monitor failures using Azure Monitor scheduled query alerts based on Azure Resource Graph, since Update Manager stores assessment and patching results in ARG. This allows using GA Azure Monitor alerting with Action Groups until native Update Manager alerting becomes generally available.

Azure Update Manager does not write data into Log Analytics tables like legacy Update Management (for example, there is no Update, UpdateSummary, or UpdateRunProgress table).

Instead, Azure Update Manager stores assessment and patching results in Azure Resource Graph (ARG).

The main resource type is:

YAML

microsoft.maintenance/updates

This resource contains Assessment results, Update installation (patching) results, Machine‑level status, Success and failure states.

Example: Machines with failed update installation: This query identifies machines where patch installation failed.

Resources
| where type == "microsoft.maintenance/updates"
| where properties.status == "Failed"
| project
    name,
    properties.resourceId,
    properties.status,
    properties.lastModifiedDateTime

2.Machines with failed assessment: This query identifies assessment failures.

Resources
| where type == "microsoft.maintenance/updates"
| where properties.assessmentStatus == "Failed"
| project
    name,
    properties.resourceId,
    properties.assessmentStatus,
    properties.lastModifiedDateTime

1. Failed patching in the last 24 hours:

Resources
| where type == "microsoft.maintenance/updates"
| where properties.status == "Failed"
| where todatetime(properties.lastModifiedDateTime) > ago(1d)
| project
    name,
    properties.resourceId,
    properties.status,
    properties.lastModifiedDateTime

These queries can be used in Azure Resource Graph Explorer and Azure Monitor Scheduled Query Alerts.

Azure Update Manager does not use Log Analytics agent, No records are written to LogAnalyticsWorkspace → Tables.

If you have any other questions, please do let us know.

Thanks,

Suchitra.

AFAIK, Microsoft has not published a public date for general availability. Azure teams generally avoid committing to timelines until a feature is ready, so the only reliable way to track it is through the Azure Updates page and the Update Manager documentation changelog.

However, you can monitor the service today by leveraging the fact that Update Manager events are written into Azure Resource Graph tables and Log Analytics if your machines are connected. You can query Update and VM insights data to identify failures and generate your own alerts. The main tables include Update, UpdateRunProgress, VMComputer, and UpdateSummary. You can write scheduled queries in Azure Monitor that look for non-compliant machines or failed update runs and fire an alert when the result count is greater than zero.

For hybrid or on-premises machines, Windows and Linux both generate OS-level patch events. Those can be sent to Log Analytics with via Azure Monitor Agent and queried the same way.

If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.

hth

Marcin