Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsMicrosoft WindowsWindows Updates behaviour on SBS vs standard AD (2008r2)
funkypenguin

11 posts

Geek
+1 received by user: 1

Trusted

#119547 5-Jun-2013 15:18
Send private message

Hi geeks,

I have a hairy windows problem, I'm hoping someone more experienced than myself can help. We're using a nagios plugin to monitor pending Window Updates across our servers.

The plugin works by examining c:\windows\\SoftwareDistribution\ReportingEvents.log, and looking for the last line which matches "successfully detected x updates". It uses the number of detected updates to report all-good or updates-due.

We have several Win2008r2 servers in SBS-controlled AD domains, and the contents of the file is typically like this:

---
....AutomaticUpdates Success Software Synchronization Windows Update Client successfully detected 4 updates.
....AutomaticUpdates Success Software Synchronization Windows Update Client successfully detected 4 updates.
....Success Software Synchronization Windows Update Client successfully detected 0 updates.
....AutomaticUpdates Success Software Synchronization Windows Update Client successfully detected 4 updates.
....AutomaticUpdates Success Software Synchronization Windows Update Client successfully detected 4 updates.
....Success Software Synchronization Windows Update Client successfully detected 0 updates.
---

This host has 3 optional updates (not sure why it keeps detecting 4). But anyway, because of the last line, the plugin CORRECTLY ignores optional updates, but does actually alarm when there are legitimate updates.

Now, a host which is on a NON-SBS AD domain, the contents of the file look like this:

---
....AutomaticUpdates Success Software Synchronization Windows Update Client successfully detected 6 updates.
....AutomaticUpdates Success Software Synchronization Windows Update Client successfully detected 6 updates.
....AutomaticUpdates Success Software Synchronization Windows Update Client successfully detected 6 updates.
---

But this host has 5 optional updates. However, my plugin is alarming on 6 updates.

We've compared the group policy settings, the windows update settings on the two hosts, and they're the same. Neither site is using WSUS.

When there is a legit update (like IE10 last night), both hosts will record this in the file, and it's counted against one of the detected updates. But still, the SBS-managed host seems to later split the detected updates into optional and non-optional, whereas the standard AD-managed host does not.

Any clever ideas?

Thanks,
D

Create new topic
nathan
5695 posts

Uber Geek
+1 received by user: 1630
Inactive user


  #831012 5-Jun-2013 15:21
Send private message

did Nagios have anything interesting to say?



funkypenguin

11 posts

Geek
+1 received by user: 1

Trusted

  #831013 5-Jun-2013 15:24
Send private message

Nope, but then it's not a Nagios thing, I can see that the information is wrong before it gets to the plugin, and before the plugin reports it back to Nagios. It's a discrepancy between how 2 hosts record available windows updates, and the particular method I'm trying to use to alert to outstanding updates :)

Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright