Forum Discussion
Azure Arc Patching
Working on getting boxes onboarded with Azure Arc since we are mostly cloud based, but still have a few boxes left on prem. In my lab I am able to enroll and setup patching via Azure without much issue. Via the console it reports stuff running, etc however when checking on the box I dont see the patches via update history or wmic qfe list. But when I check the rev, I see the OS is current (I installed from an ISO that was 12 months old)
Seems like the data is out of sync or just missing locally. Other than Azure Arc's log, is there anyway to validate its working correctly? sorry, just paranoid and want to make sure its solid...
Considering this:
- Check Azure Arc Logs: Review the logs in the Azure Arc console to see if there are any errors or warnings related to patching.
- Log Analytics: Ensure that your servers are linked to a Log Analytics Workspace. You can check the workspace for patching-related events and logs.
- Manual Verification: Manually check the patch status on the server using commands like Get-WindowsUpdateLog in PowerShell or wmic qfe list in the command prompt.
- Azure Automation: Verify that the Azure Automation account and runbooks are correctly configured to apply patches. You can check the runbook execution history for any issues.
- Azure Arc Validation: Use the Azure Arc validation tools to ensure that your setup is compliant with Azure Arc requirements.
thank you for the response
- Azure Arc Logs - all look good and appear to good installs
- Will look into analytics going forward for when we flip to prod
- Manual Verification of the OS build seems to be the current method to validate if it's been patched
- Not using Azure Automation, its strictly Azure Arc, however, will see if it built any behind the scenes...I am trying to get a post to Teams when they patch as a notification, but the payload is causing issues
- Azure Arc validated without issue
