Execute PowerShell Scripts to Check Windows Updates
Video Lecture
Description
We can execute PowerShell commands on remote hosts with Zabbix agent.
In this lesson we will install 3 scripts, that we can use to query Windows Updates status on a remote windows host. Two of the scripts will be used as host items, and the other will be an administration script that we can call manually.
- Create a folder **C:\zabbix-agent-scripts\ **
- Download Zip and save the files into it
DaysSinceLastUpdate.ps1
Returns an integer showing how many days since Windows Update was last run.
#Count Days Since last Windows Update Was Run
#Author: Sean Bradley
#License: BSD-3-Clause-Attribution
#Attribution: https://sbcode.net/zabbix/powershell-windows-updates/
$date = Get-Date
$diff = (Get-HotFix | Sort-Object -Property InstalledOn)[-1] | Select-Object InstalledOn
$diff3 = New-TimeSpan -Start $diff.InstalledOn -end $date
write-host $diff3.days
CountUninstalledUpdates.ps1
Counts how many updates are assigned to the computer and not yet installed.
#Count Uninstalled Updates
#Author: Sean Bradley
#License: BSD-3-Clause-Attribution
#Attribution: https://sbcode.net/zabbix/powershell-windows-updates/
[Int]$Count = 0
$Searcher = new-object -com "Microsoft.Update.Searcher"
$Searcher.Search("IsAssigned=1 and IsHidden=0 and IsInstalled=0").Updates | ForEach-Object { $Count++ }
Write-Host $Count
ListUninstalledUpdates.ps1
Returns text layed out as a table of updates whether installed or not and severity
#Lists Windows Updates whether Installed or Not and Severity
#Author: Sean Bradley
#License: BSD-3-Clause-Attribution
#Attribution: https://sbcode.net/zabbix/powershell-windows-updates/
$Searcher = new-object -com "Microsoft.Update.Searcher"
$Searcher.Search("IsAssigned=1 and IsHidden=0").Updates | Format-Table title, MsrcSeverity, IsInstalled | Out-String -Width 256
Test Files Locally
Test each file works by executing the PowerShell command below from a CMD prompt on the windows host.
powershell -NoProfile -ExecutionPolicy bypass -File "C:\zabbix-agent-scripts\DaysSinceLastUpdate.ps1"
powershell -NoProfile -ExecutionPolicy bypass -File "C:\zabbix-agent-scripts\CountUninstalledUpdates.ps1"
powershell -NoProfile -ExecutionPolicy bypass -File "C:\zabbix-agent-scripts\ListUninstalledUpdates.ps1"
Add User Parameters
UserParameter=DaysSinceLastUpdate,powershell.exe -NoProfile -ExecutionPolicy bypass -File "C:\zabbix-agent-scripts\DaysSinceLastUpdate.ps1"
UserParameter=CountUninstalledUpdates,powershell -NoProfile -ExecutionPolicy bypass -File "C:\zabbix-agent-scripts\CountUninstalledUpdates.ps1"
Note
If your scripts are slow running, you are likely to get timeouts when calling from Zabbix. You can set the timeout properties from the default 3 seconds to 1-30 seconds inside the Zabbix agents config, and also the Zabbix Proxy config if your agent is monitored by proxy.
Create Items in Zabbix Hosts or Templates
Days Since Last Update
| Key | Value |
|---|---|
| Name | Days Since Last Windows Update |
| Type | Zabbix agent |
| Key | DaysSinceLastUpdate |
| Type of information | Numeric (unsigned) |
| Update interval | 1d |
Count Uninstalled Updates
| Key | Value |
|---|---|
| Name | Count Uninstalled Windows Updates |
| Type | Zabbix agent |
| Key | CountUninstalledUpdates |
| Type of information | Numeric (unsigned) |
| Update interval | 1d |
Create an Administration Script
Note
For Administration scripts that run on the agent, you will also need to edit the zabbix_agentd.conf. Set set EnableRemoteCommands = 1, and/or modify the DenyKey/AllowKey properties depending on your version of the Zabbix agent.
Create a new script in the Zabbix UI, Administration ⇾ Scripts, that will call ListUninstalledUpdates.ps1 and execute it on the remote Windows agent,
Note
This will not work on agents connected to the Zabbix server as capable of Active checks only. Zabbix server will need to be able to do passive checks. So that means, a firewall rule, or Zabbix proxy configuration on the same network as the agent, if the agent is not on the same network as the Zabbix Server.
| Key | Value |
|---|---|
| Name | List Windows Updates |
| Scope | Manual host action |
| Type | Script |
| Execute on | Zabbix agent |
| Command | powershell -NoProfile -ExecutionPolicy bypass -File "C:\zabbix-agent-scripts\ListUninstalledUpdates.ps1" |