Execute Powershell Scripts to Check Windows Updates

Video Lecture

Execute Powershell Scripts to Check Windows Updates Execute Powershell Scripts to Check Windows Updates

Description

We can execute powershell commands on remote hosts with Zabbix agent.

In this lesson we will install 3 scripts, that we can use to query Windows Updates status on a remote windows host. Two of the scripts will be used as host items, and the other will be an administration script that we can call manually.

  1. Create a folder C:\zabbix-agent-scripts\
  2. Download Zip and save the files into it

DaysSinceLastUpdate.ps1

Returns an integer showing how many days since Windows Update was last run.

1
2
3
4
5
6
7
8
#Count Days Since last Windows Update Was Run
#Author: Sean Bradley
#License: BSD-3-Clause-Attribution
#Attribution: https://sbcode.net/zabbix/powershell-windows-updates/
$date = Get-Date
$diff = (Get-HotFix | Sort-Object -Property InstalledOn)[-1] | Select-Object InstalledOn
$diff3 = New-TimeSpan -Start $diff.InstalledOn -end $date
write-host $diff3.days

CountUninstalledUpdates.ps1

Counts how many updates are assigned to the computer and not yet installed.

1
2
3
4
5
6
7
8
#Count Uninstalled Updates
#Author: Sean Bradley
#License: BSD-3-Clause-Attribution
#Attribution: https://sbcode.net/zabbix/powershell-windows-updates/
[Int]$Count = 0
$Searcher = new-object -com "Microsoft.Update.Searcher"
$Searcher.Search("IsAssigned=1 and IsHidden=0 and IsInstalled=0").Updates | ForEach-Object { $Count++ }
Write-Host $Count

ListUninstalledUpdates.ps1

Returns text layed out as a table of updates whether installed or not and severity

1
2
3
4
5
6
#Lists Windows Updates whether Installed or Not and Severity
#Author: Sean Bradley
#License: BSD-3-Clause-Attribution
#Attribution: https://sbcode.net/zabbix/powershell-windows-updates/
$Searcher = new-object -com "Microsoft.Update.Searcher"
$Searcher.Search("IsAssigned=1 and IsHidden=0").Updates | Format-Table title, MsrcSeverity, IsInstalled | Out-String -Width 256

Test Files Locally

Test each file works by executing the powershell command below from a CMD prompt on the windows host.

1
powershell -NoProfile -ExecutionPolicy bypass -File "C:\zabbix-agent-scripts\DaysSinceLastUpdate.ps1"
1
powershell -NoProfile -ExecutionPolicy bypass -File "C:\zabbix-agent-scripts\CountUninstalledUpdates.ps1"
1
powershell -NoProfile -ExecutionPolicy bypass -File "C:\zabbix-agent-scripts\ListUninstalledUpdates.ps1"

Add UserParameters

1
2
UserParameter=DaysSinceLastUpdate,powershell.exe -NoProfile -ExecutionPolicy bypass -File "C:\zabbix-agent-scripts\DaysSinceLastUpdate.ps1"
UserParameter=CountUninstalledUpdates,powershell -NoProfile -ExecutionPolicy bypass -File "C:\zabbix-agent-scripts\CountUninstalledUpdates.ps1"

Note

If your scripts are slow running, you are likely to get timeouts when calling from Zabbix. You can set the timeout properties from the default 3 seconds to 1-30 seconds inside the Zabbix agents config, and also the Zabbix Proxy config if your agent is monitored by proxy.

Create Items in Zabbix Hosts or Templates

Days Since Last Update

Key Value
Name Days Since Last Windows Update
Type Zabbix agent
Key DaysSinceLastUpdate
Type of information Numeric (unsigned)
Update interval 1d

Count Uninstalled Updates

Key Value
Name Count Uninstalled Windows Updates
Type Zabbix agent
Key CountUninstalledUpdates
Type of information Numeric (unsigned)
Update interval 1d

Create an Administration Script

Note

For Administration scripts that run on the agent, you will also need to edit the zabbix_agentd.conf. Set set EnableRemoteCommands = 1, and/or modify the DenyKey/AllowKey properties depending on your version of the zabbix agent.

Create a new script in the Zabbix UI, Administration-->Scripts, that will call ListUninstalledUpdates.ps1 and execute it on the remote windows agent,

Note

This will not work on agents connected to the Zabbix server as capable of Active checks only. Zabbix server will need to be able to do passive checks. So that means, a firewall rule, or Zabbix proxy setup on the same network as the agent, if the agent is not on the same network as the Zabbix Server.

Key Value
Name List Windows Updates
Type Script
Execute on Zabbix agent
Command powershell -NoProfile -ExecutionPolicy bypass -File "C:\zabbix-agent-scripts\ListUninstalledUpdates.ps1"

Powershell Execution Policy