Category filter
Patch and Update reports in Hexnode UEM
Hexnode UEM’s ‘Scan for updates‘ action allows IT administrators to scan Windows devices for available patches and updates. With the addition of Patch and Update Reports, IT administrators can now access comprehensive information about the updates that are available for their devices, or identify which devices are missing these updates.
Creating Patch and Update reports
Patch and Update reports are categorized as follows:
- Available updates
- Devices missing updates
- Devices pending reboot
- Fully patched devices
- Critical updates
- Major updates
- Minor updates
- Updates awaiting approval
To generate any Patch and Update report:
- Log in to your Hexnode UEM portal.
- Navigate to Reports > Built-in Reports > Patch and Update.
- Select the update report you want to generate.
Available updates
The list of updates available for Windows devices that are enrolled in Hexnode UEM.
The report contains the following details:
- Update Name: Name of the update.
- Product: The OS or app for which the update is available.
- Affected Devices: The number of devices where the update status is anything other than ‘Installed’. This includes devices with statuses such as ‘Installable’, ‘Failed’, ‘Approved’, or ‘Pending Reboot’. You can view the details of the devices, such as Device Name, User, OS, Version, Serial Number, and Update status, by clicking on the number corresponding to the respective update under the Affected Devices column.
- Installed Devices: The number of devices where the update is in an Installed status. You can view the details of the devices, such as Device Name, User, OS, Version, and Serial Number, by clicking on the number corresponding to the respective update under the Installed Devices column.
- Platform: The device platform to which the update is applicable.
- Severity: The criticality of the update, categorized into levels such as Critical, Important, Moderate, or Low.
- KB Number: The Knowledge Base (KB) reference number associated with the update. These KB numbers are unique identifiers provided by vendors like Microsoft to document specific updates and fixes.
Devices missing updates
The list of all Windows devices along with the number of available updates that have not yet been installed on each device.
The report contains the following details:
- Device Name: Name of the device.
- Username: Name of the user.
- Platform: The platform of the device.
- Last Successful Scan: The date and time when the device were last successfully scanned for updates.
- Missing Updates: The number of available updates that are not installed on the device. You can view the details of the missing update, such as Name, Product, and Details, by clicking on the number corresponding to the respective device under the Missing Updates column.
Critical updates
The list of all patches with severity “Critical”.
The report contains the following details:
- Update Name: The name of the update or patch, such as the version and identifier of the update.
- Product: The software, application, or OS component that the patch or update applies to.
- Affected Devices: All the devices that need to have a particular patch or update installed.
- Installed Devices: The devices where the patch or update has already been successfully installed.
- Platform: The device platform to which the update is applicable.
- Update Classification: The type of update based on the platform. For Windows (Microsoft), classifications include Critical Updates, Definition Updates, Feature Packs, Security Updates, Service Packs, Tools, Update Rollups, Updates, and Upgrades. For macOS (Apple), classifications include Rapid Security Responses, Major Updates, Minor Updates, Firmware Updates, and Config Data Updates.
- Approval Status: Whether the update has been approved for installation on the device. (Pending or Approved).
Major updates
The list of all patches with severity “Important”.
The report contains the following details:
- Update Name: The name of the update or patch, such as the version and identifier of the update.
- Product: The software, application, or OS component that the patch or update applies to.
- Affected Devices: All the devices that need to have a particular patch or update installed.
- Installed Devices: The devices where the patch or update has already been successfully installed.
- Platform: The device platform to which the update is applicable.
- Update Classification: The type of update based on the platform. For Windows (Microsoft), classifications include Critical Updates, Definition Updates, Feature Packs, Security Updates, Service Packs, Tools, Update Rollups, Updates, and Upgrades. For macOS (Apple), classifications include Rapid Security Responses, Major Updates, Minor Updates, Firmware Updates, and Config Data Updates.
- Approval Status: Whether the update has been approved for installation on the device. (Pending or Approved).
Minor updates
The list of all patches with severity “Moderate”.
The report contains the following details:
- Update Name: The name of the update or patch, such as the version and identifier of the update.
- Product: The software, application, or OS component that the patch or update applies to.
- Affected Devices: All the devices that need to have a particular patch or update installed.
- Installed Devices: The devices where the patch or update has already been successfully installed.
- Platform: The device platform to which the update is applicable.
- Update Classification: The type of update based on the platform. For Windows (Microsoft), classifications include Critical Updates, Definition Updates, Feature Packs, Security Updates, Service Packs, Tools, Update Rollups, Updates, and Upgrades. For macOS (Apple), classifications include Rapid Security Responses, Major Updates, Minor Updates, Firmware Updates, and Config Data Updates.
- Approval Status: Whether the update has been approved for installation on the device. (Pending or Approved).
Updates awaiting approval
The list of all patches that are not yet approved by the admin.
The report contains the following details:
- Update Name: The name of the update or patch, such as the version and identifier of the update.
- Product: The software, application, or OS component that the patch or update applies to.
- Severity: The criticality of the update, categorized into levels such as Critical, Important, Moderate, or Low.
- Affected Devices: All the devices that need to have a particular patch or update installed.
- Installed Devices: The devices where the patch or update has already been successfully installed.
- Platform: The device platform to which the update is applicable.
- Update Classification: The type of update based on the platform. For Windows (Microsoft), classifications include Critical Updates, Definition Updates, Feature Packs, Security Updates, Service Packs, Tools, Update Rollups, Updates, and Upgrades. For macOS (Apple), classifications include Rapid Security Responses, Major Updates, Minor Updates, Firmware Updates, and Config Data Updates.
Devices pending reboot
The list of all devices with at least one update in the status “Pending Reboot”.
The report contains the following details:
- Device Name: Name of the device.
- Username: Name of the user.
- Platform: The device platform to which the update is applicable.
- Last Successful Scan: The date and time when the device were last successfully scanned for updates.
- Updates Pending Reboot: The devices that are awaiting a reboot for the update to be fully applied.
Fully patched devices
The list of devices with all applicable updates installed.
The report contains the following details:
- Device Name: Name of the device.
- Platform: The device platform to which the update is applicable.
- OS Version: The operating system version.
- Device ID: The unique identifier assigned to the device upon its enrollment in Hexnode UEM.
- Username: Name of the user.
- Last Successful Scan: The date and time when the device were last successfully scanned for updates.
On the Device missing updates, Device pending reboot and Fully patched devices report pages, you can click on the listed device and initiate the Scan for Updates right from the report page.
You also have the option to schedule reports at desired time intervals and have them automatically emailed to specified recipients. Additionally, you can Export the report to your device in either PDF or CSV format.