IT Auditor needs Log of applied patches Expand / Collapse
Author
Message
Posted 1/13/2016 9:33:01 AM
Forum Newbie

Forum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum Newbie

Group: Forum Members
Last Login: 1/13/2016 8:48:34 AM
Posts: 1, Visits: 0
I need to generate a list of applied patches on specific servers (SOX) to tie to the change management system to "prove" that the patches were approved prior to being applied.

Since I know there are many ways of pulling this inforamtion  and I want it to be a repeatable process I wanted some feedback on the pro's/con's of the following:

1) Run a powershell script like this looping the Get-Hotfix... https://gallery.technet.microsoft.com/scriptcenter/Generate-a-Report-for-f71a6800

I think this is reliable information that shows the hotfix applied, by whom, and when.  This should be adequate to tie to the Change Management ticketing system.

2) But what about leveraging existing logs that might be captured with EventIDs 19-24?   I think capturing these series of events will probably provide more information but in a little bit messier format?

Is there a risk of false positives/negatives in either of these approaches?  This is a little out of my area of expertise!

TIA!

Post #5156
« Prev Topic | Next Topic »


Permissions Expand / Collapse

All times are GMT -5:00, Time now is 1:18am