Add WSUS registry scan information to a report

infosecphill · ‎09-25-2019

I've created a new report for the Internet Explorer Zero-Day Vulnerability Audit and would like to include the results of a registry scan into the report to show if an asset contains WSUS settings, so we can identify which devices are managed by our patching tool and which aren't.

The registry keys we are scanning are and want listed in the report are:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate Value:TargetGroup HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate Value:WUServer

JacobH · ‎09-30-2019

This isn't a functioning query - it shows you what to SELECT, and the joins used - joined to tblassets


IsNull(scndtbl.Value, 'No Entry Found') As [WSUS Target Group],
IsNull(thrdtbl.Value, 'No Entry Found') As [WSUS Server]

Left Join (Select tblRegistry.AssetID,
        tblRegistry.Valuename,
        tblRegistry.Value,
        tblRegistry.Regkey
      From tblRegistry
      Where tblRegistry.Valuename = 'TargetGroup' And
        tblRegistry.Regkey Like '%SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate') scndtbl
	 On tblAssets.AssetID = scndtbl.AssetID
Left Join (Select tblRegistry.AssetID,
        tblRegistry.Valuename,
        tblRegistry.Value,
        tblRegistry.Regkey
      From tblRegistry
      Where tblRegistry.Valuename = 'WUServer' And
        tblRegistry.Regkey Like '%SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate') thrdtbl
	On tblAssets.AssetID = thrdtbl.AssetID

Add WSUS registry scan information to a report

New to Lansweeper?

Try Lansweeper For Free