cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
paulruvalcaba
Engaged Sweeper III
I'm trying to add the HOTFIXID to this report to show the KB update that was installed.
But when I try to add it, it adds multiple rows for each Workstation.


Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tsysOS.OSname,
tblAssets.Username,
tblADusers.Firstname,
tblADusers.Lastname,
tblAssets.IPAddress,
tblAssets.Description,
Max(Convert(datetime,tblQuickFixEngineering.InstalledOn)) As lastPatchDate,
tblAssets.Lastseen
From tblQuickFixEngineering
Join tblAssets On tblAssets.AssetID = tblQuickFixEngineering.AssetID
Join tsysOS On tblAssets.OScode = tsysOS.OScode
Inner Join tblADusers On tblADusers.Username = tblAssets.Username
Group By tblAssets.AssetID,
tblAssets.AssetName,
tsysOS.OSname,
tblAssets.Username,
tblADusers.Firstname,
tblADusers.Lastname,
tblAssets.IPAddress,
tblAssets.Description,
tblAssets.Lastseen
Order By lastPatchDate






OR as an alternative I'm also trying to show this report with JUST the LATEST patch (I just don't know how):


Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Username,
tblADusers.Firstname,
tblADusers.Lastname,
Coalesce(tsysOS.Image, tsysAssetTypes.AssetTypeIcon10) As icon,
tblAssets.IPAddress,
tsysIPLocations.IPLocation,
tsysOS.OSname As OS,
tblAssets.SP,
tblAssets.Lastseen,
tblAssets.Lasttried,
tblQuickFixEngineeringUni.HotFixID,
tblQuickFixEngineeringUni.Description,
tblQuickFixEngineering.InstalledOn,
tblQuickFixEngineering.Lastchanged As LastChanged,
tblQuickFixEngineeringInstalledBy.InstalledBy,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tblState On tblState.State = tblAssetCustom.State
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblQuickFixEngineering On tblQuickFixEngineering.AssetID =
tblAssets.AssetID
Inner Join tblQuickFixEngineeringUni On tblQuickFixEngineeringUni.QFEID =
tblQuickFixEngineering.QFEID
Left Join tblQuickFixEngineeringInstalledBy On
tblQuickFixEngineeringInstalledBy.InstalledByID =
tblQuickFixEngineering.InstalledByID
Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
Inner Join tblADusers On tblADusers.Username = tblAssets.Username
Where tblState.Statename = 'Active'
Order By tblAssets.Domain,
tblAssets.AssetName,
tblQuickFixEngineeringUni.HotFixID



Any help would be appreciated.
6 REPLIES 6
paulruvalcaba
Engaged Sweeper III
Still need help.

Someone came in and steered the conversation somewhere else not related to this original post.
lrea
Engaged Sweeper
We're looking for a report on just the CVE-2020-0601 vulnerable endpoints.
Any help on that would be great.
Seems along the lines of this request.
lrea wrote:
We're looking for a report on just the CVE-2020-0601 vulnerable endpoints.
Any help on that would be great.
Seems along the lines of this request.


This should work for CVE-2020-0601

Select Distinct Top 1000000 Coalesce(tsysOS.Image,
tsysAssetTypes.AssetTypeIcon10) As icon,
tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tblState.Statename As State,
Case tblAssets.AssetID
When SubQuery1.AssetID Then 'Up to date'
Else 'Out of date'
End As [Patch status],
Case
When tblComputersystem.Domainrole > 1 Then 'Server'
Else 'Workstation'
End As [Workstation/Server],
tblAssets.Username,
tblAssets.Userdomain,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tsysOS.OSname As OS,
tblAssets.SP,
Case
When tsysOS.OScode Like '10.0.10240%' Then '1507'
When tsysOS.OScode Like '10.0.10586%' Then '1511'
When tsysOS.OScode Like '10.0.14393%' Then '1607'
When tsysOS.OScode Like '10.0.15063%' Then '1703'
When tsysOS.OScode Like '10.0.16299%' Then '1709'
When tsysOS.OScode Like '10.0.17134%' Then '1803'
When tsysOS.OScode Like '10.0.17763%' Then '1809'
When tsysOS.OScode Like '10.0.18362%' Then '1903'
When tsysOS.OScode Like '10.0.18363%' Then '1909'
End As Version,
tblAssets.Lastseen,
tblAssets.Lasttried,
Case
When tblErrors.ErrorText Is Not Null Or
tblErrors.ErrorText != '' Then
'Scanning Error: ' + tsysasseterrortypes.ErrorMsg
Else ''
End As ScanningErrors,
Case
When tblAssets.AssetID = SubQuery1.AssetID Then ''
Else Case
When tsysOS.OScode Like '10.0.10240' Then 'KB4534306'
When tsysOS.OScode Like '10.0.10586' Then
'EOL, update to a higher Windows version'
When tsysOS.OScode Like '10.0.14393' Or
tsysOS.OSname = 'Win 2016' Then 'KB4534271'
When tsysOS.OScode Like '10.0.15063' Then
'EOL, update to a higher Windows version'
When tsysOS.OScode Like '10.0.16299' Then 'KB4534276'
When tsysOS.OScode Like '10.0.17134' Then 'KB4534293'
When tsysOS.OScode Like '10.0.17763' Or
tsysOS.OSname = 'Win 2019' Then 'KB4534273'
When tsysOS.OScode Like '10.0.18362' Then 'KB4528760'
When tsysOS.OScode Like '10.0.18363' Then 'KB4528760'
End
End As [Install one of these updates],
Convert(nvarchar,DateDiff(day, QuickFixLastScanned.QuickFixLastScanned,
GetDate())) + ' days ago' As WindowsUpdateInfoLastScanned,
Case
When Convert(nvarchar,DateDiff(day, QuickFixLastScanned.QuickFixLastScanned,
GetDate())) > 3 Then
'Windows update information may not be up to date. We recommend rescanning this machine.'
Else ''
End As Comment,
Case tblAssets.AssetID
When SubQuery1.AssetID Then '#d4f4be'
Else '#ffadad'
End As backgroundcolor
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tblOperatingsystem On tblOperatingsystem.AssetID =
tblAssets.AssetID
Inner Join tblState On tblState.State = tblAssetCustom.State
Inner Join tblComputersystem On tblAssets.AssetID = tblComputersystem.AssetID
Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
Left Join (Select Top 1000000 tblQuickFixEngineering.AssetID
From tblQuickFixEngineering
Inner Join tblQuickFixEngineeringUni On tblQuickFixEngineeringUni.QFEID
= tblQuickFixEngineering.QFEID
Where tblQuickFixEngineeringUni.HotFixID In ('KB4534306', 'KB4534271',
'KB4534276', 'KB4534293', 'KB4534273', 'KB4528760')) As SubQuery1 On
tblAssets.AssetID = SubQuery1.AssetID
Left Join tsysIPLocations On tblAssets.IPNumeric >= tsysIPLocations.StartIP
And tblAssets.IPNumeric <= tsysIPLocations.EndIP
Left Join (Select Distinct Top 1000000 TsysLastscan.AssetID As ID,
TsysLastscan.Lasttime As QuickFixLastScanned
From TsysWaittime
Inner Join TsysLastscan On TsysWaittime.CFGCode = TsysLastscan.CFGcode
Where TsysWaittime.CFGname = 'QUICKFIX') As QuickFixLastScanned On
tblAssets.AssetID = QuickFixLastScanned.ID
Left Join (Select Distinct Top 1000000 tblErrors.AssetID As ID,
Max(tblErrors.Teller) As ErrorID
From tblErrors
Group By tblErrors.AssetID) As ScanningError On tblAssets.AssetID =
ScanningError.ID
Left Join tblErrors On ScanningError.ErrorID = tblErrors.Teller
Left Join tsysasseterrortypes On tsysasseterrortypes.Errortype =
tblErrors.ErrorType
Where (tsysOS.OSname Like 'Win 10' Or tsysOS.OSname Like 'Win 2016' Or
tsysOS.OSname Like 'Win 2019') And tblAssetCustom.State = 1 And
tsysAssetTypes.AssetTypename Like 'Windows%'
Order By tblAssets.Domain,
tblAssets.AssetName
paulruvalcaba
Engaged Sweeper III
lrea wrote:
We're looking for a report on just the CVE-2020-0601 vulnerable endpoints.
Any help on that would be great.
Seems along the lines of this request.


Didn't they release that report?

Do you receive emails from Lansweeper?
francisswest
Champion Sweeper
Is this partially in response to the crypto vulnerability released today?
francisswest wrote:
Is this partially in response to the crypto vulnerability released today?


Not necessarily. I suppose in part, somewhat. Just want a report that shows the KB associated with the latest update.