Check update compliance with Azure Update Manager

Applies to: ✔️ Windows VMs ✔️ Linux VMs ✔️ On-premises environment ✔️ Azure Arc-enabled servers.

This article explains how to check the status of available updates on a single VM or multiple VMs by using Azure Update Manager.

Check updates on a single VM

You can check the updates from the Overview or Machines pane on the Update Manager page or from the selected VM.

From the Overview pane

1. Sign in to the Azure portal.

2. On the Azure Update Manager | Overview page, select your subscription to view all your machines, and then select Check for updates.

3. On the Select resources and check for updates pane, choose the machine that you want to check for updates, and then select Check for updates.

   An assessment is performed and a notification appears as a confirmation.

   

   The Update status of machines, Patch orchestration configuration of Azure VMs, and Total installation runs tiles are refreshed and display the results.

From the Machines pane

1. Sign in to the Azure portal.

2. On the Azure Update Manager | Machines page, select your subscription to view all your machines.

3. Select the checkbox for your machine, and then select Check for updates > Assess now. Alternatively, you can select your machine and in Updates, select Assess updates. In Trigger assess now, select OK.

   An assessment is performed and a notification appears first that says Assessment is in progress. After a successful assessment, you see Assessment successful. Otherwise, you see the notification Assessment Failed. For more information, see Update assessment scan.

From a selected VM

1. Select your virtual machine to open the Virtual machines | Updates page.

2. Under Operations, select Updates.

3. On the Updates pane, select Go to Updates using Update Manager.

   

4. On the Updates page, select Check for updates. In Trigger assess now, select OK.

   An assessment is performed and a notification says Assessment is in progress. After the assessment, you see Assessment successful or Assessment failed.

   

For more information, see Update assessment scan.

Check updates at scale

To check the updates on your machines at scale, follow these steps.

You can check the updates from the Overview or Machines pane.

From the Overview pane

1. Sign in to the Azure portal.

2. On the Azure Update Manager | Overview page, select your subscription to view all your machines and select Check for updates.

3. On the Select resources and check for updates pane, choose the machines that you want to check for updates and select Check for updates.

   An assessment is performed and a notification appears as a confirmation.

   The Update status of machines, Patch orchestration configuration of Azure virtual machines, and Total installation runs tiles are refreshed and display the results.

From the Machines pane

1. Sign in to the Azure portal.

2. On the Azure Update Manager | Machines page, select your subscription to view all your machines.

3. Choose Select all to select all your machines, and then select Check for updates.

4. Select Assess now to perform the assessment.

   A notification appears when the operation is initiated and finished. After a successful scan, the Update Manager | Machines page is refreshed to display the updates.

Note

In Update Manager, you can initiate a software updates compliance scan on the machine to get the current list of operating system (guest) updates, including the security and critical updates. On Windows, the Windows Update Agent performs the software update scan. On Linux, the software update scan is performed using the package manager that returns the missing updates as per the configured repositories which are retrieved from a local or remote repository.

Next steps

• To learn how to deploy updates on your machines to maintain security compliance, see Deploy updates.
• To view the update assessment and deployment logs generated by Update Manager, see Query logs.
• To troubleshoot issues, see Troubleshoot Update Manager.