PowerShell Problem Solver: Creating a Hot Fix Reporting Tool

Tutorial Hero
I think I’m long overdue in giving you an example of PowerShell in action. A few months ago, I followed a thread in a discussion forum about finding installed hot fixes and creating some type of report. Instead of jumping to the finished product, let’s spend some time going through the process to arrive at the final solution, or at least what I’m using. This process is just as important to learn and understand as the final result. We’ll be working with installed hot fixes, but it could be just about anything you need to manage.

To begin, we need a basic requirement or business need: “Find installed hot fixes on a remote computer.” In the forum, I believe the poster already knew what command to work with, but let’s say he didn’t. The first thing to do is ask PowerShell for help.

help hotfix

I’m not saying you will get a result the first time, although in this case, you’ll see there is a cmdlet, Get-HotFix that we can use. Sometimes you need to try a variety of terms and maybe even use wildcard characters. Once you have a basic cmdlet, read the complete help and examples.
With Get-HotFix, you can get a specific patch by its ID number or all of them. Since commands should work just fine locally, you should first test on your computer if you can.

Running Get-Hotfix locally
Running Get-Hotfix locally (Image Credit: Jeff Hicks)

While this cmdlet is pretty simple to use, others may require a combination of parameters. By testing locally, you can verify your syntax is correct without having to worry about any potential networking problems. In other words, you could get errors and not be able to tell if the problem is your syntax or something network related. Now that we know this works, we can try with a remote computer.
Testing Get-Hotfix remotely
Testing Get-Hotfix remotely (Image Credit: Jeff Hicks)

Since I’m just testing syntax right now, I don’t need all the results. That’s why I used the -First parameter with Select-Object to only retrieve a small sample. This is enough to understand what the data looks like. Of course, there may be more properties that aren’t displayed  by default. You could pipe the result to Get-Member, but I like this approach so that I can see the property name and value.
Viewing all hotfix properties
Viewing all hotfix properties (Image Credit: Jeff Hicks)

There are definitely some other properties we will want to incorporate into our report.

get-hotfix -ComputerName chi-web02 | select -first 5 -Property PSComputername,HotFixID,Description,InstalledBy,InstalledOn,Caption

Running this code verifies I get the information I want.

Getting select hotfix properties
Getting select hotfix properties (Image Credit: Jeff Hicks)


This is starting to look promising. We have a basic PowerShell expression that provides the information we want and writes it to the pipeline. This means the data could be exported to a CSV file.

get-hotfix -ComputerName chi-web02 |
select -Property PSComputername,HotFixID,Description,InstalledBy,InstalledOn,Caption |
Export-CSV -Path c:\work\chi-web02.csv -NoTypeInformation

Or formatted as a nice report.

get-hotfix -ComputerName chi-web02 |
Sort Description,HotFixID |
Format-Table -GroupBy Description -Property PSComputername,HotFixID,InstalledBy,InstalledOn,Caption

Formatted HotFix Report
Formatted HotFix Report (Image Credit: Jeff Hicks)

To check another computer, I can specify a different computername.
retesting with a different computername
Retesting with a different computername (Image Credit: Jeff Hicks)

But keep in mind that the ultimate goal is to create a reusable tool, and we will need to query multiple remote computers. So before we start scripting, I need to know if Get-Hotfix will take multiple computer names. PowerShell help to the rescue!
Checking Get-Hotfix help
Checking Get-Hotfix help (Image Credit: Jeff Hicks)

The help shows that the parameter will take a collection of strings as indicated by []. That is easy enough to test.
Testing multiple computer names
Testing multiple computer names (Image Credit: Jeff Hicks)

At this point, we could probably put together a basic script to simplify this process.

#requires -version 3.0
#Basic-HotFixReport.ps1
Param([string[]]$Computername = $env:COMPUTERNAME)
Get-Hotfix -ComputerName $Computername |
Select-Object -Property PSComputername,HotFixID,Description,InstalledBy,InstalledOn,
@{Name="Online";Expression={$_.Caption}}

Note that the script doesn’t do any formatting or exporting. All we want it to do is write objects to the pipeline.

Testing the basic script
Testing the basic script (Image Credit: Jeff Hicks)

It works fine for a single computer. Let’s test for multiple computers and do something with the output.

C:\scripts\Basic-HotfixReport.ps1 -Computername chi-p50,chi-test02,chi-web02 | out-gridview -title "Report"

Testing with multiple computer names
Testing with multiple computer names (Image Credit: Jeff Hicks)


Terrific. Anyone could run the script to get the same results. But as you probably surmised, this is merely the first step. What we have now doesn’t take any errors into account. It doesn’t support the use of alternate credentials like Get-HotFix. The script also gets all hotfixes by default. Although Get-Hotfix has a parameter to limit the results to particular types of hot fixes, we’ll start looking at solutions for these issues next time.