This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(144, 11%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELD%3C/text%3E%3C/svg%3E)
Hi,
In a SUG we have no filter for superseded so I understand that any update that falls within the other criteria will be included. It does seem like this is correct as superseded updates are showing in the SUG Preview.
However, when I run a compliancy report against this SUG today, most of it is non-compliant because Patch Tuesday was only 2 days ago, and December's patch is now in the SUG.
For Compliancy, I want to include everything in the SUG, so if an update is included but superseded any machine with at least the oldest superseded update in the SUG should show as Compliant.
So for example, running a compliance report today against a Collection that has 100 devices:
10 devices have December patch installed
80 devices have November patch installed
5 devices have October patch installed
5 devices have September patch installed
Should be 95% compliant and 5% non-compliant, against the SUG shown in the screenshots.
I am not getting this behaviour and the only thing I can think of is that although November and October patches are picked up in the SUG, they have been superseded by December's patch and Compliancy Report is ignoring them.
I also have a custom SQL query that replicates the Compliancy Report showing the same behaviour. I am using the default SCCM SQL Views.
Is it possible to get this working as above?
Thanks
Then this is a reporting issue and you'll have to add this logic to your compliance reports.
Thanks. Just to confirm, I'm using the built-in Compliance 1 - Overall Compliance report.
But are you saying this report does indeed ignore superseded updates even though those superseded updates still apply to a SUG?
So in this exact scenario, both patches should be 'merged' for compliant/non-compliant
I'm saying you need to create a custom report or take a stock report and customize it to include your unique, custom logic.
One option here is to account for this in your compliance reports.
Another option is to exclude the superseded updates. Is there a reason you aren't doing this?
Because I want to include current patch and current patch -1 as being Compliant.
Let's say I do a compliancy report today that only accounts for the latest patch (i.e. the non-superseded one). My report would look terrible because only about 1% of machines get it this early after Patch Tuesday.
I'm 20,000+ devices in healthcare. So it's impossible to get every machine patched every month. So we have an acceptance of current patch and current patch -1 = compliant.
So if I exclude superseded updates, it will only account for the current patch.