Remove VMs from Update Management

Important

Automation Update Management has retired on 31 August 2024 and we recommend that you use Azure Update Manager. Follow the guidelines for migration from Automation Update Management to Azure Update Manager.

When you're finished managing updates on your Azure or non-Azure machines in your environment, you can stop managing them with the Update Management feature. To stop managing them, you will edit the saved search query MicrosoftDefaultComputerGroup in your Log Analytics workspace that is linked to your Automation account.

Sign into the Azure portal

Sign in to the Azure portal.

To remove your machines

To identify Azure VM

Use the following method to identify the UUID of an Azure virtual machine that you want to remove from management.

az vm show -g MyResourceGroup -n MyVm -d

To identify Non-Azure machine

  1. In the Azure portal, navigate to Log Analytics workspaces. Select your workspace from the list.

  2. In your Log Analytics workspace, select Logs from the left-hand menu.

  3. Use the following query to identify the UUID of a non-Azure machine that you want to remove from management.

    Heartbeat
    | where TimeGenerated > ago(30d)
    | where ComputerEnvironment == "Non-Azure"
    | summarize by Computer, VMUUID
    

To remove the identified Azure or Non-Azure machine

  1. In the Azure portal, navigate to Log Analytics workspaces. Select your workspace from the list.

  2. In your Log Analytics workspace, select Computer Groups from the left-hand menu.

  3. From Computer Groups in the right-hand pane, the Saved groups tab is shown by default.

  4. From the table, click the icon Run query to the right of the item MicrosoftDefaultComputerGroup with the Legacy category value Updates.

  5. In the query editor, review the query and find the UUID for the machine. Remove the UUID for the machine and repeat the steps for any other machines you want to remove.

    Note

    For added protection, before making edits be sure to make a copy of the query. Then you can restore it if a problem occurs.

    If you want to start with the original query and re-add machines in support of a cleanup or maintenance activity, copy the following query:

    Heartbeat
    | where Computer in~ ("") or VMUUID in~ ("")
    | distinct Computer
    
  6. Save the saved search when you're finished editing it by selecting Save > Save as function from the top bar. When prompted, specify the following:

    • Name: Updates__MicrosoftDefaultComputerGroup
    • Save as computer Group is selected
    • Legacy category: Updates

Note

Machines are still shown after you have unenrolled them because we report on all machines assessed in the last 24 hours. After removing the machine, you need to wait 24 hours before they are no longer listed.

Next steps

To re-enable managing your Azure or non-Azure machine, see Enable Update Management from an Azure VM.