限制更新管理的部署范围Limit Update Management deployment scope

本文介绍在 VM 上使用更新管理功能部署更新和修补程序时,如何使用范围配置。This article describes how to work with scope configurations when using the Update Management feature to deploy updates and patches to your VMs. 有关详细信息,请参阅在 Azure Monitor 中设定监视解决方案的目标(预览版)For more information, see Targeting monitoring solutions in Azure Monitor (Preview).

关于范围配置About scope configurations

范围配置是包含一个或多个已保存搜索(查询)的组,用于将更新管理的范围限制为特定计算机。A scope configuration is a group of one or more saved searches (queries) used to limit the scope of Update Management to specific computers. 更新管理在 Log Analytics 工作区中使用范围配置来确定要启用的计算机。The scope configuration is used within the Log Analytics workspace to target the computers to enable. 添加计算机以接收更新管理中的更新时,还会将该计算机添加到工作区中的已保存搜索。When you add a computer to receive updates from Update Management, the computer is also added to a saved search in the workspace.

设置范围限制Set the scope limit

限制更新管理部署的范围:To limit the scope for your Update Management deployment:

  1. 在自动化帐户中,选择“相关资源”下的“链接的工作区” 。In your Automation account, select Linked Workspace under Related resources.

  2. 选择“转到工作区”。Select Go to workspace.

  3. 在“工作区数据源”下,选择“范围配置(预览)” 。Select Scope Configurations (Preview) under Workspace Data Sources.

  4. 选择 MicrosoftDefaultScopeConfig-Updates 范围配置右侧的省略号,然后选择“编辑”。Select the ellipsis to the right of the MicrosoftDefaultScopeConfig-Updates scope configuration, and select Edit.

  5. 在“编辑”窗格中,展开“选择计算机组”。In the editing pane, expand Select Computer Groups. “计算机组”窗格将显示用来创建作用域配置的已保存搜索。The Computer Groups pane shows the saved searches that are used to create the scope configuration. 更新管理使用的已保存的搜索是:The saved search used by Update Management is:

    名称Name 类别Category AliasAlias
    MicrosoftDefaultComputerGroupMicrosoftDefaultComputerGroup 更新Updates Updates__MicrosoftDefaultComputerGroupUpdates__MicrosoftDefaultComputerGroup
  6. 选择已保存的搜索来查看和编辑用于填充组的查询。Select the saved search to view and edit the query used to populate the group. 下图显示了查询及其结果:The following image shows the query and its results:

    保存的搜索 Saved searches

后续步骤Next steps

查询 Azure Monitor 日志来分析更新评估、部署和其他相关管理任务。You can query Azure Monitor logs to analyze update assessments, deployments, and other related management tasks. 它包含预定义的查询,可帮助你入门。It includes pre-defined queries to help you get started.