Azure Vm Inventory

Wouldn’t it be perfect if you could capture an inventory of the applications, services, and events installed on and running in Windows virtual machines in your Azure environment?

Azure supports an inventory “service” for virtual machines right out of the box. This post will take you through the setup and usage of the Inventory management extension available for virtual machines running in Azure.

To get started, log in to the Azure portal ( and locate the VM(s) on which you wish to enable the inventory feature. On the left side of the screen, find xxxx in the navigation menu and select it.

Inventory coincides with two other features for Azure VMs - Change management, which will take regular snapshots of configured servers to outline any changes made within them and Update Management, which, when set, will provide the latest updates from Microsoft for these machines.

The three features coincide and exist in yyyyy workspaces configured in Azure. When you set up the workspace for one of these extensions, the other two simply come along for the ride.

To enable the Inventory service, complete the following steps:

Enabling the Inventory service on an Azure VM

Once the service(s) are on, they will need some time to collect information about the things on the system, as well as which updates have been installed. The first collection can take up to 24 hours to establish a baseline for the configured server. But there is no maintenance or other work required just to collect information.

There is a cost to these features in the workspace enabled to maintain them of $$$ per server per month.

Why would I want to increase my cost for these features?

In a perfect world, servers would not need much babysitting once they were online. But managing systems to ensure they are entirely up to date is, in many cases, a full-time job. Monitoring them for changes as well as keeping a known list of applications and services on hand is something that could require a fair amount of working hours as well as a possible investment in a CMDB application to store the data.

Azure provides automated tools to help collect this data, which can be be imported by other tools should you choose to do so.

Servers in Azure are already getting updates - why use this instead?

Windows Server Update Services has been around for a long time and generally can ensure systems are patched and healthy. The origin of the updates is somewhere in Azure (or another Microsoft Datacenter), which puts it closer to the systems which running in the Azure cloud. Downloading the updates only to push them up to (or store them in WSUS servers) in Azure seems redundant when the Azure cloud service can include updates and patch for an additional fee per server. Often, this fee for these other tools is far less than the cost of the WSUS server that would be deployed in Azure to manage patching. Also, the larger the Azure environment becomes, the more WSUS servers it will require to ensure timely patching of an entire environment.

While there are many ways to capture and manage this data, allowing Azure to assist makes sense also because the Azure cloud platform is continuously changing and may be able to leverage this collected information to perform other actions on Azure virtual machines using automation, removing the tasks from your IT organization and reducing the number of possible mistakes.

Where can I see what updates, applications, and changes have occurred?

In the Azure portal, locate the VM where the utilities are enabled. Select Inventory to see a list of applications and services running on the VM.

Inventory of applications on this vm

Select Update Management to see what patches are pending for the VM.

Updates ready for and installed on this vm

Select Change Management to review changes made to the server and the logs of events that have occurred.

Changes occurring on this vm

Written on June 8, 2020