This will walk you through enabling Update Compliance on your endpoints and M365 tenant.

• Active Azure Subscription (I used a free one in my lab)

• Get started with Update Compliance
• Configuring devices through the Update Compliance Configuration Script
• Manually Configuring Devices for Update Compliance

1. Navigate to Azure Marketplace (Make sure you are logged into your Azure subscription).
2. Click Get it now.
   
3. Choose an existing or configure a new Log Analytics Workspace, ensuring it is in a Compatible Log Analytics region from the following table. Although an Azure subscription is required, you won't be charged for ingestion of Update Compliance data.

• Desktop Analytics users should use the same workspace for Update Compliance.
• Azure Update Management users should use the same workspace for Update Compliance.

4. Once deployed, navigate to Azure Portal.
5. Select Analytics on the left side then select Log Analytics Workspaces.
   
6. Select your workspace, then select Solutions. Select WaaSUpdateInsights, if you do not see WaaSUpdateInsights, check to see that your deployment for Azure Marketplace was successful.
   
7. Select Update Compliance Setting, then click the copy icon (you will need to save this for later, copying to a notepad would be helpful).
   
   
   There are 3 different ways to Enroll devices in Update Compliance. I have done them all, but the Microsoft Endpoint Manager one is the easiest long term to support. I found to get my data enter in I had to do the script and MEM configuration policy for it to work correctly. We will be walking through the MEM and script option here. Navigate to
8. Navigate to the Microsoft Endpoint Management Admin Center >Devices > Windows > Configuration Profiles.
9. Click New Profile.
   
10. Select the following:

• Windows 10 and Later for the platform.
• Templates on the profile type.
• Custom for the Template Name.
• Select Create to start configure the policy.

11. Provide your policy a name, I did Update Compliance Settings. Click Next once complete

13. You will be adding multiple OMA-URI Settings that correspond to the policies described in Manually configuring devices for Update Compliance. Click Add on the Configuration Settings Screen to start adding the settings.

14. Add the following settings then click save:
* Name: Commercial ID
* Description: Sets the Commercial ID that corresponds to the Update Compliance Log Analytics workspace.
* OMA-URI: ./Vendor/MSFT/DMClient/Provider/ProviderID/CommercialID
* Data type: String
* Value: "enter your CommericalID from the notepad you saved it on earlier"

15. Click Add on the Configuration Settings Screen to start add the next settings.
16. Add the following settings then click save:
* Name: Allow Telemetry
* Description: Sets the maximum allowed diagnostic data to be sent to Microsoft, required for Update Compliance.
* OMA-URI: ./Vendor/MSFT/Policy/Config/System/AllowTelemetry
* Data type: Integer
* Value: 1 (all that is required is 1, but it can be safely set to a higher value). I changed mine to 3 for optional.

17. Click Add on the Configuration Settings Screen to start add the next settings.
18. Add the following settings then click save:
* Name: Disable Telemetry opt-in interface
* Description: Disables the ability for end-users of devices can adjust diagnostic data to levels lower than defined by the Allow Telemetry setting.
* OMA-URI: ./Vendor/MSFT/Policy/Config/System/ConfigureTelemetryOptInSettingsUx
* Data type: Integer
* Value: 1

17. Click Add on the Configuration Settings Screen to start add the next settings.
18. Add the following settings then click save:
* Name: Allow device name in Diagnostic Data
* Description: Allows device name in Diagnostic Data.
* OMA-URI: ./Vendor/MSFT/Policy/Config/System/AllowDeviceNameInDiagnosticData
* Data type: Integer
* Value: 1

19. Click Add on the Configuration Settings Screen to start add the next settings.
20. Add the following settings then click save:
* Name: Allow Update Compliance Processing
* Description: Opts device data into Update Compliance processing. Required to see data.
* OMA-URI: ./Vendor/MSFT/Policy/Config/System/AllowUpdateComplianceProcessing
* Data type: Integer
* Value: 16

21. Click Next to go to the Assignments tab.

22. I'm adding it to all my devices, I would recommend a pilot group if this is a production tenant. Click Next to go to applicability rules.

23. I added a Rule that will make sure its my Windows 10 Enterprise devices that get this policy only. You can also apply it to certain versions of Windows. Click Next once you have added your rule.

Your Update compliance should now work, please note it takes up to 24 hours for data to start coming into the system. Mine was closer to 36, but I think it was because of all the changes I was making trying to force it. If you want you can also deploy the script found here: Update Compliance Script.