Get-WindowsUpdateLog - No Format Information Found

I've recently added some Windows Server 2016 servers to a domain and noticed that inspecting the local Windows Update log is now done by generating it using the following PowerShell cmdlet:

Get-WindowsUpdateLog

The problem is that these servers have all but explicitly required outbound access blocked for security compliance reasons, so no general access out to the Internet. This causes issues when generating the log file with the output on each line reading:

GUID=1234.... (No Format Information found)

I'm aware this is related to access to the Microsoft public symbol server at msdl.microsoft.com/download/symbols, and have allowed this site on both ports 80/443. Browsing to both versions of the site shows a page confirming access is possible but Windows Update log generation still doesn't work.

I know this is web filtering related as disabling the filter altogether allows generation of this file with correct translation.

Unfortunately I don't have direct access to manage the web filtering solution as is managed by a third party so troubleshooting/monitoring this has not been as straight-forward as I'd hope.

Are there any other URLs that this process requires access to that I'm missing?

Interesting to know. I want to allow access directly at the server going forward, as more and more servers are migrated so guess allowing those additional CNAME URLs is all that's needed? I assume you're recommendation is just to get the logs generated in the meantime?

It depends if you frequently use Get-WindowsUpdateLog or not. If not, I would just copy the files to a server connected to the internet each time. About the CNAME: the DNS entries can change at anytime... you might want to allow everything towards Microsoft's IP ranges. Or, maybe you can try to setup a SymProxy in your network and use the -SymbolServer parameter