Reporting has been quite limited in Intune as well as auditing, where you only can go back one month in time if you haven't configured Azure storage and Log Analytics collection of the data. But, in November last year, Microsoft released Intune Reports in public preview. So, what can you do with the reporting as of today?
Microsoft Intune reports allows you to more effectively and proactively monitor the health and activity of endpoints across your organization, and also provides other reporting data across Intune. For example, you will be able to see reports about device compliance, device health, and device trends. In addition, you can create custom reports to obtain more specific data.
We must first divide the reporting into four categories:
The operational report focuses on identifying the problems in your environment and remediate the issues. The report provides many possibilities for filtering, searching, and other sorting capabilities.
The organizational report in Intune is more focused on the broad compliance of your devices that are in use today. From Reports -> Device Compliance, you can refine your report on compliance status, OS, or ownership, and from that overview, make actions if needed.
The historical report gives you an insight into how your organizations' compliance is performing over time.
4. Intune Audit Logs (Specialist)
Today we do have the opportunity to go further back in time and investigate events/changes to the configuration at a specific time if your collection of log data is set to go back that far. We will talk more about this in a section later.
Why Intune Reporting?
Configuring reporting could be an excellent asset to both IT Administrators as well as the decision-makers in a company. It provides an easy opportunity to investigate your device inventory and replace your older devices when they don't meet the security criteria of the organization.
The more advanced user might want to use Azure Monitor for this and create dashboards that are more visually appealing and tailor the presentation of the data.
What are the requirements to run this?
The ability to see your compliance, trends, and non-device compliance reports are already Intune built-in features. But if you want to follow our recommendations it will require a few more things:
- An Azure Subscription
- A Log Analytics Workspace
- An Azure Storage Account
- Global Administrator, Intune Service Administrator, or any administrator with Intune read permissions role.
How do I configure this?
We can configure this straight into Intune by going to Reports in the blade-menu. Here you will be able to see the summary of your Intune environment, device compliance, and the trend of your environment.
But, it's in the Azure monitor section where the fun stuff is. Go to Reports -> Diagnostics settings -> Add a new diagnostic setting -> fill in the details and click Save
Once it's configured, you can access the data from the Log Analytics workspace and search the different sections.
You can also add various filters to the data. It's based on the Kusto query language, and you can find a cheat sheet in the resource section below to create your custom queries.
Workbooks have the power of combining the reporting, collection of logging, and presenting this data in a more visually appealing way. Azure workbooks are a great tool in which you can create a custom presentation of the data or use the sample ones, to provide an overview of the environment. We have added a sample of a workbook that's built-in, called Intune Audit Activity.
If you wish to add more to the dashboard, you have to hit edit and start adding more to your custom dashboards. Save it, and the next time you open it up, it will have stored the newest information.
At Ironstone, we love data, especially when it can help us thrive and find issues before they even occur. We recommend that you set up the reporting capabilities, store the data in storage accounts, utilize the Log Analytics workspace, and frequently monitor to get ahead.
If you need help setting this up or have any questions, don't hesitate to contact us.