Mastering Intune Reporting and Analytics

In this new blog post I want to give you an overview hot you can start with reporting analytics with Intune. I already wrote several blogs how to create custom reports via mail or team, to to export and automate things. I also wrote an blog with an overview of the analytics capabilities of Intune. In this post I want to go an step back and want to give you an overview how to start with this topic and which capabilities Intune offers.


  1. Content
  2. Understanding the Importance of Reporting and Analytics
  3. Exploring the Intune Reporting Capabilities
  4. Leveraging Intune Data in Azure Monitor
  5. Using Power BI for Advanced Analytics
  6. Starting with Endpoint Analytics
  7. The most Powerfull way – Graph, Graph and Graph
  8. How to create and schedule reports
  9. Conclusion

Understanding the Importance of Reporting and Analytics

Before we dive into the “how and what” let’s take a moment to discuss the “why.” Reporting and analytics are crucial for any IT administrator to understand the state of their managed devices and the environment. Whether it’s identifying the health status, security vulnerabilities, ensuring policy compliance, or troubleshooting device issues, reports can provide invaluable insights.

In additions reporting and analytics is the first preparation in a more intelligent and automated world with help of AI and co. When you have a lot of analytics data than it is much easier to dive into the AI world.

Exploring the Intune Reporting Capabilities

Microsoft Intune provides a variety of reports that allow you to monitor many aspects of your device management. Some examples are:

  • Device Compliance Reports: These reports give you a snapshot of your device’s compliance with your organisations policies. You can view details like compliance status, non-compliant settings, and more.
  • Device Configuration Reports: These provide insights into how devices are configured in your organisation, including details about configuration profiles and device configuration states.
  • Device Reports: These reports give you detailed information about the devices in your organisation, including hardware, installed apps, last check-in and system updates.
  • Device Security Reports: These reports offer insights into the security status of your organisations devices, including details about antivirus software status, firewall configurations, detected threats, and more.

And many more

Leveraging Intune Data in Azure Monitor

One of the powerful features of Intune is its integration with Azure Monitor and Log Analytics. This integration allows you to collect and analyse detailed log information from your managed devices and you Intune environment like change logs.

Once you’ve set up Intune data collection in Azure Monitor, you can create custom queries using Kusto Query Language (KQL) to analyse your data. For example, you could write a query to identify devices with a specific software version or devices that have not checked in for a certain period of time.

But you can also collect data by your own and save them into an log analytics workspace. You can find an blog post about this here. Let me know when you are interested in an post about log forwarding to the log analytics workspace from Intune and I am happy to blog about this.

Using Power BI for Advanced Analytics

For more advanced analytics, you can integrate Intune with Power BI via the Intune Data warehouse. This allows you to create custom dashboards and reports using your Intune data.

Power BI provides powerful data visualisation tools that can help you gain deeper insights into your device management. For example, you could create a dashboard that tracks device compliance over time, or a report that identifies trends in device usage. How to create a connection form intune to powerbi is explained in this blog post.

Starting with Endpoint Analytics

Endpoint Analytics is designed to provide insights that helps to improve user productivity. It helps by giving insights into different areas, that may be slowing devices down, and providing recommendations for improvements.

At the core of Endpoint Analytics are three components:

  • Startup performance: This helps to identify and quantify issues that may be affecting the performance of devices during startup. It provides insights into how long it takes for a device to boot, and it shows also for examples blue screens.
  • Application reliability: This feature makes recommendations about software that could improve the user experience. For example to identify applications with many crashes.
  • Proactive remediation scripts: This allows you to create scripts that can resolve issues automatically, before they impact the user. These scripts can be applied to devices automatically when certain conditions are met. It also gives you a lot of flexibility to collect data or make custom changes on the devices.

To get started with Endpoint Analytics, you need to enroll your devices into Intune and enable Endpoint analytics. Once enabled, you can access the Endpoint Analytics dashboard in the Microsoft Endpoint Manager admin center.

The most Powerfull way – Graph, Graph and Graph

If you are read some of my blogs, you may have heard about Microsoft Graph. It’s a powerful service that connects data across Microsoft services and provids a unified programmability model. When it comes to Intune, Microsoft Graph plays a very important role when It cames to reporting, analytics and automation. Graph is the data source for all reports you see in the Intune portal.

Microsoft Graph allows you to access Intune data in a flexible and granular manner. With this API, you can go beyond the pre-built reports and analytics that Intune provides and create custom queries and reports that align with your unique needs.

For instance, you can use the Microsoft Graph API to:

  1. Retrieve detailed device information: You can pull specific data about a device, such as its location, installed software, hardware details, and more.
  2. Perform complex queries: With Microsoft Graph, you can create custom queries that would be difficult or impossible to perform in the Intune portal. For example, you can retrieve a list of devices that have a specific app installed but haven’t reported compliance in the last week.
  3. Automate tasks: Microsoft Graph not only allows you to pull data but also to push configurations. This could be as simple as assigning a policy to a group of devices or as complex as automating the entire device enrollment process.

To leverage Microsoft Graph, you need some basic understanding of REST APIs and preferably a programming language such as PowerShell, Python, or C#. Microsoft Graph comes with comprehensive documentation, including an API reference and a number of QuickStart guides and tutorials. You can also find an mass of blog post here where I write about graph.

One thing what is also important to mention is that there are two types of the api. One is the standard calls where you get directly an answer and one is the async report api. how to use this API you can read here.

In conclusion, while the built-in reporting and analytics capabilities of Intune are quite powerful, Microsoft Graph takes this to another level by providing a flexible and programmable interface to your Intune data. With Graph, you can create custom reports, automate tasks, and integrate with other Microsoft services, making it a powerful tool in your device management arsenal.

How to create and schedule reports

I wrote two deep dive blog posts where I explain how to start with PowerShell to export data from Intune and how to start with azure automation to create and schedule RunBooks.


Mastering reporting and analytics in Intune can take your device management to the next level. Let me know if you are interested in to get an dedicated blog post and I am happy to blog about.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s