Intune Deploy PowerShell Scripts with Reporting Capabilities - mattnovitsch/M365 GitHub Wiki

Summary

Deploying Custom Inventory PowerShell scripts via Intune. We will walk through deploying the custominventory script and how to get reporting data off of it. Most of the script came from Jan Ketil Skanke but I modified it to add some additional security settings I was looking for on the devices.

Major Update - 8/9/2021

The scripts need to be deployed under Endpoint Analytics so they are continuously ran, the scripts only run once until successful otherwise.

Reference

Prerequisites

Steps

  1. Navigate to Azure Portal.
  2. Select Analytics on the left side then select Log Analytics Workspaces.
  3. Select your workspace, then select Agents Management. Copy the Workspace ID and Primary Key to a notepad.
  4. Download CustomInventory.ps1
  5. Open CustomInventory.ps1 in PowerShell ISE as an administrator.
  6. Go to line 25 where it has $CustomerID = "", paste your customer ID there. Past your Primary Key on line 28: $SharedKey = ""
  7. Save CustomInventory.ps1
  8. Navigate to Microsoft Endpoint Manager
  9. Navigate to Reports > Endpoint Analytics.
  10. Click on Proactive remediations > Create Script Package.
  11. Provide the script a name, for example CustomInventory then click Next.
  12. Upload your customerinventory.ps1 script and make sure Run Script as 64-Bit is set to yes, then click Next.
  13. Assign any Scope Tags then click next.
  14. Assign the groups you want the scripts to deploy to, I'm deploying to all devices for this example. Change the schedule to your desire, daily is fine. Click next to continue.
  15. Review your remediation for errors then click create to complete the setup.

Note

Please give this a couple of hours before trying to pull data, it could take longer depending on your environment size. You can validate there is data by navigating back to Log Analytics Workspace > "YourWorkplace" > Logs. You should see Custom Logs AppInventory_CL and DeviceInventory_CL.