[Send Intune Diagnostic Data to Log Analytics]

Shows how to send Intune diagnostic data to an Azure Log Analytics workspace, run a 30-day Kusto query for device compliance trends, render a stacked area chart, pin queries to dashboards, and save or alert on reports for long-term operational monitoring. Extend timeframe, join diagnostic tables, automate runs, and integrate with ITSM tools.

Azure Log Analytics integration with Microsoft Intune diagnostic data now enables custom historical reports. This change gives admins longer retention and bespoke calculations beyond built-in Intune reports.

Main feature/change and impact

Azure Log Analytics can ingest Intune diagnostic logs for extended retention and query flexibility. Admins can run Kusto queries against the IntuneDevices table to create 30-day compliance trends. This replaces reliance on snapshot reports and enables tailored metrics, visualizations, and alerting. The change matters because it supports operational reporting and long-term trend analysis for device compliance.

Practical implications

You must configure a Log Analytics workspace and route Intune diagnostic data to it. Select the Devices log category in Intune diagnostic settings to capture compliance states. Use queries like the provided Kusto example to summarize daily totals and compliance rates. Saved queries can be pinned to dashboards, rendered as stacked area charts, or used for alerts.

Azure Log analytics gives Intune admins a flexible way to create custom reports from diagnostic data.

You can create a 30-day device compliance trend with a single Kusto query, then pin it to dashboards. Next steps are to save the query, extend time ranges, join additional tables, or set threshold alerts. Operationalize the report by automating runs, integrating with dashboards, and tuning alerts for your SLAs.

Key points from the article:

Route Intune diagnostic logs to an Azure Log Analytics workspace.

Use Kusto query to compute daily compliance counts and rates.

Render stacked area charts for visual compliance trend analysis.

Pin saved queries to Azure dashboards and adjust tile timeframes.

Related Coverage:

• Building sovereign AI at the edge: Microsoft and Armada collaborate to deliver Azure Local on Galleon modular datacenters
• Announcing three new partners for multi-tenant management with Microsoft Intune
• Implementing the Backend-for-Frontend (BFF) / Curated API Pattern Using Azure API Management

From the Intune Customer Success articles

---