Intune reporting with Log Analytics: Lenovo BIOS versions (uptodate or not)
In this post I will show you a Log Analytics report for BIOS versions for Lenovo devices (current installed and last one available on website).
The solution
This will resume in few steps:
- Creating a Proactive Remediation sript
- This script will be executed on your devices
- It will check some information
- It will send info to Log Analytics
This solution works with only one Proactive Remediation script, no need to use something else (EXE, Azure Automation, blob storage...)
The Proactive Remediation script will directly check on Lenovo website latest BIOS version available for the current model and compare it to the current one.
What show the report ?
- BIOS update status
- Devices countwith BIOS not uptodate (per model)
- Devices count with BIOS not updated since
- Devices count with BIOS not uptodate (per chassis)
- Devices count per BIOS version
- Top 10 devices with old BIOS
- BIOS update details (uptodate and not uptodate)
- Devices with BIOS not uptodate
- Devices with BIOS > 2 years
Get the files
Click on the below GitHub picture to get required below files:
- LA_LenovoBIOS_workbook.json
- Detection_script.ps1
How it looks like ?
The Log Analytics will display below information:
- BIOS update status
- Devices with BIOS not uptodate (per model)
- Devices with BIOS not updated since (in days)
- Devices with BIOS older than 2 years
- Top 10 devices with old BIOS
The workbook is divided in 3 tabs:
- BIOS update resume
- BIOS update details
See below an overview:
See below details.
BIOS update resume tab
This tab contains some Pie chart
BIOS update status
Devices with BIOS not uptodate (per model)
Devices with BIOS not updated since (in days)
Devices count per BIOS version
BIOS update details tab
This tab contains first some filters:
Those filters allows you to filter details on result on chassis, model or device name.
Then the tab contains some grid:
Top 10 devices with old BIOS
BIOS update details
Devices with BIOS not uptodate
Devices with BIOS > 2 years
Log Analytics information
In order to create this report we will need some information relative to the Log Analytics workspace.
See below required info:
- Workspace ID
- Primary key
- Name of the custom log to create or update
To get those information go to Log Analytics Workspace > Agents management
You will find both Workspace ID and Primary key.
Then we will proceed as below:
1. Open the file Detection_script.ps1
2. Fill below variables:
- $CustomerID: workspace ID
- $ShareKey: Primary key
Creating the Proactive Remediation package
1. Go to the Microsoft Endpoint Manager admin center
2. Go to Reports
3. Go to Endpoint Analytics
4. Go to Proactive Remediations
5. Click on Create script package
6. Type a name
7. Click on Next
8. Click on Detection script file
9. Browse the script Detection_script.ps1
10. Click on Next
11. Select the group
12. In the Schedule part, choose when the package should be run.
13. Click on Apply
14. Click on Next
15. Click on Create
Adding the workbook
In this part we will add the report.
The report can be downloaded on GitHub, lin mentioned above.
The report is the file: LenovoBIOS_Workbook.json
To add it, proceed as below:
1. Go to the Azure portal
2. Go to Log Analytics workspace
3. Go to workbook
4. Click on New
5. Go to Advanced editor, at the top
6. Remove content
7. Go to the GitHub link, there
8. Click on the copy button as below:
9. Click on Apply
10. Click on Done editing then Save
3 commentaires
I'm testing this out and had some issues.
The table name in the LA_LenovoBIOS_workbook.json file is different than the table name created by the detection script. I had to do a replace all for the table name in the JSON file and then it worked.
I'm getting duplicate systems in the table, and for two test computers the query sees 5 systems. I'm not sure how to prevent it from creating duplicates or if I need to modify the query to filter duplicates.
So what is it that needs to be changed? Would love to have this running with the current Lenovo bios issues but I´m getting lot´s of errors...
Since a couple of days I get this error when using the api url: $DownloadURL = "https://pcsupport.lenovo.com/us/en/api/v4/downloads/drivers?productId=$($modelGUID)"
Invoke-WebRequest : {"body":"","message":"deny access"} At C:\WINDOWS\IMECache\HealthScripts\07b03159-8fda-4b6d-9398-3024b82e3721_1\detect.ps1:164 char:30 + ... delwebReq = Invoke-WebRequest -UseBasicParsing -Uri $DownloadURL -Hea ... +
It looks like Lenovo has changed the url. Any idea what the new url will be?
Enregistrer un commentaire