Intune reporting with Log Analytics: control your Dell BIOS versions (uptodate or not)
In this post I will show you a Log Analytics report for BIOS versions for Dell devices (current installed and last one available on website).
The solution
This will resume in few steps:
- Creating a Proactive Remediation sript
- This script will be executed on your devices
- It will check some information
- It will send info to Log Analytics
This solution works with only one Proactive Remediation script, no need to use something else (EXE, Azure Automation, blob storage...)
The Proactive Remediation script will directly check on Dell website latest BIOS version available for the current model and compare it to the current one.
A big thanks to some guys who tested the solution as I don't have enough Dell models.
Thank you Peter, Omar, Mathias, Brahim, Ralph, Michel, Krzysztof, Mario, Coert, Benoit really appreciate your tests, community is awesome.
What show the report ?
- BIOS update status
- Devices countwith BIOS not uptodate (per model)
- Devices count with BIOS not updated since
- Devices count with BIOS not uptodate (per chassis)
- Devices count per BIOS version
- Top 10 devices with old BIOS
- BIOS update details (uptodate and not uptodate)
- Devices with BIOS not uptodate
- Devices with BIOS > 2 years
Get the files
Click on the below GitHub picture to get required below files:
- LA_DellBIOS_workbook.json
- Detection_script.ps1
How it looks like ?
The Log Analytics will display below information:
- BIOS update status
- Devices with BIOS not uptodate (per model)
- Devices with BIOS not updated since (in days)
- Devices with BIOS older than 2 years
- Top 10 devices with old BIOS
The workbook is divided in 3 tabs:
- BIOS update resume
- BIOS update details
See below an overview:
See below details.
BIOS update resume tab
This tab contains some Pie chart
BIOS update status
Devices with BIOS not uptodate (per model)
Devices with BIOS not updated since (in days)
Devices count per BIOS version
BIOS update details tab
This tab contains first some filters:
Those filters allows you to filter details on result on chassis, model or device name.
Then the tab contains some grid as below:
- Top 10 devices with old BIOS
- BIOS update details
- Devices with BIOS not uptodate
See below an overview:
Log Analytics information
In order to create this report we will need to add some information relative to the Log Analytics workspace in the PS1 script.
See below required info:
- Workspace ID
- Primary key
To get those information go to Log Analytics Workspace > Agents management
You will find both Workspace ID and Primary key.
Then we will proceed as below:
1. Open the file Detection_script.ps1
2. Fill below variables:
- $CustomerID: workspace ID
- $ShareKey: Primary key
Creating the Proactive Remediation
1. Go to the Microsoft Endpoint Manager admin center
2. Go to Reports
3. Go to Endpoint Analytics
4. Go to Proactive Remediations
5. Click on Create script package
6. Type a name
7. Click on Next
8. Click on Detection script file
9. Browse the script Detection_script.ps1
10. Click on Next
11. Select the group
12. In the Schedule part, choose when the package should be run.
13. Click on Apply
14. Click on Next
15. Click on Create
Adding the workbook
In this part we will add the report.
The report can be downloaded on GitHub, lin mentioned above.
The report is the file: LenovoBIOS_Workbook.json
To add it, proceed as below:
1. Go to the Azure portal
2. Go to Log Analytics workspace
3. Go to workbook
4. Click on New
5. Go to Advanced editor, at the top
6. Remove content
7. Go to the GitHub link, there
8. Click on the copy button as below:
9. Click on Apply
10. Click on Done editing then Save
5 commentaires
Damien, this is great! Got this working from devices from off the network. However, the script doesn't authenticated against proxy. Is that something easy to add? Have not done that from powershell myself.
Replying my own question. One line did the trick to use a default user:
[System.Net.WebRequest]::DefaultWebProxy.Credentials=[System.Net.CredentialCache]::DefaultCredentials
Got this to work in my environment with one issue. For some reason over half of my target collection is coming back with a status of "With Issues". When looking at the report it is only showing a total of 132 devices, but the group collection has over 300 Dell devices in it. What could be the issue here? Or is there a way to review logs on why the remaining devices are not being pulled to the report?
The script are generating a lot of issues, could check ?
Devices with BIOS not updated since
'where' operator: Failed to resolve column or scalar expression named 'DateDiffDelay_s'...
Hi
Tried tour solution but I was wondering if you still use it? I can't get the ps1 script to work, and I think it's the API call to DELL that breaks it. Maybe they changed something and I was wondering if you have an updated script to share?
When the script is executed I am missing alot of the fields in the table like
ScriptStatus
BIOSUpToDate
and so on
Regards
Lasse
Enregistrer un commentaire