Getting a teams notification for the top 50 devices with BSOD
In this post I will show you a script allowing you to send a Teams notification with a list of top 50 (or other) devices with BSOD during last month.
Context
See below what we want:
- Know which devices had BSOD
- Get a list of devices with more BSOD during last month
- Get device name, model, count of BSOD, last BSOD date and code
- Receive the list with a Teams notification
The solution
To get the list we will use PowerShell, MS Graph and Azure Automation.
Check my first post here to know how to use Graph to get the result.
We will proceed as below:
1. Create a script in Azure Automation
2. The script gets BSOD during last 30 days
3. The script sends the top 50 list on Teams
4. The script is scheduled to run every x days
Get the script
Click on the below GitHub picture to get the script
How to use the script ?
Teams notification
Add your webhook in the $Webhook_URL variable.
The teams notification looks like as below:
You can easily configure it in the ps1 file.
Choose top devices count
You can change the top x devices using the variable $Top_Count.
By default I configured it to 50.
Creating Teams webhook
Purpose: In this part, we will create a connector on a Teams channel allowing us to automate ability to send Teams notif.
For that, we will proceed as below:
1. Go to your channel
2. Click on the ...
3. Click on Connectors
4. Go to Incoming Webhook
5. Type a name
6. Click on Create
7. Copy the Webhook path
Azure Automation account
Creating the account
1. Go to Azure
2. In the search bar type: Automation accounts
3. Go to Automation accounts
4. Click on Create
5. Type a name
6. Choose a Subscription
7. Choose the Resource group
8. Choose your region
9. Click on Create
10. Wait a bit
11. Click on Go to resource
Adding permissions
Once the Managed Identity has been configured a new Enterprise application will be created.
Then you need to add permissions to be able to actions.
The required permissions is the following:
- DeviceManagementConfiguration.Read.All
- DeviceManagementManagedDevices.Read.All
To add this permission you will need to use PowerShell, it can't be done through the portal.
For that use the script Assign_permission.ps1 on my GitHub repo.
You just need to fill below variables:
- $TenantID: your tenant ID
- $DisplayNameOfMSI: name of your automation account
Creating a Runbook
1. Go to Azure
2. In the search bar type: Automation accounts
3. Go to your Automation accounts
4. Go to Runbooks
5. Click on + Create a runbook
6. Type a name
7. In Runbook type, select PowerShell
8. Click on Create
Add script in Runbook
The runbook script is located downloaded sources
Its name is: Runbook_script.ps1
Test the Runbook
1. Click on Test pane
2. Click on Start
3. Once finished, you should see Completed
Publish the Runbook
1. Go to your Runbook
2. Click on Edit
3. Click on Publish
4. Click on Yes
Schedule the Runbook
1. Go to your Runbook
2. Click on Schedules
3. Click on + Add a schedule
4. Click on Link a schedule to your runbook
5. Click on + Add a schedule
6. Type a schedule name
7. In Recurrence, select Recuring
8. Click on Create
What's next ?
In a next post I will share with you a Log Analytics report allowing you to :
- List devices with BSOD during last 30 days
- See BSOD count per models, BIOS version, OS version...
- List all BSOD for a specific device
- Access to BSOD logs for a device from the report
1 commentaire
Hi, great article but I am facing at issue that I don't understand. When I try tor un the script Azure answers: The remote server returned an error: (401) Unauthorized.
Cannot bind argument to parameter 'InputObject' because it is null.
The remote server returned an error: (400) Bad Request.
could you help me?
thanks
Enregistrer un commentaire