Drivers Inventory dashboard on devices with Intune and Log Analytics
In this post I will share with you a Log Analytics dashboard for drivers inventory allowing you to see all drivers installed on your devices
The solution
The script will get all non Microsoft drivers on each devices using the Win32_PNPSignedDriver WMI class.
It will be executed on each devices through a Remediation script.
This will resume in few steps:
- Creating a Remediation script
- Script is executed on all devices
- It will get installed drivers
- It will send info to Log Analytics
What shows the dashboard ?
The dashboard will display the below information in two tabs:
Drivers resume tab
- Devices count per models
- Devices count per drivers version
- Devices with drivers > 2 years
- Optional drivers available from Windows Update
Drivers details tab
- Full details
- Drivers installed per models
- Optional updates available for this device
- Drivers > 2 years for a device
- Older drivers (> 2 years)
- List of graphics drivers per models
- List of network drivers per models
- Optional drivers available from Windows Update
Drivers comparison
- Compares drivers between two devices
- Shows drivers with same version
- Shows drivers with different version
- Drivers in Device 1 but not in Device 2
- Drivers in Device 2 but not in Device 1
If you filter on a specific device name below info will be available:
- Drivers older than 2 years for the device
- Drivers installed on the last 2 months
- Optional drivers available for the device
Windows Update
This tab allows you to get information about drivers installed through Windows Update.
It will translate Windows Update package to driver friendly name, as below:
You can then get info:
- Devices count by Windows Update package version and model
- Last Windows Update drivers package by version and model
If you filter on a specific device name below info will be available:
Drivers installed by Windows Update (filter on device name)
How does it work ?
To translate Windows Update package, I used this awesome code provided by Trevor Jones aka SMSAgent.
More info about Log Analytics
If you want to get more info about Log Analytics, check here my blog series about Learning Log Analytics from scratch.
Get the files
Click on the below GitHub picture to get required below files:
- Workbook.json: dashboard
- DriverInventory.ps1: detection script
How it looks like ?
The workbook is divided in 3 tabs:
- Drivers resume
- Drivers details
- Drivers comparison
- Windows Update
Drivers resume tab
The Log Analytics workbook will display below information:
- Count of devices inventoried
- Count of models inventoried
- Count of manufacturer inventoried
- Devices count per models
- Devices count per drivers version
- Devices with drivers > 2 years
- Devices count by optional update available and model
This part allows you to get optional drivers that are available on devices from Windows Update.
This is the same that you can get here:
To list info, you first need to filter on a driver class like Firmware:
You will then get available for this kind of drivers:
Details tab
This tab allows you to get more information about drivers and also for a specific device.
To filter info for a device use the computer name filter.
In this tab you will get below info:
- Drivers installed per models
- Drivers > 2 years for a device
- Older drivers (> 2 years)
In the Details tab to get more info add, filter on a device name here below:
You will get drivers > 2 years:
And drivers installed on the last 2 months:
Drivers comparison
Log Analytics information
In order to create this report we will need to add some information relative to the Log Analytics workspace in the PS1 script.
See below required info:
- Workspace ID
- Primary key
To get those information go to Log Analytics Workspace > Agents management
You will find both Workspace ID and Primary key.
Then we will proceed as below:
1. Open the file Detection_script.ps1
2. Fill below variables:
- $CustomerID: workspace ID
- $ShareKey: Primary key
Creating the Remediation script
1. Go to the Intune portal
2. Go to Devices
3. Go to Remediations
4. Click on Create script package
5. Type a name
6. Click on Next
7. Click on Detection script file
8. Browse the detection script
9. Click on Next
10. Click on Next
11. Click on Create
Adding the workbook
In this part we will add the report.
The report can be downloaded on GitHub, lin mentioned above.
The report is the file: Workbook.json
To add it, proceed as below:
1. Go to the Azure portal
2. Go to Log Analytics workspace
3. Go to workbook
4. Click on New
5. Go to Advanced editor, at the top
6. Remove content
7. Go to the GitHub link
8. Click on the copy button as below:
9. Click on Apply
10. Click on Done editing then Save
For instance, go to the Class filter and check All if it's not
6 commentaires
Keep getting this error in log analytics:
Query could not be parsed at ')' on line [8,32]
Token: ')' Line: 8 Postion: 32
i can't see anything wrong.
Any suggestions?
Thank you!
Same here, also the error:
Query could not be parsed at ')' on line [8,32]
Token: ')' Line: 8 Postion: 32
Any suggestion?
Please send me a mail at damien.vanrobaeys@gmail.com for your issues
I think you may have this issue because the remediation script hasn't been executed yet on a device meaning the custom log does not exist.
Check in Logs if the logs DriversInventory_CL exists, if not that's why you have the issue.
Send me mail at damien.vanrobaeys@gmail.com if the issue still occurs.
Hello Damien,
first of all, thank you for your inspiring work.
I've tried to implement your solution, but I can't see anything in the workbook. I don't have any errors in particular, but I don't have any data displayed. Do you have any idea what I might have missed?
Hi Constant, could you please send me a mail at
damien.vanrobaeys@gmail.com ?
Enregistrer un commentaire