Export top 20 Intune devices with BSOD to a CSV on SharePoint with Logic App
In this post I will show you how to use Logic App to get a teams notif with a list of top 20 devices with BSOD during last month.
Context
See below what we want:
- Know which devices had BSOD during last month
- Get a list of top 20 devices BSOD
- Get device name, model, count of BSOD
- Receive the list with a Teams notification
The solution
The solution results in few steps:
1. Create an Azure Application
2. Create a Logic App
3. Logic App uses MS Graph to get BSOD list
4. It will use the Azure App to get the list
The notification
The teams notification looks like as below:
Requirement 1: an Azure Application
The first step is to create an Azure Application.
This one will be used to authenticate and execute MS Graph query to get BSOD list.
Creating the Azure Application
1. Go to App registrations
2. Click on New registration
3. Type a name
4. Let other fields by default
5. Click on Register
Adding permissions
Here we want to add some permissions to our Azure Application.
Those permissions will be used by our Logic App to execute some MS Graph request.
We want to get BSOD info. The permission required for this is the following one: DeviceManagementManagedDevices.Read.All
See here for more info.
We will proceed as below:
1. Go to API permissions
2. Click on Add a permission
3. Choose Microsoft Graph
4. Choose Application permissions
5. Type DeviceManagementManagedDevices
6. Check DeviceManagementManagedDevices.Read.All
7. Click on Add permissions
8. Click on Grant admin consent
Creating a secret
Here we want to configure a secret for our Azure Application.
This secret will be used as a password in our Logic App to execute MS Graph request.
We will proceed as below:
1. Go to Certificates & Secrets
2. Go to Clients secrets
3. Click on New client secret
4. In description type a name
5. Choose when it should expire
6. Click on Add
Want to secure it ?
You can also secure it by adding you secret on a Key Vault or use a Managed Identity to execute MS Graph request.
You will soon find a blog series about Getting started with Logic App for Intune monitoring stuff.
Requirement 2: Teams webhook
The Teams webhook allows us to send a notification on a Teams channel.
To create a webhook proceed as below:
1. Go to your channel
2. Click on the ...
3. Click on Connectors
4. Go to Incoming Webhook
5. Type a name
6. Click on Create
7. Copy the Webhook path
Creating the Logic App
1. Go to Logic Apps
2. Click on Add
3. Choose a subscription
4. Choose a resource group
5. Type a name
6. Choose a Region
7. Select Consumption
8. Click on Review + Create
Logic App step by step
The Logic App workflow looks like as below:
We have there 6 steps:
- Schedule the app - Recurrence
- Get BSOD info with MS Graph - HTTP request
- Parse JSON from MS Graph - Parse JSON
- Initialize array of values - Initialize variables
- Create HTML table
- Send result to Teams - HTTP request
Step 1 - Recurrence
This step allows you to schedule the execution of the Logic App.
1. Go to Logic App Designer
2. Click on recurrence
3. Choose your schedule
Step 2 - Get BSOD with MS Graph
This step allows you to use MS Graph to query Intune and get the list of last BSOD.
Do add it proceed as below:
1. Click on + then Add an action
2. Type HTTP
3. Choose HTTP
4. In Method select GET
5. In URI type the below one:
https://graph.microsoft.com/beta/deviceManagement/userExperienceAnalyticsDevicePerformance?dtFilter=all&$orderBy=blueScreenCount%20desc&`$top=2&$filter=blueScreenCount%20ge%201%20and%20blueScreenCount%20le%2050&$select=devicename,model,blueScreenCount
6. Clic on Add new parameter
7. Check Authentication
8. Select Active Directory OAuth
9. In TenantID, type your tenant id
10. In Audience, type https://graph.microsoft.com
11. In Client ID, type the client id of the azure app
12. In Credential type, choose Secret
13. In Secret, type the secret of the azure app
14. Save the app
15. Click on Run trigger > Run
16. Go to Get BSOD info
17. Go to the Body part
18. Copy content
We will use the body content in the Parse JSON part (just below).
Step 3 - Parse JSON content
This step allows you to use MS Graph to query Intune and get the list of last BSOD.
BSOD info are received through the previous HTTP action. We need to parse content of the received information using a Parse JSON action.
We need to configure the schema with provided by the previous HTTP step.
For that we need to first run the trigger and get Body result from the HTTP action.
This is what we have done in the part 18 from the previous step.
See below how to proceed:
1. Click on + then Add an action
2. Type Parse JSON
3. It's a component of Data operations
4. Select Parse JSON
5. Click on Content
6. Go to Dynamic content and type Body
7. Select Body
8. Click on Use sample payload to generate schema
9. Paste JSON content copied from Step 2 part
Step 4 - Initialize array
This step allows you to prepare your data by intializing an array that will contains BSOD info.
See below how to proceed:
1. Click on + then Add an action
2. Type initialize variables
3. It's a component of Variables
4. Choose Initialize variables
5. In Name, select JSONArray
6. In Type, choose Array
7. Click on Value
8. In Dynamic content, type value
9. Select value
Step 5 - Create HTML table
This step allows you to configure the output as a table in HTML format.
See below how to proceed:
1. Click on + then Add an action
2. Type Create HTML
3. It's a component of Data operations
4. Select Create HTML table
5. In Name, select JSONArray
6. In From, choose JSONArray
7. In Columns, select Automatic
Step 6 - Send Teams notif
This step allows you to send the result in a Teams notif.
See below how to proceed:
1. Click on + then Add an action
2. Type HTTP
3. Choose HTTP
4. In Method select POST
5. In URI use URL of your webhook
6. In Body copy the below one:
7. See below an overview of the notif:
Enregistrer un commentaire