How to Generate and Export Intune Device Compliance Report
In this post, I will show you how to generate and export Intune device compliance report. Intune has a built-in option to generate device compliance reports and export them.
So, what are Device compliance reports in Intune? The device compliance reports provide compliance data about your devices. They provide a more traditional reporting view of data to identify aggregated metrics.
The Intune device compliance report shows the full breakdown of records in addition to a convenient visualization of aggregated metrics. You can also generate a report by applying filters on it and select the Generate report button.
Like most reports in the new framework, these records can be sorted and searched upon to focus on the information you need. You can generate and export the Intune device compliance report for selected platform, ownership and compliance statuses.
First I will show you how to generate Intune device compliance report, and then we will go through the steps to export the report.
How to Generate Intune Device Compliance Report
You can use the following steps to generate Device Compliance report in Intune.
- Sign in to the Intune or Microsoft Endpoint Manager admin center.
- Select Reports > Device compliance > Reports tab > Device compliance.
- Select the Compliance status, OS, and Ownership filters to refine your report.
- Click Generate report to retrieve device compliance report.
Before you generate the device compliance report, there are some filters that you can use. The filters are helpful when you want to view specific data from devices.
Device Compliance Status Options
Next to Compliance Status, you find the following filters that you can include/exclude from the report.
- Compliant
- In grace period
- Managed by Configuration Manager
- Not Compliant
- Not Evaluated
The OS filters include.
- Android (device administrator)
- Android (fully managed/dedicated)
- Android (work profile)
- iOS
- macOS
- Windows
- Windows Holographic
- Windows Mobile
- Other
Finally, the last set of filters are for device ownership.
- Company
- Personal
- Unknown
Another thing I want to mention here are about the Columns. If you click Columns, you will notice some default fields that are selected. The other filters include.
- Primary UPN
- Compliance status
- OS
- OS version
- Ownership
- Last check-in
- Compliance grace period expiration
- Device threat level
- Primary user email address
- Primary user display name
- Intune device ID
- Azure AD device ID
- Azure AD user ID
- IMEI
- Serial number
- Retire after
- Management agent
When you’re done selecting the required ones, click Apply.
If you are happy with the filters that you have selected, click Generate Report. If you had generated the report earlier, you see the option Generate again.
Keep an eye on the notifications as it reveals if the report generation is successful. Proceed to the next step if you see report successfully generated message.
Steps to Export Intune Device Compliance Report
Use the following steps to export the device compliance report in Intune.
- Sign in to the Intune or Microsoft Endpoint Manager admin center.
- Select Reports > Device compliance > Reports tab > Device compliance.
- Select Export and on the export device compliance report box, click Yes.
Once again, keep an eye on the notifications. If you see Export Device compliance report completed successfully, congratulations, you have successfully exported the report.
In a few seconds, the report will be downloaded as a .zip file by your browser. Save the report.
Inside the zip file you see a devicecomplaincereport.csv file. Open this file with Excel application, and you see the following fields.
- Device Name
- UPN
- Compliance State
- ComplianceState_loc
- OS
- OS_loc
- OSVersion
- OwnerType
- OwnerType_loc
- LastContact
- UserName
its pretty useless, you have to pull it out using the api method. I have the all devices report being pulled into xsoar to match users to machine. email or dropping a file would be much easier for people to import into splunk or xsoar
How to schedule the report to be sent to an email?
Or any scripts to download the report on a schedule?
And how to get report that actually shows something useful (as opposed to just Non compliant) ?
I am also wondering this. I would like to know WHY a device is not compliant and make a export off that
In regards of the question asked by the GUIam i would also like to know how to automate the reports to be send to the email box. Is there way to do so?
how can i automate the report to sent to email box.
I have the exact same question. Can reports be scheduled and emailed out? I managed to get all the date into Intune regarding windows security updates, and the reporting is working fine, but as you know, managers require emails with a beautiful report as an attachment……