Whilst Intune reporting has improved immensely in recent years, it is still the one aspect which is a bit lacking and often you need to build your own solutions with Log Analytics and/or PowerBi. This is fine for larger organizations with staff who can build them, but what about those who can’t?
As I’m all about getting EVERYONE using Intune, no matter what size the company, I’ve been looking at the offering from Eido to see what it can offer.
As with my look at ZeroTouch and all of my other posts, this is entirely my opinion and I haven’t received any payment for it (my site is strictly off limits for paid posts).
What is it?
Firstly, I imagine many of you probably haven’t heard of it, although I have spotted Sean at recent events.
Eido is a fully SaaS solution which connects to your Intune tenant and grabs precise data about all of your machines, there isn’t an agent needed and if I’m honest, I haven’t quite worked out how it does it, so for now we’ll just call it magic.
Once your tenant is onboarded, you’ll get a lovely dashboard showing an overview of your patching status (yes, my tenant is a mess):
The dashboard can be edited as well to suite what is best for you. As you can see, my machines are mostly VMs so the warranty status isn’t of any real interest to me personally.
What does it report on?
We will start with the reporting as that is probably of most interest and then we can look at the other exciting bits it offers.
The first one, which you will all want to see is OS health, quickly check the exact status of your devices, which version they are running and which they should be. This isn’t just Windows either and it will even show if a device is running an unsupported OS:
The empty first column is where you can assign to a customer, this is multi-tenant ready out of the box so works just as well for an MSP as for an organization.
For a very quick overview of your upcoming upgrade tasks, you can quickly see how many devices you have on each OS version and the support status of them:
As mentioned earlier, you can also report on the warranty status to keep an eye on your device lifecycle, especially when combining with the OS support. If you have a device on an OS reaching end-of-life, but the device is also about to expire, there is probably little point upgrading the software on it.
The encryption status report is something which is always nice to have! These are the devices which are going to need immediate work (ideally you’re blocking with conditional access), nobody wants a nasty fine for losing an unencrypted device. Being able to see them all in one place (and export to CSV) is priceless!
A few others worthy of flagging up, battery health status. Now you can be sure if the user is actually having issues with the battery, or just wants a new laptop. Better still, you can be pro-active and call users in for a battery replacement before they even notice!
Disk Space never really works properly in Intune, fortunately here it does!
What is the trends button?
This is a new beta feature which will display trends about your tenant and hopefully show improvements in patching as you get on top of issues. Use this to show how critical you are to the company and how much you deserve a pay-rise 🙂
What about device information?
As you can imagine, to find this level of information about your devices for the reports, it is creating a significant inventory. By clicking on the device in the Devices tab, or from within any report, you can see just what it can see and it is a LOT
Where to begin! Device details has all of the information you would expect to see in the Intune console (although it also seems to have the 0 bytes memory bug)
Clicking Patches shows the patch status of the device, in my case, outdated.
Compliance links into Intune and shows the state compared to all of the assigned compliance policies and the number is how many are out of compliance.
Config policies does something similar, but lists policies assigned and their status (succeeded, conflict, error). It would be nice if it showed the full conflict details so you know which policy to look at to fix the issue.
Same for Managed apps, see which apps are assigned and their install status and All Apps does exactly what you would expect, lists the apps.
Best of all, you can set an alert to receive an email when a device has a new issue.
Policy Management
This option lets you grab a selection of Intune policies and create a template for them which you can then deploy through Eido to your devices (similar to my Intune Management tool).
It’s a nice feature to have and covers backup and restore of individual policies and change tracking.
What about apps?
This is a very exciting feature and one which I’ve missed since the days of App-V 4.5 (yes, I’m that old), application metering.
You can have a look at your discovered applications and see which are not being used. The money this will save in unused licensing could well pay for the software and then you still get all of the extra reporting basically for free!
Does it support SSO and RBAC?
Yes to both, you can configure custom roles and also set different teams and of course customers.
SSO is included and without any SSO tax!
Conclusion
The big question, would I use this myself?
The answer is yes, mainly for the application metering and patch compliance, but I live inside Graph so am not the best of examples.
For in-depth reporting across the estate, this is one which is definitely worth a look!