Gathering and Storing Lenovo Guarantee Data to Azure Monitor

The answer is derived from a superb Microsoft weblog publish, which supplies an instance of gathering BIOS info.  Admittedly, I have not explored the depths of Graph and was stunned to learn that script outputs are saved in a resultMessage property on the service facet, as famous within the publish.  

Earlier than you start, make certain your check units have the newest model of Industrial Vantage put in and the GPO to put in writing guarantee info to WMI has been configured.  Discuss with this weblog publish on the right way to deploy the setting with Intune or you may configure it manually utilizing the offered .Admx template loaded into the native Group Coverage Editor.  You’ll be able to confirm information has been written to WMI by shopping to the namespace utilizing WMIExplorer.

Get-CimInstance -Namespace root/Lenovo -ClassName Lenovo_WarrantyInformation | Choose-Object `
    SerialNumber, `
    Product, `
    StartDate, `
    EndDate, `
    LastUpdateTime | ConvertTo-Json

When you’re beginning to see script execution has succeeded in your units within the MEM portal, entry the info by way of Graph as demonstrated within the weblog publish referenced earlier.

Now that we have now information, we will ship this to the Azure Monitor HTTP Knowledge Collector API utilizing PowerShell.  You may want to notice the Workspace ID and Major Key of the Log Analytics workspace you plan on utilizing.

Subsequent, we will setup a PowerShell Runbook that may create a POST request to the HTTP Knowledge Collector API that features our record of units to ship.

• Azure Automation account.  If you have not created one, check with the MS doc on how to do that.
• Intune PowerShell SDK, which supplies help for the Intune API by Graph.  This module will have to be imported from the PowerShell Gallery into Azure Automation earlier than continuing.  This is a brief script to take action:

$ResourceGroup = '<your useful resource group>'
$AutomationAccount = '<your automation account>'

# URL to Graph bundle: https://www.powershellgallery.com/packages/Microsoft.Graph.Intune
if (!(Get-AzAutomationModule -ResourceGroupName $ResourceGroup -AutomationAccountName $AutomationAccount | The place-Object { $_.Identify -eq $ModuleName -and $_.ProvisioningState -eq 'Succeeded' })) {
    New-AzAutomationModule -Identify $ModuleName -ResourceGroupName $ResourceGroup -AutomationAccountName $AutomationAccount -ContentLinkUri 'https://www.powershellgallery.com/api/v2/bundle/Microsoft.Graph.Intune/6.1907.1.0'
}

• Two Azure Automation string kind variables that may maintain an Azure consumer account/encrypted password to authenticate to Graph (make certain this account has the suitable permissions).  These will likely be referred to as utilizing the Get-AutomationVariable inner cmdlets.

I’ve adjusted the PowerShell pattern to incorporate the JSON information that will likely be ingested to the Log Analytics Workspace.  You may want to interchange the $CustomerId and $SharedKey variables along with your Workspace ID and Major Key.  I’ve additionally set the $LogType variable to WarrantyInformation as this would be the title of the Customized Log that is created to retailer precisely what we’re gathering, guarantee info.

<#
Set inner automation cmdlets for Graph authentication
Reference: https://docs.microsoft.com/en-us/azure/automation/shared-resources/variables?tabs=azure-powershell#internal-cmdlets-to-access-variables
#>
$AdminUser = Get-AutomationVariable -Identify 'AdminUser'
$AdminPassword = Get-AutomationVariable -Identify 'AdminPassword'
$SecureAdminPassword = ConvertTo-SecureString -String $AdminPassword -AsPlainText -Pressure
$Cred = New-Object System.Administration.Automation.PSCredential ($AdminUser, $SecureAdminPassword)

# Connect with Graph Beta API
Replace-MSGraphEnvironment -SchemaVersion 'beta'
Join-MSGraph -PSCredential $Cred | Out-Null

<# 
Collect guarantee information from profitable script executions
Reference: https://techcommunity.microsoft.com/t5/device-management-in-microsoft/how-to-collect-custom-inventory-from-azure-ad-joined-devices/ba-p/2280850#.YIGt2nOrV50.hyperlinkedin
#>
$consequence = Invoke-MSGraphRequest -HttpMethod GET -Url 'deviceManagement/deviceManagementScripts/<script id>/deviceRunStates?$increase=managedDevice' | Get-MSGraphAllPages
$success = $consequence | The place-Object -Property errorCode -EQ 0
$resultMessage = $success.resultMessage 
$Gadgets = $resultMessage | ConvertFrom-Json
$newjson = $Gadgets | ConvertTo-Json

<#
Beneath pattern request reference:
https://docs.microsoft.com/en-au/azure/azure-monitor/logs/data-collector-api?WT.mc_id=EM-MVP-5002871&ranMID=24542&ranEAID=je6NUbpObpQ&ranSiteID=je6NUbpObpQ-Kk7A3ox8I8XgrRn0d4uDfA&epi=je6NUbpObpQ-Kk7A3ox8I8XgrRn0d4uDfA&irgwc=1&OCID=AID2000142_aff_7593_1243925&tduid=(ir__nxnprvrvwwkfq3kekk0sohzncu2xuln0dh1bwc9k00)(7593)(1243925)(je6NUbpObpQ-Kk7A3ox8I8XgrRn0d4uDfA)()&irclickid=_nxnprvrvwwkfq3kekk0sohzncu2xuln0dh1bwc9k00#sample-requests
#>

# Exchange along with your Workspace ID
$CustomerId = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"  

# Exchange along with your Major Key
$SharedKey = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"

# Specify the title of the file kind that you're going to be creating
$LogType = "WarrantyInformation"

# You should utilize an elective area to specify the timestamp from the info. If the time area isn't specified, Azure Monitor assumes the time is the message ingestion time
$TimeStampField = ""

# Create the perform to create the authorization signature
Perform Construct-Signature ($customerId, $sharedKey, $date, $contentLength, $technique, $contentType, $useful resource)
{
    $xHeaders = "x-ms-date:" + $date
    $stringToHash = $technique + "`n" + $contentLength + "`n" + $contentType + "`n" + $xHeaders + "`n" + $useful resource

    $bytesToHash = [Text.Encoding]::UTF8.GetBytes($stringToHash)
    $keyBytes = [Convert]::FromBase64String($sharedKey)

    $sha256 = New-Object System.Safety.Cryptography.HMACSHA256
    $sha256.Key = $keyBytes
    $calculatedHash = $sha256.ComputeHash($bytesToHash)
    $encodedHash = [Convert]::ToBase64String($calculatedHash)
    $authorization = 'SharedKey {0}:{1}' -f $customerId,$encodedHash
    return $authorization
}


# Create the perform to create and publish the request
Perform Publish-LogAnalyticsData($customerId, $sharedKey, $physique, $logType)
{
    $technique = "POST"
    $contentType = "software/json"
    $useful resource = "/api/logs"
    $rfc1123date = [DateTime]::UtcNow.ToString("r")
    $contentLength = $physique.Size
    $signature = Construct-Signature `
        -customerId $customerId `
        -sharedKey $sharedKey `
        -date $rfc1123date `
        -contentLength $contentLength `
        -method $technique `
        -contentType $contentType `
        -resource $useful resource
    $uri = "https://" + $customerId + ".ods.opinsights.azure.com" + $useful resource + "?api-version=2016-04-01"

    $headers = @{
        "Authorization" = $signature;
        "Log-Sort" = $logType;
        "x-ms-date" = $rfc1123date;
        "time-generated-field" = $TimeStampField;
    }

    $response = Invoke-WebRequest -Uri $uri -Methodology $technique -ContentType $contentType -Headers $headers -Physique $physique -UseBasicParsing
    return $response.StatusCode

}

# Submit the info to the API endpoint
Publish-LogAnalyticsData -customerId $customerId -sharedKey $sharedKey -body ([System.Text.Encoding]::UTF8.GetBytes($newjson)) -logType $logType

Let’s take a look at the brand new Customized Log in our workspace.  Click on the Customized logs blade.  There ought to now be a WarrantyInformation_CL seen.  Discover the kind is Ingestion API.  

WarrantyInformation_CL
| distinct SerialNumber_s, Product_s, StartDate_s, EndDate_s
| the place EndDate_s accommodates "2020"

Now we are able to arrange a recurring schedule for the Runbook to observe our fleet’s guarantee.