Forum Discussion
Log analytics data/intune logs from other tenants
We manage multiple tenants, and we would like to have the intune device compliance status from all tenants in a single workbook, is this possible?
We currently gather eventlogs from client devices to a single log analytics workspace, but we would like to see the compliance state for all devices aswell
4 Replies
Have you looked at https://techcommunity.microsoft.com/t5/device-management-in-microsoft/microsoft-intune-and-azure-log-analytics/ba-p/463145
AzureActivity | summarize count() by TenantId , _ResourceId, ResourceIdMany tables have the TenantId and resourceID columns, I don't have any example intune ones to look at.
CliveWatson not sure how this can help me tho, as i cant forward intune logs to our tenants log analytics workspace, in the diagnostic settings i am only able to select a workspace within the customers tenant. i would need to be able to pull compliance data from another tenant, in to our workspace or query the data from our tenants workbook
The use of tenant isn't clear to me.
1. Do you have just a single central workspace?
2. Does each client have their own workspace:
- Are these in the same Subscription as you?
- Are these in another Azure Active Directory? If so do you know about Azure Lighthouse?
A Workbook can get data from any Subscription you have access to, and any you have access to via Lighthouse (if they are in a separate AAD / tenant).
https://docs.microsoft.com/en-gb/azure/lighthouse/concepts/azure-delegated-resource-managementAre you Tenant A in this diagram, talking to Tenant B & C? https://docs.microsoft.com/en-gb/azure/lighthouse/concepts/enterprise#tenant-management-architecture
