monitor the client certificate expiration dates

Hy, 

technically it is possible to create reports using Data Warehouse and PowerBi that give you the information ragarding certificates or you could go with Azure Logic App and Microsoft Graph to querry the certificate.

The simple solution until you find a better one that suits you would be either a detection/remediation that runs once a week or per month and dumps the logs to an Azure Blob Storage. 

Check it out, you need to customize it to your needs.

Good luck!

# Import the Azure module
Import-Module Az

# Define Azure Blob Storage details
$StorageAccountName = "<YourStorageAccountName>"
$StorageAccountKey = "<YourStorageAccountKey>"
$ContainerName = "<YourContainerName>"
$BlobName = "CertificatesInfo.json"

# Define the local file to store certificate information temporarily
$LocalFilePath = "$env:TEMP\CertificatesInfo.json"

# Query certificates from the local machine
$Certificates = Get-ChildItem -Path Cert:\LocalMachine\My | Select-Object Thumbprint, Subject, Issuer, NotBefore, NotAfter

# Convert the certificate information to JSON and save it to a file
$Certificates | ConvertTo-Json -Depth 10 | Out-File -FilePath $LocalFilePath -Encoding utf8

# Connect to Azure Storage Account
$Context = New-AzStorageContext -StorageAccountName $StorageAccountName -StorageAccountKey $StorageAccountKey

# Upload the file to Azure Blob Storage
Set-AzStorageBlobContent -File $LocalFilePath -Container $ContainerName -Blob $BlobName -Context $Context

# Clean up the local file
Remove-Item -Path $LocalFilePath -Force

Write-Host "Certificate information uploaded to Azure Blob Storage successfully."