Monday, April 18, 2011 1:14 AM
Hi there, curious as to whether there is a logging or audit facility within Intune that allows administrators to view logs of prior remote support instances on managed computers? EG, the ability to be able to check when a computer last received remote support (through the Intune facility), whether it was insitgated by user or by administrator, and which administrator was logged in to the remote session.
Monday, April 18, 2011 4:21 AM
There is no Audit info available in Windows Intune.
Please give us the specific scenario on why an audit log in needed, this will help us evaluate the request for future versions.
- Marked As Answer by Jon LynnMicrosoft Employee, Moderator Tuesday, April 19, 2011 4:15 PM
Wednesday, May 04, 2011 12:49 AM
This would be useful in the scenario where the customer has multiple Intune administrators (perhaps in a helpdesk type environment) that access Intune and provide Intune administration functions and remote user support multiple times throughout the day. Therefore, if a remote user suggested a previous helpdesk support person had already attempted to fix an issue remotely, a different helpdesk support operator would be able to check the audit log to see which intune administrator in was that previously provided support.
Similarly, if one Intune administrator made a policy change that had unwanted effects, other Intune administrators would be able to check the audit logs to see which administrator made the change at what time and date. This would assist in quickly identifying the person who made changes to be able to ask them reasons for changing etc.
Hope this helps.
Wednesday, May 30, 2012 12:50 PMHas there been any functionality change since this post? Having an audit log of administrator access would be beneficial. What if you had a disgruntled employee and they decided to put Malware exception into Intune and deply a virus or trojan via Intune. Wouldn't that be interesting.
Wednesday, May 30, 2012 6:45 PM
Has there been any functionality change since this post? Having an audit log of administrator access would be beneficial. What if you had a disgruntled employee and they decided to put Malware exception into Intune and deply a virus or trojan via Intune. Wouldn't that be interesting.
I agree that it would be most useful to have an audit log and integrate it with a ticketing system - to keep track of what was done with updates, malware updates/remediation, remote sessions. A built-in audit of a chat session when using remote assistance included in the audit log would be beneficial as well.