4,608 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 19%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EG%3C/text%3E%3C/svg%3E)
What are you going to do with the data?
CMPivot or create a custom inventory item. but it will depend on what you are going to do with the data.
Collecting Specific Error Events from SCCM Agents
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(307.2, 35%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EL%3C/text%3E%3C/svg%3E)
lumiproxy
60
Reputation points
What are effective methods to collect specific error events from all Windows agents using SCCM?
Any guidance or resources would be appreciated.
Microsoft Security | Intune | Configuration Manager | Other
3 answers
Sort by: Most helpful
-
-
Simon Ren-MSFT 40,346 Reputation points Microsoft External Staff2024-12-10T06:31:17.1733333+00:00 Hi,
Hope you are doing well.
Agree with Garth. Here is an example to use the CMPivot tool to query all Windows devices with a specific event error 10010 in my lab. You can customize the syntax accordingly.
EventLog('System')| summarize countif( (EventID == 10010) ) by Device| where (countif_ > 0)
Here is a guide to use CMPivot:
CMPivot for real-time data in Configuration Manager
Best regards,
Simon
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
-
Simon Ren-MSFT 40,346 Reputation points Microsoft External Staff
2024-12-18T06:20:00.77+00:00 Hi,
Hope everything goes well. Do you need any further assistance about this issue? If yes, please feel free to let us know, we will do our best to help you.
If the response is helpful, it's appreciated that you could click "Accept Answer" and upvote it, this will help other users to search for useful information more quickly.
Thanks for your time.
Best regards,
Simon