How to collect security events from devices through Intunes

Madan Sathyanarayanan 0 Reputation points
2023-07-27T13:03:08.9133333+00:00

I am trying to create a group policy in Intune, where I can collect custom security events from the Device

Let's say we have 10 devices; I want to collect the following events from the device.

EventID=6406 or EventID=6407 or EventID=6408 or EventID=6409 or EventID=6419 or EventID=6420 or EventID=6421

Thank you in advance.

Microsoft Intune Configuration
Microsoft Intune Configuration
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Configuration: The process of arranging or setting up computer systems, hardware, or software.
1,991 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
5,526 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Crystal-MSFT 51,726 Reputation points Microsoft Vendor
    2023-07-28T05:26:16.43+00:00

    @Madan Sathyanarayanan, Thanks for posting in Q&A. Based as I know, Intune does not have the report to collect event log. But after researching, I notice Azure Monitor can do this. Here is a link with mroe details for your reference:

    https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/how-to-configure-security-events-collection-with-azure-monitor/ba-p/3770719

    Hope the above information can help.


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.