Reporting on Application Crashes Using Intune Analytics and Microsoft Graph Powershell

Introduction

In today’s modern workplace, ensuring device performance and application reliability is critical for maintaining user productivity. Microsoft Intune’s Endpoint Analytics provides valuable insights into device health, enabling IT administrators to proactively identify and resolve application issues before they impact end users.

One powerful feature within Endpoint Analytics is Application Reliability, which helps IT teams monitor application crashes, hangs, and failures across managed devices. Using PowerShell with Microsoft Graph API, we can take this a step further—automating the process of identifying devices that need attention, retrieving the primary user, and sending an HTML email notification using the PSWriteHTML module.

Application Reliability & Licensing Requirements

Application Reliability in Endpoint Analytics provides deep insights into how frequently applications crash and how they affect end-user productivity. It helps IT teams take data-driven actions to mitigate software issues. However, to use Application Reliability, devices must have appropriate licensing, including:

  • Microsoft 365 Business Premium, E3, or E5
  • Windows 10/11 Enterprise E3 or E5 (part of M365 F3, E3, or E5)
  • Windows Virtual Desktop Access E3 or E5

For a complete breakdown, check Microsoft’s official documentation

Automating Insights with PowerShell and Microsoft Graph API

While Endpoint Analytics offers a user-friendly dashboard, automation can take things further. The script available at Github demonstrates how we can:

Authenticate to Microsoft Graph API
Fetch a list of devices flagged by Endpoint Analytics
Retrieve the primary user of each affected device
Generate a structured HTML email using the PSWriteHTML module
Notify users about detected issues with a professional-looking email

This approach allows IT administrators to move from passive monitoring to proactive communication.

The script requires DeviceManagementConfiguration.Read.All API permissions (least Privileged)

<#
.SYNOPSIS
This script generates an email report for devices that need attention based on Intune Analytics data.

.DESCRIPTION
The script checks if the required graph modules are installed and installs them if necessary. It then connects to the Microsoft Graph API using the Connect-MgGraph cmdlet. It retrieves a list of devices that need attention and sends an email report to the specified recipient(s) with details about the devices and their application crash/hang information.

.PARAMETER EmailTitle
The subject of the email.

.PARAMETER EmailFrom
The email address from which the email will be sent.

.PARAMETER EmailBCC
The email address(es) to be BCC'd on the email.

.PARAMETER tenantId
The ID of the tenant to connect to.

.PARAMETER EmailTo
The email address to which the email will be sent.

.EXAMPLE
.\EndpointAnalyticsGraph.ps1 -EmailTitle "Your Device Needs Attention" -EmailFrom "[email protected]" -EmailTo "[email protected]" -tenantId "<YourTenantId>"

.NOTES
Author: Your Name
Date: Current Date
#>

# Prerequisites
#check if the required graph modules are installed
if (-not (Get-Module -Name Microsoft.Graph.Authentication -ListAvailable)) {
    # If not installed, install the Microsoft.Graph.Authentication
    Write-output "Microsoft.Graph.Authentication module is not installed. Installing Microsoft.Graph.Authentication"
    Install-Module Microsoft.Graph.Authentication  -Force 
    Import-Module Microsoft.Graph.Authentication
    Write-output "Microsoft.Graph.Authentication has been installed."
}
else {
    Write-output "Microsoft.Graph.Authentication module is already installed."  
    Import-Module Microsoft.Graph.Authentication  
}
if (-not (Get-Module -Name Microsoft.Graph.beta.DeviceManagement -ListAvailable)) {
    # If not installed, install the Microsoft.Graph.beta.DeviceManagement
    Write-output "Microsoft.Graph.beta.DeviceManagement module is not installed. Installing Microsoft.Graph.beta.DeviceManagement"
    Install-Module Microsoft.Graph.beta.DeviceManagement  -Force 
    Import-Module Microsoft.Graph.beta.DeviceManagement
    Write-output "Microsoft.Graph.beta.DeviceManagement has been installed."
}
else {
    Write-output "Microsoft.Graph.beta.DeviceManagement module is already installed."    
    Import-Module Microsoft.Graph.beta.DeviceManagement
}
# Check if the PSWriteHTML module is installed
if (-not (Get-Module -Name PSWriteHTML -ListAvailable)) {
    # If not installed, install the PSWriteHTML
    Write-output "PSWriteHTML module is not installed. Installing PSWriteHTML"
    Install-Module PSWriteHTML  -Force 
    Write-output "PSWriteHTML has been installed."
}
else {
    Write-output "PSWriteHTML module is already installed."    
}

# Variables
$EmailTitle = "Your Device Needs Attention"
$EmailFrom = "[email protected]"
$EmailCC = ""
$EmailBCC = ""
$TenantId = "<YourTenantId>"

# Funtions
Function Send-Email {
    Param ($subj, $Body, $priority, $EmailCC, $Attachments, $EmailFrom, $EmailTo, $EmailBCC)
    $SendMailProps = @{
        From = $EmailFrom        
        To = $EmailTo
        Subject = $subj
        Body = $Body 
        SmtpServer = "internalsmtp.uk.corp.investec.com"
        Priority = $priority      		
    }
    If($emailCC){$SendMailProps.Add("CC",$emailCC)}
	If($EmailBCC){$SendMailProps.Add("BCC",$EmailBCC)}
    Send-MailMessage @SendMailProps -BodyAsHtml
}

# Main Script

# connect to the Microsoft Graph API
Connect-MgGraph -TenantId $tenantId -Scopes "DeviceManagementConfiguration.Read.All" -NoWelcome -TenantId $tenantId -Interactive

#filter by "needs attention"
$DeviceNeedsAttention = Get-MgBetaDeviceManagementUserExperienceAnalyticAppHealthDevicePerformance -all -Filter "healthStatus eq microsoft.graph.UserExperienceAnalyticsHealthState'needsAttention'" | Select-Object DeviceDisplayName, DeviceId, HealthStatus

#get the user details for each device in $deviceNeedsAttention
foreach ($device in $DeviceNeedsAttention) {
    #get the primary user of the device
    $DevicePrimaryUser = Invoke-MgGraphRequest -Method GET -Uri "https://graph.microsoft.com/beta/deviceManagement/manageddevices('$($device.DeviceId)')/users"
    
    #initialize the $UserDetails variable
    $UserDetails = @()

    #if the device has a primary user, get the user details
    $UserDetails = $DevicePrimaryUser.value | Select-Object displayName, userPrincipalName

    #if no user details are found, skip the device
    if ($null -eq $UserDetails) {
        continue
    }
    # group appdisplayname and event type when they are the same and count the number of occurences
    $AppCrashDetails = Get-MgBetaDeviceManagementUserExperienceAnalyticAppHealthDevicePerformanceDetail -Filter "deviceId eq '$($device.DeviceId)'" -all | Group-Object appDisplayName | Select-Object Name, Count, @{Name='EventType';Expression={$_.Group[0].eventType}}    
   
    # email users with devices that need attention and their app crash details using PSWriteHTML
    $EmailBodyReport = EmailBody {    				   
		EmailText -FontFamily 'Calibri' -FontSize 16 -Color Black -Alignment left -FontStyle normal -Text "Hello, $($UserDetails.displayName)"
		EmailText -LineBreak
		EmailTextBox -FontFamily 'Calibri' -Size 16  -Color Black -Alignment left -FontStyle normal {
			"Intune Analytics has identified that your device $($device.DeviceDisplayName) has been having few application crashes/hangs in the last 14 days."
            "Please see the details below:"              
		} 
        EmailTable -DataTable ($AppCrashDetails) -AutoSize {                
			$AppCrashDetails | Get-Member -MemberType NoteProperty | Select-Object -ExpandProperty Name | % {
				EmailTableHeader -BackGroundColor SkyBlue -FontSize 18 -Color Black -Names $_
			}				
		} -HideFooter
		EmailText -LineBreak
		EmailTextBox -FontFamily 'Calibri' -Size 16  -Color Black -Alignment left -FontStyle normal {
			"Should you need any assistance, please contact the Technology Service Desk."
		} 
		EmailText -LineBreak	
    }
    # Set the email recipient
    $Emailto = $UserDetails.userPrincipalName
    # Send the email
    Send-Email -subj "$EmailTitle" -Body $EmailBodyReport  -priority "normal" -emailBCC $emailBCC -EmailFrom $EmailFrom -EmailTo $Emailto
}

# disconnect from the Microsoft Graph API
Disconnect-MgGraph

 

By implementing such a script, organizations can proactively engage users in the troubleshooting process, potentially reducing downtime and enhancing the overall efficiency of IT operations. This approach not only showcases the technical capabilities of integrating PowerShell with the Microsoft Graph API but also emphasizes the importance of user communication in maintaining application reliability.

Users (or IT Support) would get an email showing details of apps crashing in the last 14 days

 

Expanding the Use Case: IT Support Notifications

While this script is designed to notify end users, it can easily be repurposed for IT teams. Instead of notifying users directly, we can send a report to IT support, highlighting devices with repeated failures and suggesting proactive troubleshooting steps.

 

Conclusion

This PowerShell + Microsoft Graph API integration, combined with PSWriteHTML, showcases “the art of what’s possible” with Intune Endpoint Analytics. By automating issue detection and proactively engaging users, IT teams can minimize downtime, enhance user experience, and demonstrate the power of automation in device management.

🚀 Ready to try it out? Grab the script here: EndpointAnalyticsGraph.ps1.

Let me know if you’d like further refinements!

Reporting on Application Crashes Using Intune Analytics and Microsoft Graph Powershell
Tagged on:

Amir Joseph Sayes

Cloud | EUC | Virtualisation | Enterprise Mobility | DevOps | Automation | Part-Time Blogger | Fitness

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Discover more from Amir Sayes

Subscribe now to keep reading and get access to the full archive.

Continue reading