Blumira integrates with Microsoft Intune (formerly Endpoint Manager) using Microsoft Azure Event Hubs. For organizations that use Intune, this integration is critical for device compliance logs, device logs, and audit logs. These logs can be useful for reporting and investigations.
Before you begin
To receive Intune logs in Blumira, you must have the Microsoft Azure Event Hubs Module configured on a Blumira sensor. Ensure that you have already integrated Azure Event Hubs with Blumira by completing the steps in Integrating with Microsoft Azure Event Hubs before proceeding with the steps below.
Forwarding Intune events to Blumira
To connect Intune to your Blumira event hub in Azure:
- Log in to endpoint.microsoft.com.
- Click Tenant Administration.
- Navigate to Diagnostic Settings.
- Click + Add Diagnostic Setting.
- Type a name such as "Blumira Logging".
- Select all Log Categories.
- Click the check box Stream to an Event Hub.
- Under Event hub name, select the name of the hub you created for the Blumira integration.
- Click Save.
Reference: See Microsoft's Send log data to storage, event hubs, or log analytics in Intune for additional information.