Overview

The Microsoft Intune Discovery Event Monitor connects to your Intune accounts using Azure and pulls devices that aren't yet in your monitoring configuration into a specialized folder for you to review later.

Use Cases

• Detecting and adding new network devices
• Automatically sorting new devices into a device group

Monitoring Options

This event monitor provides the following options:

Alert with [Info/Warning/Error/Critical] if Azure cannot be contacted

Use this option to receive an alert if FrameFlow cannot contact Microsoft Azure.

Alert with [Info/Warning/Error/Critical] if a previously discovered device isn't found in Microsoft Intune

If the event monitor previously discovered a network device that isn't present anymore, the event monitor will send you an alert when this option is enabled.

Pause previously discovered devices if they are no longer found in Microsoft Intune

This option will pause devices that were previously discovered in Intune if they are no longer present there when the event monitor runs again.

Move previously discovered devices if they are no longer found in Microsoft Intune

This option will move devices no longer found in Intune to a device group of your choosing.

Remove previously discovered devices if they are no longer found in Microsoft Intune

This option will automatically remove devices from FrameFlow if they are no longer in the Intune environment.

Include all the personal devices

Filtering option for personal devices

Include all the company devices

Filtering option for company devices

Include all the Android devices

Filtering option for Android devices

Include all the iOS/iPadOS devices

Filtering option for iOS/iPadOS devices

Include all the Windows devices

Filtering option for Windows devices

Include all the Linux devices

Filtering option for Linux devices

Include all the MacOS devices

Filtering option for MacOS devices

Devices to Ignore

Here, enter a list of the devices you want the event monitor to ignore using their names, IP addresses, or IDs. Each value you enter here must be on a separate line.

Only include selected contact names or patterns

This option will include only devices with the specified contact names or patterns.

Exclude selected contact names or patterns

This option will exclude devices with the specified contact names or patterns.

Only include selected email addresses or patterns

This option will include only the specified email addresses or patterns.

Exclude selected email addresses or patterns

This option will exclude devices with the specified email addresses or patterns.

Only include selected management names or patterns

This option will include only the specified management names or patterns.

Exclude selected management names or patterns

This option will exclude devices with the specified management names or patterns.

Exclude devices that have no assigned user/owner

This option lets you exclude discovered devices with no assigned owner/user.

Authentication and Security

The account used to authenticate must have the following permissions at both the application and delegated level:

• DeviceManagementManagedDevices.Read.All
• DeviceManagementManagedDevices.ReadWrite.All
• DeviceManagementConfiguration.Read.All
• DeviceManagementConfiguration.ReadWrite.All
• User.Read
• Organization.Read.All

Protocols

Data Points

This event monitor does not generate any data points.

Sample Output

Tutorial

To view the tutorial for this event monitor, click here.