Get-IntuneManagementExtensionDiagnostics

This script analyzes Microsoft Intune Management Extension (IME) log(s) and creates timeline report from found log events. Report is saved to HTML file. Events are also shown in Powershell console window. Timeline report includes information about Intune Win32App, WinGetApp, Powershell scripts, Remedation scripts and custom Compliance Policy scripts events. Windows Autopilot ESP phases are also shown on timeline. Script also includes really capable Log Viewer UI if scripts is started with parameter -ShowLogViewerUI LogViewerUI (Out-GridView) looks a lot like cmtrace.exe tool but it is better because all found log actions are added to log for easier debugging. LogViewerUI has good search and filtering capabilities. Try to filter known log entries in Timeline: Add criteria -> ProcessRunTime -> is not empty. What really differentiates this LogViewer from other tools is it's capability to convert GUIDs to known names try parameter -ConvertAllKnownGuidsToClearText and you can see for example real application names instead of GUIDs on log events. Selecting last line (RELOAD) and OK will reload log file. Script can merge multiple log files so especially in LogViewerUI you can see Powershell command outputs from AgentExecutor.log Powershell command outputs and errors can be also shown in Timeline view with parameters -ShowStdOutInReport and -ShowErrorsInReport This shows instantly what is possible problem in Powershell scripts. Possible Microsoft 365 App and MSI Line-of-Business Apps (maybe change to Win32App ;) installations are not seen by this report because they are not installed with Intune Management Agent. Author: Petri.Paavola@yodamiitti.fi Senior Modern Management Principal Microsoft MVP - Windows and Intune 2024-09-17 https://github.com/petripaavola/Get-IntuneManagementExtensionDiagnostics