How to retrieve noncompliant setting and noncompliant policy when exporting reports using Graph

Licheva-Sharbanova, Desislava 20 Reputation points
2024-04-03T13:42:37.4733333+00:00

Hello Team,

We are currently building a solution that needs to export the report Noncompliant devices and settings. I have noticed that it's analog in graph is DeviceNonCompliance

which unfortunatelly does not contain some of the columns like - noncompliant setting and noncompliant policy.

May I please ask for a hint how to retrieve them?

Thanks in advance!

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
12,352 questions
Microsoft Intune Reporting
Microsoft Intune Reporting
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Reporting: The process of giving an account of something that has been observed, heard, done, or investigated.
67 questions
0 comments No comments
{count} votes

Accepted answer
  1. Crystal-MSFT 49,761 Reputation points Microsoft Vendor
    2024-04-04T01:25:30.96+00:00

    @Licheva-Sharbanova, Desislava, Thanks for posting in Q&A. Based on my checking, there's a report named "Noncompliant devices and settings" in Intune portal. After capturing DevTool Log, I find it will do a POST action and then a get action to get the report:

    POST

    https://graph.microsoft.com/beta/deviceManagement/reports/cachedReportConfigurations

    Payload:

    {"id":"NoncompliantDevicesAndSettings_00000000-0000-0000-0000-000000000001","filter":"","orderBy":[],"select":["DeviceName","SettingNm","PolicyName","CalculatedPolicyVersion","LatestPolicyVersion","SettingStatus","ErrorCodeString","UPN","OS","LastContact"],"metadata":"=>filterPicker=dW5kZWZpbmVk"}

    GET

    https://graph.microsoft.com/beta/deviceManagement/reports/cachedReportConfigurations('NoncompliantDevicesAndSettings_00000000-0000-0000-0000-000000000001')

    User's image

    User's image

    Hope the information can help.


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


1 additional answer

Sort by: Most helpful
  1. Vasil Michev 108.6K Reputation points MVP
    2024-04-03T16:37:24.5266667+00:00

    I believe said properties are not available via the DeviceNonCompliance report. If you want to grab the per-policy data, you need to run the DevicePoliciesCompliance one (https://learn.microsoft.com/en-us/graph/api/intune-reporting-devicemanagementreports-getdevicepoliciescompliancereport?view=graph-rest-1.0), which you need to filter by specific deviceId.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.