Back to all tools
PS ScriptTroubleshooting

Intune Log Collector

Intune Log Collector is an Azure-based solution that collects logs from Intune-managed devices, including files, directories, and event logs. It deploys a Function App, Storage Account, and Key Vault, with the Remediation script driving log collection per LogsGatherRules.json and uploading a compressed archive to the logs container. Deployments support Azure Template Spec (Bicep/ARM) or direct ARM templates, with optional UI and post-deployment steps.

Works with
WindowsmacOSGraph APIAzure Automation
Created by
Nickolaj Andersen
Nickolaj Andersen
GitHub

Security Analysis

5of 6
1 Issue Found

12 files scanned on Jan 8, 2026

Issues Detected
No Obfuscated Code
No base64 encoded commands or hidden scripts
Base64 decode and execute in Function App/modules/AADDeviceTrust.FunctionApp/Public/Get-AzureADDeviceAlternativeSecurityIds.ps1
Passed Checks
No Remote Execution
No Credential Theft
No Data Exfiltration
No Malicious Patterns
No Hardcoded Secrets
AI Analysis

The codebase implements an Intune Log Collector with legitimate management functionality, but exhibits several security concerns: potential credential leakage via verbose logging of cryptographic material; exposure of a write-enabled SAS token to clients; risk of tampering via automatic loading of Public/Private function files; possible input handling weaknesses when building Graph API queries. No hardcoded secrets detected; secrets appear to be sourced from environment/config and MSI endpoints, requiring strict access controls.

Screenshots

You might also like

PS Script

Intune Device Details GUI

A PowerShell-based GUI tool for visualizing comprehensive Intune device information. Shows Azure AD group memberships, Intune filter assignments, application and configuration targeting, BitLocker recovery keys, LAPS passwords, Autopilot profiles, and remediation script status with color-coded assignment states.

Petri PaavolaPetri Paavola
PS Script

Endpoint Analytics Remediation Scripts

A community-driven repository of 86+ PowerShell detection and remediation scripts for Microsoft Intune Endpoint Analytics. Includes scripts for system health, security hardening, device management, application management, optimization, and diagnostics.

Jannik ReinhardJannik Reinhard
PS Script

Get-AutopilotDiagnosticsCommunity

A PowerShell diagnostic script for analyzing Windows Autopilot deployments. Provides comprehensive details about Autopilot profile settings, policies, apps, and certificate profiles tracked via Enrollment Status Page, with support for local PC analysis and captured log files.

Andrew TaylorAndrew Taylor
PS Script

Get-IntuneManagementExtensionDiagnostics

A PowerShell script for analyzing Intune Management Extension logs and creating timeline reports. Tracks Win32App deployments, WinGetApp packages, PowerShell scripts, Proactive Remediations, Custom Compliance, and Autopilot ESP phases with HTML reports and integrated LogViewerUI.

Petri PaavolaPetri Paavola