denisismagilov - Fotolia
Windows Analytics can provide valuable information about an organization's devices, but you must complete several steps before using the service.
Windows devices produce and send detailed telemetry data to Microsoft, but enterprise users rarely benefit from the information those devices produce. Microsoft's Windows Analytics services offer a means to overcome this gap by allowing you as an IT admin to access many of the details gathered about local Windows devices through a corresponding Windows Analytics service running in an Azure workspace.
How does Windows Analytics work?
There are three distinct Windows Analytics services. The Device Health service identifies devices and drivers that crash frequently and may need additional attention. It also provides information on device configuration that might pose problems, such as security vulnerabilities. The Update Compliance service builds a detailed inventory of devices and tracks protection for Windows Defender Antivirus-enabled devices, which allows you to determine the ability of each device to receive the latest Windows updates. Finally, the Upgrade Readiness service provides tools and workflows to plan and implement upgrades that can speed upgrade deployments, especially as Windows is updated more frequently.
To use Windows Analytics, you must add the desired service to the organization's Azure Log Analytics workspace -- formerly Operations Management Suite. That way, device telemetry and logs are sent to Microsoft. Microsoft then transfers the necessary data to the Windows Analytics service in the workspace, and either displays the results directly or makes them available to tools such as System Center Configuration Manager (SCCM).
5 steps to get started with Windows Analytics
- Add the desired service -- Device Health, Update Compliance or Upgrade Readiness -- to the organization's Azure subscription. This basically involves signing into Azure and creating the corresponding resource in a new or existing workspace. It is possible to create multiple services or resources in the same workspace. It may take several minutes for the newly added service to appear, but you can opt to go to that resource. You can then pin the newly added service to the dashboard for easy access.
- Copy the Commercial ID key, which is a unique designation that Microsoft uses to associate information from local computers, to the corresponding Azure workspace. Microsoft deploys the Commercial ID key to each local Windows computer that you can manage with Windows Analytics services. The key tells Windows Analytics that the telemetry being delivered should be transferred to your Azure workspace for use. The Commercial ID is located in the Solutions tab of the Azure workspace.
- Deploy the Commercial ID key to Windows 10 devices and be certain that the Windows Diagnostic Data setting on devices is set to Enhanced or Full. The Limited setting substantially reduces the amount of data sent to Microsoft and made available to Windows Analytics. You can accomplish both steps with Group Policy.
- Enable the appropriate data sharing for the Windows Analytics service(s) that you want to use. This typically involves whitelisting one or more Microsoft URLs. As an example, the Device Health service uses the URL https://login.live.com. It may be necessary to enlist the help of a security team to whitelist the proper URLs.
- Start small and enroll just a few Windows devices to validate the setup and enrollment process and get a feel for the Windows Analytics workflow. Once configured, it may take more than 48 hours for data to populate in some services. This allows for some systems that are turned off or offline to become available and exchange data with Windows Analytics.
Microsoft provides detailed documentation to assist you in setting up desired services and enrolling Windows devices.