Introduction
If you like Intune Remediation scripts as much as I do – You're gonna love this! It's important to have logs so you'll be able to troubleshoot your scripts, and you can also collect the logs using Intune Device Diagnostics (which I wrote an article about, detailing how to get a report for which devices have diagnostics available for download).
I wrote a PowerShell module (Start-IntuneRemediationTranscript) that handles logging for you. In this article, I'll explain how to use it and how to add outputs to your PowerShell scripts so they will show up in the transcript logs.
Module Installation and Usage
You can install the module from the PowerShell Gallery (Start-IntuneRemediationTranscript) using:
Install-Module -Name Start-IntuneRemediationTranscriptFeatures
- Start/Stop Transcripts: Manage transcript logging for Intune remediation tasks.
- Log File Compression: Automatically compresses log files exceeding the specified size threshold.
- Old Log Cleanup: Deletes old ZIP archives of logs.
- Error Logging: Captures and logs errors with timestamps to a designated file.
To start a transcript with the default settings:
Start-IntuneRemediationTranscript -LogName "MyIntuneLog"Or, to specify a custom log directory and size threshold:
Start-IntuneRemediationTranscript -LogName "CustomLog" -LogDirectory "C:\\CustomLogs" -SizeThresholdMB 10Log Locations:
Pre-transcripts error logs are written to:
C:\ProgramData\ErrorLogs\Esi-Transcript_ErrorLog.txt
Transcripts are logged to:
C:\ProgramData\Microsoft\IntuneManagementExtension\Logs\YourLogName.log
So you can collect the logs using Intune Device Diagnostics
To stop the transcript:
Start-IntuneRemediationTranscript -StopIntegrating the Module into Your Scripts
Always start your Intune remediation scripts with these lines:
if (Get-Module -Name Start-IntuneRemediationTranscript)
{
try
{
Install-Module -Name Start-IntuneRemediationTranscript
}
catch
{
Write-Host "Error installing module: $_"
}
}
Start-IntuneRemediationTranscript -LogName ScriptName
This will check if the module is installed, install it if not, and then start the transcript. The transcript records all outputs in a PowerShell session by default. To make debugging easier, use Write-Host to specify what output belongs to what command.
Example: System Restore Script
Here's an example using a System Restore script:
try
{
# Check System Restore status using registry keys
$restoreKey = Get-ItemProperty -Path "HKLM:\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\SystemRestore"
# Check for existing restore points
$restorePoints = Get-ComputerRestorePoint
$today = Get-Date
# Input string
$string = $restorePoints.CreationTime
# Extract the datetime part without milliseconds and timezone offset
$datetimePart = $string.Substring(0, 14)
# Convert the datetime part to a DateTime object
$datetime = [datetime]::ParseExact($datetimePart, "yyyyMMddHHmmss", $null)
# Format the datetime object to the desired format
$formattedDatetime = $datetime.ToString("MM/dd/yyyy h:mm:ss tt")
$timespan = New-TimeSpan $formattedDatetime $today
# If System Restore is disabled or no restore points exist, enable it
if ($restorekey.RPSessionInterval -eq 0 -or $restorePoints.Count -eq 0 -or $timespan.Days -ge 30)
{
Write-Host "System Restore is disabled or there are no restore points."
Write-Host "Enabling System Restore"
Enable-ComputerRestore -Drive "C:\\"
if ($restorePoints.Count -eq 0 -or $timespan.Days -ge 30)
{
Write-Host "Creating a Restore Point"
Checkpoint-Computer -Description "RemediationSysRestorePoint" -RestorePointType MODIFY_SETTINGS
}
}
else
{
Write-Host "restore points count: $($restorePoints.Count) , restore points creation time: $($restorePoints.CreationTime)"
Write-Host "System Restore is already enabled with existing restore points."
Exit 0
}
}Pro Tip
This module is particularly useful for debugging complex Intune remediation scripts. The automatic log compression and cleanup features ensure that you don't run out of disk space while maintaining detailed logging for troubleshooting purposes.
