search

Report Epm Elevation Requests Scheduled

Generate report for Endpoint Privilege Management (EPM) elevation requests

hashtag
Description

Queries Microsoft Intune for EPM elevation requests with flexible filtering options. Supports filtering by multiple status types and time range. Sends an email report with summary statistics and detailed CSV attachment.

hashtag
Setup regarding email sending

This runbook sends emails using the Microsoft Graph API. To send emails via Graph API, you need to configure an existing email address in the runbook customization.

This process is described in detail in the Setup Email Reportingarrow-up-right documentation.

hashtag
Location

Organization → Security → Report EPM Elevation Requests (Scheduled)

Full Runbook name

rjgit-org_security_report-EPM-elevation-requests_scheduled

hashtag
Permissions

hashtag
Application permissions

  • Type: Microsoft Graph

    • DeviceManagementConfiguration.Read.All

    • Mail.Send

hashtag
Parameters

hashtag
IncludeApproved

Include requests with status "Approved" - Request has been approved by an administrator.

Property
Value

Required

false

Default Value

True

Type

Boolean

hashtag
IncludeDenied

Include requests with status "Denied" - Request was rejected by an administrator.

Property
Value

Required

false

Default Value

True

Type

Boolean

hashtag
IncludeExpired

Include requests with status "Expired" - Request expired before approval/denial.

Property
Value

Required

false

Default Value

True

Type

Boolean

hashtag
IncludeRevoked

Include requests with status "Revoked" - Previously approved request was revoked.

Property
Value

Required

false

Default Value

True

Type

Boolean

hashtag
IncludePending

Include requests with status "Pending" - Awaiting approval decision.

Property
Value

Required

false

Default Value

False

Type

Boolean

hashtag
IncludeCompleted

Include requests with status "Completed" - Request was approved and executed successfully.

Property
Value

Required

false

Default Value

False

Type

Boolean

hashtag
MaxAgeInDays

Filter requests created within the last X days (default: 30). Note: Request details are retained in Intune for 30 days after creation.

Property
Value

Required

false

Default Value

30

Type

Int32

hashtag
EmailTo

Can be a single address or multiple comma-separated addresses (string). The function sends individual emails to each recipient for privacy reasons.

Property
Value

Required

false

Default Value

Type

String

hashtag
EmailFrom

The sender email address. This needs to be configured in the runbook customization.

Property
Value

Required

false

Default Value

Type

String

Back to Runbook Reference overview

Last updated

Was this helpful?