# Report Epm Elevation Requests Scheduled

### Description

Queries Microsoft Intune for EPM elevation requests with flexible filtering options. Supports filtering by multiple status types and time range. Sends an email report with summary statistics and detailed CSV attachment.

### Setup regarding email sending

This runbook sends emails using the Microsoft Graph API. To send emails via Graph API, you need to configure an existing email address in the runbook customization.

This process is described in detail in the [Setup Email Reporting](https://github.com/realmjoin/realmjoin-runbooks/tree/master/docs/general/setup-email-reporting.md) documentation.

### Location

Organization → Security → Report EPM Elevation Requests (Scheduled)

**Full Runbook name**

rjgit-org\_security\_report-EPM-elevation-requests\_scheduled

### Permissions

#### Application permissions

* **Type**: Microsoft Graph
  * DeviceManagementConfiguration.Read.All
  * Mail.Send

### Parameters

#### IncludeApproved

Include requests with status "Approved" - Request has been approved by an administrator.

| Property      | Value   |
| ------------- | ------- |
| Required      | false   |
| Default Value | True    |
| Type          | Boolean |

#### IncludeDenied

Include requests with status "Denied" - Request was rejected by an administrator.

| Property      | Value   |
| ------------- | ------- |
| Required      | false   |
| Default Value | True    |
| Type          | Boolean |

#### IncludeExpired

Include requests with status "Expired" - Request expired before approval/denial.

| Property      | Value   |
| ------------- | ------- |
| Required      | false   |
| Default Value | True    |
| Type          | Boolean |

#### IncludeRevoked

Include requests with status "Revoked" - Previously approved request was revoked.

| Property      | Value   |
| ------------- | ------- |
| Required      | false   |
| Default Value | True    |
| Type          | Boolean |

#### IncludePending

Include requests with status "Pending" - Awaiting approval decision.

| Property      | Value   |
| ------------- | ------- |
| Required      | false   |
| Default Value | False   |
| Type          | Boolean |

#### IncludeCompleted

Include requests with status "Completed" - Request was approved and executed successfully.

| Property      | Value   |
| ------------- | ------- |
| Required      | false   |
| Default Value | False   |
| Type          | Boolean |

#### MaxAgeInDays

Filter requests created within the last X days (default: 30). Note: Request details are retained in Intune for 30 days after creation.

| Property      | Value |
| ------------- | ----- |
| Required      | false |
| Default Value | 30    |
| Type          | Int32 |

#### EmailTo

Can be a single address or multiple comma-separated addresses (string). The function sends individual emails to each recipient for privacy reasons.

| Property      | Value  |
| ------------- | ------ |
| Required      | false  |
| Default Value |        |
| Type          | String |

#### EmailFrom

The sender email address. This needs to be configured in the runbook customization.

| Property      | Value  |
| ------------- | ------ |
| Required      | false  |
| Default Value |        |
| Type          | String |

[Back to Runbook Reference overview](https://docs.realmjoin.com/automation/runbooks/runbook-references)