Navigation

  • Home

    • About Autopilot Monitor

    What is Autopilot Monitor?

    Autopilot Monitor is a free, open-source, real-time monitoring and troubleshooting platform for Windows Autopilot enrollments managed through Microsoft Intune. It gives IT administrators, helpdesk engineers, and MSPs complete visibility into every enrollment session — from the first boot through the Enrollment Status Page (ESP) to the user desktop — so issues can be detected and resolved before they impact end users.

    Traditional Autopilot deployments are a black box. When a device fails or stalls, the only option is to manually dig through IME logs or wait for a user complaint. Autopilot Monitor changes that by streaming live telemetry from a lightweight agent deployed via Intune, feeding every event — app installs, policy applications, phase transitions, errors, and performance data — into a central dashboard with intelligent analysis built in.

    Deployed by assigning a bootstrapper script in Intune, the platform requires no infrastructure changes and no additional certificates on end user devices. It runs entirely on Azure, authenticates via Microsoft Entra ID, and provides multi-tenant support with strict per-tenant data isolation.

    Key Features

    Every feature is designed around one goal: reducing the time between an Autopilot failure occurring and an IT admin understanding why.

    Real-Time Enrollment Monitoring

    Track every Windows Autopilot enrollment phase as it happens. Live push updates surface device registration, ESP progress, app installs, and user phase transitions without manual refreshing.

    • Live phase-by-phase tracking
    • Near real-time push updates via SignalR
    • Per-device event stream with timestamps

    Intelligent Analyze Rules

    Built-in and fully customizable analyze rules automatically detect enrollment failure patterns — from reboot loops and app timeouts to policy conflicts and IME log anomalies.

    • Community-driven built-in rules
    • Custom rule authoring
    • Confidence-scored findings per session

    Fleet Health Dashboard

    A high-level view across your entire device fleet. Monitor success rates, failure trends, average enrollment duration, and blocked devices — broken down by time range.

    • Success & failure rate trends
    • Average enrollment duration
    • Blocked device detection

    Diagnostics Collection

    Trigger on-demand diagnostic uploads directly from the portal. Collect ETL logs, event logs, IME logs, and system information from any enrolled device without local access.

    • On-demand ZIP bundle upload
    • ETL, event & IME log collection
    • Configurable log path rules

    Detailed Event Timeline

    Full event timeline for every deployment session. Drill down into phase transitions, app install status, errors, warnings, and performance snapshots to pinpoint root causes fast.

    • Phase-by-phase breakdown
    • App install progress & details
    • Error & warning highlights

    Audit Logging & Compliance

    Complete audit trail of all administrative actions and configuration changes. Meet compliance requirements with detailed, tamper-evident records and configurable data retention.

    • Admin action history
    • Configurable retention policies
    • Tenant-scoped audit log

    Who Is It For?

    Autopilot Monitor is built for anyone responsible for deploying or supporting Windows devices through Microsoft Intune and Autopilot.

    IT Administrators

    Gain full visibility into Autopilot deployments across your organization. Detect failures early, analyze patterns, and reduce helpdesk tickets from day-one device issues.

    Helpdesk & Field Engineers

    Immediately understand what happened on a specific device without touching it. Access event timelines, analyze rule findings, and download diagnostics on demand.

    MSPs & Enterprise Teams

    Autopilot Monitor supports multi-tenant deployments — each customer tenant runs its own isolated instance. MSPs with login access to a customer environment can use the portal for that tenant independently.

    How It Works

    Autopilot Monitor uses a lightweight .NET agent deployed to devices via an Intune bootstrapper script. The agent monitors the enrollment process in real time and streams telemetry events — including ESP phases, app installs, performance snapshots, and custom gather rule data — to the Azure-hosted backend pipeline. The portal displays live session data, runs analyze rules automatically, and alerts on failure conditions.

    1. 1Assign the bootstrapper PowerShell script to your Autopilot device groups in Intune.
    2. 2The bootstrapper installs the Autopilot Monitor Agent on each enrolling device.
    3. 3The agent captures live enrollment events and uploads them to the backend pipeline.
    4. 4The portal displays real-time session data, analyze rule results, and fleet health metrics.
    5. 5On completion, the agent optionally self-destructs and uploads a diagnostics bundle.

    Technology & Platform

    Autopilot Monitor is built on modern, enterprise-grade technology designed to scale with large device fleets and multi-tenant deployments.

    Backend

    • Azure Functions (.NET 8 Isolated) — serverless, scalable API
    • Azure Table Storage — high-throughput event ingestion
    • Azure Blob Storage — diagnostics and log bundle storage
    • Azure SignalR Service — real-time push to the portal

    Portal (Web Frontend)

    • Next.js 18 + TypeScript — fast, server-rendered React app
    • Microsoft Entra ID (MSAL) — secure authentication
    • Role-based access control (Admin / Operator)
    • Multi-tenant architecture

    Agent

    • .NET binary — lightweight, low-overhead monitoring
    • Runs via scheduled task (no Windows service — easy, residue-free removal)
    • Deployed via Intune bootstrapper script (Win32 app)
    • Client certificate authentication
    • Optional self-destruct on enrollment completion

    Integrations

    • Microsoft Intune — agent deployment target
    • Microsoft Teams — enrollment failure notifications
    • Intune Management Extension (IME) log — event source for log pattern detection
    • WMI & Registry — extended data gather rules

    Open Source & Free to Use

    Autopilot Monitor is fully open source and free to use. The complete source code is available on GitHub under an open license. Contributions, bug reports, and feature requests from the community are welcome — especially for Analyze Rules, which are designed to be shared and extended by the wider Windows Autopilot community.

    Autopilot Monitor was created by Oliver Kieselbach, a Microsoft MVP and long-time contributor to the Windows Autopilot and Microsoft Intune community. The project is driven by real-world enterprise deployment experience and community feedback.

    View on GitHubSubmit FeedbackOliver Kieselbach on LinkedIn

    Explore Further

    Documentation →Roadmap →Changelog →Privacy Policy →