How to Implement Endpoint Analytics and Performance Monitoring

IT teams can monitor system performance in several ways. One is Endpoint Analytics, a feature in Microsoft Intune and Microsoft Endpoint Manager that provides data-driven insights into how Windows devices perform in managed environments. Other options include using local tools like the Command Prompt and Group Policy.

Using the insights gathered, IT administrators can proactively address performance issues in a data-driven manner. These may include slow startup times, program instability, and problems caused by old hardware and poorly optimized configurations.

If you’re planning to implement Endpoint Analytics and boost your performance monitoring capabilities, you can use the best practices listed in this article.

Ways to enable and implement Endpoint Analytics and performance monitoring

📌 Prerequisites:

• You need to have Microsoft Intune enabled with Endpoint Analytics.
• Your target devices must be enrolled in Intune and be MDM-managed.
• The enrolled devices must be running Windows 10 or Windows 11 Enterprise, Education, or Pro, version 1903 or better. (Keep in mind that Windows 10 reached its end of life in October 2025.)
• In Intune, the Windows Health Monitoring policy must be configured and enabled to allow analytics data collection.

📌 Optional tools: 

• PowerShell with Microsoft Graph SDK —This provides a set of modules that enable Microsoft Graph using PowerShell commands. You can use this to manage Endpoint Analytics data programmatically.
• Diagnostic Data Viewer —This is a local tool that lets you inspect the diagnostic data being collected and sent from Windows devices. Be sure it’s turned on via Windows Settings > Privacy & Security > View diagnostic data > Turn on the Diagnostic Data Viewer.
• Azure Monitor or Log Analytics Integration —This tool connects Endpoint Analytics with other Azure services. It allows for deeper analysis and the long-term storage of performance and reliability data.

125155555555511111111113

Method 1: How to enable Endpoint Analytics in Microsoft Intune

📌 Use Cases:

• This method can help IT admins check how well endpoints are holding up across remote and hybrid setups.
• You can use Endpoint Analytics to see performance issues that are affecting your system.
• You can use the data you’ve gathered for proactive troubleshooting and smarter data-backed decisions.

📌 Prerequisites:

• Microsoft Intune with Endpoint Analytics should be available on the tenant.
• Devices must be MDM-managed and enrolled in Intune.
• Windows Health Monitoring must be configured and enabled in Intune.
• Telemetry must be configured and enabled.

Below are easy-to-implement steps to enable and implement Endpoint Analytics in Microsoft Intune:

1. First, go to the Microsoft Endpoint Manager Admin Center or “MEMAC” (now referred to as the Microsoft Intune Admin Center).
2. Next, navigate to Reports > Analytics > Endpoint Analytics.
3. When prompted, accept the prompt to enable Endpoint Analytics.
4. After this, toggle Windows Health Monitoring:
   1. Go to Devices > Configuration profiles
   2. Select Create profile. Next, set the following:
      1. Platform: Windows 10 and later
      2. Profile type: Templates > Windows Health Monitoring
   3. Next, pick Enable Endpoint Analytics data collection.
   4. Assign the policy to your targeted device group.
5. Finally, click Create to deploy the policy.

💡 Note: After you’ve deployed the policy, the data doesn’t appear instantaneously. It could take 24–48 hours for it to appear.

Method 2: Utilize built-in analytics reports in Microsoft Intune

📌 Use Cases:

• IT admins can keep tabs on device health across remote or hybrid setups.
• You can use this method to check app reliability while implementing ways to improve performance.

📌 Prerequisites:

• Endpoint Analytics must be enabled and configured (see Method 1).
• Devices must have reported and sent in data for at least 24–48 hours.
• You must have appropriate Intune admin roles to access reports.

To access and utilize built-in Endpoint Analytics reports, follow these steps:

1. Go to the MEMAC.
2. Navigate to Reports > Endpoint Analytics.
3. Next, review the following report categories:
   1. Startup performance
   2. Recommended software
   3. Application reliability
   4. Work from anywhere
   5. Device scores
4. From there, you can use filter or export options to sort by user, device group, or policy.
5. The data can then be used to identify performance issues and slowdowns, plan upgrades, and consider policy changes.

💡 Note: Data shown in these reports is aggregated and updated regularly. For real-time insights, integrate with Azure Monitor or Log Analytics.

Method 3: How to use Command Prompt for real-time performance checks

📌 Use Cases:

• You can use this method to check performance issues without having to wait for Intune to sync data.
• You can use this to create custom automation scripts for NinjaOne and other RMM platforms.
• IT admins can use this to diagnose issues like startup delays, high resource usage, and application-level issues.

📌 Prerequisites:

• This method requires administrator privileges to access system-level event logs and performance data.
• These commands can be run via Command Prompt (Administrator).
• Target devices must be running Windows 10/11 with standard performance logging enabled.

Here’s how to use Command Prompt to check real-time performance:

1. To check boot time, run this command:

systeminfo | find "Boot Time"

2. To view recent startup events, utilize this command:

wevtutil qe Microsoft-Windows-Diagnostics-Performance/Operational /f:text /c:5

3. To view the task list for high CPU/memory processes, use this command:

tasklist /v | more

4. To run a quick disk performance assessment (read/write speed), run this command:

winsat disk

5. To display Ethernet statistics and errors for troubleshooting network performance, use this command:

netstat -e -s

💡 Note: These commands can be scripted and run remotely for large groups of computers. Plus, they can also be integrated into monitoring tools.

In addition, since winsat disk has been deprecated for performance benchmarking, you can use the following PowerShell alternatives instead:

Get-Counter '\PhysicalDisk(*)\Disk Read Bytes/sec'

Get-Counter '\PhysicalDisk(*)\Disk Write Bytes/sec'

Method 4: Use PowerShell for custom Endpoint Analytics queries

📌 Use Cases:

• This method is ideal for MSPs and IT teams who need to extract data across device groups and multiple tenants.
• It’s also fitting for automated performance benchmarking and scripting.

📌 Prerequisites:

• You need to have the Microsoft Graph PowerShell SDK installed.
• This requires these Graph API permissions:
  • DeviceManagementManagedDevices.Read.All
  • Reports.Read.All
• You’ll need to have administrator privileges or access to Intune data.
• Device telemetry must be set to Basic or higher on Intune.
• For Endpoint Analytics data to report correctly, the Windows Health Monitoring policy must be assigned and active. You can activate it on Intune via this path: Intune > Devices > Configuration Profiles > Create Profile > Windows 10 and later > Profile Type: Templates > Windows Health Monitoring.
• On the Intune settings pane, you should enable Endpoint Analytics under the Reporting settings section and assign the profile to the appropriate device group.

Once you’ve sorted out these prerequisites, you can now gather Endpoint Analytics data from PowerShell through the following steps:

1. Run this command to connect to Microsoft Graph:

Connect-MgGraph -Scopes "DeviceManagementManagedDevices.Read.All", "Reports.Read.All"

2. Use this one to query endpoint health data:

Get-MgDeviceManagementUserExperienceAnalyticsDevicePerformance

3. Run the command below to retrieve device scores:

Get-MgDeviceManagementUserExperienceAnalyticsScoreHistory

4. Use this to run a local performance monitoring command:

Get-Counter '\Processor(_Total)\% Processor Time'

⚠️ Things to look out for

Additional considerations when implementing Endpoint Analytics and performance monitoring

Endpoint Analytics works best on managed devices

Endpoint Analytics is optimized for environments where devices are managed directly through Intune or via co-management with Configuration Manager. This is because these allow Endpoint Analytics to collect richer telemetry, enabling you to gather more accurate insights into device performance.

Data collection doesn’t happen in real time

Note that data analytics refreshes every 24 hours, so it’s not suitable for real-time troubleshooting. Use local tools (like CMD or PowerShell) to diagnose and validate performance issues as needed.

Assess the impact of startup apps and group policies

Review the impact of startup apps, scripts, and enforced GPOs. These factors can cause startup performance issues.

This is a Windows-only feature

Endpoint Analytics only supports Windows 10 and 11 devices. Reporting is unavailable for Linux, macOS, and other platforms.

Troubleshooting Endpoint Analytics and performance monitoring issues

No data in the reports

Ensure the Windows Health Monitoring profile is assigned and the device has the correct OS version and telemetry settings.

Delay in Intune’s Endpoint Analytics after onboarding

It can take up to 48 hours for data to appear. Be sure to check reports between 24 and 48 hours.

Devices are missing from data analytics

Check Intune enrollment, telemetry settings via GPO, and license assignment. Verify your device groups and make the necessary adjustments.

CMD tools aren’t working

Use administrative privileges and ensure diagnostic logging has been enabled.

Log locations

To check the logs, you can visit these locations on your computer:

• Endpoint Analytics agent logs (Windows Explorer): C:\ProgramData\Microsoft\Windows\DeviceManagement
• Event Viewer: Microsoft > Windows > DeviceManagement-Enterprise-Diagnostics-Provider

How can NinjaOne support and improve Intune Endpoint Analytics?

NinjaOne extends Microsoft Endpoint Analytics’ capabilities using real-time monitoring, platform support, and automation features.

Here’s how NinjaOne takes Endpoint Analytics to the next level:

Collecting real-time performance metrics

It tracks CPU, memory, disk, and network usage live and in real-time. IT teams won’t have to deal with the 24-hour refresh limitation of Intune analytics.

Letting you deploy custom scripts

NinjaOne enables the automation of custom IT scripts to analyze startup impact or monitor key processes.

Monitoring devices outside of Intune

It supports Windows, macOS, and Linux endpoints not enrolled in Microsoft Intune.

Triggering alerts and auto-remediation

NinjaOne detects when performance thresholds are exceeded and executes scripts or policies to counter the issue.

Providing cross-platform visibility

NinjaOne fills in the gaps for mixed environments, enabling IT teams to track and tweak performance across all operating systems, including on Linux devices.

These features help MSPs and IT teams managing enterprise environments deliver SLA-backed performance guarantees and close the gaps in Intune-only environments.

Improve device health and user experience with Endpoint Analytics

Endpoint Analytics gives IT teams and MSPs comprehensive insights into

• device performance,
• startup impact, and
• user experience.

If you enable it through Intune and use it alongside local tools, you can identify and resolve performance issues before they affect user workflows. You also have the option to pair these with NinjaOne, giving you real-time visibility, automation, and support for devices without Intune, letting you manage endpoints seamlessly.

You can also pair these with NinjaOne, which not only gives you real-time visibility, automation, and support for devices without Intune but also lets you manage endpoints seamlessly. Other beneficial features offered by NinjaOne include AI-driven anomaly detection and automated root-cause analysis (RCA).

Overall, these solutions give you the control and flexibility you need to keep your endpoints running like a well-oiled machine, letting your users work smoothly.

Related topics:

• What is Endpoint Management? How it Works and Benefits
• What is MEM (Microsoft Endpoint Manager)?
• 7 Common Endpoint Management Challenges
• Intune vs RMM: Can Microsoft Intune Replace an RMM?
• Custom Reporting for IT Professionals