3 car accident in left lane, H1 West bound opposite the eastbound Punahou offramp. #hitraffic

I may have problems...but not having a FIDO2 security key isn't one of them 😅

Hey @NathanMcNulty, what do you think is the cheapest/best way to get on-prem Windows Event Logs in to LA/Sentinel? I don't necessarily want to blast all events from servers, but interested in a subset. Thinking maybe centralize to WEC server and then send from there?

Was tired of seeing just STIG ID as setting names so updated generator (after manually making a list of short names) to be able to add names to the Intune Custom Compliance settings. Also separated the CAT II rules a bit more cleanly. #MSIntune #Intune

Framework to translate W10 STIG rules to W11 is done, and first pass at CAT I and CAT III rules for use with Intune Custom Compliance are posted. #Intune #MSIntune https://t.co/Rw4HCKUcAu

Hi @IntuneSuppTeam, are you able to confirm if we should be seeing unlimited settings/1MB file size limit for Custom Compliance JSON? Keeping my fingers crossed that it's that and not the 100 setting/100KB limit I'm currently seeing!

Updated a few small things today, down to 2 CAT II checks left, and 1 may be marked manual. Also fixed a couple of bugged checks and uploaded the CAT II PS and JSON files split up in to 3 parts to fit under the current 100 setting/100KB Intune limit. https://t.co/e7pHygzey2

I'm definitely a GitHub newbie but would welcome any improvements to the framework or rule checks. I did seem to break the images in the README when flipping the project to public, but they aren't super important. @NathanMcNulty @SamErde

Should be relatively easy to take the STIG as a base and then exclude or override values on certain rules to suite your environment. Next up (after finishing CAT II) is mapping which controls are the same in W10 and W11 STIGs so the W11 policy files don't have to be rewritten.

Not 100% complete yet, but think it's far enough along to make public: https://t.co/XRMaRV8vWP #Intune Custom Compliance project to ingest the Windows 10 STIG file and generate policy files that can be imported in to #MSIntune. The generator code is ugly, but functional enough.

I'm hoping that the documented case is what's actually supported, as I have a rule set with over 200 rules that would be painful to break up. #Intune

Hi @IntuneSuppTeam, I've been working on some Custom Compliance policies and although the docs from https://t.co/c6ToyTcTOw say the JSON file can have unlimited settings as long as the file is under 1MB, I get an error if my JSON file has over 100 rules or is over 100KB in size.

of say, 10-20, is okay. I'm handling those multi-value checks in the PS script and return true or false, but it would be nice to see the return values in the compliance reports instead of just false when a setting fails.

Other thing I would want is to be able to have settings be compliant based on more than one return value. Right now, it looks like if a check returns a value of 15, it can only be considered a match if the JSON specifies 15, even if an acceptable range.

and device compliance views so it's easier to view what settings are without cramming them in to the setting name. First pic is what I'd like to keep the setting name as, but getting additional context like the second pic is helpful.

Hi @MikeDanoski / @TyCastComply, I'm really liking Intune Custom Compliance now that it works in Gov tenants! Two things I wish for right now are the ability to add another column (Title, from Remediations->Title in the CC policy JSON would be handy) to the policy

@MikeDanoski @IntuneSuppTeam I'm trying to build out some custom compliance policies and I have some checks that I'd like to track, but don't necessarily need to fail compliance if it doesn't pass. In Chef we can set waivers to skip certain checks, or still do them but not cause a policy failure.

Hi @MikeDanoski / @IntuneSuppTeam, do you know if it's possible to assign a compliance policy to devices but not automatically mark them non-compliant if they fail? Or somehow not have certain checks trigger a fail?

The option for Remediations only shows in old Devices page, if you've switched to new preview experience, you'll need to switch back. Also, looks like custom compliance might be working now, I was able to create scripts & Policies but waiting to see if they actually run/report.

(Proactive) Remediations has finally been enabled in GCCH Intune! Saw the menu option with the recent menu reorg in commercial, but I don't believe it worked right away. FYI @SamErde, I know you work in/with GCCH tenants. Haven't seen official announcements but working for me.