Let’s discuss how to Get Windows Device Compliant State Details using Intune Security Copilot. How Intune Security Copilot’s natural language querying works. Instead of writing complex code, you can type your question in plain English.
Copilot then matches your request to the appropriate built-in Intune queries. Some queries allow you to provide extra details, such as the device type or platform. Once the query runs, Copilot presents a summary of the results along with recommendations for actions you can take based on the findings.
You can also use Intune Explorer with Security Copilot to easily view details about devices, users, apps, compliance status, and updates. One of our posts explains this in detail with clear steps and examples.
In this post, you will learn all about the “Windows Device Compliant State Details,” which refers to the current compliance status of a Windows device based on the rules and policies set in Intune. This status indicates whether the device is compliant.
Table of Contents
How to Get Windows Device Compliant State Details using Intune Security Copilot
The Windows device compliance report in Intune is a report that indicates whether a Windows device adheres to the organisation’s security and configuration rules. You can easily get the Windows Device Compliant State Details using Intune Security Copilot. The below table helps you to show the steps.
| Steps |
|---|
| Sign in to the Intune admin center |
| Go and Select the Explorer tab |
| Go to Show examples for : All categories section |
| Select the Category as Compliance |
- How Microsoft Security Copilot Improves Intune Admin Center Efficiency
- How to use Intune Explorer with Security Copilot to Find Windows and MacOS Device Data across your Tenant
- How to use Intune Explorer with Security Copilot to Find Windows and MacOS Device Data across your Tenant
Available Query Options Under the Compliance Category
Under the Compliance category, you will find several options, such as “Get devices that are in a compliant state,” “Get platform-specific devices that are in a compliant state,” and “Get devices that are non-compliant because no compliance policy is assigned,” etc.
- Here, I selected the query “Get platform devices that are in a compliance state.”
Filling Mandatory Fields for the “Get Platform Devices that are in a Compliance State” Query
The query “Get Platform Devices that are in a Compliance state” requires you to fill in some mandatory fields, such as Platform and Compliance. These fields appear as blue hyperlinks. In this example, I selected Windows as the platform and Compliant as the compliance state.
Get Windows Devices that are Compliance State
Here you can see the selected query after filling the mandatory fields that “Get Windows Devices that are Compliance state”. Click the arrow next to the query and the security copilot give the result that there are four items in the results list.
The query is designed to help an Intune admin identify and list devices based on their compliance status and platform type. It filters devices to match a specific compliance status and platform, with a special condition for Android devices. The results display key details for each device, including its name, ID, management agent, ownership, compliance status, platform, and the last time it was seen.
Intune Security Copilot Queries for Tracking Windows Device Compliant State Details
These Intune Security Copilot queries help admins track and manage application installations across devices and users. They can identify users or devices on specific platforms with certain apps installed, whether discovered or managed, and even filter results by app name or publisher.
- Query: Get users with devices on Platform that have discovered app with name containing App Name installed
- Reason: This query helps identify users with devices on a specific platform that have a particular app installed, which can be useful for tracking app usage and compliance.
- Query: Get devices that have the managed app /Managed App installed on platform Managed App Platform
- Reason: This query is useful for identifying devices with a specific managed app installed, helping to ensure that critical applications are deployed and managed correctly.
- Query: Get users that have discovered app with name containing App Name on Platform published by Publisher installed
- Reason: This query provides insights into app installations by specific publishers, which can help in managing software licenses and ensuring compliance with organizational policies.
| Next Steps to Consider |
|---|
| Review the list of devices returned by the query to ensure that all devices are compliant with organizational policies. This helps in maintaining a secure and compliant device environment. |
| Analyze the management agent and ownership details to identify any discrepancies or unauthorized devices. This ensures that only authorized devices are managed and compliant. |
| Use the last seen date to identify devices that have not checked in recently. This can help in identifying devices that may be lost, stolen, or not in use, allowing for appropriate action to be taken. |
End Results
This report lists Windows devices managed through MDM that are company-owned and marked as compliant. For each device, it provides details such as the device name, management agent, ownership type, compliance status, platform, and the last seen date and time.
| Device | Management Agent | Ownership | Compliance | Platform | Last Seen |
|---|---|---|---|---|---|
| DESKTOP-QAJ4HBC | MDM | Company | Compliant | Windows | 08/13/2025, 08:26 AM |
| CPC-jites-O81I4 | MDM | Company | Compliant | Windows | 08/15/2025, 08:51 AM |
| CPC-HTMDT-TVWI1 | MDM | Company | Compliant | Windows | 08/15/2025, 09:41 AM |
| W365-vais-Y6DLC | MDM | Company | Compliant | Windows | 08/15/2025, 11:02 AM |
Need Further Assistance or Have Technical Questions?
Join the LinkedIn Page and Telegram group to get the latest step-by-step guides and news updates. Join our Meetup Page to participate in User group meetings. Also, Join the WhatsApp Community to get the latest news on Microsoft Technologies. We are there on Reddit as well.
Author
Anoop C Nair has been Microsoft MVP from 2015 onwards for 10 consecutive years! He is a Workplace Solution Architect with more than 22+ years of experience in Workplace technologies. He is also a Blogger, Speaker, and Local User Group Community leader. His primary focus is on Device Management technologies like SCCM and Intune. He writes about technologies like Intune, SCCM, Windows, Cloud PC, Windows, Entra, Microsoft Security, Career, etc.