Getting Started with Workspace ONE Intelligence Reports and Dashboards: VMware Workspace ONE Operational Tutorial

VMware Workspace ONE UEM 9.6 and later

Overview

Introduction

VMware provides this operational tutorial to help you with your VMware Workspace ONE® environment. In this tutorial, explore the basics of VMware Workspace ONE® Intelligence™. Learn how to enable Workspace ONE Intelligence, use reports to gain insights, and use dashboards to help visualize data and enforce device compliance.

Audience

This operational tutorial is intended for IT professionals and Workspace ONE administrators of existing production environments. Familiarity with networking and storage in a virtual environment is assumed, including Active Directory, identity management, and directory services. Knowledge of additional technologies such as VMware Identity Manager™ and VMware Workspace ONE® UEM, is also helpful.

Enabling Workspace ONE Intelligence

Introduction

VMware Workspace ONE® Intelligence™ is designed to simplify user experience without compromising security. The intelligence service aggregates and correlates data from multiple sources to give complete visibility into the entire environment. 

In this exercise, you opt-in to Workspace ONE Intelligence, regenerate the API service key, and integrate Workspace ONE Intelligence Automation Connectors with Workspace ONE UEM.

Prerequisites

Before you can perform the procedures in this exercise, ensure you have the following components installed and configured:                  

  • Workspace ONE UEM 9.6 or later – contact your support representative if Workspace ONE Intelligence Reports is not enabled in your environment.
  • For Workspace ONE UEM on-premises environments, you must install the Workspace ONE Intelligence Connector.  
  • Customer-level Organization Group. 
  • Admin role with Intelligence permissions. For more information, see Admin Roles.
  • Notepad ++ with word wrap enabled (In Notepad++, select View > Word wrap).

This exercise requires certain account credentials. Note the account information in the following table. The details provided in this table are based on a test environment. Your user account details will differ.

Workspace ONE UEM Credentials
Base URL https://labs.awmdm.com
API Username <Your VLP Email>
API Password VMware1!
User name administrator
Password VMware1!

Logging In to the Workspace ONE UEM Console

To perform most of the steps in this exercise, you must first log in to the Workspace ONE UEM Console.

1. Launch Chrome Browser

Launch Chrome Browser

On your desktop, double-click the Google Chrome icon.

3. Authenticate In to the Workspace ONE UEM Console

  1. Enter your Username, for example, administrator.
  2. Click Next. After you click Next, the Password text box is displayed.
  1. Enter your Password, for example, VMware1!
  2. Click Login.

Note: If you see a Captcha, be aware that it is case sensitive.

Opting-in to Workspace ONE Intelligence

After you have met the requirements, you are ready to enable Workspace ONE Intelligence. In this activity, you launch the Workspace ONE Intelligence Console and sign up for a free trial if this is your first time using Intelligence.

In case you already have an Intelligence environment enabled and data already flowing in, skip to the next activity.

1. Launch Workspace ONE Intelligence

In the Workspace ONE UEM Console:

  1. Click Monitor.
  2. Click Intelligence.
  3. Click Get Started to initiate the Opt-in process.

2. Opt in to Workspace ONE Intelligence

Next
  1. Scroll down to the Opt in to use Intelligence section.
  2. Select the Opt In checkbox.
  3. Click Next.

3. Complete the Terms of Service

Accept Terms of Service
  1. Provide the following details:
    • Name
    • Email Address
    • Title
    • Company Name
    • Company Address
  2. Click Accept.

4. Initiate Free-Trial

After the accepting the Terms of Service in the Workspace ONE UEM console, you redirect to the Workspace ONE Intelligence console. In the bottom-right corner of the page that appears, click Start 30 Day Trial.

5. Enter User Account Details

  1. Provide the following details:
    • First Name
    • Last Name
    • Email
    • Title
    • Company
    • City
    • Country
    • Zip/Postal Code
    • Phone
  2. Click Accept.

Obtaining Workspace ONE UEM API Key

After you have opted-in to Workspace ONE Intelligence, you can retrieve the Workspace ONE UEM API key. In this activity, you generate the API service key and copy it to Notepad.

1. Launch Workspace ONE UEM

Return to Workspace ONE UEM Console

From the Workspace ONE Intelligence console:

  1. Click the Square menu icon.
  2. Select Workspace ONE UEM Console.

Logging In to the Workspace ONE Intelligence Console

To perform most of the steps in this exercise, you must log in to the Workspace ONE Intelligence Console. You launch the Workspace ONE Intelligence Console from within the Workspace ONE UEM Console.

1. Launch the Workspace ONE Intelligence Console

In the Workspace ONE UEM Console:

  1. Click Monitor.
  2. Click Intelligence.
  3. Click Launch.

2. Confirm the Workspace ONE Intelligence Console is Opened

Confirm that you are now logged into the Workspace ONE Intelligence Console.

3. Return to the Workspace ONE UEM Console (If Required)

If you need to return to the Workspace ONE UEM Console:

  1. Click the menu icon on the right.
  2. Select Workspace ONE UEM.

Integrating Workspace ONE Intelligence Automation Connectors

After regenerating the AirWatch API service key, you are ready to integrate Workspace ONE Intelligence Automation Connectors with Workspace ONE UEM.

To take full advantage of Workspace ONE Intelligence, you need to configure at least one Automation Connector to enable Automation Actions in your environment.

Among the multiple available Connectors, the Workspace ONE UEM connector is key, as it enables Intelligence Automation to take actions against your organization's devices, apps, and os updates.

In this activity, you configure the Workspace ONE UEM Connectors to allow API communication between Workspace ONE Intelligence and Workspace ONE UEM.

2. Initiate Authorization

On the Workspace ONE UEM card, click Set Up.

3. Configure Authorization

Set the connector properties
  1. Click Provide Credentials.
  2. Enter the Base URL. For example, https://labs.awmdm.com.
  3. Enter the API User Name. For example, YOUR VLP E-MAIL.
  4. Enter the API User Password. For example, VMware1!.
  5. Enter the Workspace ONE UEM Tenant Code. This is the AirWatchAPI Service Key that you saved in Notepad in the previous activity.
  6. Click Connect.

4. Validate Authorization

Verify the Workspace ONE UEM card now displays Deauthorize. This indicates integration was successful.

5. Review Automation Actions against Workspace ONE UEM

As a result, you are now able to define automated flows, which can take over 25+ different actions against your devices, apps, and os updates. The screenshot shows some of the actions available against devices.

Using Reports to Gain Insights

Introduction

After enabling Workspace ONE Intelligence, you are ready to explore its basic capabilities. In this exercise, you learn how to create reports that can mitigate issues, drive business decisions, and automatically share information with other departments.

Prerequisites

Before you can perform the procedures in this exercise, you must meet the following requirements:

Creating Reports

In this activity, you explore reporting capabilities by creating a report for enrolled devices.

1. Open Report Settings

In the Workspace ONE Intelligence Console:

  1. Click Reports.
  2. Click Add Report.

2. Explore Report Categories and Templates

To begin creating a report, select the category of data you want to obtain. The available categories include:

  • Apps
  • Devices
  • Device Sensors
  • OS Updates

Then, use the category's customizable templates to define the content your report collects. For complete control of the report's content, use the blank Starter template to define your own criteria.

Feel free to click on each category to see the templates available to each.

3. Select Workspace ONE UEM Devices

  1. Select Category.
  2. Select Workspace ONE UEM.
  3. Select Devices.

4. Configure Report Template

  1. Select Enrolled Devices. Selecting this template creates a report about enrolled devices that displays data in pre-defined columns.
  2. Click Next.

5. Add Report Filters

  1. Under Filters, click the + icon to add a new filter.
  2. Enter platform in the first search field, then select Platform from the drop-down menu that appears.
  3. Select Includes from the Search for value drop-down menu.
  4. Select Apple, Android, and WinRT from the final drop-down menu.

Note: Intelligence only lists platforms available in your environment.

6. Preview the Report

Scroll down to the Report Preview section, and observe how your currently enrolled devices automatically populate in the preview.

Note: The screenshot shown is from a test environment. Your report preview is based on your environment and will differ from the preview you see in the screenshot.

7. Add Report Columns

Add Columns
  1. Under Report Preview, click Edit Columns.
  2. Under Available Columns, select the following:
    • Available Capacity
    • Available Physical Memory
    • BIOS Version
    • Battery Percent
  3. Click Add.

8. Change Column Order

Ordering Columns
  1. Under Selected Columns, select Available Capacity, Available Physical Memory, BIOS Version, and Battery Percent.
  2. Click Down four times. You can also drag and drop the selected items to move the values up and down.
  3. Click Save.

9. Review New Columns

In the Report Preview, verify the new columns populated.

10. Save the Report

  1. Click Save to save the report.
  2. Confirm that the Enrolled Devices report saved successfully.

11. Manage the Report

After the report saves, it is added to the list of available reports.

Select the report you want to manage.

12. Explore Report Overview

From this view, you can configure additional management settings:

  1. Click Edit to alter the settings you configured when you made the report.  
  2. Click Run to manually trigger a data sync.
  3. Click Share to email the report.
  4. Click Automate to set up a workflow of actions.
  5. Click Delete to remove the report.

Downloading Reports

After saving a report, you can immediately download it as a CSV file. In this activity, you download the CSV file for the Enrolled Devices report.

1. Access Report Downloads

To access the report's available downloads, select the Downloads tab.

2. Download the Report

On the Downloads tab:

  1. Click the Refresh icon.
  2. Verify the status displays as Completed.
  3. Click Download.
  4. Validate that a CSV of the Enrolled Devices report downloads.

Scheduling Reports

After saving a report, you can use scheduling to automate data collection and collaboration. In this activity, schedule the Enrolled Devices report to run on a monthly basis.

1. Add a Report Schedule

  1. Click Schedules.
  2. Click Add.

2. Configure the Report Schedule

  1. Enter a Schedule Name. For example, Windows, Android and Apple Enrolled Devices.
  2. For Recurrence, select Monthly.
  3. For Day of the Month, select 1.
  4. For Starts At, enter 08:00 AM.
  5. For Ends, select a future date such as 06/30/2028.
  6. Click Schedule.

3. Confirm Report Schedule

Under Schedules, confirm that the schedule matches the parameters you defined.

Using Dashboards to Visualize Data

Introduction

Dashboards are a powerful tool in Workspace ONE Intelligence that supplement reporting capabilities with rich visualizations of available data. In this exercise, learn how to use dashboards to visualize data in Workspace ONE Intelligence.

Prerequisites

Before you can perform the procedures in this exercise, you must meet the following requirements:

Customizing the Dashboard View

As a supplement to its reporting capabilities, the Workspace ONE Intelligence dashboard displays critical business data in an easy to consume visual summary. Within dashboards, the configurable widgets allow you to customize the data that displays. In this activity, add a widget that shows enrollment information from the past 14 days.

1. Open Widget Settings

You can create custom dashboards based on your business needs. By default, Intelligence includes the Default Dashboard.

In the Workspace ONE Intelligence console:

  1. Select My Dashboards.
  2. Click View.
  3. Click Add Widget.

2. Explore Widget Categories and Templates

To begin creating a widget, select the category of data you want to obtain. The available categories include:

  • Workspace ONE UEM > Apps / Devices / Device Sensors / OS Updates
  • Apteligent > App Loads / User Flows
  • Carbon Black > Carbon Black Threats
  • VMware Identity Manager > App Launch / Login
  • Intelligence > Automation Run History
  • Lookout > Lookout Threats
  • Netskope > Netscope Threats

Then, use the category's customizable templates to define the content your widget displays. For complete control of the widget's content, use the blank Starter template to define your own criteria.

Feel free to click on each category to see the templates available to each.

3. Define a Category

  1. Select Category.
  2. Select Workspace ONE UEM.
  3. Select Devices.

4. Select a Template

  1. Select the Total Enrollments template.
  2. Click Next.

5. Name the Default Template

Under Data Visualization, review the default Total Enrollments template. The initial default settings provide a snapshot of current device enrollment. If you change the settings, the snapshot results change accordingly.

Change the name of the widget to Total Enrollments Over Time.

6. Configure the Template

Chart Total Enrollments Over time

To create a snapshot of total enrollments over time, modify the default Total Enrollments template.

  1. Select Historical.
  2. For Chart Type, select Line.
  3. For by Group, enter Platform.
  4. Set the Date Range to Last 14 Days.
  5. Click Save.

Note: The screenshot shown is from a test environment. Your preview is based on your environment, and will differ from the preview you see in the screenshot.

Managing the Dashboard View

After configuring the Total Enrollment Over Time widget, you can manage how it displays on your dashboard. In this activity, modify your dashboard view by repositioning and expanding the Total Enrollment Over Time widget.

1. Review the Dashboard

By default, the new widget appears at the bottom of your dashboard.

2. Relocate the Widget

  1. To relocate the widget, click Customize Layout.
  2. Click Total Enrollments Over Time (the chart title) and drag the widget to the top of your dashboard.
  3. Click Save to save the new dashboard layout.

3. Resize the Widget

Enlarge the Total Enrollments Over Time widget, by selecting its edges and dragging them outward.

Using Dashboards to Enforce Device Compliance

Introduction

In addition to its standard dashboards, Workspace ONE Intelligence also provides a set of security-focused dashboards. These dashboards query the entire environment to identify the most at-risk devices: compromised devices, passcode-less devices, unencrypted devices, and others. In this activity, learn how to Security Risk dashboards in Workspace ONE Intelligence can help you enforce device compliance and mitigate risk.

Prerequisites

Before you can perform the procedures in this exercise, you must meet the following requirements:

Increasing Compliance Across Devices

The Security Risk dashboards in Workspace ONE Intelligence gather reports on numerous device states and quickly identify high-risk devices. In this activity, you explore the following Security Risk dashboards Workspace ONE Intelligence: Threats Summary, Compromised Devices, Policy Risks, and Vulnerabilities. 

1. Access the Security Risk Dashboards

In the Workspace ONE Intelligence console, under Dashboards, click Security Risk.

2. View Threats Summary

The Threats Summary dashboard appears by default and displays the number of threats reported by the Trust Network solutions that are integrated into your environment.

Workspace ONE Intelligence integrates with several security endpoints solutions that report threats, such as Anomalies, malware, policy violation, suspicious network activities, and so on. The threats are reported into Intelligence by the Trust Network solutions almost immediately, and you can navigate through each data point to identify the threats and devices impacted by that threat.

Click to scroll down to the Compromised Devices chart.

3. View Compromised Devices

The Compromised Device dashboard appears by default and displays the number of devices that reported as compromised in the past 30 days. A device becomes compromised when it is in violation of the compliance policies defined by the IT administrator. Common compliance policies include blacklisted apps, devices not seen in the past 24 hours, no passcode, and more.

4. Identify Devices without Passcodes

  1. Select the Policy Risks tab to view the number of passcode-less devices detected in the past 30 days.
    Then, after you understand the scope of the issue, use automation to mitigate the risk. For example, you can create a rule to automatically move a passcode-less device to quarantine, or remove its access to corporate data.
  2. Scroll down.

5. Identify Unencrypted Devices

This chart shows the total number of unencrypted devices identified on a daily basis by Workspace ONE Intelligence.

  1. Point to the data points for additional details about the number of devices per platform.
  2. Click View to obtain a detailed list of devices.
  3. Click Security Risk: Policy Risks to return.

6. Identify Vulnerable Devices

Select the Vulnerabilities tab to view the number of vulnerable devices identified in the last 30 days.

Without encryption, confidential information is unprotected, and can easily land in the wrong hands. To mitigate this risk, create policies to enforce device encryption. For example, you can create a policy to block corporate access until the device is encrypted through Workspace ONE UEM.

Summary and Additional Resources

Conclusion

This operational tutorial provided basic management steps for Workspace ONE Intelligence. 

Procedures included:

  • Enabling Workspace ONE Intelligence
  • Creating and downloading reports
  • Customizing dashboard views
  • Managing the Security Risk dashboard

Configuring Workspace ONE Intelligence Automation

Now that you have completed basic management of reports and dashboards in Workspace ONE Intelligence, the next step is automation.

Automation in Workspace ONE Intelligence uses parameters to trigger a workflow. You can customize the workflow to act on unique scenarios in your Workspace ONE environment. Although automation is a robust feature, it is not intended to replace compliance policies.

The following tutorials guide you through configuring various automations in Workspace ONE Intelligence:

Terminology Used in This Tutorial

The following terms are used in this tutorial:

application store A user interface (UI) framework that provides access to a self-service catalog, public examples of which include the Apple App Store, the Google Play Store, and the Microsoft Store.
auto-enrollment Auto-enrollment simplifies the enrollment process by automatically enrolling registered devices following the Out-of-Box-Experience.
catalog A user interface (UI) that displays a personalized set of virtual desktops and applications to users and administrators. These resources are available to be launched upon selection.
cloud Asset of securely accessed, network-based services and applications. A cloud can also host data storage. Clouds can be private or public, as well as hybrid, which is both private and public.
device enrollment The process of installing the mobile device management agent on an authorized device. This allows access to VMware products with application stores, such as VMware Identity Manager.
identity provider (IdP) A mechanism used in a single-sign-on (SSO) framework to automatically give a user access to a resource based on their authentication to a different resource.
mobile device management
(MDM) agent
Software installed on an authorized device to monitor, manage, and secure end-user access to enterprise resources.
one-touch login A mechanism that provides single sign-on (SSO) from an authorized device to enterprise resources.
service provider (SP)
A host that offers resources, tools, and applications to users and devices.
virtual desktop The user interface of a virtual machine that is made available to an end user.
virtual machine A software-based computer, running an operating system or application environment, that is located in the data center and backed by the resources of a physical computer.

For more information, see the VMware Glossary.

Additional Resources

About the Author

This tutorial was written by:

  • Andreano Lanusse, End-User-Computing Staff Architect, Technical Marketing, VMware.

Feedback

The purpose of this tutorial is to assist you. Your feedback is valuable. To comment on this tutorial, contact VMware End-User-Computing Technical Marketing at euc_tech_content_feedback@vmware.com.