MEMCM debug using Azure blob

MEMCM debug using Azure blob

NuGet Gallery | Microsoft.Azure.WebJobs.Logging.ApplicationInsights 3.0.25


Transitioning more and more to modern, many strive to get rid of the classic VPN for their endpoints. As we have more options managing endpoint without building a large and complex infrastructure it become natural to disconnect the traditional access model and build more enterprise applications to authenticate with your azure account.

When devices are roaming around on internet and have no VPN connection, it is somewhat more difficult to singlehandedly connect to an endpoint and investigate issues. This blogpost will cover how to deal with that using Azure blob as a temporary storage provider for logging.

Thanks, Tom Degreef for inspiration!



  • Azure storage account
  • CMG


Azure Storage

Go to



I already have a storage account I can use. We choose the storage account where “kind” says BlobStorage. (How to create the storage account is not covered by this blog)



Create a new Container



Create “templogs”

Public access level: Blob

Be sure you read the exclamation mark. This container is not a place to store sensitive data for a longer period, but for this purpose it will be ok.


Choose Storage Explorer



Get Shared Access Signature



Set expiry time to the future some time.

Add permissions




Copy the Container name

Copy the Query string

Save them to notepad for now.




Prepare your client environment

Before we can run the script on clients, we need to make sure they have the PowerShell modules.

Azure.Storage and AzureRM.profile

Start a Windows 10 client and fire up PowerShell shell.



Go through the prompts



Install-module azureRM.profile

Go through the prompts



To automize this, go to file explorer

Copy the folder Azure.Storage and AzureRM.profile

Create a script and a MEMCM package that copies these 2 folders to your clients.

Deploy the package to your clients.



MEMCM preparations

Download this script

Start your MEMCM Console

Create Script

Copy the content of the Github Script



Paste the code to the script in MEMCM.

We need to change the xxx parameters



StorageAccountName can be found here:



StorSas parameter where the string we saved to notepad earlier.

Container parameter also went to the notepad doc.

When added, click next next and done.



Approve the script

And we are ready to rock and roll getting logs



Right click a device -> run script



Get logs from device




On the device CPC-TEST02 it starts adding a zip file containing a lot of good logs to debug info on that client.



And on the Azure Storage


You can either choose to grab it manually or go to Tom Degreef’s blog and get his download script, to automate the last part. Look for “Retrieve the logs”



There is always a scenario that goes into haywire and we need a way to reach out and have some insight of the problem. Guiding a user how to do things can be time consuming and not very agile. We need to be able to get logs even though our endpoints roam the internet. This is good example of how that can be achieved.

Happy testing!

Table of Contents

Share this post
Search blog posts
Modern Workplace consultant and a Microsoft MVP in Enterprise Mobility.
Modern Workplace consultant and a Microsoft MVP in Windows and Devices for IT.

Infrastructure architect with focus on Modern Workplace and Microsoft 365 security.

Cloud & security specialist with focus on Microsoft backend products and cloud technologies.

Cloud & Security Specialist, with a passion for all things Cybersecurity

Cloud and infrastructure security specialist with background in networking.

Infrastructure architect with focus on design, implementation, migration and consolidation.

Infrastructure consultant with focus on cloud solutions in Office365 and Azure.

follow us in feedly

Follow on SoMe