Weekly report mail of incidents in Office 365 5/5 (1)


Has your company ever been affected by any incident in any of the Office 365 services?

This article can help you follow the incidents weekly by receiving a e-mail message with the status of each incident and their respective messages, from the Message Center on the Office 365 Administrator portal.

We are speaking of a script that uses the Service Communication API to collect these messages and then send them to your mailbox in a format that is easy to read and check which service is working normally and which service has any incidents or alerts.


First, you need to create an application in Azure AD. You can do this by following the first steps in this article.

You will also need a service account to send the mail.

How it works

This script will use the Service Communication API  through the endpoint https://manage.office.com/api/v1.0/{tenant_id}/ServiceComms/Messages and store the information into a HTML and sending this HTML in the body of the mail message.

The first part of the script counts the parameters, functions and objects that will be used in the script itself. Authentication will use this information from the Azure application.

param( [Parameter(Mandatory=$true)] $TenantId, [Parameter(Mandatory=$true)] $ClientId, [Parameter(Mandatory=$true)] $ClientSecret, [Parameter(Mandatory=$true)] $SenderMailbox, [Parameter(Mandatory=$true)] $ReceiverMailbox, [Parameter(Mandatory=$true)] $SMTPServer)
# Messages Function

	Function GetMessage() {
	foreach($message in $($_).Messages) { 
	return $text;
# Construct URI for OAuth Token

	$uri = "https://login.microsoftonline.com/$TenantId/oauth2/v2.0/token"
	# Construct Body for OAuth Token
	$body = @{
	    client_id     = $ClientId
	    scope         = "https://manage.office.com/.default"
	    client_secret = $ClientSecret
	    grant_type    = "client_credentials"

After that, we will need to request the access token and store it in a variable:

# Get OAuth 2.0 Token

	$tokenRequest = try {
	    Invoke-RestMethod -Method Post -Uri $uri -ContentType "application/x-www-form-urlencoded" -Body $body -ErrorAction Stop
	catch [System.Net.WebException] {
	    Write-Warning "Exception was caught: $($_.Exception.Message)"

$token = $tokenRequest.access_token

With the access token we can make request the Messages through Service Communication API. (In this script, I made a filter to receive only StartTime, Title, EndTime, LastUpdatedTime, ID, Status and Messages with LastUpdatedTime greater than or equal to 01-01-2020. This can be changed to what is best for your company.)

# Get Office 365 Messages from Message Center
	$o365messages = try {
	    Invoke-RestMethod -Method Get -Uri "https://manage.office.com/api/v1.0/$tenantid/ServiceComms/Messages?$Select=StartTime,Title,EndTime,LastUpdatedTime,Id,Status,Messages and filter=MessageType eq Microsoft.Office365ServiceComms.ExposedContracts.MessageType'Incident' and LastUpdatedTime ge 2020-01-01T00:00:00.000Z" -ContentType "application/json" -Headers @{Authorization = "Bearer $token"} -ErrorAction Stop
	catch [System.Net.WebException] {
	   Write-Warning "Exception was caught: $($_.Exception.Message)"

With the Messages saved in the variable $o365messages we can create a local HTML fully formatted with the colors for the degradations (to make it easier to read) and leave everything ready for later sending by email.

# List Messages in the HTML file
    $o365messages.Value | Where {$_.Status -ne “”} | Select-object StartTime, Title, EndTime, LastUpdatedTime, Id, Status, @{Name="Messages";Expression={GetMessage}}| sort-object -Property @{Expression = "Status"; Descending = $False} | ConvertTo-html -head $header -As TABLE | foreach { $PSItem -replace "<td>Service Degradation</td>", "<td style='background-color:#FF8080'>Service Degradation</td>";} |foreach { $PSItem -replace "<td>Investigating</td>", "<td style='background-color:#FFFF00'>Investigating</td>";}|foreach { $PSItem -replace "<td>Service restored</td>", "<td style='background-color:#00FF00'>Service restored</td>";} |foreach { $PSItem -replace "<td>Investigation suspended</td>", "<td style='background-color:#FFFF00'>Investigation suspended</td>";} |foreach { $PSItem -replace "<td>Post-incident report published</td>", "<td style='background-color:#00FFFF'>Post-incident report published</td>";} | Out-File "C:\temp\Messages_HTML.html"

The script’s last step is to send the e-mail message. This will use the parameters we gave in the PowerShell script call.

# Send to mail with the desired format
   $body = Get-Content  "C:\temp\Messages_HTML.html" -raw
   Send-MailMessage -from $SenderMailbox -To $ReceiverMailbox -Body $body -BodyAsHtml -SmtpServer $SMTPServer -Subject "Office 365 Message Center" -Port 587 -usessl 

Now, all you need to do is automate this script using a weekly task in Windows Task Scheduler. (Don’t forget to use the parameters in the Scheduler).


You can use the parameters like the example below:

.\Weekly-Mail-Messages.ps1 -TenantId "258e9XX2-eXX8-4e31-8XX1-e490XXXXX58e" -ClientId "74XXXXe1-dXX6-4XX9-9XX9-b8XXXXXXXX73" -ClientSecret "XoXX21XXXXezB[eL6NEZGvhuXXXPmG-." -SenderMailbox sender@domain.com -ReceiverMailbox receiver@domain.com -SMTPServer smtp.office365.com


-TenantIdThe ID of your Tenant.
-ClientIdThe ID of the Azure AD Application.
-ClientSecretThe key to exchange an authorization code for an access token. You can create this one in the Azure Portal in your Azure AD Application.
-SenderMailboxResponsible mailbox to send the messages.
-ReceiverMailboxMailbox who will receive the weekly mails.
-SMTPServerSMTP address of the mailbox from which messages will be sent.


The script can be downloaded from here.


DateAuthor / EditorComments
15/04/2020Marlon CustodioOriginal

Please rate this


Leave a Reply

Your email address will not be published. Required fields are marked *