How to use Liongard to resolve more help desk tickets on your own
Most tickets don’t include everything you need to understand the issue or take action. It’s tempting to jump straight into Active Directory, Microsoft 365, or your RMM to start troubleshooting.
But without context, you’re just guessing. You waste time toggling between systems, hoping something will stand out.
Start in Liongard instead.
Liongard gives you full context across users, devices, and systems in one place. So when a ticket hits the help desk, you can see what changed and what systems and devices are involved before you take action. Follow the process below to:
Identify the user, device, or system connected to the issue
Understand what changed and when
See configuration, access, and system data across tools
Resolve issues faster without unnecessary escalation
Use this process for any help desk ticket, including:
A user can’t access a system or application
A device or server isn’t working as expected
A user reports, “It was working yesterday”
A question comes in about MFA or security settings
Backup or antivirus status needs to be verified
Step 1: Search for the user, device, or system in Global Search
Use Global Search to find everything across your environment that’s tied to the user, device, or system.
Enter any known detail:
User name
Email address
Computer name
Server name
Domain
Global Search returns records tied to your query, including:
The user’s Active Directory account
Their Microsoft 365 account
Assigned devices or servers
Related assets linked to that record
You get immediate context on who the user is, what systems they’re in, and what device they’re using.
Step 2: Ask direct questions with AI-Enriched Search
Use AI-Enriched Search to get answers without digging through multiple dashboards or inspectors. Or having to build filters and run queries.
Type your question the way you’d talk to a teammate:
Which users don’t have MFA enabled?
What changed on this server yesterday?
Which devices haven’t checked in recently?
Are there any backup failures today?
Step 3: Review Asset Inventory for full context
Open the user or device and review the Asset Inventory.
Look for:
Active Directory account status and group membership
Microsoft 365 licensing and MFA status
Assigned workstation
Backup coverage
Antivirus status
This is where you can connect the dots across systems without opening multiple tools. It’s also where many access and permissions issues become clear.
Step 4: Use the Timeline to see what changed
Open the Timeline for the affected system, device tenant, etc.
Compare:
Today vs. yesterday
Today vs. the last known working state
Look for:
Policy changes
Group membership updates
Configuration drift
Firewall rule updates
Most issues come down to something changing. The Timeline shows you exactly what changed and when, so you’re working from evidence instead of guessing.
Step 5: Use Metrics when you need to confirm whether anything changed
If the ticket mentions something stopped working or looks different, and you’re not seeing a clear change in Timeline, use Metrics to confirm whether anything actually changed.
Compare current data to a previous date to check:
What changed
When it changed
Whether there’s any difference at all
If you don’t see a difference between dates, you’re not dealing with a recent configuration change. You can rule that out and focus on other causes instead of escalating.
Step 6: Use Visual Insights to catch issues early
Use Visual Insights dashboards to identify issues before they become tickets.
Track things like:
Backup failures
Antivirus status
Users without MFA
Inactive licensed users
Audience
Help Desk, T-1 Techs