Skip to main content
Microsoft SPLA Audit Platform

Defensible SPLA Reporting. Built for MSP Reality.

SPLA Audit Tool automates Microsoft SPLA evidence collection, deduplication, billing rollups and monthly reports across customers, directories, agents, VMware estates and licensing models.

Discuss SPLA ReportingExplore Features
Isometric SPLA audit pipeline showing server evidence collection, identity deduplication and monthly compliance report rollups
The Challenge

Manual SPLA Reporting Does Not Scale

MSPs need accurate Microsoft licensing evidence every month, across many customers, systems and exceptions. Manual reporting leaves too much room for gaps.

Manual Month-End Reporting

SPLA reporting often relies on PowerShell scripts, SFTP drops, spreadsheets and manual consolidation under time pressure.

People, Principals and Duplicates

Directory accounts do not always map cleanly to billable people. Shared domains, exclusions and manual merges create audit risk.

SAL and Core-Based Complexity

RDS SAL counts, Windows Server cores, SQL cores, BYOL, CSP, DCP flags and overrides all need to reconcile in one defensible report.

Evidence Arrives Too Late

When auditors ask for server inventory, installed roles, licence activation or VMware topology, ad-hoc evidence gathering is already a problem.

The Solution

One Platform for SPLA Evidence and Reporting

SPLA Audit Tool brings directory audits, Windows agents, VMware intelligence, billing periods and report exports into a single MSP workspace.

RDS SAL Rollups

Directory audits, group selection rules, principals-to-people identity resolution, free users, exclusions and monthly SAL facts.

Core-Based SPLA

Agent inventory, Windows and SQL detection, DCP flags, entitlement handling and core facts for monthly reporting.

Outbound Windows Agent

A Windows service enrols securely, heartbeats, receives jobs and uploads inventory and device audit evidence without inbound access.

VMware Intelligence

vCenter discovery, gap analysis, host topology, unmonitored VM detection and advisory recommendations for infrastructure coverage.

RDS SAL identity resolution visual showing directory accounts, rule-based deduplication and consolidated billable person identities
RDS SAL Resolution

Directory Accounts Are Not the Same as Billable People.

SPLA RDS SAL reporting depends on resolving principals to people, applying group selection rules, exclusions, shared domains and deduplication logic before monthly counts are finalised.

SPLA Audit Tool turns that reconciliation into a controlled, repeatable workflow with verified billable identities and export-ready SAL facts for each customer and billing period.

Key Features

Built Around the Real SPLA Workflow

From agent deployment to bill period close, every part of the product is designed to make monthly SPLA reporting repeatable and auditable.

MSP Multi-Tenancy

Manage customers, sites, devices, directory connections, users, roles and billing periods inside a tenant workspace.

  • Customer and site hierarchy
  • Shared customer handling
  • Capability-based RBAC
  • Tenant-isolated data model

Device Audit Evidence

Collect daily server inventory equivalent to auditor scripts, including server roles, services, hot fixes, network configuration and licence activation.

  • 14 evidence categories
  • Windows and Office activation state
  • Exception-first fleet dashboard
  • Excel, CSV and PDF exports

SPLA Reporting

Produce partner summaries, per-customer reports, customer billing trackers, scheduled reports and export-ready evidence packs.

  • Open and close bill periods
  • SAL bucket rollups
  • Windows and SQL core totals
  • Customer-facing user lists

Operational Alerts

Highlight agent offline events, stale audit data, job failures, nominated audit agent problems and reporting blockers before month end.

  • Agent health monitoring
  • Quiet hours and policies
  • Stale evidence warnings
  • Email and in-app notifications

Secure Enrolment

Use tenant enrolment tokens, optional manual approval, TLS-only communication, encrypted credentials and audited access.

  • Outbound-only agent model
  • No inbound firewall holes
  • Encrypted directory credentials
  • Audited enrolment actions

Audit-Ready Governance

Append-only audit logging, immutable evidence snapshots, privacy tooling and least-privilege access help support defensible compliance.

  • Immutable audit snapshots
  • Append-only action logs
  • GDPR privacy console
  • Least-privilege permissions
Security & Governance

Designed for Defensible Compliance

SPLA Audit Tool uses tenant isolation, least-privilege permissions, encrypted credentials, immutable snapshots and append-only audit logs to protect the reporting chain.

Outbound Agent Model

Agents connect out over TLS. No inbound firewall exposure is required.

Encrypted Credentials

Directory credentials are stored encrypted and every access is audited.

Immutable Evidence

Device audit snapshots and rollup facts preserve a reliable reporting trail.

Compliance pipelineDiscovery → classification → audit-ready export
Audit readiness pipeline from software discovery through normalisation, SPLA classification, entitlement matching to compliance outcome and export
How It Works

From Agent Deployment to Audit Pack

The monthly process becomes a controlled workflow instead of a scramble for scripts, exports and spreadsheets.

1

Enrol Agents

Deploy the Windows agent with a tenant enrolment token. Agents connect outbound, heartbeat and wait for jobs.

2

Configure Customers

Set up customers, sites, directory connections, group selection rules, exclusions, entitlements and billing policies.

3

Collect Evidence

Agents run inventory, device audits, RDS directory audits, VMware discovery and licence activation collection on schedule.

4

Review Exceptions

Resolve stale devices, duplicate principals, missing audits, unmonitored VMs, entitlement conflicts and licensing exceptions.

5

Close the Period

Lock the bill period, generate customer reports, export evidence and produce defensible monthly SPLA reporting.

Use Cases

Where SPLA Audit Tool Pays Back Fast

The platform is built for MSP teams who need reliable evidence, clean customer reporting and early warning on licensing exposure.

Month-end SPLA reporting pipeline from rollup through SAL buckets and core totals to customer reports and exports

MSP Month-End SPLA Reporting

Replace spreadsheet consolidation with repeatable, export-ready monthly reports across customers, SAL buckets, Windows cores and SQL cores.

Device audit evidence collection showing server scanning, installed roles, hot fixes, licence activation and evidence packaging

Microsoft Audit Preparation

Keep device inventory, role detection, activation data, user evidence, audit logs and exports current before an audit request arrives.

VMware topology discovery with data collection, SPLA classification and compliance analytics pipeline

VMware Coverage Gap Analysis

Discover monitored and unmonitored VMs, understand host topology and identify infrastructure gaps that could become licensing exposure.

Ready to Modernise SPLA Reporting?

If your month-end process still depends on scripts, spreadsheets and manual reconciliation, SPLA Audit Tool gives your MSP team a cleaner path to defensible reporting.

Talk to QuickThink Cloud