From 58971b240aaee288af84aa9b607a6862942640fd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lo=C3=AFc=20MICHEL?= Date: Mon, 6 May 2024 18:35:53 +0200 Subject: [PATCH 1/3] completed report page --- EasyPIM/EasyPIM.psd1 | 2 +- EasyPIM/functions/Show-PIMReport.ps1 | 624 +++++++++++++++++++++++++-- 2 files changed, 598 insertions(+), 28 deletions(-) diff --git a/EasyPIM/EasyPIM.psd1 b/EasyPIM/EasyPIM.psd1 index 98b0b12..df96903 100644 --- a/EasyPIM/EasyPIM.psd1 +++ b/EasyPIM/EasyPIM.psd1 @@ -4,7 +4,7 @@ RootModule = 'EasyPIM.psm1' # Version number of this module. -ModuleVersion = '1.5.9' +ModuleVersion = '1.5.10' # Supported PSEditions # CompatiblePSEditions = @() diff --git a/EasyPIM/functions/Show-PIMReport.ps1 b/EasyPIM/functions/Show-PIMReport.ps1 index 7246d9c..f356b81 100644 --- a/EasyPIM/functions/Show-PIMReport.ps1 +++ b/EasyPIM/functions/Show-PIMReport.ps1 @@ -16,7 +16,7 @@ #> function Show-PIMReport { - [CmdletBinding(DefaultParameterSetName='Default')] + [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Parameter(Position = 0, Mandatory = $true)] [System.String] @@ -28,15 +28,15 @@ function Show-PIMReport { $allresults = @() - $top=100 - $endpoint="auditlogs/directoryAudits?`$filter=loggedByService eq 'PIM'&`$top=$top" + $top = 100 + $endpoint = "auditlogs/directoryAudits?`$filter=loggedByService eq 'PIM'&`$top=$top" $result = invoke-graph -Endpoint $endpoint -Method "GET" $allresults += $result.value - if($result."@odata.nextLink"){ - do{ - $endpoint=$result."@odata.nextLink" -replace "https://graph.microsoft.com/v1.0/","" + if ($result."@odata.nextLink") { + do { + $endpoint = $result."@odata.nextLink" -replace "https://graph.microsoft.com/v1.0/", "" $result = invoke-graph -Endpoint $endpoint -Method "GET" $allresults += $result.value } @@ -45,48 +45,618 @@ function Show-PIMReport { ) } - #filter activities from the PIM service - $allresults = $allresults |Where-Object{ $null -ne $_.initiatedby.values.userprincipalname } + #filter activities from the PIM service and completed activities + $allresults = $allresults | Where-Object { $null -ne $_.initiatedby.values.userprincipalname } | Where-Object { $_.activityDisplayName -notmatch "completed" } + $Myoutput = @() + $allresults | ForEach-Object { + $props = @{} + $props["activityDateTime"] = $_.activityDateTime + $props["activityDisplayName"] = $_.activityDisplayName + $props["category"] = $_.category + $props["operationType"] = $_.operationType + $props["result"] = $_.result + $props["resultReason"] = $_.resultReason + $props["initiatedBy"] = $_.initiatedBy.values.userprincipalname + $props["role"] = $_.targetResources[0]["displayname"] + if ( ($_.targetResources | Measure-Object).count -gt 2) { + if ($_.targetResources[2]["type"] -eq "User") { + $props["targetUser"] = $_.targetResources[2]["userprincipalname"] + } + elseif ($_.targetResources[2]["type"] -eq "Group") { + $props["targetGroup"] = $_.targetResources[2]["displayname"] + } - $props=@{} - + $props["targetResources"] = $_.targetResources[3]["displayname"] + + + } + else { $props["targetResources"] = $_.targetResources[0].displayname } + $Myoutput += New-Object PSObject -Property $props + } + $Myoutput + + #Data for the HTML report + + $props = @{} $stats_category = @{} - $categories = $allresults | Group-Object -Property category + $categories = $Myoutput | Group-Object -Property category $categories | ForEach-Object { $stats_category[$_.Name] = $_.Count } - $props["category"]=$stats_category - + $props["category"] = $stats_category + $stats_requestor = @{} - $requestors = $allresults.initiatedBy.values | Group-Object -Property userprincipalName | Sort-Object -Property Count -Descending -top 10 + $requestors = $Myoutput | Group-Object -Property initiatedBy | Sort-Object -Property Count -Descending -top 10 $requestors | ForEach-Object { $stats_requestor[$_.Name] = $_.Count } $props["requestor"] = $stats_requestor - - $stats_result=@{} - $results = $allresults | Group-Object -Property result + + $stats_result = @{} + $results = $Myoutput | Group-Object -Property result $results | ForEach-Object { $stats_result[$_.Name] = $_.Count } - $props["result"] =$stats_result - - $stats_activity=@{} - $activities = $allresults | Group-Object -Property activityDisplayName + $props["result"] = $stats_result + + $stats_activity = @{} + $activities = $Myoutput | Group-Object -Property activityDisplayName $activities | ForEach-Object { - if ($_.Name -notmatch "completed"){ + if ($_.Name -notmatch "completed") { $stats_activity[$_.Name] = $_.Count } - + } - $props["activity"]=$stats_activity + $props["activity"] = $stats_activity + + $stats_group=@{} + $targetgroup= $Myoutput | Where-Object {$_.category -match "group"}|Group-Object -Property targetresources |Sort-Object -Property Count -Descending -top 10 + $targetgroup | ForEach-Object { + $stats_group[$_.Name] = $_.Count + } + $props["targetgroup"] = $stats_group + + $stats_resource=@{} + $targetresource= $Myoutput | Where-Object {$_.category -match "resource"}|Group-Object -Property role |Sort-Object -Property Count -Descending -top 10 + $targetresource | ForEach-Object { + $stats_resource[$_.Name] = $_.Count + } + $props["targetresource"] = $stats_resource + + $stats_role=@{} + $targetrole= $Myoutput | Where-Object {$_.category -match "role"}|Group-Object -Property role |Sort-Object -Property Count -Descending -top 10 + $targetrole | ForEach-Object { + $stats_role[$_.Name] = $_.Count + } + $props["targetrole"] = $stats_role + + #$props + + + + #building the dynamic part of the report + $myscript=" + + + + + " + + #$myscript + + + $html = @' + + + + + EasyPIM: Activity summary + + + + + +
Navigation + +
+
+
+
+ +
+
+
+
+ Assuming this page was generated with $r=show-PIMreport, you can use the following code to + consult the details:
+ $r | where-object {$_.category -eq "GroupManagement"} +
+
+ +
+
+ +
+
+
+
+ Assuming this page was generated with $r=show-PIMreport, you can use the following code to + consult the details:
+ $r | where-object {$_.result -eq "Failure"} +
+
+
+ +
+
+ +
+ +
+
+
Assuming this page was generated with $r=show-PIMreport, you can use the following code to + consult the details:
+ $r | where-object {$_.activity -eq "Add member to role in PIM requested (timebound)"} +
+
+ +
+
+ +
+
+
+
Assuming this page was generated with $r=show-PIMreport, you can use the following code to + consult the details:
+ $r | where-object {$_.Initiatedby -match "basic"} +
+
+
+
+ +
+
+
+
Assuming this page was generated with $r=show-PIMreport, you can use the following code to + consult the details:
+ $r | where-object {$_.category -match "group" -and $_.targetresources -eq "PIM_GuestAdmins"} +
+
+
+
+ +
+
+
+
Assuming this page was generated with $r=show-PIMreport, you can use the following code to + consult the details:
+ $r | where-object {$_.category -match "resource" -and $_.role -eq "Reader"} +
+
+ +
+
+ +
+
+
+
Assuming this page was generated with $r=show-PIMreport, you can use the following code to + consult the details:
+ $r | where-object {$_.category -match "role" -and $_.role -eq "Global Administrator"} +
+
+ + - $props["allresults"]=$allresults + - $output=New-Object PSObject -Property $props - $output +'@ + $html += $myscript + $html | Out-File -FilePath "$env:temp\PIMReport.html" -Force + invoke-item "$env:temp\PIMReport.html" } catch { From c16142575171b478471ac1fe5851c9e8763404a6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lo=C3=AFc=20MICHEL?= Date: Mon, 6 May 2024 18:45:45 +0200 Subject: [PATCH 2/3] rsolved pest --- EasyPIM/functions/Show-PIMReport.ps1 | 1 + 1 file changed, 1 insertion(+) diff --git a/EasyPIM/functions/Show-PIMReport.ps1 b/EasyPIM/functions/Show-PIMReport.ps1 index f356b81..9df1716 100644 --- a/EasyPIM/functions/Show-PIMReport.ps1 +++ b/EasyPIM/functions/Show-PIMReport.ps1 @@ -17,6 +17,7 @@ #> function Show-PIMReport { [CmdletBinding(DefaultParameterSetName = 'Default')] + [OutputType([PSCustomObject])] param ( [Parameter(Position = 0, Mandatory = $true)] [System.String] From b20161d2b3aece3179e8c91b82cb3b8063cf3b5f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lo=C3=AFc=20MICHEL?= Date: Mon, 6 May 2024 19:21:21 +0200 Subject: [PATCH 3/3] modified: EasyPIM/functions/Show-PIMReport.ps1 --- EasyPIM/functions/Show-PIMReport.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/EasyPIM/functions/Show-PIMReport.ps1 b/EasyPIM/functions/Show-PIMReport.ps1 index 9df1716..a8f2c27 100644 --- a/EasyPIM/functions/Show-PIMReport.ps1 +++ b/EasyPIM/functions/Show-PIMReport.ps1 @@ -17,7 +17,7 @@ #> function Show-PIMReport { [CmdletBinding(DefaultParameterSetName = 'Default')] - [OutputType([PSCustomObject])] + [OutputType([System.Object[]])] param ( [Parameter(Position = 0, Mandatory = $true)] [System.String]