-
Notifications
You must be signed in to change notification settings - Fork 6.5k
Expand file tree
/
Copy pathGet-CIPPAlertSecureScore.ps1
More file actions
46 lines (45 loc) · 2.06 KB
/
Get-CIPPAlertSecureScore.ps1
File metadata and controls
46 lines (45 loc) · 2.06 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
function Get-CippAlertSecureScore {
<#
.FUNCTIONALITY
Entrypoint
#>
[CmdletBinding()]
param(
[Parameter(Mandatory = $false)]
[Alias('input')]
$InputValue,
$TenantFilter
)
try {
$SecureScore = New-GraphGetRequest -uri 'https://graph.microsoft.com/v1.0/security/secureScores?$top=1' -tenantid $TenantFilter -noPagination $true
if ($InputValue.ThresholdType.value -eq "absolute") {
if ($SecureScore.currentScore -lt $InputValue.InputValue) {
$SecureScoreResult = [PSCustomObject]@{
Message = "Secure Score is below acceptable threshold"
Tenant = $TenantFilter
CurrentScore = $SecureScore.currentScore
MaxSecureScore = $SecureScore.maxScore
}
} else {
$SecureScoreResult = @()
}
} elseif ($InputValue.ThresholdType.value -eq "percent") {
$PercentageScore = [math]::Round((($SecureScore.currentScore / $SecureScore.maxScore) * 100),2)
if ($PercentageScore -lt $InputValue.InputValue) {
$SecureScoreResult = [PSCustomObject]@{
Message = "Secure Score is below acceptable threshold"
Tenant = $TenantFilter
CurrentScore = $SecureScore.currentScore
MaxScore = $SecureScore.maxScore
CurrentScorePercentage = [math]::Round($PercentageScore,2)
ScoreThresholdPercentage = $InputValue.InputValue
}
} else {
$SecureScoreResult = @()
}
}
Write-AlertTrace -cmdletName $MyInvocation.MyCommand -tenantFilter $TenantFilter -data $SecureScoreResult -PartitionKey SecureScore
} catch {
Write-AlertMessage -tenant $($TenantFilter) -message "Could not get Secure Score for $($TenantFilter): $(Get-NormalizedError -message $_.Exception.message)"
}
}