@@ -148,39 +148,76 @@ function Test-CIPPAuditLogRules {
148148 }
149149 }
150150
151- # Collect bulk data for users/groups/devices/applications
152- $Requests = @ (
153- @ {
154- id = ' users'
155- url = ' /users?$select=id,displayName,userPrincipalName,accountEnabled&$top=999'
156- method = ' GET'
157- }
158- @ {
159- id = ' groups'
160- url = ' /groups?$select=id,displayName,mailEnabled,securityEnabled&$top=999'
161- method = ' GET'
162- }
163- @ {
164- id = ' devices'
165- url = ' /devices?$select=id,displayName,deviceId&$top=999'
166- method = ' GET'
167- }
168- @ {
169- id = ' servicePrincipals'
170- url = ' /servicePrincipals?$select=id,displayName&$top=999'
171- method = ' GET'
172- }
173- )
174- $Response = New-GraphBulkRequest - TenantId $TenantFilter - Requests $Requests
151+ $Table = Get-CIPPTable - tablename ' cacheauditloglookups'
152+ $1dayago = (Get-Date ).AddDays(-1 ).ToUniversalTime().ToString(' yyyy-MM-ddTHH:mm:ssZ'
153+ $Lookups = Get-CIPPAzDataTableEntity @Table - Filter " PartitionKey eq '$TenantFilter ' and Timestamp gt datetime'$1dayago '"
154+ if (! $Lookups ) {
155+ # Collect bulk data for users/groups/devices/applications
156+ $Requests = @ (
157+ @ {
158+ id = ' users'
159+ url = ' /users?$select=id,displayName,userPrincipalName,accountEnabled&$top=999'
160+ method = ' GET'
161+ }
162+ @ {
163+ id = ' groups'
164+ url = ' /groups?$select=id,displayName,mailEnabled,securityEnabled&$top=999'
165+ method = ' GET'
166+ }
167+ @ {
168+ id = ' devices'
169+ url = ' /devices?$select=id,displayName,deviceId&$top=999'
170+ method = ' GET'
171+ }
172+ @ {
173+ id = ' servicePrincipals'
174+ url = ' /servicePrincipals?$select=id,displayName&$top=999'
175+ method = ' GET'
176+ }
177+ )
178+ $Response = New-GraphBulkRequest - TenantId $TenantFilter - Requests $Requests
179+ $Users = ($Response | Where-Object { $_.id -eq ' users'
180+ $Groups = ($Response | Where-Object { $_.id -eq ' groups' ?? @ ()
181+ $Devices = ($Response | Where-Object { $_.id -eq ' devices' ?? @ ()
182+ $ServicePrincipals = ($Response | Where-Object { $_.id -eq ' servicePrincipals'
183+ # Cache the lookups for 1 day
184+ $Entities = @ (
185+ @ {
186+ PartitionKey = $TenantFilter
187+ RowKey = ' users'
188+ Data = [string ]($Users | ConvertTo-Json - Compress)
189+ }
190+ @ {
191+ PartitionKey = $TenantFilter
192+ RowKey = ' groups'
193+ Data = [string ]($Groups | ConvertTo-Json - Compress)
194+ }
195+ @ {
196+ PartitionKey = $TenantFilter
197+ RowKey = ' devices'
198+ Data = [string ]($Devices | ConvertTo-Json - Compress)
199+ }
200+ @ {
201+ PartitionKey = $TenantFilter
202+ RowKey = ' servicePrincipals'
203+ Data = [string ]($ServicePrincipals | ConvertTo-Json - Compress)
204+ }
205+ )
206+ # Save the cached lookups
207+ Add-CIPPAzDataTableEntity @Table - Entity $Entities - Force
208+ Write-Information " Cached directory lookups for tenant $TenantFilter "
209+ } else {
210+ # Use cached lookups
211+ $Users = ($Lookups | Where-Object { $_.RowKey -eq ' users' | ConvertFrom-Json
212+ $Groups = ($Lookups | Where-Object { $_.RowKey -eq ' groups' | ConvertFrom-Json
213+ $Devices = ($Lookups | Where-Object { $_.RowKey -eq ' devices' | ConvertFrom-Json
214+ $ServicePrincipals = ($Lookups | Where-Object { $_.RowKey -eq ' servicePrincipals' | ConvertFrom-Json
215+ Write-Information " Using cached directory lookups for tenant $TenantFilter "
216+ }
175217
176218 # partner users
177219 $PartnerUsers = New-GraphGetRequest - uri " https://graph.microsoft.com/beta/users?`$ select=id,displayName,userPrincipalName,accountEnabled&`$ top=999" - AsApp $true - NoAuthCheck $true
178220
179- $Users = ($Response | Where-Object { $_.id -eq ' users'
180- $Groups = ($Response | Where-Object { $_.id -eq ' groups' ?? @ ()
181- $Devices = ($Response | Where-Object { $_.id -eq ' devices' ?? @ ()
182- $ServicePrincipals = ($Response | Where-Object { $_.id -eq ' servicePrincipals'
183-
184221 Write-Warning ' ## Audit Log Configuration ##'
185222 Write-Information ($Configuration | ConvertTo-Json - Depth 10 )
186223
0 commit comments