Merge pull request KelvinTegelaar#1401 from kris6673/fix-defender-alert

KelvinTegelaar · web-flow · commit 60a2a7ba3fc3 · 2025-04-27T21:04:56.000+02:00
fix: Refactor Get-CIPPAlertDefenderIncidents to return structured data
diff --git a/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertDefenderIncidents.ps1 b/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertDefenderIncidents.ps1
@@ -13,7 +13,14 @@ function Get-CIPPAlertDefenderIncidents {
     )
     try {
         $AlertData = New-GraphGetRequest -uri "https://graph.microsoft.com/v1.0/security/incidents?`$top=50&`$filter=status eq 'active'" -tenantid $TenantFilter | ForEach-Object {
-            "Incident ID $($_.id): Created at $($_.createdDateTime). Severity: $($_.severity). `nIncident name: $($_.displayName). Incident URL: $($_.incidentWebUrl)."
+            [PSCustomObject]@{
+                IncidentID   = $_.id
+                CreatedAt    = $_.createdDateTime
+                Severity     = $_.severity
+                IncidentName = $_.displayName
+                IncidentUrl  = $_.incidentWebUrl
+                Tenant       = $TenantFilter
+            }
         }
         Write-AlertTrace -cmdletName $MyInvocation.MyCommand -tenantFilter $TenantFilter -data $AlertData
 
