Comparing changes

* Update Get-LrtAzSecurityAlerts.ps1 Correct pagination behavior to prevent data return error based on endpoint restriction on number of returned results. Corrected behavior of -top when applied without any other filter criteria. * Update Invoke-AzureSecEventSync.ps1 Remove use of FileBeat, shifted integration to leverage Webhook Beat with SDP. * Update Invoke-AzureSecEventSync.ps1 Mature parsing content. * Update Invoke-AzureSecEventSync.ps1 Mature collection and incorporate additional metadata mapping. * Update Invoke-AzureSecEventSync.ps1 Code cleanup, reduce complexity. * Update Get-LrAgentsAccepted.ps1 Set default behavior to return only those that are active. Still supports returning all results if requested. * Update New-LrHost.ps1 Update field submitted for entity name. API requires the fullName in place of the Name. * Update Update-LrHost.ps1 Update field submitted for entity name. API requires the fullName in place of the Name. Addressed non-persistent setting carry over for records that have eventlogcredentials set on existing record. * Create Get-LrAgentsPending.ps1 New cmdlet to support retrieving pending system monitor agents. * Add PassThru and Force switch parameters Force switch will force set the case ownership when provided this flag, to ensure the requested owner is added as a collaborator in the event that they are not an existing collaborator. Added PassThru to align to best practices. * Update Get-LrCases.ps1 Adds new capability for retrieving cases based on tags, whereby you can select to return cases with all tags requested, or any of the tags requested. Note with any tags, if no tags out of the tags listed as assigned to the case(s) then no results will be returned. At least one of the requested tags is required to be present. * Create Update-LrIdentity.ps1 Resolve missing cmdlet from the TrueIdentity admin API endpoints. * Update Get-LrHosts.ps1 Update Get-LrHosts to support working with specific child entity records. Reference the inability to lookup Hosts based on Parent/Child entity record name, only based on Name (includes Parent and multiple Children.) * Update Update-LrHost.ps1 Fix spacing * Update Get-LrList.ps1 Translate int32 id representing a log source, or log source type, to also include the meaningful name for the specific item. * Update Get-LrAlarms.ps1 Fix pagination, add max-pages capability, fix CaseAssociation and Notification param options. * Add pipeline param options for Alarms API

* Add RuleBlockId to AIE Summary Fields * Un-change get-lraiesummary * get-lraiesummary consistent with get-lraiedrilldown * Repeated data was eliminated * Full sync with aiedrilldown * PIFType is text in summary * Re-order fields, make ruleblockid Co-authored-by: John Berkers <jberkers@ipsec.com.au>

* Add ability to retrieve a limited quantity of pages of results. * Add ValueFromPipelineByProperty for cmdlets * Add update handler for Value/Array handler null entries * Add ValueFromPipelineByPropertyName and Handler for null array items in value field * Create Send-LrSdpWebhook.ps1 Submits a log message in to a LogRhythm Open Collector Webhook Beat for log ingestion. Send-LrSdpWebhook -Account 'ehart' -sip '192.168.5.6' -dip '192.168.5.7' -OCUrl 'http://172.17.5.20:8085/webhook' -fqbn 'webhook_SDPGenericExample'

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Comparing changes

Open a pull request

Uh oh!

Commits on Mar 8, 2022

This comparison is taking too long to generate.

Uh oh!