Skip to content

Commit 6006b5e

Browse files
silverhacksilverhack
committed
add new collectors for Azure databases
1 parent 6db9577 commit 6006b5e

8 files changed

Lines changed: 1122 additions & 0 deletions

File tree

collectors/azure/databases/cosmosdb/Get-MonkeyAZCosmosDB.ps1

Lines changed: 138 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,138 @@
1+
# Monkey365 - the PowerShell Cloud Security Tool for Azure and Microsoft 365 (copyright 2022) by Juan Garrido
2+
#
3+
# Licensed under the Apache License, Version 2.0 (the "License");
4+
# you may not use this file except in compliance with the License.
5+
# You may obtain a copy of the License at
6+
#
7+
# http://www.apache.org/licenses/LICENSE-2.0
8+
#
9+
# Unless required by applicable law or agreed to in writing, software
10+
# distributed under the License is distributed on an "AS IS" BASIS,
11+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12+
# See the License for the specific language governing permissions and
13+
# limitations under the License.
14+
15+
16+
function Get-MonkeyAZCosmosDB {
17+
<#
18+
.SYNOPSIS
19+
Azure CosmosDB
20+
21+
.DESCRIPTION
22+
Azure CosmosDB
23+
24+
.INPUTS
25+
26+
.OUTPUTS
27+
28+
.EXAMPLE
29+
30+
.NOTES
31+
Author : Juan Garrido
32+
Twitter : @tr1ana
33+
File Name : Get-MonkeyAZCosmosDB
34+
Version : 1.0
35+
36+
.LINK
37+
https://github.com/silverhack/monkey365
38+
#>
39+
40+
[CmdletBinding()]
41+
param(
42+
[Parameter(Mandatory = $false,HelpMessage = "Background Collector ID")]
43+
[string]$collectorId
44+
)
45+
begin {
46+
#Collector metadata
47+
$monkey_metadata = @{
48+
Id = "az00012";
49+
Provider = "Azure";
50+
Resource = "Databases";
51+
ResourceType = $null;
52+
resourceName = $null;
53+
collectorName = "Get-MonkeyAZCosmosDB";
54+
ApiType = "resourceManagement";
55+
description = "Collector to get information about Azure CosmosDB";
56+
Group = @(
57+
"Databases"
58+
);
59+
Tags = @(
60+
61+
);
62+
references = @(
63+
"https://silverhack.github.io/monkey365/"
64+
);
65+
ruleSuffixes = @(
66+
"az_cosmosdb"
67+
);
68+
dependsOn = @(
69+
70+
);
71+
enabled = $true;
72+
supportClientCredential = $true
73+
}
74+
#Get Config
75+
$config = $O365Object.internal_config.ResourceManager | Where-Object { $_.Name -eq "azureDocumentDB" } | Select-Object -ExpandProperty resource
76+
#Get DocumentDB accounts
77+
$accounts = @($O365Object.all_resources).Where({$_.type -like '*Microsoft.DocumentDb/databaseAccounts*'})
78+
#Create null
79+
$cosmosDB = $null
80+
}
81+
Process {
82+
If ($accounts.Count -gt 0) {
83+
$msg = @{
84+
MessageData = ($message.MonkeyGenericTaskMessage -f $collectorId,"Azure CosmosDB",$O365Object.current_subscription.displayName);
85+
callStack = (Get-PSCallStack | Select-Object -First 1);
86+
logLevel = 'info';
87+
InformationAction = $O365Object.InformationAction;
88+
Tags = @('AzureCosmosDBInfo');
89+
}
90+
Write-Information @msg
91+
$new_arg = @{
92+
APIVersion = $config.api_version;
93+
}
94+
$p = @{
95+
ScriptBlock = { Get-MonkeyAzCosmosDBInfo -InputObject $_ };
96+
Arguments = $new_arg;
97+
Runspacepool = $O365Object.monkey_runspacePool;
98+
ReuseRunspacePool = $true;
99+
Debug = $O365Object.VerboseOptions.Debug;
100+
Verbose = $O365Object.VerboseOptions.Verbose;
101+
MaxQueue = $O365Object.nestedRunspaces.MaxQueue;
102+
BatchSleep = $O365Object.nestedRunspaces.BatchSleep;
103+
BatchSize = $O365Object.nestedRunspaces.BatchSize;
104+
}
105+
$cosmosDB = $accounts | Invoke-MonkeyJob @p
106+
}
107+
}
108+
end {
109+
if ($cosmosDB) {
110+
$cosmosDB.PSObject.TypeNames.Insert(0,'Monkey365.Azure.CosmosDB')
111+
[pscustomobject]$obj = @{
112+
Data = $cosmosDB;
113+
Metadata = $monkey_metadata;
114+
}
115+
$returnData.az_cosmosdb = $obj
116+
}
117+
else {
118+
$msg = @{
119+
MessageData = ($message.MonkeyEmptyResponseMessage -f "Azure CosmosDB",$O365Object.TenantID);
120+
callStack = (Get-PSCallStack | Select-Object -First 1);
121+
logLevel = "verbose";
122+
InformationAction = $O365Object.InformationAction;
123+
Tags = @('AzureCosmosDBEmptyResponse');
124+
Verbose = $O365Object.Verbose;
125+
}
126+
Write-Verbose @msg
127+
}
128+
}
129+
}
130+
131+
132+
133+
134+
135+
136+
137+
138+

collectors/azure/databases/mysqldatabase/Get-MonkeyAzMysqlInfo.ps1

Lines changed: 170 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,170 @@
1+
# Monkey365 - the PowerShell Cloud Security Tool for Azure and Microsoft 365 (copyright 2022) by Juan Garrido
2+
#
3+
# Licensed under the Apache License, Version 2.0 (the "License");
4+
# you may not use this file except in compliance with the License.
5+
# You may obtain a copy of the License at
6+
#
7+
# http://www.apache.org/licenses/LICENSE-2.0
8+
#
9+
# Unless required by applicable law or agreed to in writing, software
10+
# distributed under the License is distributed on an "AS IS" BASIS,
11+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12+
# See the License for the specific language governing permissions and
13+
# limitations under the License.
14+
15+
16+
function Get-MonkeyAzMysqlInfo {
17+
<#
18+
.SYNOPSIS
19+
Collector to get about MySQL Databases from Azure
20+
21+
.DESCRIPTION
22+
Collector to get about MySQL Databases from Azure
23+
24+
.INPUTS
25+
26+
.OUTPUTS
27+
28+
.EXAMPLE
29+
30+
.NOTES
31+
Author : Juan Garrido
32+
Twitter : @tr1ana
33+
File Name : Get-MonkeyAzMysqlInfo
34+
Version : 1.0
35+
36+
.LINK
37+
https://github.com/silverhack/monkey365
38+
#>
39+
40+
[CmdletBinding()]
41+
param(
42+
[Parameter(Mandatory = $false,HelpMessage = "Background Collector ID")]
43+
[string]$collectorId
44+
)
45+
begin {
46+
#Collector metadata
47+
$monkey_metadata = @{
48+
Id = "az00009";
49+
Provider = "Azure";
50+
Resource = "Databases";
51+
ResourceType = $null;
52+
resourceName = $null;
53+
collectorName = "Get-MonkeyAzMysqlInfo";
54+
ApiType = "resourceManagement";
55+
description = "Collector to get information about MySQL Databases from Azure";
56+
Group = @(
57+
"Databases"
58+
);
59+
Tags = @(
60+
61+
);
62+
references = @(
63+
"https://silverhack.github.io/monkey365/"
64+
);
65+
ruleSuffixes = @(
66+
"az_mysql_servers"
67+
);
68+
dependsOn = @(
69+
70+
);
71+
enabled = $true;
72+
supportClientCredential = $true
73+
}
74+
#Get Config
75+
$configForMySql = $O365Object.internal_config.ResourceManager | Where-Object { $_.Name -eq "azureForMySQL" } | Select-Object -ExpandProperty resource
76+
$flexibleConfigForMySQL = $O365Object.internal_config.ResourceManager | Where-Object { $_.Name -eq "azureForMySQLFlexible" } | Select-Object -ExpandProperty resource
77+
#Get Mysql Servers
78+
$DatabaseServers = $O365Object.all_resources.Where({ $_.type -like 'Microsoft.DBforMySQL/servers' })
79+
$flexservers = $O365Object.all_resources.Where({ $_.type -like 'Microsoft.DBforMySQL/flexibleservers' })
80+
if (-not $DatabaseServers -and -not $flexservers) { continue }
81+
#Set array
82+
$all_servers = [System.Collections.Generic.List[System.Object]]::new()
83+
}
84+
process {
85+
$msg = @{
86+
MessageData = ($message.MonkeyGenericTaskMessage -f $collectorId,"Azure Mysql",$O365Object.current_subscription.displayName);
87+
callStack = (Get-PSCallStack | Select-Object -First 1);
88+
logLevel = 'info';
89+
InformationAction = $O365Object.InformationAction;
90+
Tags = @('AzureMysqlInfo');
91+
}
92+
Write-Information @msg
93+
#Check if single servers
94+
if ($DatabaseServers.Count -gt 0) {
95+
$new_arg = @{
96+
APIVersion = $configForMySql.api_version;
97+
}
98+
$p = @{
99+
ScriptBlock = { Get-MonkeyAzMySQlServer -InputObject $_ };
100+
Arguments = $new_arg;
101+
Runspacepool = $O365Object.monkey_runspacePool;
102+
ReuseRunspacePool = $true;
103+
Debug = $O365Object.VerboseOptions.Debug;
104+
Verbose = $O365Object.VerboseOptions.Verbose;
105+
MaxQueue = $O365Object.nestedRunspaces.MaxQueue;
106+
BatchSleep = $O365Object.nestedRunspaces.BatchSleep;
107+
BatchSize = $O365Object.nestedRunspaces.BatchSize;
108+
}
109+
$myServers = $DatabaseServers | Invoke-MonkeyJob @p
110+
if ($myServers) {
111+
foreach ($mysql in $myServers) {
112+
[void]$all_servers.Add($mysql)
113+
}
114+
}
115+
}
116+
#Check if flexible servers
117+
if ($flexservers.Count -gt 0) {
118+
$new_arg = @{
119+
APIVersion = $flexibleConfigForMySQL.api_version;
120+
}
121+
$p = @{
122+
ScriptBlock = { Get-MonkeyAzMySQlServer -InputObject $_ };
123+
Arguments = $new_arg;
124+
Runspacepool = $O365Object.monkey_runspacePool;
125+
ReuseRunspacePool = $true;
126+
Debug = $O365Object.VerboseOptions.Debug;
127+
Verbose = $O365Object.VerboseOptions.Verbose;
128+
MaxQueue = $O365Object.nestedRunspaces.MaxQueue;
129+
BatchSleep = $O365Object.nestedRunspaces.BatchSleep;
130+
BatchSize = $O365Object.nestedRunspaces.BatchSize;
131+
}
132+
$myFlexServers = $flexservers | Invoke-MonkeyJob @p
133+
if ($myFlexServers) {
134+
foreach ($mysql in $myFlexServers) {
135+
[void]$all_servers.Add($mysql)
136+
}
137+
}
138+
}
139+
}
140+
end {
141+
if ($all_servers) {
142+
$all_servers.PSObject.TypeNames.Insert(0,'Monkey365.Azure.AzureMySQLServer')
143+
[pscustomobject]$obj = @{
144+
Data = $all_servers;
145+
Metadata = $monkey_metadata;
146+
}
147+
$returnData.az_mysql_servers = $obj
148+
}
149+
else {
150+
$msg = @{
151+
MessageData = ($message.MonkeyEmptyResponseMessage -f "Azure Mysql Server",$O365Object.TenantID);
152+
callStack = (Get-PSCallStack | Select-Object -First 1);
153+
logLevel = "verbose";
154+
InformationAction = $O365Object.InformationAction;
155+
Tags = @('AzureMysqlEmptyResponse');
156+
Verbose = $O365Object.Verbose;
157+
}
158+
Write-Verbose @msg
159+
}
160+
}
161+
}
162+
163+
164+
165+
166+
167+
168+
169+
170+

0 commit comments

Comments
 (0)