Skip to content

Introduced a Graph Unified Audit Log (UAL) acquisition method
Compare
Choose a tag to compare
@JoeyInvictus JoeyInvictus released this 21 Mar 13:44
· 97 commits to main since this release
V1.3.0
2da5e18

New Features

  • Introduced a Graph Unified Audit Log (UAL) acquisition method, expanding the script's functionality.

Performance Improvements:

  • Refined the code for ADSignInLogsGraph, ADAuditLogsGraph, ADAuditLogs and ADSignInLogs to enhance efficiency.
  • Streamlined the results directly into the output file, bypassing the need to store them in memory first. This change addresses potential out-of-memory errors for large tenants.
  • Get-ADSignInLogs now writes the output for each day, addressing the out-of-memory errors. This approach may be applied to other scripts later as well.

Usability Improvements:

  • Updated parameter names from before/after to EndDate/StartDate across the script for consistency.
  • Converted the MergeCSVOutput parameter to a switch for simplified usage.

Fixes

  • Corrected the issue where Get-OAuthPermissions did not output delegated permissions correctly.
  • Addressed the bug reported by angry-bender related to Get-ActivityLogs failing in the absence of logs for a given subscription.
  • Replaced broken link to the Invictus website

Enhancements

  • Added a PowerShell badge to the README.
  • Added note with required permissions for each of the Graph API functions in the ReadTheDocs.
  • Removed unnecessary WRITE permissions in documentation.
  • The timestamp is now prefixed to every output file, ensuring consistency across all functions.
  • Removed the "Beta" mention from the prerequisites section.
  • Added Temporary Access Pass and certificate Based Auth Configuration to the MFA output as requested by evild3ad.
  • A version check will be performed when importing the module, issuing a warning if it's an old version.
Assets 2
Loading