LawrenceHwang/Convert-FromApplePrivacyReport.ps1

## Convert-FromApplePrivacyReport.ps1
function Convert-FromAppActivityReport {
    <#
    .SYNOPSIS
    Helper function to convert the iOS app activity report into custom objects
    https://developer.apple.com/documentation/foundation/urlrequest/inspecting_app_activity_data

    .EXAMPLE
    Get apps accessed iOS resources
    Convert-FromAppActivityReport -Path $path -Type access | Select-Object accessor_id -Unique

    .EXAMPLE
    Get the resources certain app accessed
    Convert-FromAppActivityReport -Path $path -Type access | Where-Object accessor_id -EQ 'com.amazon.Amazon' | Group-Object category

    .EXAMPLE
    Get apps accessed network
    Convert-FromAppActivityReport -Path $path -Type networkactivity | Select-Object bundleID -Unique

    .EXAMPLE
    Get top 10 network activities
    Convert-FromAppActivityReport -Path $path -Type networkactivity | Sort-Object hits -Descending -Top 10 | Select-Object bundleID, domain, hits, type
    #>
    [CmdletBinding()]
    param (
        # App Activity File Path
        [ValidateNotNullOrEmpty()]
        [parameter(Mandatory)]
        [string]$Path,

        [ValidateSet("access", "networkactivity", "all")]
        [string]$Type = "all"
    )
    begin {
        try {
            $ndjson = Get-Content $Path -ErrorAction Stop
        } catch {
            $PSItem
            Write-Warning -Message "Unable to access the file: $Path"
            return
        }
        try {
            $report = $ndjson | ConvertFrom-Json -Depth 10 -ErrorAction Stop
        } catch {
            Write-Warning -Message "Unable to convert the file as json: $Path"
            return
        }
    }
    process {
        $entries = $report | Group-Object -Property type -AsHashTable
        foreach ($e in $entries.access) {
            $e | Add-Member -MemberType NoteProperty -Name 'accessor_id' -Value $e.accessor.identifier
        }
    }
    end {
        switch ($Type) {
            "all" { return $entries }
            Default { return $entries.$Type }
        }
    }
}
	function Convert-FromAppActivityReport {
	<#
	.SYNOPSIS
	Helper function to convert the iOS app activity report into custom objects
	https://developer.apple.com/documentation/foundation/urlrequest/inspecting_app_activity_data

	.EXAMPLE
	Get apps accessed iOS resources
	Convert-FromAppActivityReport -Path $path -Type access \| Select-Object accessor_id -Unique

	.EXAMPLE
	Get the resources certain app accessed
	Convert-FromAppActivityReport -Path $path -Type access \| Where-Object accessor_id -EQ 'com.amazon.Amazon' \| Group-Object category

	.EXAMPLE
	Get apps accessed network
	Convert-FromAppActivityReport -Path $path -Type networkactivity \| Select-Object bundleID -Unique

	.EXAMPLE
	Get top 10 network activities
	Convert-FromAppActivityReport -Path $path -Type networkactivity \| Sort-Object hits -Descending -Top 10 \| Select-Object bundleID, domain, hits, type
	#>
	[CmdletBinding()]
	param (
	# App Activity File Path
	[ValidateNotNullOrEmpty()]
	[parameter(Mandatory)]
	[string]$Path,

	[ValidateSet("access", "networkactivity", "all")]
	[string]$Type = "all"
	)
	begin {
	try {
	$ndjson = Get-Content $Path -ErrorAction Stop
	} catch {
	$PSItem
	Write-Warning -Message "Unable to access the file: $Path"
	return
	}
	try {
	$report = $ndjson \| ConvertFrom-Json -Depth 10 -ErrorAction Stop
	} catch {
	Write-Warning -Message "Unable to convert the file as json: $Path"
	return
	}
	}
	process {
	$entries = $report \| Group-Object -Property type -AsHashTable
	foreach ($e in $entries.access) {
	$e \| Add-Member -MemberType NoteProperty -Name 'accessor_id' -Value $e.accessor.identifier
	}
	}
	end {
	switch ($Type) {
	"all" { return $entries }
	Default { return $entries.$Type }
	}
	}
	}