e0x70i/o365_report.py

## o365_report.py
import csv
import json
import argparse

def csvdict_from_json(o365_report):
    rows = []

    for entry in o365_report:
        for applied_policy in entry["appliedConditionalAccessPolicies"]:


            row = {
                'policyName' : applied_policy['displayName'],
                'enforcedGrantControls': ', '.join(applied_policy['enforcedGrantControls']),
                'status': applied_policy['result'],
                'userId': entry['userId'],
                'userPrincipalName': entry['userPrincipalName'],
                'clientAppUsed': entry['clientAppUsed'],
                'ipAddress': entry['ipAddress'],
                'resourceDisplayName': entry['resourceDisplayName'],
                'city': entry['location']['city'],
                'state': entry['location']['state'],
                'latitude': entry['location']['geoCoordinates']['latitude'],
                'longitude': entry['location']['geoCoordinates']['longitude'],
            }

            for key,value in entry['deviceDetail'].items():
                row[key] = value

            rows.append(row)


    return rows


if __name__ == "__main__":
    parser = argparse.ArgumentParser(description='Create a CSV of Base Conditional Access Policy Enforcement from O365 JSON Export')
    parser.add_argument('-json', metavar='json', type=str, help='exported sign-ins json file', required=True)
    parser.add_argument('-o', metavar='output', type=str, help='output csv file', required=True)


    args = parser.parse_args()

    with open(args.json) as json_file:
        o365_report = json.load(json_file)

    rows = csvdict_from_json(o365_report)

    with open(args.o, 'w') as out:
        w = csv.DictWriter(out,delimiter=',', lineterminator='\n', fieldnames=rows[0].keys())
        w.writeheader()
        w.writerows(rows)
	import csv
	import json
	import argparse

	def csvdict_from_json(o365_report):
	rows = []

	for entry in o365_report:
	for applied_policy in entry["appliedConditionalAccessPolicies"]:


	row = {
	'policyName' : applied_policy['displayName'],
	'enforcedGrantControls': ', '.join(applied_policy['enforcedGrantControls']),
	'status': applied_policy['result'],
	'userId': entry['userId'],
	'userPrincipalName': entry['userPrincipalName'],
	'clientAppUsed': entry['clientAppUsed'],
	'ipAddress': entry['ipAddress'],
	'resourceDisplayName': entry['resourceDisplayName'],
	'city': entry['location']['city'],
	'state': entry['location']['state'],
	'latitude': entry['location']['geoCoordinates']['latitude'],
	'longitude': entry['location']['geoCoordinates']['longitude'],
	}

	for key,value in entry['deviceDetail'].items():
	row[key] = value

	rows.append(row)


	return rows






	if __name__ == "__main__":
	parser = argparse.ArgumentParser(description='Create a CSV of Base Conditional Access Policy Enforcement from O365 JSON Export')
	parser.add_argument('-json', metavar='json', type=str, help='exported sign-ins json file', required=True)
	parser.add_argument('-o', metavar='output', type=str, help='output csv file', required=True)


	args = parser.parse_args()

	with open(args.json) as json_file:
	o365_report = json.load(json_file)

	rows = csvdict_from_json(o365_report)

	with open(args.o, 'w') as out:
	w = csv.DictWriter(out,delimiter=',', lineterminator='\n', fieldnames=rows[0].keys())
	w.writeheader()
	w.writerows(rows)