Last active
November 12, 2016 14:28
-
-
Save mattmcnabb/1e8585b12c7b0ef8b27fc6949ceb6bbd to your computer and use it in GitHub Desktop.
OMS-custom-monitor_1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Import-Module OneLogin | |
| $Credential = Get-Credential | |
| $Token = New-OneLoginToken -Credential $Credential -Region us -SetAsDefault | |
| $Events = Get-OneLoginEvent -Since (Get-Date).AddHours(-1) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Import-Module OneLogin | |
| Import-Module OMSDataInjection | |
| $OMSWorkSpaceID = "<your workspace ID here>" | |
| $OmsPrimaryKey = "<your key here>" | |
| $OmsSecondaryKey = "<your key here>" | |
| $LogType = "OneLoginEvent" | |
| $TimeStampFieldName = "LogTime" | |
| # calculate start and end times for the previous hour | |
| $Now = Get-Date | |
| $CurrentHour = $Now.Hour | |
| $PreviousHour = $Now.AddHours(-1).Hour | |
| $Today = Get-Date | Select-Object -ExpandProperty Date | |
| $Begin = $Today.AddHours($PreviousHour) | |
| $End = $Today.AddHours($CurrentHour) | |
| try | |
| { | |
| New-OneLoginToken -Credential $OneLoginApiCredential -Region us -SetAsDefault | |
| $HourEvents = Get-OneLoginEvent -Since $Begin -Until $End | |
| } | |
| catch { exit } | |
| $OMSSplat = @{ | |
| OMSWorkSpaceId = $OmsWorkspaceId | |
| PrimaryKey = $OmsPrimaryKey | |
| SecondaryKey = $OmsSecondaryKey | |
| LogType = $LogType | |
| } | |
| foreach ($Event in $HourEvents | Select-Object -Property *,@{n=$TimeStampFieldName; e={$_.created_at.UtcDateTime}} -ExcludeProperty created_at) | |
| { | |
| try | |
| { | |
| New-OMSDataInjection @OMSSplat -OMSDataObject $Event -UTCTimeStampField $TimeStampFieldName | |
| } | |
| catch | |
| { | |
| Write-Error $_ | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Install-Module OneLogin |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Install-Module OMSDataInjection |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment