Tag: PoerShell

New Secure Score report script

I have created a new script that uses the modern Microsoft Graph method to report all the Secure Score items and rather than me explaining what the script does I’ll turn it over to Github Copilot.

<Enter Github Copilot>

This PowerShell script, mggraph-ssdescpt-get.ps1, is designed to interact with the Microsoft Graph API to retrieve and display secure score results. Here’s a step-by-step explanation of its operation and function:

  1. Start Transcript:

    start-transcript “..\mggraph-ssdescpt-get.txt”

    This line starts recording all commands and their output to a transcript file.

  2. Check Microsoft Graph Connection:

    try {

        $context = get-mgcontext -ErrorAction Stop

    }

    catch {

        write-host -foregroundcolor $errormessagecolor “Not connected to Microsoft Graph. Please connect to Microsoft Graph first using connect-mggraph`n”

    if ($prompt) {stop-transcript}

    exit

    }

    if (-not $context) {

        write-host -foregroundcolor $errormessagecolor “Not connected to Microsoft Graph. Please connect to Microsoft Graph first using connect-mggraph`n”

    if ($prompt) {stop-transcript}

    exit

    }

    write-host -foregroundcolor $processmessagecolor “Connected to Microsoft Graph”

    write-host ”  – Connected account =”,$context.Account,”`n”

    if ($prompt) { pause }

    This block checks if the Microsoft Graph module is installed and if the user is connected to Microsoft Graph. If not, it prompts the user to connect and exits the script.

  3. Set API Endpoint and Method:

    $uri = “https://graph.microsoft.com/beta/security/securescores&#8221;

    $method = “GET”

    write-host -foregroundcolor $processmessagecolor “Run Graph API Query”

    The script sets the URI for the Microsoft Graph API endpoint to retrieve secure scores and specifies the HTTP method as GET.

  4. Invoke API Request:

    $query = Invoke-MgGraphRequest -Uri $URI -method $method -ErrorAction Stop

    This line sends a request to the Microsoft Graph API to get secure score results.

  5. Process and Display Results:

    $names = $query.value[0].controlscores          # get the most current secure score results

    $item = 0

    write-host -foregroundcolor $processmessagecolor “Display results`n”

    foreach ($control in $names) {

        $item++

        write-host -foregroundcolor green -BackgroundColor Black “`n*** Item”, $item, “***”

        write-host “Control Category     : “, $control.controlCategory

        write-host “Control Name         : “, $control.controlName

        write-host “Control Score        : “, $control.Score

        write-host “Control Description  : “, $control.Description

        write-host “Control On           : “, $control.on

        write-host “Implementation status: “, $control.implementationstatus

        write-host “Score in percentage  : “, $control.scoreinpercentage

        write-host “Last synced          : “, $control.lastsynced

        write-host “`n”

    if ($prompt) { pause }

    }

    The script extracts the secure score results from the API response and iterates through each control score, displaying detailed information about each control.

  6. Complete Script:

    write-host -foregroundcolor $systemmessagecolor “`nScript Completed`n”

    if ($prompt) {stop-transcript}

    Finally, the script indicates completion and stops the transcript if the $prompt variable is set.

In summary, this script connects to Microsoft Graph, retrieves secure score data, and displays detailed information about each control score in the console.

Output

image

use the –prompt command line option to pause output.