Microsoft Purview is a complete knowledge governance answer that helps organizations handle their knowledge and guarantee compliance with numerous regulatory necessities.
One of many essential points of knowledge governance is monitoring and responding to incidents associated to knowledge breaches, delicate knowledge publicity, and coverage violations.
Microsoft Purview offers strong capabilities to deal with these incidents, and the Microsoft Graph API allows seamless integration and automation of incident administration.
We wished to fetch the incident logged right here by using graph API:
Assumption is that you have already got APP registered in AzureAD for Microsoft Graph SDK module.
If in case you have not accomplished that then first end that step earlier than shifting ahead.
Now that you’re setup with Microsoft graph SDK, please present the APP with following rights
SecurityIncident.Learn.All
Don’t forget to ADD Admin consent
Now Join the Microsoft Graph PowerShell SDK.
Join-MgGraph -ClientId $MgGClientID -CertificateThumbprint $ThumbPrint -TenantId $TenantName
Now first create filtering mechanism of begin and Finish Dates:
$startDate = “2024-07-08”
$endDate = “2024-07-10” # Regulate this as wanted
$filterQuery = “createdDateTime ge $startDate and createdDateTime le $endDate”
Now you’ll be able to gather all of the incident utilizing beneath code in a group.
$allIncidents = @()
$uri = “https://graph.microsoft.com/beta/safety/incidents`?`$filter=$filterQuery”
$depend =0
do {
# Make the request
$response = Invoke-MgGraphRequest -Methodology Get -Uri $uri
# Add the present batch of incidents to the allIncidents array
$allIncidents += $response.worth
# Examine if there’s a nextLink to comply with
if ($response.’@odata.nextLink’) { $uri = $response.’@odata.nextLink’ } else { $uri = $null }
$depend++
$depend
} whereas ($uri -ne $null)
Listed here are the outcomes:
You may comply with this process and improve the script as required.
Thanks for studying …
Tech Wizard
