Comments (8)
from microsoft-defender-for-cloud.
Yes, Sure,
Please find the script below mentioned... I have executed the script now and one VM is successfully added. Comments are added in the script.
$Setting = @{ "workspaceId" = " XXXXXXXXXXXXXXXXXXXXXXX " }
$protectedSetting = @{ "workspaceKey" = " XXXXXXXXXXXXXXXXXXXXXXX " }
$query = @"
securityresources
| where type == "microsoft.security/assessments" and name == "27ac71b1-75c5-41c2-adc2-858f5db45b08" or name == "720a3e77-0b9a-4fa9-98b6-ddf0fd7e32c1"
| extend resourceId = properties.resourceDetails.Id
| extend resourceName = tostring(split(resourceId, "/")[8])
| extend resourceGroup = (split(resourceId, "/")[4])
| extend status = properties.status.code
| extend recommendatioName = properties.displayName
| where status == "Unhealthy"
| project subscriptionId,
recommendatioName,
resourceName,
resourceGroup,
status,
resourceId,
name
"@
$vms = Search-AzGraph -Query $query
write-host "n" echo "Following VMs have been identified for Loga Analytics Extension" $vms.resourceName write-host "
n"
write-host "`n"
foreach ($vm in $vms) {
$vmName = ($vm.resourceName)
$resgrp = ($vm.resourceGroup)
if ($vm.name -match '27ac71b1-75c5-41c2-adc2-858f5db45b08') {
Write-Host "This is Windows Platform $vmName" -ForegroundColor Green
Write-Host "Adding log Analytics Extention to VM $vmName. It will take eight minutes per vm:-)" -ForegroundColor Green
New-AzConnectedMachineExtension -Name MMAExtension -ResourceGroupName $resgrp -MachineName $vmName -Location "West Europe" -Publisher "Microsoft.EnterpriseCloud.Monitoring" -TypeHandlerVersion "1.0" -Settings $Setting -ProtectedSetting $protectedSetting -ExtensionType "MicrosoftMonitoringAgent"
write-host "`n"
Get-AzConnectedMachineExtension -ResourceGroupName $resgrp -MachineName $vmName
}
else {
Write-Host "This is Linux Platform $vmName" -ForegroundColor Green
Write-Host "Adding log Analytics Extention to VM $vmName. It will take eight minutes per vm:-)" -ForegroundColor Green
Write-Host "$resgrp" -ForegroundColor Green
New-AzConnectedMachineExtension -Name MMAExtension -ResourceGroupName $resgrp -MachineName $vmName -Location "West Europe" -Publisher "Microsoft.EnterpriseCloud.Monitoring" -TypeHandlerVersion "1.13" -Settings $Setting -ProtectedSetting $protectedSetting -ExtensionType "OmsAgentforLinux"
write-host "`n"
Get-AzConnectedMachineExtension -ResourceGroupName $resgrp -MachineName $vmName
}
}
from microsoft-defender-for-cloud.
@hassanbsee2071 thanks for providing the script. Have you considered using Azure Policy instead?
It can automatically deploy the extension on Azure Arc machines.
- [Preview]: Deploy Log Analytics agent to Windows Azure Arc machines
- [Preview]: Deploy Log Analytics agent to Linux Azure Arc machines
Is there a reason for using a script and not policy?
from microsoft-defender-for-cloud.
from microsoft-defender-for-cloud.
Sure, the below are direct links to our built-in policies for Log Analytics deployment on Arc machines:
[Preview]: Deploy Log Analytics agent to Windows Azure Arc machines
[Preview]: Deploy Log Analytics agent to Linux Azure Arc machines
from microsoft-defender-for-cloud.
Sure, my pleasure :)
from microsoft-defender-for-cloud.
from microsoft-defender-for-cloud.
from microsoft-defender-for-cloud.
Related Issues (20)
- Security Center REST API Endpoint missing
- Reproduce behaviour HOT 1
- Alternative HOT 1
- Permission and Variables HOT 1
- New-ASCVASolution.ps1 Rapid 7 Insight Agent BYOL deployment confusion HOT 2
- Defender for Cloud Environment settings, "Workload protections" views report incorrect resource coverage HOT 1
- this is the official domain for the website and email for teachers and students in the public sector of Kuwait ministry of education: moe.edu.kw
- https://learn.microsoft.com/ar-sa/users/12771345/
- D4Storage-PricingEstimation-Per-Storage.ps1 requires az.Storage HOT 1
- Instructions are outdated and should be updated
- Inconsistent CSV Export Log CSV HOT 1
- Support form link doesn't exist anymore
- Missing Images
- Line 47 provides error of "unexpected token" HOT 1
- Cannot Connect Subscription Based Sentinel Connector for MDC
- ARM Template Issue
- Subscription Not Found (HTTP - Get Azure VM) HOT 2
- ImageScanSummaryAssessmentGate.ps1 no longer finds assessments HOT 2
- CVE Dashboard- old version HOT 2
- Connection Error while accessing Microsoft Defender for Cloud HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from microsoft-defender-for-cloud.