-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathBitDefenderGravityZoneAPI_CompanyDevices.ps1
239 lines (188 loc) · 8.05 KB
/
BitDefenderGravityZoneAPI_CompanyDevices.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
#Requires -Version 5.0
<#
.SYNOPSIS
Export company's endpoints in excel format from BitDefender GravityZone
.DESCRIPTION
Export customer company's endpoint list in excel format from BitDefender GravityZone by using JSON-RPC 2.0 API.
.PARAMETER CompanyName
Search string for company. The script expects only one result to be found with this parameter.
.PARAMETER ExportFormat
CSV or Excel.
.PARAMETER ExportFilename
A prefix for export file.
"${ExportFilename}_YYMMDD-HHMM.ext"
.EXAMPLE
PS> BitDefenderGravityZoneAPI_CompanyEndpoints.ps1 -CompanyName "X" -ExportFormat "Excel" -ExportFilename "CompanyEndpoints"
Customer XYZ found, exported endpoints to CompanyEndpoints__X_YYMMDD-HHMM.xlsx
.EXAMPLE
PS> BitDefenderGravityZoneAPI_CompanyEndpoints.ps1 -CompanyName "X" -ExportFormat "CSV" -ExportFilename "CompanyEndpoints"
Customer XYZ found, exported endpoints to CompanyEndpoints_X_YYMMDD-HHMM.csv
.INPUTS
Pipelining not yet available.
.OUTPUTS
.LINK
https://download.bitdefender.com/business/API/Bitdefender_GravityZone_Cloud_APIGuide_forPartners_enUS.pdf
.LINK
https://github.com/dfinke/ImportExcel
.LINK
http://www.jsonrpc.org/specification
.NOTES
NOTE: This script is still in development. This needs some refactoring but it works.
PowerShell module ImportExcel required, install it by using command:
Install-Module ImportExcel
This script expects a configuration file which has $API variable with base64 encoded API key. The file needs to be located in same path with this script.
"${PSScriptRoot}\BitDefenderGravityZoneAPI.config.ps1":
$API = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
API access required to Companies API and Network API. This access is declared during API key generation.
Author: Niko Mielikäinen
Git: https://github.com/mielipuolinen/PowerShell-Scripts
#>
[CmdletBinding()]
Param(
[Parameter(ValueFromPipeline=$true)]
[String]$CompanyName = "",
[String]$ExportFormat = "CSV",
[String]$ExportFilename = "CompanyEndpoints_${CompanyName}"
)
#Set-StrictMode -Version Latest
#HTTP POST
#Content-Type application/json
#HTTP Statuses; 200 Successful (incl. wrong params), 401 Unauthorized (API Key?), 403 Forbiddden (API not enabled?), 405 Method Not Allowed (Not HTTP POST?), 429 Too Many Requests (>10req/s)
#JSON-RPC Erros: -32700 Parse Error, -32600 Invalid Request, -32601 Method not found, -32602 Invalid params, -32000 Server error
try{
. "${PSScriptRoot}\BitDefenderGravityZoneAPI.config.ps1"
}catch{
Write-Host "ERROR - Couldn't load ${PSScriptRoot}\BitDefenderGravityZoneAPI.config.ps1"
Exit
}
if(!(Get-Variable API -ErrorAction Ignore) -or $API -eq "" -or $API.length -lt 40 ){
Write-Host "ERROR - Couldn't load API key."
Exit
}
$BaseAPI = "https://cloudgz.gravityzone.bitdefender.com/api/v1.0/jsonrpc/"
$CompaniesAPI = "${BaseAPI}companies"
#$LicensingAPI = "${BaseAPI}licensing"
#$AccountsAPI = "${BaseAPI}accounts"
$NetworkAPI = "${BaseAPI}network"
#$PackagesAPI = "${BaseAPI}packages"
#$PoliciesAPI = "${BaseAPI}policies"
#$IntegrationsAPI = "${BaseAPI}integrations"
#$ReportsAPI = "${BaseAPI}reports"
#$PushAPI = "${BaseAPI}push"
$headers = @{"Authorization" = "Basic ${API}"}
$exportCSV = "${PSScriptRoot}\${ExportFilename}_$(Get-Date -UFormat "%y%m%d%-%H%M").csv"
$exportXLSX = "${PSScriptRoot}\${ExportFilename}_$(Get-Date -UFormat "%y%m%d%-%H%M").xlsx"
#########################################################################################################
# FIND COMPANY BY NAME AND GET parentID
#########################################################################################################
$JSON = @'
{
"params": {
"nameFilter": ""
},
"method": "findCompaniesByName",
"id": "1",
"jsonrpc": "2.0"
}
'@ | ForEach-Object {$_.replace("`"nameFilter`": `"`"","`"nameFilter`": `"*${CompanyName}`"")}
$response = Invoke-RestMethod -Uri $CompaniesAPI -Method POST -ContentType "application/json" -Headers $headers -Body $JSON
Start-Sleep 0.2
if($response.result.Count -eq 1){
Write-Verbose "OK - Found $($response.result[0].name) : $($response.result[0].id)"
$parentId = ([string]($response.result[0].id)).Trim()
$companyName = $response.result[0].name
}else{
Write-Host "ERROR - Found $($response.result.Count) results, exiting"
$response.result | ForEach-Object {Write-Verbose "$_"}
exit
}
#########################################################################################################
# GET PAGE COUNT
#########################################################################################################
$JSON = @'
{
"params": {
"parentId": "",
"page": 1,
"perPage": 30,
"filters": {
"depth": {
"allItemsRecursively": true
}
}
},
"method": "getEndpointsList",
"id": "1",
"jsonrpc": "2.0"
}
'@ | ForEach-Object {$_.replace("`"parentId`": `"`"","`"parentId`": `""+$parentId+"`"")}
$response = Invoke-RestMethod -Uri $NetworkAPI -Method POST -ContentType "application/json" -Headers $headers -Body $JSON
Start-Sleep 0.2
if($response.result){
Write-Verbose "OK - $($response.result.pagesCount) pages"
$pageCount = ([int]([string]($response.result.pagesCount)).Trim())
}else{
Write-Host "ERROR - Failed results, exiting"
exit
}
#########################################################################################################
# QUERY CLIENTS
#########################################################################################################
if($clients){ Remove-Variable clients }
for($i=1; $i -le $pageCount; $i++){
$JSON = @'
{
"params": {
"parentId": "",
"page": "",
"perPage": 30,
"filters": {
"depth": {
"allItemsRecursively": true
}
}
},
"method": "getEndpointsList",
"id": "1",
"jsonrpc": "2.0"
}
'@ | ForEach-Object {$_.replace("`"parentId`": `"`"","`"parentId`": `""+$parentId+"`"")} | % {$_.replace("`"page`": `"`"","`"page`": "+$i)}
$response = Invoke-RestMethod -Uri $NetworkAPI -Method POST -ContentType "application/json" -Headers $headers -Body $JSON
Start-Sleep 0.2
if($response.result){
Write-Verbose "OK - Querying page n:o $($i), $($response.result.items.Count) clients"
$clients += $response.result.items
}else{
Write-Host "Error - Failed to query a page n:o $($i), exiting"
exit
}
}
#########################################################################################################
# DUPLICATE CHECK
#########################################################################################################
$duplicates = @()
ForEach ($client in $clients){
$i = 0;
ForEach ($client2 in $clients){
if ($client.name -eq $client2.name){ $i++; }
}
if (($i -gt 1) -and (!$duplicates.Contains($client.name))){
#Write-Host "WARNING - Duplicate: $($client.name)"
$duplicates += $client.name
}
}
Write-Host "WARNING - Found duplicate endpoint(s): ${duplicates}"
#########################################################################################################
# EXPORT
#########################################################################################################
$clients | Select-Object fqdn,isManaged,managedWithBest,operatingSystemVersion,ip | Export-Csv -Path $exportCSV -NoTypeInformation
Write-Verbose "OK - Exported CSV to $($exportCSV)"
Write-Verbose "DONE - $($clients.Count) clients for $($companyName)"
$endpointCount = $clients.Count
if($ExportFormat -eq "Excel"){
$clients | Select-Object @{Label="Hostname";Expression={($_.fqdn)}},@{Label="Managed";Expression={($_.isManaged)}},@{Label="Managed with BEST";Expression={($_.managedWithBest)}},@{Label="OS";Expression={($_.operatingSystemVersion)}},@{Label="IP";Expression={($_.ip)}} | Export-Excel -Path $exportXLSX -Title "BDGZ $($companyName) Endpoints" -WorkSheetname "BDGZ Endpoints" -AutoSize -TableName "Endpoints"
Remove-item $exportCSV
Write-Host "Company ${companyName} found, exported ${endpointCount} endpoints to ${exportXLSX}"
}else{
Write-Host "Company ${companyName} found, exported ${endpointCount} endpoints to ${exportCSV}"
}