예제 #1
0
        public async Task RunCommands(bool cliMode, int index, string[] args, int insId = 0)
        {
            string response = "";

            try
            {
                switch (index)
                {
                case 1:
                {
                    string ruleId = cliMode ? args[1] : GetNonEmptyInput(Utils.GetString("Action_Rule_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await actionsController.CreateAction(ruleId, insId);

                    break;
                }

                case 2:
                {
                    string ruleId   = cliMode ? args[1] : GetNonEmptyInput(Utils.GetString("Action_Rule_Id_Prompt_Text"));
                    string actionId = cliMode ? args[2] : GetNonEmptyInput(Utils.GetString("Action_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await actionsController.DeleteAction(ruleId, actionId, insId);

                    break;
                }

                case 3:
                {
                    string ruleId   = cliMode ? args[1] : GetNonEmptyInput(Utils.GetString("Action_Rule_Id_Prompt_Text"));
                    string actionId = cliMode ? args[2] : GetNonEmptyInput(Utils.GetString("Action_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await actionsController.GetActionById(ruleId, actionId, insId);

                    break;
                }

                case 4:
                {
                    string ruleId = cliMode ? args[1] : GetNonEmptyInput(Utils.GetString("Action_Rule_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await actionsController.GetActionsByRule(ruleId, insId);

                    break;
                }

                case 5:
                {
                    string ruleTmplId = cliMode? args[1]: GetInput(Utils.GetString("Rule_Template_Id_Prompt_Text"),
                                                                   "57c0cfc-d76d-463b-8755-c781608cdc1a");
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await alertRuleTemplatesController.GetAlertRuleTemplateById(ruleTmplId, insId);

                    break;
                }

                case 6:
                {
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await alertRuleTemplatesController.GetAlertRuleTemplates(insId);

                    break;
                }

                case 7:
                {
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await alertRulesController.CreateFusionAlertRule(insId);

                    break;
                }

                case 8:
                {
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await alertRulesController.CreateMicrosoftSecurityIncidentCreationAlertRule(insId);

                    break;
                }

                case 9:
                {
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await alertRulesController.CreateScheduledAlertRule(actionsController, insId);

                    break;
                }

                case 10:
                {
                    string ruleId = cliMode ? args[1] : GetNonEmptyInput(Utils.GetString("Rule_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await alertRulesController.DeleteAlertRule(ruleId, insId);

                    break;
                }

                case 11:
                {
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await alertRulesController.GetAlertRules(insId);

                    break;
                }

                case 12:
                {
                    string ruleId = cliMode ? args[1] : GetNonEmptyInput(Utils.GetString("Get_Fusion_Rule_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await alertRulesController.GetFusionAlertRule(ruleId, insId);

                    break;
                }

                case 13:
                {
                    string ruleId = cliMode ? args[1] : GetInput(Utils.GetString("Get_Incident_Rule_Prompt_Text"), "Microsoft-alert-rule-2");
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await alertRulesController.GetMicrosoftSecurityIdentityCreationAlertRule(ruleId, insId);

                    break;
                }

                case 14:
                {
                    string ruleId = cliMode ? args[1] : GetInput(Utils.GetString("Get_Scheduled_Rule_Prompt_Text"), "scheduled-alert-rule-3");
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await alertRulesController.GetScheduledAlertRule(ruleId, insId);

                    break;
                }

                case 15:
                {
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await bookmarksController.CreateBookmark(insId);

                    break;
                }

                case 16:
                {
                    string bookmarkId = cliMode ? args[1] : GetNonEmptyInput(Utils.GetString("Bookmark_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await bookmarksController.DeleteBookmark(bookmarkId, insId);

                    break;
                }

                case 17:
                {
                    string bookmarkId = cliMode ? args[1] : GetNonEmptyInput(Utils.GetString("Bookmark_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await bookmarksController.GetBookmarkById(bookmarkId, insId);

                    break;
                }

                case 18:
                {
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await bookmarksController.GetBookmarks(insId);

                    break;
                }

                case 19:
                {
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await dataConnectorsController.GetDataConnectors(insId);

                    break;
                }

                case 20:
                {
                    string dataConnectorId = GetNonEmptyInput(Utils.GetString("Dataconnector_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await dataConnectorsController.DeleteDataConnector(dataConnectorId, insId);

                    break;
                }

                case 21:
                {
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await dataConnectorsController.CreateDataConnector(insId);

                    break;
                }

                case 22:
                {
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await incidentsController.CreateIncident(insId);

                    break;
                }

                case 23:
                {
                    string incidentId = GetNonEmptyInput(Utils.GetString("Delete_Incident_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await incidentsController.DeleteIncident(incidentId, insId);

                    break;
                }

                case 24:
                {
                    string incidentId = GetNonEmptyInput(Utils.GetString("Get_Incident_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await incidentsController.GetIncidentById(incidentId, insId);

                    break;
                }

                case 25:
                {
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await incidentsController.GetIncidents(insId);

                    break;
                }

                case 26:
                {
                    string incidentId = GetNonEmptyInput(Utils.GetString("Incident_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await incidentsController.UpdateIncident(incidentId, insId);

                    break;
                }

                case 27:
                {
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await incidentsController.BatchUpdateIncidents(insId);

                    break;
                }

                case 28:
                {
                    string incidentId = GetNonEmptyInput(Utils.GetString("Incident_Id_Prompt_Text"));
                    await incidentsController.CreateIncidentComment(incidentId);

                    break;
                }

                case 29:
                {
                    string incidentId = GetNonEmptyInput(Utils.GetString("Incident_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await incidentsController.GetAllIncidentComments(incidentId, insId);

                    break;
                }

                case 30:
                {
                    string incidentId = GetNonEmptyInput(Utils.GetString("Incident_Id_Prompt_Text"));
                    string commentId  = GetNonEmptyInput(Utils.GetString("Comment_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await incidentsController.GetIncidentCommentById(incidentId, commentId, insId);

                    break;
                }

                case 31:
                {
                    string incidentId = GetNonEmptyInput(Utils.GetString("Incident_Id_Prompt_Text"));
                    string bookmarkId = GetNonEmptyInput(Utils.GetString("Bookmark_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await incidentRelationController.CreateIncidentRelation(incidentId, bookmarkId, insId);

                    break;
                }

                case 32:
                {
                    string incidentId = GetNonEmptyInput(Utils.GetString("Incident_Id_Prompt_Text"));
                    string relationId = GetNonEmptyInput(Utils.GetString("Relation_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await incidentRelationController.DeleteIncidentRelation(incidentId, relationId, insId);

                    break;
                }

                case 33:
                {
                    string incidentId = GetNonEmptyInput(Utils.GetString("Incident_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    await incidentRelationController.GetEntitiesforIncident(incidentId, insId);

                    break;
                }

                case 34:
                {
                    string incidentId = GetNonEmptyInput(Utils.GetString("Incident_Id_Prompt_Text"));
                    string relationId = GetNonEmptyInput(Utils.GetString("Relation_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    await incidentRelationController.GetIncidentRelationByName(incidentId, relationId, insId);

                    break;
                }

                case 35:
                {
                    string incidentId = GetNonEmptyInput(Utils.GetString("Incident_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    await incidentRelationController.GetIncidentEntitiesbyEntityType(incidentId, insId);

                    break;
                }

                case 36:
                {
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await savedSearchController.CreateSavedSearch(insId);

                    break;
                }

                case 37:
                {
                    string savedSearchId = GetNonEmptyInput(Utils.GetString("Saved_Search_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await savedSearchController.DeleteSavedSearch(savedSearchId, insId);

                    break;
                }

                case 38:
                {
                    string savedSearchId = GetNonEmptyInput(Utils.GetString("Saved_Search_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await savedSearchController.GetSavedSearchById(savedSearchId, insId);

                    break;
                }

                case 39:
                {
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await savedSearchController.GetSavedSearches(insId);

                    break;
                }

                case 40:
                {
                    string savedSearchId = GetNonEmptyInput(Utils.GetString("Saved_Search_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    await savedSearchController.UpdateSavedSearch(savedSearchId, insId);

                    break;
                }
                }

                if (response != string.Empty)
                {
                    Console.WriteLine(JToken.Parse(response).ToString(Formatting.Indented));
                }
            }
            catch (JsonReaderException exception)
            {
                if (string.IsNullOrEmpty(response))
                {
                    Console.WriteLine("Deleted");
                    Console.WriteLine(Utils.GetString("Continue_Prompt_Text"));
                    Console.ReadLine();
                    return;
                }
            }
            catch (Exception exception)
            {
                ConsoleColor currentColor = Console.ForegroundColor;
                Console.ForegroundColor = ConsoleColor.Red;
                await Console.Error.WriteLineAsync(exception.Message);

                Console.ForegroundColor = currentColor;
            }

            Console.WriteLine(response);
        }