Exemplo n.º 1
0
        public async Task RunCommands(bool cliMode, int index, string[] args, int insId = 0)
        {
            string response = "";

            try
            {
                switch (index)
                {
                case 1:
                {
                    string ruleId = cliMode ? args[1] : GetNonEmptyInput(Utils.GetString("Action_Rule_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await actionsController.CreateAction(ruleId, insId);

                    break;
                }

                case 2:
                {
                    string ruleId   = cliMode ? args[1] : GetNonEmptyInput(Utils.GetString("Action_Rule_Id_Prompt_Text"));
                    string actionId = cliMode ? args[2] : GetNonEmptyInput(Utils.GetString("Action_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await actionsController.DeleteAction(ruleId, actionId, insId);

                    break;
                }

                case 3:
                {
                    string ruleId   = cliMode ? args[1] : GetNonEmptyInput(Utils.GetString("Action_Rule_Id_Prompt_Text"));
                    string actionId = cliMode ? args[2] : GetNonEmptyInput(Utils.GetString("Action_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await actionsController.GetActionById(ruleId, actionId, insId);

                    break;
                }

                case 4:
                {
                    string ruleId = cliMode ? args[1] : GetNonEmptyInput(Utils.GetString("Action_Rule_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await actionsController.GetActionsByRule(ruleId, insId);

                    break;
                }

                case 5:
                {
                    string ruleTmplId = cliMode? args[1]: GetInput(Utils.GetString("Rule_Template_Id_Prompt_Text"),
                                                                   "57c0cfc-d76d-463b-8755-c781608cdc1a");
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await alertRuleTemplatesController.GetAlertRuleTemplateById(ruleTmplId, insId);

                    break;
                }

                case 6:
                {
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await alertRuleTemplatesController.GetAlertRuleTemplates(insId);

                    break;
                }

                case 7:
                {
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await alertRulesController.CreateFusionAlertRule(insId);

                    break;
                }

                case 8:
                {
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await alertRulesController.CreateMicrosoftSecurityIncidentCreationAlertRule(insId);

                    break;
                }

                case 9:
                {
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await alertRulesController.CreateScheduledAlertRule(actionsController, insId);

                    break;
                }

                case 10:
                {
                    string ruleId = cliMode ? args[1] : GetNonEmptyInput(Utils.GetString("Rule_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await alertRulesController.DeleteAlertRule(ruleId, insId);

                    break;
                }

                case 11:
                {
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await alertRulesController.GetAlertRules(insId);

                    break;
                }

                case 12:
                {
                    string ruleId = cliMode ? args[1] : GetNonEmptyInput(Utils.GetString("Get_Fusion_Rule_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await alertRulesController.GetFusionAlertRule(ruleId, insId);

                    break;
                }

                case 13:
                {
                    string ruleId = cliMode ? args[1] : GetInput(Utils.GetString("Get_Incident_Rule_Prompt_Text"), "Microsoft-alert-rule-2");
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await alertRulesController.GetMicrosoftSecurityIdentityCreationAlertRule(ruleId, insId);

                    break;
                }

                case 14:
                {
                    string ruleId = cliMode ? args[1] : GetInput(Utils.GetString("Get_Scheduled_Rule_Prompt_Text"), "scheduled-alert-rule-3");
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await alertRulesController.GetScheduledAlertRule(ruleId, insId);

                    break;
                }

                case 15:
                {
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await bookmarksController.CreateBookmark(insId);

                    break;
                }

                case 16:
                {
                    string bookmarkId = cliMode ? args[1] : GetNonEmptyInput(Utils.GetString("Bookmark_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await bookmarksController.DeleteBookmark(bookmarkId, insId);

                    break;
                }

                case 17:
                {
                    string bookmarkId = cliMode ? args[1] : GetNonEmptyInput(Utils.GetString("Bookmark_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await bookmarksController.GetBookmarkById(bookmarkId, insId);

                    break;
                }

                case 18:
                {
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await bookmarksController.GetBookmarks(insId);

                    break;
                }

                case 19:
                {
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await dataConnectorsController.GetDataConnectors(insId);

                    break;
                }

                case 20:
                {
                    string dataConnectorId = GetNonEmptyInput(Utils.GetString("Dataconnector_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await dataConnectorsController.DeleteDataConnector(dataConnectorId, insId);

                    break;
                }

                case 21:
                {
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await dataConnectorsController.CreateDataConnector(insId);

                    break;
                }

                case 22:
                {
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await incidentsController.CreateIncident(insId);

                    break;
                }

                case 23:
                {
                    string incidentId = GetNonEmptyInput(Utils.GetString("Delete_Incident_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await incidentsController.DeleteIncident(incidentId, insId);

                    break;
                }

                case 24:
                {
                    string incidentId = GetNonEmptyInput(Utils.GetString("Get_Incident_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await incidentsController.GetIncidentById(incidentId, insId);

                    break;
                }

                case 25:
                {
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await incidentsController.GetIncidents(insId);

                    break;
                }

                case 26:
                {
                    string incidentId = GetNonEmptyInput(Utils.GetString("Incident_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await incidentsController.UpdateIncident(incidentId, insId);

                    break;
                }

                case 27:
                {
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await incidentsController.BatchUpdateIncidents(insId);

                    break;
                }

                case 28:
                {
                    string incidentId = GetNonEmptyInput(Utils.GetString("Incident_Id_Prompt_Text"));
                    await incidentsController.CreateIncidentComment(incidentId);

                    break;
                }

                case 29:
                {
                    string incidentId = GetNonEmptyInput(Utils.GetString("Incident_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await incidentsController.GetAllIncidentComments(incidentId, insId);

                    break;
                }

                case 30:
                {
                    string incidentId = GetNonEmptyInput(Utils.GetString("Incident_Id_Prompt_Text"));
                    string commentId  = GetNonEmptyInput(Utils.GetString("Comment_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await incidentsController.GetIncidentCommentById(incidentId, commentId, insId);

                    break;
                }

                case 31:
                {
                    string incidentId = GetNonEmptyInput(Utils.GetString("Incident_Id_Prompt_Text"));
                    string bookmarkId = GetNonEmptyInput(Utils.GetString("Bookmark_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await incidentRelationController.CreateIncidentRelation(incidentId, bookmarkId, insId);

                    break;
                }

                case 32:
                {
                    string incidentId = GetNonEmptyInput(Utils.GetString("Incident_Id_Prompt_Text"));
                    string relationId = GetNonEmptyInput(Utils.GetString("Relation_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await incidentRelationController.DeleteIncidentRelation(incidentId, relationId, insId);

                    break;
                }

                case 33:
                {
                    string incidentId = GetNonEmptyInput(Utils.GetString("Incident_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    await incidentRelationController.GetEntitiesforIncident(incidentId, insId);

                    break;
                }

                case 34:
                {
                    string incidentId = GetNonEmptyInput(Utils.GetString("Incident_Id_Prompt_Text"));
                    string relationId = GetNonEmptyInput(Utils.GetString("Relation_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    await incidentRelationController.GetIncidentRelationByName(incidentId, relationId, insId);

                    break;
                }

                case 35:
                {
                    string incidentId = GetNonEmptyInput(Utils.GetString("Incident_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    await incidentRelationController.GetIncidentEntitiesbyEntityType(incidentId, insId);

                    break;
                }

                case 36:
                {
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await savedSearchController.CreateSavedSearch(insId);

                    break;
                }

                case 37:
                {
                    string savedSearchId = GetNonEmptyInput(Utils.GetString("Saved_Search_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await savedSearchController.DeleteSavedSearch(savedSearchId, insId);

                    break;
                }

                case 38:
                {
                    string savedSearchId = GetNonEmptyInput(Utils.GetString("Saved_Search_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    response = await savedSearchController.GetSavedSearchById(savedSearchId, insId);

                    break;
                }

                case 39:
                {
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstanceOrApplyAll(configurations);
                    }
                    await savedSearchController.GetSavedSearches(insId);

                    break;
                }

                case 40:
                {
                    string savedSearchId = GetNonEmptyInput(Utils.GetString("Saved_Search_Id_Prompt_Text"));
                    if (!cliMode)
                    {
                        insId = Utils.SelectInstance(configurations);
                    }
                    await savedSearchController.UpdateSavedSearch(savedSearchId, insId);

                    break;
                }
                }

                if (response != string.Empty)
                {
                    Console.WriteLine(JToken.Parse(response).ToString(Formatting.Indented));
                }
            }
            catch (JsonReaderException exception)
            {
                if (string.IsNullOrEmpty(response))
                {
                    Console.WriteLine("Deleted");
                    Console.WriteLine(Utils.GetString("Continue_Prompt_Text"));
                    Console.ReadLine();
                    return;
                }
            }
            catch (Exception exception)
            {
                ConsoleColor currentColor = Console.ForegroundColor;
                Console.ForegroundColor = ConsoleColor.Red;
                await Console.Error.WriteLineAsync(exception.Message);

                Console.ForegroundColor = currentColor;
            }

            Console.WriteLine(response);
        }
Exemplo n.º 2
0
        public async Task Run(string[] args)
        {
            while (true)
            {
                PrintMenu();

                Console.Write("Option: ");
                var option = Console.ReadLine();

                var valid = int.TryParse(option, out var index);
                valid = valid && index > 0 && index < 29;
                if (!valid)
                {
                    Console.WriteLine("Invalid option... please, press enter to continue...");
                    Console.ReadLine();
                    continue;
                }

                var response = "";
                var input    = "";
                try
                {
                    switch (index)
                    {
                    case 1:
                    {
                        Console.WriteLine("Enter Alert rule name");
                        input    = Console.ReadLine();
                        response = await _actionsController.CreateAction(input);

                        break;
                    }

                    case 2:
                    {
                        Console.WriteLine("Enter Alert rule name");
                        input    = Console.ReadLine();
                        response = await _actionsController.DeleteAction(input);

                        break;
                    }

                    case 3:
                    {
                        Console.WriteLine("Enter Alert rule name");
                        input    = Console.ReadLine();
                        response = await _actionsController.GetActionById(input);

                        break;
                    }

                    case 4:
                    {
                        Console.WriteLine("Enter Alert rule name");
                        input    = Console.ReadLine();
                        response = await _actionsController.GetActionsByRule(input);

                        break;
                    }

                    case 5:
                    {
                        Console.WriteLine("Enter template name");
                        input    = Console.ReadLine();
                        response = await _alertRuleTemplatesController.GetAlertRuleTemplateById(input);

                        break;
                    }

                    case 6:
                    {
                        response = await _alertRuleTemplatesController.GetAlertRuleTemplates();

                        break;
                    }

                    case 7:
                    {
                        Console.WriteLine("Enter alert rule template name");
                        input    = Console.ReadLine();
                        response = await _alertRulesController.CreateFusionAlertRule(input);

                        break;
                    }

                    case 8:
                    {
                        Console.WriteLine("Enter rule name");
                        input    = Console.ReadLine();
                        response = await _alertRulesController.CreateMicrosoftSecurityIncidentCreationAlertRule(input);

                        break;
                    }

                    case 9:
                    {
                        response = await _alertRulesController.CreateScheduledAlertRule();

                        break;
                    }

                    case 10:
                    {
                        response = await _alertRulesController.DeleteAlertRule();

                        break;
                    }

                    case 11:
                    {
                        response = await _alertRulesController.GetAlertRules();

                        break;
                    }

                    case 12:
                    {
                        response = await _alertRulesController.GetFusionAlertRule();

                        break;
                    }

                    case 13:
                    {
                        response = await _alertRulesController.GetMicrosoftSecurityIdentityCreationAlertRule();

                        break;
                    }

                    case 14:
                    {
                        response = await _alertRulesController.GetScheduledAlertRule();

                        break;
                    }

                    case 15:
                    {
                        response = await _bookmarksController.CreateBookmark();

                        break;
                    }

                    case 16:
                    {
                        response = await _bookmarksController.DeleteBookmark();

                        break;
                    }

                    case 17:
                    {
                        response = await _bookmarksController.GetBookmarkById();

                        break;
                    }

                    case 18:
                    {
                        response = await _bookmarksController.GetBookmarks();

                        break;
                    }

                    case 19:
                    {
                        response = await _dataConnectorsController.GetDataConnectors();

                        break;
                    }

                    case 20:
                    {
                        response = await _dataConnectorsController.DeleteDataConnector();

                        break;
                    }

                    case 21:
                    {
                        response = await _dataConnectorsController.CreateDataConnector();

                        break;
                    }

                    case 22:
                    {
                        Console.WriteLine("Enter Severity option \n 0 High \n 1 Medium \n 2 Low \n 3 Informational");
                        input = Console.ReadLine();
                        Severity severity = (Severity)Convert.ToInt32(input);

                        Console.WriteLine("Enter Incident status \n 0 New \n 1 Active \n 2 Close");
                        input = Console.ReadLine();
                        IncidentStatus status = (IncidentStatus)Convert.ToInt32(input);

                        Console.WriteLine("Enter Incident name");
                        var title = Console.ReadLine();

                        var payload = new IncidentPayload
                        {
                            PropertiesPayload = new IncidentPropertiesPayload
                            {
                                Severity = severity,
                                Status   = status,
                                Title    = title
                            }
                        };

                        response = await _incidentsController.CreateIncident(payload, title);

                        break;
                    }

                    case 23:
                    {
                        response = await _incidentsController.DeleteIncident();

                        break;
                    }

                    case 24:
                    {
                        response = await _incidentsController.GetIncidentById();

                        break;
                    }

                    case 25:
                    {
                        response = await _incidentsController.GetIncidents();

                        break;
                    }

                    case 26:
                    {
                        response = await _incidentsController.CreateIncidentComment();

                        break;
                    }

                    case 27:
                    {
                        response = await _incidentsController.GetAllIncidentComments();

                        break;
                    }

                    case 28:
                    {
                        response = await _incidentsController.GetIncidentCommentById();

                        break;
                    }
                    }

                    Console.WriteLine(JToken.Parse(response).ToString(Formatting.Indented));
                }
                catch (JsonReaderException exception)
                {
                    if (string.IsNullOrEmpty(response))
                    {
                        Console.WriteLine("Deleted");
                        Console.WriteLine("Enter to continue");
                        Console.ReadLine();
                        continue;
                    }

                    Console.WriteLine(response);
                }

                catch (Exception exception)
                {
                    var currentColor = Console.ForegroundColor;
                    Console.ForegroundColor = ConsoleColor.Red;
                    await Console.Error.WriteLineAsync(exception.Message);

                    Console.ForegroundColor = currentColor;
                }

                Console.WriteLine();
                Console.WriteLine("Enter to continue");
                Console.ReadLine();
            }
        }