AttunixMSPTools

0.10.4

public/Enable-AzureNSGDiagnostics.ps1

function Enable-AzureNSGDiagnostics {

<#
 
.SYNOPSIS
 
Enabling azure diagnostics logging for all network security groups
 
.DESCRIPTION
 
Enable-AzureNSGDiagnostics cmdlet enables azure diagnostics logging for all network security groups in a given Azure subscription, and sends the data to an oms workspace with a retention policy or archiving to storage.
  
.PARAMETER SubscriptionName
 
specify the subscriptionName
 
.PARAMETER WorkspaceName
 
Specify the OMS workspace by the full name.
 
.EXAMPLE
 
Enable-AzureNSGDiagnostics -SubscriptionName <SubscriptionName> -WorkspaceName <WorkspaceName> -verbose
 
#>

    [cmdletbinding()]    
    
    Param (


        [Parameter(Mandatory=$true)]
        [string]$subscriptionName,

        [Parameter(Mandatory=$true)]
        [string]$workspaceName
    
    )

    Process 
    {

        # check to see if local token exists (ran Login-AzureRMAccount)
        if (($null -eq (Get-AzureRmContext).Account)) {
            Write-Warning "Please run < Login-AzureRMAccount > first to create a session token...exiting."
            break
        }
        
        
        Try {
            Select-AzureRmSubscription -SubscriptionName $subscriptionname -ErrorAction Stop -Verbose | Out-Null
        }
        Catch {
            $error[0].Exception
            break
        }

        
        # resolve oms workspace
        $workspace = (Get-AzureRmOperationalInsightsWorkspace).Where({$_.Name -eq "$workspaceName"})
        $workspaceID = $workspace.ResourceId
        
        # if null or collection greather than 1, break
        if (($null -eq $workspaceID)) {
            Write-Warning "Could not resolve oms workspace, exiting."
            break
        }
        
        
        # Get NSGs for all resource groups (or exit if none)
        Try {
            $nsgs = Get-AzureRmNetworkSecurityGroup -ErrorAction Stop -Verbose
        }
        Catch {
            $error[0].Exception
            break
        }

        
        if (($null -eq $nsgs) -or ($nsgs.count -eq 0)) {
            Write-Warning "No NSGs found, exiting."
            break
        }
        
        
        # itterate through nsgs and enable diagnostics (straight to oms, no storage account or retention specified)
        else {
            $results = @()
            foreach ($nsg in $nsgs) {
                Try {
                    $op = Set-AzureRmDiagnosticSetting -ResourceId $nsg.ID -WorkspaceId $workspaceID -Enabled $true -ErrorAction Stop -Verbose
                    $results += $op
                }
                Catch {
                    $error[0].Exception
                    continue
                }
    
            }
        }

        return $results

    }

}