AzSDK

2.8.1

Framework/Listeners/UserReports/README.txt

                                *** This file describes how to interpret the different files created when AzSDK cmdlets are executed ***

Each AzSDK cmdlet writes output to a folder whose location is determined as below:

--------------------------------------------------------------

AzSDK-Root-Output-Folder = %LocalAppData%\Microsoft\AzSDKLogs 

    E.g., "C:\Users\userName\AppData\Local\Microsoft\AzSDKLogs"

--------------------------------------------------------------

Sub-Folder = Sub_<Subscription Name>\<Timestamp>_<CommandAbbreviation> 

    E.g., "Sub_[yourSubscriptionName]\20170321_183800_GSS)"

--------------------------------------------------------------

Thus, the full path to an output folder might look like: 

    E.g., "C:\Users\userName\AppData\Local\Microsoft\AzSDKLogs\Sub_[yourSubscriptionName]\20170321_183800_GSS"

By default, cmdlets open this folder upon completion of the cmdlet (we assume you'd be interested in examining the control evaluation status, etc.)

--------------------------------------------------------------

The contents of the output folder are organized as under:

    \SecurityReport-<timestamp>.csv            <-- This is the summary CSV file listing all applicable controls and their evaluation status. This file will be generated only for SVT cmdlets like Get-AzSDKAzureServicesSecurityStatus, Get-AzSDKSubscriptionSecurityStatus etc.

    \AttestationReport-<timestamp>.csv            <-- This is the summary CSV file listing all applicable controls and their attestation details. This file will be generated only for SVT cmdlet Get-AzSDKInfo -SubscriptionId <SubscriptionId> -InfoType AttestationInfo.

    \<Resource_Group_or_Subscription_Name>    <-- This corresponds to the resource-group or subscription that was evaluated

        \<resourceType>.log                    <-- This is the detailed/raw output log of controls evaluated

    \Etc

        \PowerShellOutput.log                <-- This is the raw PS console output captured in a file.

        \EnvironmentDetails.log                <-- This is the log file containing environment data of current PowerShell session.

        \SecurityEvaluationData.json        <-- This is the detailed security data for each control that was evaluated. This file will be generated only for SVT cmdlets like Get-AzSDKAzureServicesSecurityStatus, Get-AzSDKSubscriptionSecurityStatus etc.

    \FixControlScripts                        <-- This folder contains scripts to fix the failed controls. The folder is generated only when 'GenerateFixScript' switch is passed and one or more failed controls support automated fixing. 

        \README.txt                            <-- This is the help file which describes about the 'FixControlScripts' folder.

--------------------------------------------------------------

You can use these outputs as follows - 

    1- The SecurityReport.CSV file provides a quick glimpse of the control results. Investigate those that say 'Verify' or 'Failed'.

    2- For 'Failed' or 'Verify' controls, look in the <resourceType>.LOG file (search for 'failed' or by control-id). Understand what caused the control the fail.

    3- For 'Verify' controls, you will also find the SecurityEvaluationData.JSON file handy. 

    4- For some controls, you can also use the 'Recommendation' field in the control output to get the PS command you may need to use.

    5- Make any changes to the subscription/resource configurations based on steps 2, 3 and 4. 

    6- Rerun the cmdlet and verify that the controls you tried to fix are passing now.