exports/ProxyCmdletDefinitions.ps1
# ---------------------------------------------------------------------------------- # # Copyright Microsoft Corporation # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # ---------------------------------------------------------------------------------- <# .Synopsis Get directoryAudits from auditLogs .Description Get directoryAudits from auditLogs .Example PS C:\> {{ Add code here }} {{ Add output here }} .Example PS C:\> {{ Add code here }} {{ Add output here }} .Inputs Microsoft.Graph.PowerShell.Models.IIdentityAuditLogsIdentity .Outputs Microsoft.Graph.PowerShell.Models.IMicrosoftGraphDirectoryAudit .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. INPUTOBJECT <IIdentityAuditLogsIdentity>: Identity Parameter [DirectoryAuditId <String>]: key: directoryAudit-id of directoryAudit [ProvisioningObjectSummaryId <String>]: key: provisioningObjectSummary-id of provisioningObjectSummary [RestrictedSignInId <String>]: key: restrictedSignIn-id of restrictedSignIn [SignInId <String>]: key: signIn-id of signIn .Link https://docs.microsoft.com/en-us/powershell/module/microsoft.graph.identity.auditlogs/get-mgauditlogdirectoryaudit #> function Get-MgAuditLogDirectoryAudit { [OutputType([Microsoft.Graph.PowerShell.Models.IMicrosoftGraphDirectoryAudit])] [CmdletBinding(DefaultParameterSetName='List', PositionalBinding=$false)] param( [Parameter(ParameterSetName='Get', Mandatory)] [Microsoft.Graph.PowerShell.Category('Path')] [System.String] # key: directoryAudit-id of directoryAudit ${DirectoryAuditId}, [Parameter(ParameterSetName='GetViaIdentity', Mandatory, ValueFromPipeline)] [Microsoft.Graph.PowerShell.Category('Path')] [Microsoft.Graph.PowerShell.Models.IIdentityAuditLogsIdentity] # Identity Parameter # To construct, see NOTES section for INPUTOBJECT properties and create a hash table. ${InputObject}, [Parameter()] [Alias('Expand')] [Microsoft.Graph.PowerShell.Category('Query')] [System.String[]] # Expand related entities ${ExpandProperty}, [Parameter()] [Alias('Select')] [Microsoft.Graph.PowerShell.Category('Query')] [System.String[]] # Select properties to be returned ${Property}, [Parameter(ParameterSetName='List')] [Microsoft.Graph.PowerShell.Category('Query')] [System.Management.Automation.SwitchParameter] # Include count of items ${Count}, [Parameter(ParameterSetName='List')] [Microsoft.Graph.PowerShell.Category('Query')] [System.String] # Filter items by property values ${Filter}, [Parameter(ParameterSetName='List')] [Alias('Top')] [Microsoft.Graph.PowerShell.Category('Query')] [System.Int32] # Show only the first n items ${PageSize}, [Parameter(ParameterSetName='List')] [Microsoft.Graph.PowerShell.Category('Query')] [System.String] # Search items by search phrases ${Search}, [Parameter(ParameterSetName='List')] [Microsoft.Graph.PowerShell.Category('Query')] [System.Int32] # Skip the first n items ${Skip}, [Parameter(ParameterSetName='List')] [Alias('OrderBy')] [Microsoft.Graph.PowerShell.Category('Query')] [System.String[]] # Order items by property values ${Sort}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ Get = 'Microsoft.Graph.Identity.AuditLogs.private\Get-MgAuditLogDirectoryAudit_Get'; GetViaIdentity = 'Microsoft.Graph.Identity.AuditLogs.private\Get-MgAuditLogDirectoryAudit_GetViaIdentity'; List = 'Microsoft.Graph.Identity.AuditLogs.private\Get-MgAuditLogDirectoryAudit_List'; } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } # ---------------------------------------------------------------------------------- # # Copyright Microsoft Corporation # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # ---------------------------------------------------------------------------------- <# .Synopsis Get directoryProvisioning from auditLogs .Description Get directoryProvisioning from auditLogs .Example PS C:\> {{ Add code here }} {{ Add output here }} .Example PS C:\> {{ Add code here }} {{ Add output here }} .Inputs Microsoft.Graph.PowerShell.Models.IIdentityAuditLogsIdentity .Outputs Microsoft.Graph.PowerShell.Models.IMicrosoftGraphProvisioningObjectSummary .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. INPUTOBJECT <IIdentityAuditLogsIdentity>: Identity Parameter [DirectoryAuditId <String>]: key: directoryAudit-id of directoryAudit [ProvisioningObjectSummaryId <String>]: key: provisioningObjectSummary-id of provisioningObjectSummary [RestrictedSignInId <String>]: key: restrictedSignIn-id of restrictedSignIn [SignInId <String>]: key: signIn-id of signIn .Link https://docs.microsoft.com/en-us/powershell/module/microsoft.graph.identity.auditlogs/get-mgauditlogdirectoryprovisioning #> function Get-MgAuditLogDirectoryProvisioning { [OutputType([Microsoft.Graph.PowerShell.Models.IMicrosoftGraphProvisioningObjectSummary])] [CmdletBinding(DefaultParameterSetName='List', PositionalBinding=$false)] param( [Parameter(ParameterSetName='Get', Mandatory)] [Microsoft.Graph.PowerShell.Category('Path')] [System.String] # key: provisioningObjectSummary-id of provisioningObjectSummary ${ProvisioningObjectSummaryId}, [Parameter(ParameterSetName='GetViaIdentity', Mandatory, ValueFromPipeline)] [Microsoft.Graph.PowerShell.Category('Path')] [Microsoft.Graph.PowerShell.Models.IIdentityAuditLogsIdentity] # Identity Parameter # To construct, see NOTES section for INPUTOBJECT properties and create a hash table. ${InputObject}, [Parameter()] [Alias('Expand')] [Microsoft.Graph.PowerShell.Category('Query')] [System.String[]] # Expand related entities ${ExpandProperty}, [Parameter()] [Alias('Select')] [Microsoft.Graph.PowerShell.Category('Query')] [System.String[]] # Select properties to be returned ${Property}, [Parameter(ParameterSetName='List')] [Microsoft.Graph.PowerShell.Category('Query')] [System.Management.Automation.SwitchParameter] # Include count of items ${Count}, [Parameter(ParameterSetName='List')] [Microsoft.Graph.PowerShell.Category('Query')] [System.String] # Filter items by property values ${Filter}, [Parameter(ParameterSetName='List')] [Alias('Top')] [Microsoft.Graph.PowerShell.Category('Query')] [System.Int32] # Show only the first n items ${PageSize}, [Parameter(ParameterSetName='List')] [Microsoft.Graph.PowerShell.Category('Query')] [System.String] # Search items by search phrases ${Search}, [Parameter(ParameterSetName='List')] [Microsoft.Graph.PowerShell.Category('Query')] [System.Int32] # Skip the first n items ${Skip}, [Parameter(ParameterSetName='List')] [Alias('OrderBy')] [Microsoft.Graph.PowerShell.Category('Query')] [System.String[]] # Order items by property values ${Sort}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ Get = 'Microsoft.Graph.Identity.AuditLogs.private\Get-MgAuditLogDirectoryProvisioning_Get'; GetViaIdentity = 'Microsoft.Graph.Identity.AuditLogs.private\Get-MgAuditLogDirectoryProvisioning_GetViaIdentity'; List = 'Microsoft.Graph.Identity.AuditLogs.private\Get-MgAuditLogDirectoryProvisioning_List'; } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } # ---------------------------------------------------------------------------------- # # Copyright Microsoft Corporation # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # ---------------------------------------------------------------------------------- <# .Synopsis Get provisioning from auditLogs .Description Get provisioning from auditLogs .Example PS C:\> {{ Add code here }} {{ Add output here }} .Example PS C:\> {{ Add code here }} {{ Add output here }} .Inputs Microsoft.Graph.PowerShell.Models.IIdentityAuditLogsIdentity .Outputs Microsoft.Graph.PowerShell.Models.IMicrosoftGraphProvisioningObjectSummary .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. INPUTOBJECT <IIdentityAuditLogsIdentity>: Identity Parameter [DirectoryAuditId <String>]: key: directoryAudit-id of directoryAudit [ProvisioningObjectSummaryId <String>]: key: provisioningObjectSummary-id of provisioningObjectSummary [RestrictedSignInId <String>]: key: restrictedSignIn-id of restrictedSignIn [SignInId <String>]: key: signIn-id of signIn .Link https://docs.microsoft.com/en-us/powershell/module/microsoft.graph.identity.auditlogs/get-mgauditlogprovisioning #> function Get-MgAuditLogProvisioning { [OutputType([Microsoft.Graph.PowerShell.Models.IMicrosoftGraphProvisioningObjectSummary])] [CmdletBinding(DefaultParameterSetName='List', PositionalBinding=$false)] param( [Parameter(ParameterSetName='Get', Mandatory)] [Microsoft.Graph.PowerShell.Category('Path')] [System.String] # key: provisioningObjectSummary-id of provisioningObjectSummary ${ProvisioningObjectSummaryId}, [Parameter(ParameterSetName='GetViaIdentity', Mandatory, ValueFromPipeline)] [Microsoft.Graph.PowerShell.Category('Path')] [Microsoft.Graph.PowerShell.Models.IIdentityAuditLogsIdentity] # Identity Parameter # To construct, see NOTES section for INPUTOBJECT properties and create a hash table. ${InputObject}, [Parameter()] [Alias('Expand')] [Microsoft.Graph.PowerShell.Category('Query')] [System.String[]] # Expand related entities ${ExpandProperty}, [Parameter()] [Alias('Select')] [Microsoft.Graph.PowerShell.Category('Query')] [System.String[]] # Select properties to be returned ${Property}, [Parameter(ParameterSetName='List')] [Microsoft.Graph.PowerShell.Category('Query')] [System.Management.Automation.SwitchParameter] # Include count of items ${Count}, [Parameter(ParameterSetName='List')] [Microsoft.Graph.PowerShell.Category('Query')] [System.String] # Filter items by property values ${Filter}, [Parameter(ParameterSetName='List')] [Alias('Top')] [Microsoft.Graph.PowerShell.Category('Query')] [System.Int32] # Show only the first n items ${PageSize}, [Parameter(ParameterSetName='List')] [Microsoft.Graph.PowerShell.Category('Query')] [System.String] # Search items by search phrases ${Search}, [Parameter(ParameterSetName='List')] [Microsoft.Graph.PowerShell.Category('Query')] [System.Int32] # Skip the first n items ${Skip}, [Parameter(ParameterSetName='List')] [Alias('OrderBy')] [Microsoft.Graph.PowerShell.Category('Query')] [System.String[]] # Order items by property values ${Sort}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ Get = 'Microsoft.Graph.Identity.AuditLogs.private\Get-MgAuditLogProvisioning_Get'; GetViaIdentity = 'Microsoft.Graph.Identity.AuditLogs.private\Get-MgAuditLogProvisioning_GetViaIdentity'; List = 'Microsoft.Graph.Identity.AuditLogs.private\Get-MgAuditLogProvisioning_List'; } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } # ---------------------------------------------------------------------------------- # # Copyright Microsoft Corporation # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # ---------------------------------------------------------------------------------- <# .Synopsis Get restrictedSignIns from auditLogs .Description Get restrictedSignIns from auditLogs .Example PS C:\> {{ Add code here }} {{ Add output here }} .Example PS C:\> {{ Add code here }} {{ Add output here }} .Inputs Microsoft.Graph.PowerShell.Models.IIdentityAuditLogsIdentity .Outputs Microsoft.Graph.PowerShell.Models.IMicrosoftGraphRestrictedSignIn .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. INPUTOBJECT <IIdentityAuditLogsIdentity>: Identity Parameter [DirectoryAuditId <String>]: key: directoryAudit-id of directoryAudit [ProvisioningObjectSummaryId <String>]: key: provisioningObjectSummary-id of provisioningObjectSummary [RestrictedSignInId <String>]: key: restrictedSignIn-id of restrictedSignIn [SignInId <String>]: key: signIn-id of signIn .Link https://docs.microsoft.com/en-us/powershell/module/microsoft.graph.identity.auditlogs/get-mgauditlogrestrictedsignin #> function Get-MgAuditLogRestrictedSignIn { [OutputType([Microsoft.Graph.PowerShell.Models.IMicrosoftGraphRestrictedSignIn])] [CmdletBinding(DefaultParameterSetName='List', PositionalBinding=$false)] param( [Parameter(ParameterSetName='Get', Mandatory)] [Microsoft.Graph.PowerShell.Category('Path')] [System.String] # key: restrictedSignIn-id of restrictedSignIn ${RestrictedSignInId}, [Parameter(ParameterSetName='GetViaIdentity', Mandatory, ValueFromPipeline)] [Microsoft.Graph.PowerShell.Category('Path')] [Microsoft.Graph.PowerShell.Models.IIdentityAuditLogsIdentity] # Identity Parameter # To construct, see NOTES section for INPUTOBJECT properties and create a hash table. ${InputObject}, [Parameter()] [Alias('Expand')] [Microsoft.Graph.PowerShell.Category('Query')] [System.String[]] # Expand related entities ${ExpandProperty}, [Parameter()] [Alias('Select')] [Microsoft.Graph.PowerShell.Category('Query')] [System.String[]] # Select properties to be returned ${Property}, [Parameter(ParameterSetName='List')] [Microsoft.Graph.PowerShell.Category('Query')] [System.Management.Automation.SwitchParameter] # Include count of items ${Count}, [Parameter(ParameterSetName='List')] [Microsoft.Graph.PowerShell.Category('Query')] [System.String] # Filter items by property values ${Filter}, [Parameter(ParameterSetName='List')] [Alias('Top')] [Microsoft.Graph.PowerShell.Category('Query')] [System.Int32] # Show only the first n items ${PageSize}, [Parameter(ParameterSetName='List')] [Microsoft.Graph.PowerShell.Category('Query')] [System.String] # Search items by search phrases ${Search}, [Parameter(ParameterSetName='List')] [Microsoft.Graph.PowerShell.Category('Query')] [System.Int32] # Skip the first n items ${Skip}, [Parameter(ParameterSetName='List')] [Alias('OrderBy')] [Microsoft.Graph.PowerShell.Category('Query')] [System.String[]] # Order items by property values ${Sort}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ Get = 'Microsoft.Graph.Identity.AuditLogs.private\Get-MgAuditLogRestrictedSignIn_Get'; GetViaIdentity = 'Microsoft.Graph.Identity.AuditLogs.private\Get-MgAuditLogRestrictedSignIn_GetViaIdentity'; List = 'Microsoft.Graph.Identity.AuditLogs.private\Get-MgAuditLogRestrictedSignIn_List'; } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } # ---------------------------------------------------------------------------------- # # Copyright Microsoft Corporation # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # ---------------------------------------------------------------------------------- <# .Synopsis Get auditLogs .Description Get auditLogs .Example PS C:\> {{ Add code here }} {{ Add output here }} .Example PS C:\> {{ Add code here }} {{ Add output here }} .Outputs Microsoft.Graph.PowerShell.Models.IMicrosoftGraphAuditLogRoot .Link https://docs.microsoft.com/en-us/powershell/module/microsoft.graph.identity.auditlogs/get-mgauditlogrootauditlogroot #> function Get-MgAuditLogRootAuditLogRoot { [OutputType([Microsoft.Graph.PowerShell.Models.IMicrosoftGraphAuditLogRoot])] [CmdletBinding(DefaultParameterSetName='Get', PositionalBinding=$false)] param( [Parameter()] [Alias('Expand')] [Microsoft.Graph.PowerShell.Category('Query')] [System.String[]] # Expand related entities ${ExpandProperty}, [Parameter()] [Alias('Select')] [Microsoft.Graph.PowerShell.Category('Query')] [System.String[]] # Select properties to be returned ${Property}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ Get = 'Microsoft.Graph.Identity.AuditLogs.private\Get-MgAuditLogRootAuditLogRoot_Get'; } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } # ---------------------------------------------------------------------------------- # # Copyright Microsoft Corporation # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # ---------------------------------------------------------------------------------- <# .Synopsis Get signIns from auditLogs .Description Get signIns from auditLogs .Example PS C:\> {{ Add code here }} {{ Add output here }} .Example PS C:\> {{ Add code here }} {{ Add output here }} .Inputs Microsoft.Graph.PowerShell.Models.IIdentityAuditLogsIdentity .Outputs Microsoft.Graph.PowerShell.Models.IMicrosoftGraphSignIn .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. INPUTOBJECT <IIdentityAuditLogsIdentity>: Identity Parameter [DirectoryAuditId <String>]: key: directoryAudit-id of directoryAudit [ProvisioningObjectSummaryId <String>]: key: provisioningObjectSummary-id of provisioningObjectSummary [RestrictedSignInId <String>]: key: restrictedSignIn-id of restrictedSignIn [SignInId <String>]: key: signIn-id of signIn .Link https://docs.microsoft.com/en-us/powershell/module/microsoft.graph.identity.auditlogs/get-mgauditlogsignin #> function Get-MgAuditLogSignIn { [OutputType([Microsoft.Graph.PowerShell.Models.IMicrosoftGraphSignIn])] [CmdletBinding(DefaultParameterSetName='List', PositionalBinding=$false)] param( [Parameter(ParameterSetName='Get', Mandatory)] [Microsoft.Graph.PowerShell.Category('Path')] [System.String] # key: signIn-id of signIn ${SignInId}, [Parameter(ParameterSetName='GetViaIdentity', Mandatory, ValueFromPipeline)] [Microsoft.Graph.PowerShell.Category('Path')] [Microsoft.Graph.PowerShell.Models.IIdentityAuditLogsIdentity] # Identity Parameter # To construct, see NOTES section for INPUTOBJECT properties and create a hash table. ${InputObject}, [Parameter()] [Alias('Expand')] [Microsoft.Graph.PowerShell.Category('Query')] [System.String[]] # Expand related entities ${ExpandProperty}, [Parameter()] [Alias('Select')] [Microsoft.Graph.PowerShell.Category('Query')] [System.String[]] # Select properties to be returned ${Property}, [Parameter(ParameterSetName='List')] [Microsoft.Graph.PowerShell.Category('Query')] [System.Management.Automation.SwitchParameter] # Include count of items ${Count}, [Parameter(ParameterSetName='List')] [Microsoft.Graph.PowerShell.Category('Query')] [System.String] # Filter items by property values ${Filter}, [Parameter(ParameterSetName='List')] [Alias('Top')] [Microsoft.Graph.PowerShell.Category('Query')] [System.Int32] # Show only the first n items ${PageSize}, [Parameter(ParameterSetName='List')] [Microsoft.Graph.PowerShell.Category('Query')] [System.String] # Search items by search phrases ${Search}, [Parameter(ParameterSetName='List')] [Microsoft.Graph.PowerShell.Category('Query')] [System.Int32] # Skip the first n items ${Skip}, [Parameter(ParameterSetName='List')] [Alias('OrderBy')] [Microsoft.Graph.PowerShell.Category('Query')] [System.String[]] # Order items by property values ${Sort}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ Get = 'Microsoft.Graph.Identity.AuditLogs.private\Get-MgAuditLogSignIn_Get'; GetViaIdentity = 'Microsoft.Graph.Identity.AuditLogs.private\Get-MgAuditLogSignIn_GetViaIdentity'; List = 'Microsoft.Graph.Identity.AuditLogs.private\Get-MgAuditLogSignIn_List'; } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } # ---------------------------------------------------------------------------------- # # Copyright Microsoft Corporation # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # ---------------------------------------------------------------------------------- <# .Synopsis Create new navigation property to directoryAudits for auditLogs .Description Create new navigation property to directoryAudits for auditLogs .Example PS C:\> {{ Add code here }} {{ Add output here }} .Example PS C:\> {{ Add code here }} {{ Add output here }} .Inputs Microsoft.Graph.PowerShell.Models.IMicrosoftGraphDirectoryAudit .Outputs Microsoft.Graph.PowerShell.Models.IMicrosoftGraphDirectoryAudit .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. ADDITIONALDETAILS <IMicrosoftGraphKeyValue[]>: Indicates additional details on the activity. [Key <String>]: Key for the key-value pair. [Value <String>]: Value for the key-value pair. BODYPARAMETER <IMicrosoftGraphDirectoryAudit>: directoryAudit [Id <String>]: Read-only. [ActivityDateTime <DateTime?>]: Indicates the date and time the activity was performed. The Timestamp type is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z' [ActivityDisplayName <String>]: Indicates the activity name or the operation name (examples: 'Create User' and 'Add member to group'). For full list, see Azure AD activity list. [AdditionalDetails <IMicrosoftGraphKeyValue[]>]: Indicates additional details on the activity. [Key <String>]: Key for the key-value pair. [Value <String>]: Value for the key-value pair. [AppDisplayName <String>]: Refers to the Application Name displayed in the Azure Portal. [AppId <String>]: Refers to the Unique GUID representing Application Id in the Azure Active Directory. [AppServicePrincipalId <String>]: Refers to the Unique GUID indicating Service Principal Id in Azure Active Directory for the corresponding App. [AppServicePrincipalName <String>]: Refers to the Service Principal Name is the Application name in the tenant. [Category <String>]: Indicates which resource category that's targeted by the activity. (For example: User Management, Group Management etc..) [CorrelationId <String>]: Indicates a unique ID that helps correlate activities that span across various services. Can be used to trace logs across services. [LoggedByService <String>]: Indicates information on which service initiated the activity (For example: Self-service Password Management, Core Directory, B2C, Invited Users, Microsoft Identity Manager, Privileged Identity Management. [OperationType <String>]: [Result <String>]: operationResult [ResultReason <String>]: Describes cause of 'failure' or 'timeout' results. [TargetResources <IMicrosoftGraphTargetResource[]>]: Indicates information on which resource was changed due to the activity. Target Resource Type can be User, Device, Directory, App, Role, Group, Policy or Other. [DisplayName <String>]: Indicates the visible name defined for the resource. Typically specified when the resource is created. [GroupType <String>]: groupType [Id <String>]: Indicates the unique ID of the resource. [ModifiedProperties <IMicrosoftGraphModifiedProperty[]>]: Indicates name, old value and new value of each attribute that changed. Property values depend on the operation type. [DisplayName <String>]: Indicates the property name of the target attribute that was changed. [NewValue <String>]: Indicates the updated value for the propery. [OldValue <String>]: Indicates the previous value (before the update) for the property. [Type <String>]: Describes the resource type. Example values include Application, Group, ServicePrincipal, and User. [UserPrincipalName <String>]: When type is set to User, this includes the user name that initiated the action; null for other types. [UserDisplayName <String>]: The identity's display name. Note that this may not always be available or up to date. For example, if a user changes their display name, the API may show the new value in a future response, but the items associated with the user won't show up as having changed when using delta. [UserIPAddress <String>]: Indicates the client IP address used by user performing the activity (audit log only). [UserId <String>]: Unique identifier for the identity. [UserPrincipalName <String>]: The userPrincipalName attribute of the user. TARGETRESOURCES <IMicrosoftGraphTargetResource[]>: Indicates information on which resource was changed due to the activity. Target Resource Type can be User, Device, Directory, App, Role, Group, Policy or Other. [DisplayName <String>]: Indicates the visible name defined for the resource. Typically specified when the resource is created. [GroupType <String>]: groupType [Id <String>]: Indicates the unique ID of the resource. [ModifiedProperties <IMicrosoftGraphModifiedProperty[]>]: Indicates name, old value and new value of each attribute that changed. Property values depend on the operation type. [DisplayName <String>]: Indicates the property name of the target attribute that was changed. [NewValue <String>]: Indicates the updated value for the propery. [OldValue <String>]: Indicates the previous value (before the update) for the property. [Type <String>]: Describes the resource type. Example values include Application, Group, ServicePrincipal, and User. [UserPrincipalName <String>]: When type is set to User, this includes the user name that initiated the action; null for other types. .Link https://docs.microsoft.com/en-us/powershell/module/microsoft.graph.identity.auditlogs/new-mgauditlogdirectoryaudit #> function New-MgAuditLogDirectoryAudit { [OutputType([Microsoft.Graph.PowerShell.Models.IMicrosoftGraphDirectoryAudit])] [CmdletBinding(DefaultParameterSetName='CreateExpanded', PositionalBinding=$false, SupportsShouldProcess, ConfirmImpact='Medium')] param( [Parameter(ParameterSetName='Create', Mandatory, ValueFromPipeline)] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphDirectoryAudit] # directoryAudit # To construct, see NOTES section for BODYPARAMETER properties and create a hash table. ${BodyParameter}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.DateTime] # Indicates the date and time the activity was performed. # The Timestamp type is always in UTC time. # For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z' ${ActivityDateTime}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Indicates the activity name or the operation name (examples: 'Create User' and 'Add member to group'). # For full list, see Azure AD activity list. ${ActivityDisplayName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphKeyValue[]] # Indicates additional details on the activity. # To construct, see NOTES section for ADDITIONALDETAILS properties and create a hash table. ${AdditionalDetails}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Refers to the Application Name displayed in the Azure Portal. ${AppDisplayName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Refers to the Unique GUID representing Application Id in the Azure Active Directory. ${AppId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Refers to the Unique GUID indicating Service Principal Id in Azure Active Directory for the corresponding App. ${AppServicePrincipalId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Refers to the Service Principal Name is the Application name in the tenant. ${AppServicePrincipalName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Indicates which resource category that's targeted by the activity. # (For example: User Management, Group Management etc..) ${Category}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Indicates a unique ID that helps correlate activities that span across various services. # Can be used to trace logs across services. ${CorrelationId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Read-only. ${Id}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Indicates information on which service initiated the activity (For example: Self-service Password Management, Core Directory, B2C, Invited Users, Microsoft Identity Manager, Privileged Identity Management. ${LoggedByService}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${OperationType}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # operationResult ${Result}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Describes cause of 'failure' or 'timeout' results. ${ResultReason}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphTargetResource[]] # Indicates information on which resource was changed due to the activity. # Target Resource Type can be User, Device, Directory, App, Role, Group, Policy or Other. # To construct, see NOTES section for TARGETRESOURCES properties and create a hash table. ${TargetResources}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # The identity's display name. # Note that this may not always be available or up to date. # For example, if a user changes their display name, the API may show the new value in a future response, but the items associated with the user won't show up as having changed when using delta. ${UserDisplayName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Indicates the client IP address used by user performing the activity (audit log only). ${UserIPAddress}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Unique identifier for the identity. ${UserId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # The userPrincipalName attribute of the user. ${UserPrincipalName}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ Create = 'Microsoft.Graph.Identity.AuditLogs.private\New-MgAuditLogDirectoryAudit_Create'; CreateExpanded = 'Microsoft.Graph.Identity.AuditLogs.private\New-MgAuditLogDirectoryAudit_CreateExpanded'; } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } # ---------------------------------------------------------------------------------- # # Copyright Microsoft Corporation # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # ---------------------------------------------------------------------------------- <# .Synopsis Create new navigation property to directoryProvisioning for auditLogs .Description Create new navigation property to directoryProvisioning for auditLogs .Example PS C:\> {{ Add code here }} {{ Add output here }} .Example PS C:\> {{ Add code here }} {{ Add output here }} .Inputs Microsoft.Graph.PowerShell.Models.IMicrosoftGraphProvisioningObjectSummary .Outputs Microsoft.Graph.PowerShell.Models.IMicrosoftGraphProvisioningObjectSummary .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. BODYPARAMETER <IMicrosoftGraphProvisioningObjectSummary>: provisioningObjectSummary [Id <String>]: Read-only. [Action <String>]: [ActivityDateTime <DateTime?>]: [ChangeId <String>]: [CycleId <String>]: [DurationInMilliseconds <Int32?>]: [InitiatedByDisplayName <String>]: [InitiatedById <String>]: [InitiatedByInitiatorType <String>]: initiatorType [JobId <String>]: [ModifiedProperties <IMicrosoftGraphModifiedProperty[]>]: [DisplayName <String>]: Indicates the property name of the target attribute that was changed. [NewValue <String>]: Indicates the updated value for the propery. [OldValue <String>]: Indicates the previous value (before the update) for the property. [ProvisioningSteps <IMicrosoftGraphProvisioningStep[]>]: [Description <String>]: [Details <IMicrosoftGraphDetailsInfo>]: detailsInfo [Name <String>]: [ProvisioningStepType <String>]: provisioningStepType [Status <String>]: provisioningResult [ServicePrincipalDisplayName <String>]: The identity's display name. Note that this may not always be available or up to date. For example, if a user changes their display name, the API may show the new value in a future response, but the items associated with the user won't show up as having changed when using delta. [ServicePrincipalId <String>]: Unique identifier for the identity. [SourceIdentityDetails <IMicrosoftGraphDetailsInfo>]: detailsInfo [SourceIdentityDisplayName <String>]: [SourceIdentityId <String>]: [SourceIdentityType <String>]: [SourceSystemDetails <IMicrosoftGraphDetailsInfo>]: detailsInfo [SourceSystemDisplayName <String>]: [SourceSystemId <String>]: [StatusInfoStatus <String>]: provisioningResult [TargetIdentityDetails <IMicrosoftGraphDetailsInfo>]: detailsInfo [TargetIdentityDisplayName <String>]: [TargetIdentityId <String>]: [TargetIdentityType <String>]: [TargetSystemDetails <IMicrosoftGraphDetailsInfo>]: detailsInfo [TargetSystemDisplayName <String>]: [TargetSystemId <String>]: [TenantId <String>]: MODIFIEDPROPERTIES <IMicrosoftGraphModifiedProperty[]>: . [DisplayName <String>]: Indicates the property name of the target attribute that was changed. [NewValue <String>]: Indicates the updated value for the propery. [OldValue <String>]: Indicates the previous value (before the update) for the property. PROVISIONINGSTEPS <IMicrosoftGraphProvisioningStep[]>: . [Description <String>]: [Details <IMicrosoftGraphDetailsInfo>]: detailsInfo [Name <String>]: [ProvisioningStepType <String>]: provisioningStepType [Status <String>]: provisioningResult .Link https://docs.microsoft.com/en-us/powershell/module/microsoft.graph.identity.auditlogs/new-mgauditlogdirectoryprovisioning #> function New-MgAuditLogDirectoryProvisioning { [OutputType([Microsoft.Graph.PowerShell.Models.IMicrosoftGraphProvisioningObjectSummary])] [CmdletBinding(DefaultParameterSetName='CreateExpanded', PositionalBinding=$false, SupportsShouldProcess, ConfirmImpact='Medium')] param( [Parameter(ParameterSetName='Create', Mandatory, ValueFromPipeline)] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphProvisioningObjectSummary] # provisioningObjectSummary # To construct, see NOTES section for BODYPARAMETER properties and create a hash table. ${BodyParameter}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${Action}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.DateTime] # . ${ActivityDateTime}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${ChangeId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${CycleId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Int32] # . ${DurationInMilliseconds}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Read-only. ${Id}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${InitiatedByDisplayName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${InitiatedById}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # initiatorType ${InitiatedByInitiatorType}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${JobId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphModifiedProperty[]] # . # To construct, see NOTES section for MODIFIEDPROPERTIES properties and create a hash table. ${ModifiedProperties}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphProvisioningStep[]] # . # To construct, see NOTES section for PROVISIONINGSTEPS properties and create a hash table. ${ProvisioningSteps}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # The identity's display name. # Note that this may not always be available or up to date. # For example, if a user changes their display name, the API may show the new value in a future response, but the items associated with the user won't show up as having changed when using delta. ${ServicePrincipalDisplayName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Unique identifier for the identity. ${ServicePrincipalId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphDetailsInfo] # detailsInfo ${SourceIdentityDetails}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${SourceIdentityDisplayName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${SourceIdentityId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${SourceIdentityType}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphDetailsInfo] # detailsInfo ${SourceSystemDetails}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${SourceSystemDisplayName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${SourceSystemId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # provisioningResult ${StatusInfoStatus}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphDetailsInfo] # detailsInfo ${TargetIdentityDetails}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TargetIdentityDisplayName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TargetIdentityId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TargetIdentityType}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphDetailsInfo] # detailsInfo ${TargetSystemDetails}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TargetSystemDisplayName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TargetSystemId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TenantId}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ Create = 'Microsoft.Graph.Identity.AuditLogs.private\New-MgAuditLogDirectoryProvisioning_Create'; CreateExpanded = 'Microsoft.Graph.Identity.AuditLogs.private\New-MgAuditLogDirectoryProvisioning_CreateExpanded'; } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } # ---------------------------------------------------------------------------------- # # Copyright Microsoft Corporation # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # ---------------------------------------------------------------------------------- <# .Synopsis Create new navigation property to provisioning for auditLogs .Description Create new navigation property to provisioning for auditLogs .Example PS C:\> {{ Add code here }} {{ Add output here }} .Example PS C:\> {{ Add code here }} {{ Add output here }} .Inputs Microsoft.Graph.PowerShell.Models.IMicrosoftGraphProvisioningObjectSummary .Outputs Microsoft.Graph.PowerShell.Models.IMicrosoftGraphProvisioningObjectSummary .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. BODYPARAMETER <IMicrosoftGraphProvisioningObjectSummary>: provisioningObjectSummary [Id <String>]: Read-only. [Action <String>]: [ActivityDateTime <DateTime?>]: [ChangeId <String>]: [CycleId <String>]: [DurationInMilliseconds <Int32?>]: [InitiatedByDisplayName <String>]: [InitiatedById <String>]: [InitiatedByInitiatorType <String>]: initiatorType [JobId <String>]: [ModifiedProperties <IMicrosoftGraphModifiedProperty[]>]: [DisplayName <String>]: Indicates the property name of the target attribute that was changed. [NewValue <String>]: Indicates the updated value for the propery. [OldValue <String>]: Indicates the previous value (before the update) for the property. [ProvisioningSteps <IMicrosoftGraphProvisioningStep[]>]: [Description <String>]: [Details <IMicrosoftGraphDetailsInfo>]: detailsInfo [Name <String>]: [ProvisioningStepType <String>]: provisioningStepType [Status <String>]: provisioningResult [ServicePrincipalDisplayName <String>]: The identity's display name. Note that this may not always be available or up to date. For example, if a user changes their display name, the API may show the new value in a future response, but the items associated with the user won't show up as having changed when using delta. [ServicePrincipalId <String>]: Unique identifier for the identity. [SourceIdentityDetails <IMicrosoftGraphDetailsInfo>]: detailsInfo [SourceIdentityDisplayName <String>]: [SourceIdentityId <String>]: [SourceIdentityType <String>]: [SourceSystemDetails <IMicrosoftGraphDetailsInfo>]: detailsInfo [SourceSystemDisplayName <String>]: [SourceSystemId <String>]: [StatusInfoStatus <String>]: provisioningResult [TargetIdentityDetails <IMicrosoftGraphDetailsInfo>]: detailsInfo [TargetIdentityDisplayName <String>]: [TargetIdentityId <String>]: [TargetIdentityType <String>]: [TargetSystemDetails <IMicrosoftGraphDetailsInfo>]: detailsInfo [TargetSystemDisplayName <String>]: [TargetSystemId <String>]: [TenantId <String>]: MODIFIEDPROPERTIES <IMicrosoftGraphModifiedProperty[]>: . [DisplayName <String>]: Indicates the property name of the target attribute that was changed. [NewValue <String>]: Indicates the updated value for the propery. [OldValue <String>]: Indicates the previous value (before the update) for the property. PROVISIONINGSTEPS <IMicrosoftGraphProvisioningStep[]>: . [Description <String>]: [Details <IMicrosoftGraphDetailsInfo>]: detailsInfo [Name <String>]: [ProvisioningStepType <String>]: provisioningStepType [Status <String>]: provisioningResult .Link https://docs.microsoft.com/en-us/powershell/module/microsoft.graph.identity.auditlogs/new-mgauditlogprovisioning #> function New-MgAuditLogProvisioning { [OutputType([Microsoft.Graph.PowerShell.Models.IMicrosoftGraphProvisioningObjectSummary])] [CmdletBinding(DefaultParameterSetName='CreateExpanded', PositionalBinding=$false, SupportsShouldProcess, ConfirmImpact='Medium')] param( [Parameter(ParameterSetName='Create', Mandatory, ValueFromPipeline)] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphProvisioningObjectSummary] # provisioningObjectSummary # To construct, see NOTES section for BODYPARAMETER properties and create a hash table. ${BodyParameter}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${Action}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.DateTime] # . ${ActivityDateTime}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${ChangeId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${CycleId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Int32] # . ${DurationInMilliseconds}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Read-only. ${Id}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${InitiatedByDisplayName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${InitiatedById}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # initiatorType ${InitiatedByInitiatorType}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${JobId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphModifiedProperty[]] # . # To construct, see NOTES section for MODIFIEDPROPERTIES properties and create a hash table. ${ModifiedProperties}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphProvisioningStep[]] # . # To construct, see NOTES section for PROVISIONINGSTEPS properties and create a hash table. ${ProvisioningSteps}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # The identity's display name. # Note that this may not always be available or up to date. # For example, if a user changes their display name, the API may show the new value in a future response, but the items associated with the user won't show up as having changed when using delta. ${ServicePrincipalDisplayName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Unique identifier for the identity. ${ServicePrincipalId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphDetailsInfo] # detailsInfo ${SourceIdentityDetails}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${SourceIdentityDisplayName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${SourceIdentityId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${SourceIdentityType}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphDetailsInfo] # detailsInfo ${SourceSystemDetails}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${SourceSystemDisplayName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${SourceSystemId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # provisioningResult ${StatusInfoStatus}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphDetailsInfo] # detailsInfo ${TargetIdentityDetails}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TargetIdentityDisplayName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TargetIdentityId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TargetIdentityType}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphDetailsInfo] # detailsInfo ${TargetSystemDetails}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TargetSystemDisplayName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TargetSystemId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TenantId}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ Create = 'Microsoft.Graph.Identity.AuditLogs.private\New-MgAuditLogProvisioning_Create'; CreateExpanded = 'Microsoft.Graph.Identity.AuditLogs.private\New-MgAuditLogProvisioning_CreateExpanded'; } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } # ---------------------------------------------------------------------------------- # # Copyright Microsoft Corporation # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # ---------------------------------------------------------------------------------- <# .Synopsis Create new navigation property to restrictedSignIns for auditLogs .Description Create new navigation property to restrictedSignIns for auditLogs .Example PS C:\> {{ Add code here }} {{ Add output here }} .Example PS C:\> {{ Add code here }} {{ Add output here }} .Inputs Microsoft.Graph.PowerShell.Models.IMicrosoftGraphRestrictedSignIn .Outputs Microsoft.Graph.PowerShell.Models.IMicrosoftGraphRestrictedSignIn .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. APPLIEDCONDITIONALACCESSPOLICIES <IMicrosoftGraphAppliedConditionalAccessPolicy[]>: . [ConditionsNotSatisfied <String>]: conditionalAccessConditions [ConditionsSatisfied <String>]: conditionalAccessConditions [DisplayName <String>]: Refers to the Name of the conditional access policy (example: 'Require MFA for Salesforce'). [EnforcedGrantControls <String[]>]: Refers to the grant controls enforced by the conditional access policy (example: 'Require multi-factor authentication'). [EnforcedSessionControls <String[]>]: Refers to the session controls enforced by the conditional access policy (example: 'Require app enforced controls'). [Id <String>]: Unique GUID of the conditional access polic.y [Result <String>]: appliedConditionalAccessPolicyResult AUTHENTICATIONDETAILS <IMicrosoftGraphAuthenticationDetail[]>: . [AuthenticationMethod <String>]: [AuthenticationMethodDetail <String>]: [AuthenticationStepDateTime <DateTime?>]: [AuthenticationStepRequirement <String>]: [AuthenticationStepResultDetail <String>]: [Succeeded <Boolean?>]: AUTHENTICATIONPROCESSINGDETAILS <IMicrosoftGraphKeyValue[]>: . [Key <String>]: Key for the key-value pair. [Value <String>]: Value for the key-value pair. AUTHENTICATIONREQUIREMENTPOLICIES <IMicrosoftGraphAuthenticationRequirementPolicy[]>: . [Detail <String>]: [RequirementProvider <String>]: requirementProvider BODYPARAMETER <IMicrosoftGraphRestrictedSignIn>: restrictedSignIn [AlternateSignInName <String>]: [AppDisplayName <String>]: App name displayed in the Azure Portal. [AppId <String>]: Unique GUID representing the app ID in the Azure Active Directory. [AppliedConditionalAccessPolicies <IMicrosoftGraphAppliedConditionalAccessPolicy[]>]: [ConditionsNotSatisfied <String>]: conditionalAccessConditions [ConditionsSatisfied <String>]: conditionalAccessConditions [DisplayName <String>]: Refers to the Name of the conditional access policy (example: 'Require MFA for Salesforce'). [EnforcedGrantControls <String[]>]: Refers to the grant controls enforced by the conditional access policy (example: 'Require multi-factor authentication'). [EnforcedSessionControls <String[]>]: Refers to the session controls enforced by the conditional access policy (example: 'Require app enforced controls'). [Id <String>]: Unique GUID of the conditional access polic.y [Result <String>]: appliedConditionalAccessPolicyResult [AuthenticationDetails <IMicrosoftGraphAuthenticationDetail[]>]: [AuthenticationMethod <String>]: [AuthenticationMethodDetail <String>]: [AuthenticationStepDateTime <DateTime?>]: [AuthenticationStepRequirement <String>]: [AuthenticationStepResultDetail <String>]: [Succeeded <Boolean?>]: [AuthenticationMethodsUsed <String[]>]: [AuthenticationProcessingDetails <IMicrosoftGraphKeyValue[]>]: [Key <String>]: Key for the key-value pair. [Value <String>]: Value for the key-value pair. [AuthenticationRequirement <String>]: [AuthenticationRequirementPolicies <IMicrosoftGraphAuthenticationRequirementPolicy[]>]: [Detail <String>]: [RequirementProvider <String>]: requirementProvider [ClientAppUsed <String>]: Identifies the legacy client used for sign-in activity. Includes Browser, Exchange Active Sync, modern clients, IMAP, MAPI, SMTP, and POP. [ConditionalAccessStatus <String>]: conditionalAccessStatus [CorrelationId <String>]: The request ID sent from the client when the sign-in is initiated; used to troubleshoot sign-in activity. [CreatedDateTime <DateTime?>]: Date and time (UTC) the sign-in was initiated. Example: midnight on Jan 1, 2014 is reported as '2014-01-01T00:00:00Z'. [DeviceDetailBrowser <String>]: Indicates the browser information of the used for signing in. [DeviceDetailBrowserId <String>]: [DeviceDetailDeviceId <String>]: Refers to the UniqueID of the device used for signing in. [DeviceDetailDisplayName <String>]: Refers to the name of the device used for signing in. [DeviceDetailIsCompliant <Boolean?>]: Indicates whether the device is compliant. [DeviceDetailIsManaged <Boolean?>]: Indicates whether the device is managed. [DeviceDetailOperatingSystem <String>]: Indicates the operating system name and version used for signing in. [DeviceDetailTrustType <String>]: Provides information about whether the signed-in device is Workplace Joined, AzureAD Joined, Domain Joined. [GeoCoordinateAltitude <Double?>]: Optional. The altitude (height), in feet, above sea level for the item. Read-only. [GeoCoordinateLatitude <Double?>]: Optional. The latitude, in decimal, for the item. Read-only. [GeoCoordinateLongitude <Double?>]: Optional. The longitude, in decimal, for the item. Read-only. [IPAddress <String>]: IP address of the client used to sign in. [IsInteractive <Boolean?>]: Indicates if a sign-in is interactive or not. [LocationCity <String>]: Provides the city where the sign-in originated. This is calculated using latitude/longitude information from the sign-in activity. [LocationCountryOrRegion <String>]: Provides the country code info (2 letter code) where the sign-in originated. This is calculated using latitude/longitude information from the sign-in activity. [LocationState <String>]: Provides the State where the sign-in originated. This is calculated using latitude/longitude information from the sign-in activity. [MfaDetailAuthDetail <String>]: [MfaDetailAuthMethod <String>]: [NetworkLocationDetails <IMicrosoftGraphNetworkLocationDetail[]>]: [NetworkNames <String[]>]: [NetworkType <String>]: networkType [OriginalRequestId <String>]: [ProcessingTimeInMilliseconds <Int32?>]: [ResourceDisplayName <String>]: Name of the resource the user signed into. [ResourceId <String>]: ID of the resource that the user signed into. [RiskDetail <String>]: riskDetail [RiskEventTypes <String[]>]: Risk event types associated with the sign-in. The possible values are: unlikelyTravel, anonymizedIPAddress, maliciousIPAddress, unfamiliarFeatures, malwareInfectedIPAddress, suspiciousIPAddress, leakedCredentials, investigationsThreatIntelligence, generic, and unknownFutureValue. [RiskEventTypesV2 <String[]>]: The list of risk event types associated with the sign-in. Possible values: unlikelyTravel, anonymizedIPAddress, maliciousIPAddress, unfamiliarFeatures, malwareInfectedIPAddress, suspiciousIPAddress, leakedCredentials, investigationsThreatIntelligence, generic, or unknownFutureValue. [RiskLevelAggregated <String>]: riskLevel [RiskLevelDuringSignIn <String>]: riskLevel [RiskState <String>]: riskState [ServicePrincipalId <String>]: [ServicePrincipalName <String>]: [StatusAdditionalDetails <String>]: Provides additional details on the sign-in activity [StatusErrorCode <Int32?>]: Provides the 5-6digit error code that's generated during a sign-in failure. Check out the list of error codes and messages. [StatusFailureReason <String>]: Provides the error message or the reason for failure for the corresponding sign-in activity. Check out the list of error codes and messages. [TokenIssuerName <String>]: [TokenIssuerType <String>]: tokenIssuerType [UserAgent <String>]: [UserDisplayName <String>]: Display name of the user that initiated the sign-in. [UserId <String>]: ID of the user that initiated the sign-in. [UserPrincipalName <String>]: User principal name of the user that initiated the sign-in. [Id <String>]: Read-only. [TargetTenantId <String>]: NETWORKLOCATIONDETAILS <IMicrosoftGraphNetworkLocationDetail[]>: . [NetworkNames <String[]>]: [NetworkType <String>]: networkType .Link https://docs.microsoft.com/en-us/powershell/module/microsoft.graph.identity.auditlogs/new-mgauditlogrestrictedsignin #> function New-MgAuditLogRestrictedSignIn { [OutputType([Microsoft.Graph.PowerShell.Models.IMicrosoftGraphRestrictedSignIn])] [CmdletBinding(DefaultParameterSetName='CreateExpanded', PositionalBinding=$false, SupportsShouldProcess, ConfirmImpact='Medium')] param( [Parameter(ParameterSetName='Create', Mandatory, ValueFromPipeline)] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphRestrictedSignIn] # restrictedSignIn # To construct, see NOTES section for BODYPARAMETER properties and create a hash table. ${BodyParameter}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${AlternateSignInName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # App name displayed in the Azure Portal. ${AppDisplayName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Unique GUID representing the app ID in the Azure Active Directory. ${AppId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphAppliedConditionalAccessPolicy[]] # . # To construct, see NOTES section for APPLIEDCONDITIONALACCESSPOLICIES properties and create a hash table. ${AppliedConditionalAccessPolicies}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphAuthenticationDetail[]] # . # To construct, see NOTES section for AUTHENTICATIONDETAILS properties and create a hash table. ${AuthenticationDetails}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String[]] # . ${AuthenticationMethodsUsed}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphKeyValue[]] # . # To construct, see NOTES section for AUTHENTICATIONPROCESSINGDETAILS properties and create a hash table. ${AuthenticationProcessingDetails}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${AuthenticationRequirement}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphAuthenticationRequirementPolicy[]] # . # To construct, see NOTES section for AUTHENTICATIONREQUIREMENTPOLICIES properties and create a hash table. ${AuthenticationRequirementPolicies}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Identifies the legacy client used for sign-in activity. # Includes Browser, Exchange Active Sync, modern clients, IMAP, MAPI, SMTP, and POP. ${ClientAppUsed}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # conditionalAccessStatus ${ConditionalAccessStatus}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # The request ID sent from the client when the sign-in is initiated; used to troubleshoot sign-in activity. ${CorrelationId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.DateTime] # Date and time (UTC) the sign-in was initiated. # Example: midnight on Jan 1, 2014 is reported as '2014-01-01T00:00:00Z'. ${CreatedDateTime}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Indicates the browser information of the used for signing in. ${DeviceDetailBrowser}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${DeviceDetailBrowserId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Refers to the UniqueID of the device used for signing in. ${DeviceDetailDeviceId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Refers to the name of the device used for signing in. ${DeviceDetailDisplayName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Management.Automation.SwitchParameter] # Indicates whether the device is compliant. ${DeviceDetailIsCompliant}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Management.Automation.SwitchParameter] # Indicates whether the device is managed. ${DeviceDetailIsManaged}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Indicates the operating system name and version used for signing in. ${DeviceDetailOperatingSystem}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Provides information about whether the signed-in device is Workplace Joined, AzureAD Joined, Domain Joined. ${DeviceDetailTrustType}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Double] # Optional. # The altitude (height), in feet, above sea level for the item. # Read-only. ${GeoCoordinateAltitude}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Double] # Optional. # The latitude, in decimal, for the item. # Read-only. ${GeoCoordinateLatitude}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Double] # Optional. # The longitude, in decimal, for the item. # Read-only. ${GeoCoordinateLongitude}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # IP address of the client used to sign in. ${IPAddress}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Read-only. ${Id}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Management.Automation.SwitchParameter] # Indicates if a sign-in is interactive or not. ${IsInteractive}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Provides the city where the sign-in originated. # This is calculated using latitude/longitude information from the sign-in activity. ${LocationCity}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Provides the country code info (2 letter code) where the sign-in originated. # This is calculated using latitude/longitude information from the sign-in activity. ${LocationCountryOrRegion}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Provides the State where the sign-in originated. # This is calculated using latitude/longitude information from the sign-in activity. ${LocationState}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${MfaDetailAuthDetail}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${MfaDetailAuthMethod}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphNetworkLocationDetail[]] # . # To construct, see NOTES section for NETWORKLOCATIONDETAILS properties and create a hash table. ${NetworkLocationDetails}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${OriginalRequestId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Int32] # . ${ProcessingTimeInMilliseconds}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Name of the resource the user signed into. ${ResourceDisplayName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # ID of the resource that the user signed into. ${ResourceId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # riskDetail ${RiskDetail}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String[]] # Risk event types associated with the sign-in. # The possible values are: unlikelyTravel, anonymizedIPAddress, maliciousIPAddress, unfamiliarFeatures, malwareInfectedIPAddress, suspiciousIPAddress, leakedCredentials, investigationsThreatIntelligence, generic, and unknownFutureValue. ${RiskEventTypes}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String[]] # The list of risk event types associated with the sign-in. # Possible values: unlikelyTravel, anonymizedIPAddress, maliciousIPAddress, unfamiliarFeatures, malwareInfectedIPAddress, suspiciousIPAddress, leakedCredentials, investigationsThreatIntelligence, generic, or unknownFutureValue. ${RiskEventTypesV2}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # riskLevel ${RiskLevelAggregated}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # riskLevel ${RiskLevelDuringSignIn}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # riskState ${RiskState}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${ServicePrincipalId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${ServicePrincipalName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Provides additional details on the sign-in activity ${StatusAdditionalDetails}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Int32] # Provides the 5-6digit error code that's generated during a sign-in failure. # Check out the list of error codes and messages. ${StatusErrorCode}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Provides the error message or the reason for failure for the corresponding sign-in activity. # Check out the list of error codes and messages. ${StatusFailureReason}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TargetTenantId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TokenIssuerName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # tokenIssuerType ${TokenIssuerType}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${UserAgent}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Display name of the user that initiated the sign-in. ${UserDisplayName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # ID of the user that initiated the sign-in. ${UserId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # User principal name of the user that initiated the sign-in. ${UserPrincipalName}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ Create = 'Microsoft.Graph.Identity.AuditLogs.private\New-MgAuditLogRestrictedSignIn_Create'; CreateExpanded = 'Microsoft.Graph.Identity.AuditLogs.private\New-MgAuditLogRestrictedSignIn_CreateExpanded'; } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } # ---------------------------------------------------------------------------------- # # Copyright Microsoft Corporation # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # ---------------------------------------------------------------------------------- <# .Synopsis Create new navigation property to signIns for auditLogs .Description Create new navigation property to signIns for auditLogs .Example PS C:\> {{ Add code here }} {{ Add output here }} .Example PS C:\> {{ Add code here }} {{ Add output here }} .Inputs Microsoft.Graph.PowerShell.Models.IMicrosoftGraphSignIn .Outputs Microsoft.Graph.PowerShell.Models.IMicrosoftGraphSignIn .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. APPLIEDCONDITIONALACCESSPOLICIES <IMicrosoftGraphAppliedConditionalAccessPolicy[]>: . [ConditionsNotSatisfied <String>]: conditionalAccessConditions [ConditionsSatisfied <String>]: conditionalAccessConditions [DisplayName <String>]: Refers to the Name of the conditional access policy (example: 'Require MFA for Salesforce'). [EnforcedGrantControls <String[]>]: Refers to the grant controls enforced by the conditional access policy (example: 'Require multi-factor authentication'). [EnforcedSessionControls <String[]>]: Refers to the session controls enforced by the conditional access policy (example: 'Require app enforced controls'). [Id <String>]: Unique GUID of the conditional access polic.y [Result <String>]: appliedConditionalAccessPolicyResult AUTHENTICATIONDETAILS <IMicrosoftGraphAuthenticationDetail[]>: . [AuthenticationMethod <String>]: [AuthenticationMethodDetail <String>]: [AuthenticationStepDateTime <DateTime?>]: [AuthenticationStepRequirement <String>]: [AuthenticationStepResultDetail <String>]: [Succeeded <Boolean?>]: AUTHENTICATIONPROCESSINGDETAILS <IMicrosoftGraphKeyValue[]>: . [Key <String>]: Key for the key-value pair. [Value <String>]: Value for the key-value pair. AUTHENTICATIONREQUIREMENTPOLICIES <IMicrosoftGraphAuthenticationRequirementPolicy[]>: . [Detail <String>]: [RequirementProvider <String>]: requirementProvider BODYPARAMETER <IMicrosoftGraphSignIn>: signIn [Id <String>]: Read-only. [AlternateSignInName <String>]: [AppDisplayName <String>]: App name displayed in the Azure Portal. [AppId <String>]: Unique GUID representing the app ID in the Azure Active Directory. [AppliedConditionalAccessPolicies <IMicrosoftGraphAppliedConditionalAccessPolicy[]>]: [ConditionsNotSatisfied <String>]: conditionalAccessConditions [ConditionsSatisfied <String>]: conditionalAccessConditions [DisplayName <String>]: Refers to the Name of the conditional access policy (example: 'Require MFA for Salesforce'). [EnforcedGrantControls <String[]>]: Refers to the grant controls enforced by the conditional access policy (example: 'Require multi-factor authentication'). [EnforcedSessionControls <String[]>]: Refers to the session controls enforced by the conditional access policy (example: 'Require app enforced controls'). [Id <String>]: Unique GUID of the conditional access polic.y [Result <String>]: appliedConditionalAccessPolicyResult [AuthenticationDetails <IMicrosoftGraphAuthenticationDetail[]>]: [AuthenticationMethod <String>]: [AuthenticationMethodDetail <String>]: [AuthenticationStepDateTime <DateTime?>]: [AuthenticationStepRequirement <String>]: [AuthenticationStepResultDetail <String>]: [Succeeded <Boolean?>]: [AuthenticationMethodsUsed <String[]>]: [AuthenticationProcessingDetails <IMicrosoftGraphKeyValue[]>]: [Key <String>]: Key for the key-value pair. [Value <String>]: Value for the key-value pair. [AuthenticationRequirement <String>]: [AuthenticationRequirementPolicies <IMicrosoftGraphAuthenticationRequirementPolicy[]>]: [Detail <String>]: [RequirementProvider <String>]: requirementProvider [ClientAppUsed <String>]: Identifies the legacy client used for sign-in activity. Includes Browser, Exchange Active Sync, modern clients, IMAP, MAPI, SMTP, and POP. [ConditionalAccessStatus <String>]: conditionalAccessStatus [CorrelationId <String>]: The request ID sent from the client when the sign-in is initiated; used to troubleshoot sign-in activity. [CreatedDateTime <DateTime?>]: Date and time (UTC) the sign-in was initiated. Example: midnight on Jan 1, 2014 is reported as '2014-01-01T00:00:00Z'. [DeviceDetailBrowser <String>]: Indicates the browser information of the used for signing in. [DeviceDetailBrowserId <String>]: [DeviceDetailDeviceId <String>]: Refers to the UniqueID of the device used for signing in. [DeviceDetailDisplayName <String>]: Refers to the name of the device used for signing in. [DeviceDetailIsCompliant <Boolean?>]: Indicates whether the device is compliant. [DeviceDetailIsManaged <Boolean?>]: Indicates whether the device is managed. [DeviceDetailOperatingSystem <String>]: Indicates the operating system name and version used for signing in. [DeviceDetailTrustType <String>]: Provides information about whether the signed-in device is Workplace Joined, AzureAD Joined, Domain Joined. [GeoCoordinateAltitude <Double?>]: Optional. The altitude (height), in feet, above sea level for the item. Read-only. [GeoCoordinateLatitude <Double?>]: Optional. The latitude, in decimal, for the item. Read-only. [GeoCoordinateLongitude <Double?>]: Optional. The longitude, in decimal, for the item. Read-only. [IPAddress <String>]: IP address of the client used to sign in. [IsInteractive <Boolean?>]: Indicates if a sign-in is interactive or not. [LocationCity <String>]: Provides the city where the sign-in originated. This is calculated using latitude/longitude information from the sign-in activity. [LocationCountryOrRegion <String>]: Provides the country code info (2 letter code) where the sign-in originated. This is calculated using latitude/longitude information from the sign-in activity. [LocationState <String>]: Provides the State where the sign-in originated. This is calculated using latitude/longitude information from the sign-in activity. [MfaDetailAuthDetail <String>]: [MfaDetailAuthMethod <String>]: [NetworkLocationDetails <IMicrosoftGraphNetworkLocationDetail[]>]: [NetworkNames <String[]>]: [NetworkType <String>]: networkType [OriginalRequestId <String>]: [ProcessingTimeInMilliseconds <Int32?>]: [ResourceDisplayName <String>]: Name of the resource the user signed into. [ResourceId <String>]: ID of the resource that the user signed into. [RiskDetail <String>]: riskDetail [RiskEventTypes <String[]>]: Risk event types associated with the sign-in. The possible values are: unlikelyTravel, anonymizedIPAddress, maliciousIPAddress, unfamiliarFeatures, malwareInfectedIPAddress, suspiciousIPAddress, leakedCredentials, investigationsThreatIntelligence, generic, and unknownFutureValue. [RiskEventTypesV2 <String[]>]: The list of risk event types associated with the sign-in. Possible values: unlikelyTravel, anonymizedIPAddress, maliciousIPAddress, unfamiliarFeatures, malwareInfectedIPAddress, suspiciousIPAddress, leakedCredentials, investigationsThreatIntelligence, generic, or unknownFutureValue. [RiskLevelAggregated <String>]: riskLevel [RiskLevelDuringSignIn <String>]: riskLevel [RiskState <String>]: riskState [ServicePrincipalId <String>]: [ServicePrincipalName <String>]: [StatusAdditionalDetails <String>]: Provides additional details on the sign-in activity [StatusErrorCode <Int32?>]: Provides the 5-6digit error code that's generated during a sign-in failure. Check out the list of error codes and messages. [StatusFailureReason <String>]: Provides the error message or the reason for failure for the corresponding sign-in activity. Check out the list of error codes and messages. [TokenIssuerName <String>]: [TokenIssuerType <String>]: tokenIssuerType [UserAgent <String>]: [UserDisplayName <String>]: Display name of the user that initiated the sign-in. [UserId <String>]: ID of the user that initiated the sign-in. [UserPrincipalName <String>]: User principal name of the user that initiated the sign-in. NETWORKLOCATIONDETAILS <IMicrosoftGraphNetworkLocationDetail[]>: . [NetworkNames <String[]>]: [NetworkType <String>]: networkType .Link https://docs.microsoft.com/en-us/powershell/module/microsoft.graph.identity.auditlogs/new-mgauditlogsignin #> function New-MgAuditLogSignIn { [OutputType([Microsoft.Graph.PowerShell.Models.IMicrosoftGraphSignIn])] [CmdletBinding(DefaultParameterSetName='CreateExpanded', PositionalBinding=$false, SupportsShouldProcess, ConfirmImpact='Medium')] param( [Parameter(ParameterSetName='Create', Mandatory, ValueFromPipeline)] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphSignIn] # signIn # To construct, see NOTES section for BODYPARAMETER properties and create a hash table. ${BodyParameter}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${AlternateSignInName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # App name displayed in the Azure Portal. ${AppDisplayName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Unique GUID representing the app ID in the Azure Active Directory. ${AppId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphAppliedConditionalAccessPolicy[]] # . # To construct, see NOTES section for APPLIEDCONDITIONALACCESSPOLICIES properties and create a hash table. ${AppliedConditionalAccessPolicies}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphAuthenticationDetail[]] # . # To construct, see NOTES section for AUTHENTICATIONDETAILS properties and create a hash table. ${AuthenticationDetails}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String[]] # . ${AuthenticationMethodsUsed}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphKeyValue[]] # . # To construct, see NOTES section for AUTHENTICATIONPROCESSINGDETAILS properties and create a hash table. ${AuthenticationProcessingDetails}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${AuthenticationRequirement}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphAuthenticationRequirementPolicy[]] # . # To construct, see NOTES section for AUTHENTICATIONREQUIREMENTPOLICIES properties and create a hash table. ${AuthenticationRequirementPolicies}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Identifies the legacy client used for sign-in activity. # Includes Browser, Exchange Active Sync, modern clients, IMAP, MAPI, SMTP, and POP. ${ClientAppUsed}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # conditionalAccessStatus ${ConditionalAccessStatus}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # The request ID sent from the client when the sign-in is initiated; used to troubleshoot sign-in activity. ${CorrelationId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.DateTime] # Date and time (UTC) the sign-in was initiated. # Example: midnight on Jan 1, 2014 is reported as '2014-01-01T00:00:00Z'. ${CreatedDateTime}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Indicates the browser information of the used for signing in. ${DeviceDetailBrowser}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${DeviceDetailBrowserId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Refers to the UniqueID of the device used for signing in. ${DeviceDetailDeviceId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Refers to the name of the device used for signing in. ${DeviceDetailDisplayName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Management.Automation.SwitchParameter] # Indicates whether the device is compliant. ${DeviceDetailIsCompliant}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Management.Automation.SwitchParameter] # Indicates whether the device is managed. ${DeviceDetailIsManaged}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Indicates the operating system name and version used for signing in. ${DeviceDetailOperatingSystem}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Provides information about whether the signed-in device is Workplace Joined, AzureAD Joined, Domain Joined. ${DeviceDetailTrustType}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Double] # Optional. # The altitude (height), in feet, above sea level for the item. # Read-only. ${GeoCoordinateAltitude}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Double] # Optional. # The latitude, in decimal, for the item. # Read-only. ${GeoCoordinateLatitude}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Double] # Optional. # The longitude, in decimal, for the item. # Read-only. ${GeoCoordinateLongitude}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # IP address of the client used to sign in. ${IPAddress}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Read-only. ${Id}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Management.Automation.SwitchParameter] # Indicates if a sign-in is interactive or not. ${IsInteractive}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Provides the city where the sign-in originated. # This is calculated using latitude/longitude information from the sign-in activity. ${LocationCity}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Provides the country code info (2 letter code) where the sign-in originated. # This is calculated using latitude/longitude information from the sign-in activity. ${LocationCountryOrRegion}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Provides the State where the sign-in originated. # This is calculated using latitude/longitude information from the sign-in activity. ${LocationState}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${MfaDetailAuthDetail}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${MfaDetailAuthMethod}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphNetworkLocationDetail[]] # . # To construct, see NOTES section for NETWORKLOCATIONDETAILS properties and create a hash table. ${NetworkLocationDetails}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${OriginalRequestId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Int32] # . ${ProcessingTimeInMilliseconds}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Name of the resource the user signed into. ${ResourceDisplayName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # ID of the resource that the user signed into. ${ResourceId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # riskDetail ${RiskDetail}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String[]] # Risk event types associated with the sign-in. # The possible values are: unlikelyTravel, anonymizedIPAddress, maliciousIPAddress, unfamiliarFeatures, malwareInfectedIPAddress, suspiciousIPAddress, leakedCredentials, investigationsThreatIntelligence, generic, and unknownFutureValue. ${RiskEventTypes}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String[]] # The list of risk event types associated with the sign-in. # Possible values: unlikelyTravel, anonymizedIPAddress, maliciousIPAddress, unfamiliarFeatures, malwareInfectedIPAddress, suspiciousIPAddress, leakedCredentials, investigationsThreatIntelligence, generic, or unknownFutureValue. ${RiskEventTypesV2}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # riskLevel ${RiskLevelAggregated}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # riskLevel ${RiskLevelDuringSignIn}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # riskState ${RiskState}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${ServicePrincipalId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${ServicePrincipalName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Provides additional details on the sign-in activity ${StatusAdditionalDetails}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Int32] # Provides the 5-6digit error code that's generated during a sign-in failure. # Check out the list of error codes and messages. ${StatusErrorCode}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Provides the error message or the reason for failure for the corresponding sign-in activity. # Check out the list of error codes and messages. ${StatusFailureReason}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TokenIssuerName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # tokenIssuerType ${TokenIssuerType}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${UserAgent}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Display name of the user that initiated the sign-in. ${UserDisplayName}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # ID of the user that initiated the sign-in. ${UserId}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # User principal name of the user that initiated the sign-in. ${UserPrincipalName}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ Create = 'Microsoft.Graph.Identity.AuditLogs.private\New-MgAuditLogSignIn_Create'; CreateExpanded = 'Microsoft.Graph.Identity.AuditLogs.private\New-MgAuditLogSignIn_CreateExpanded'; } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } # ---------------------------------------------------------------------------------- # # Copyright Microsoft Corporation # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # ---------------------------------------------------------------------------------- <# .Synopsis Update the navigation property directoryAudits in auditLogs .Description Update the navigation property directoryAudits in auditLogs .Example PS C:\> {{ Add code here }} {{ Add output here }} .Example PS C:\> {{ Add code here }} {{ Add output here }} .Inputs Microsoft.Graph.PowerShell.Models.IIdentityAuditLogsIdentity .Inputs Microsoft.Graph.PowerShell.Models.IMicrosoftGraphDirectoryAudit .Outputs System.Boolean .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. ADDITIONALDETAILS <IMicrosoftGraphKeyValue[]>: Indicates additional details on the activity. [Key <String>]: Key for the key-value pair. [Value <String>]: Value for the key-value pair. BODYPARAMETER <IMicrosoftGraphDirectoryAudit>: directoryAudit [Id <String>]: Read-only. [ActivityDateTime <DateTime?>]: Indicates the date and time the activity was performed. The Timestamp type is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z' [ActivityDisplayName <String>]: Indicates the activity name or the operation name (examples: 'Create User' and 'Add member to group'). For full list, see Azure AD activity list. [AdditionalDetails <IMicrosoftGraphKeyValue[]>]: Indicates additional details on the activity. [Key <String>]: Key for the key-value pair. [Value <String>]: Value for the key-value pair. [AppDisplayName <String>]: Refers to the Application Name displayed in the Azure Portal. [AppId <String>]: Refers to the Unique GUID representing Application Id in the Azure Active Directory. [AppServicePrincipalId <String>]: Refers to the Unique GUID indicating Service Principal Id in Azure Active Directory for the corresponding App. [AppServicePrincipalName <String>]: Refers to the Service Principal Name is the Application name in the tenant. [Category <String>]: Indicates which resource category that's targeted by the activity. (For example: User Management, Group Management etc..) [CorrelationId <String>]: Indicates a unique ID that helps correlate activities that span across various services. Can be used to trace logs across services. [LoggedByService <String>]: Indicates information on which service initiated the activity (For example: Self-service Password Management, Core Directory, B2C, Invited Users, Microsoft Identity Manager, Privileged Identity Management. [OperationType <String>]: [Result <String>]: operationResult [ResultReason <String>]: Describes cause of 'failure' or 'timeout' results. [TargetResources <IMicrosoftGraphTargetResource[]>]: Indicates information on which resource was changed due to the activity. Target Resource Type can be User, Device, Directory, App, Role, Group, Policy or Other. [DisplayName <String>]: Indicates the visible name defined for the resource. Typically specified when the resource is created. [GroupType <String>]: groupType [Id <String>]: Indicates the unique ID of the resource. [ModifiedProperties <IMicrosoftGraphModifiedProperty[]>]: Indicates name, old value and new value of each attribute that changed. Property values depend on the operation type. [DisplayName <String>]: Indicates the property name of the target attribute that was changed. [NewValue <String>]: Indicates the updated value for the propery. [OldValue <String>]: Indicates the previous value (before the update) for the property. [Type <String>]: Describes the resource type. Example values include Application, Group, ServicePrincipal, and User. [UserPrincipalName <String>]: When type is set to User, this includes the user name that initiated the action; null for other types. [UserDisplayName <String>]: The identity's display name. Note that this may not always be available or up to date. For example, if a user changes their display name, the API may show the new value in a future response, but the items associated with the user won't show up as having changed when using delta. [UserIPAddress <String>]: Indicates the client IP address used by user performing the activity (audit log only). [UserId <String>]: Unique identifier for the identity. [UserPrincipalName <String>]: The userPrincipalName attribute of the user. INPUTOBJECT <IIdentityAuditLogsIdentity>: Identity Parameter [DirectoryAuditId <String>]: key: directoryAudit-id of directoryAudit [ProvisioningObjectSummaryId <String>]: key: provisioningObjectSummary-id of provisioningObjectSummary [RestrictedSignInId <String>]: key: restrictedSignIn-id of restrictedSignIn [SignInId <String>]: key: signIn-id of signIn TARGETRESOURCES <IMicrosoftGraphTargetResource[]>: Indicates information on which resource was changed due to the activity. Target Resource Type can be User, Device, Directory, App, Role, Group, Policy or Other. [DisplayName <String>]: Indicates the visible name defined for the resource. Typically specified when the resource is created. [GroupType <String>]: groupType [Id <String>]: Indicates the unique ID of the resource. [ModifiedProperties <IMicrosoftGraphModifiedProperty[]>]: Indicates name, old value and new value of each attribute that changed. Property values depend on the operation type. [DisplayName <String>]: Indicates the property name of the target attribute that was changed. [NewValue <String>]: Indicates the updated value for the propery. [OldValue <String>]: Indicates the previous value (before the update) for the property. [Type <String>]: Describes the resource type. Example values include Application, Group, ServicePrincipal, and User. [UserPrincipalName <String>]: When type is set to User, this includes the user name that initiated the action; null for other types. .Link https://docs.microsoft.com/en-us/powershell/module/microsoft.graph.identity.auditlogs/update-mgauditlogdirectoryaudit #> function Update-MgAuditLogDirectoryAudit { [OutputType([System.Boolean])] [CmdletBinding(DefaultParameterSetName='UpdateExpanded', PositionalBinding=$false, SupportsShouldProcess, ConfirmImpact='Medium')] param( [Parameter(ParameterSetName='Update', Mandatory)] [Parameter(ParameterSetName='UpdateExpanded', Mandatory)] [Microsoft.Graph.PowerShell.Category('Path')] [System.String] # key: directoryAudit-id of directoryAudit ${DirectoryAuditId}, [Parameter(ParameterSetName='UpdateViaIdentity', Mandatory, ValueFromPipeline)] [Parameter(ParameterSetName='UpdateViaIdentityExpanded', Mandatory, ValueFromPipeline)] [Microsoft.Graph.PowerShell.Category('Path')] [Microsoft.Graph.PowerShell.Models.IIdentityAuditLogsIdentity] # Identity Parameter # To construct, see NOTES section for INPUTOBJECT properties and create a hash table. ${InputObject}, [Parameter(ParameterSetName='Update', Mandatory, ValueFromPipeline)] [Parameter(ParameterSetName='UpdateViaIdentity', Mandatory, ValueFromPipeline)] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphDirectoryAudit] # directoryAudit # To construct, see NOTES section for BODYPARAMETER properties and create a hash table. ${BodyParameter}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.DateTime] # Indicates the date and time the activity was performed. # The Timestamp type is always in UTC time. # For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z' ${ActivityDateTime}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Indicates the activity name or the operation name (examples: 'Create User' and 'Add member to group'). # For full list, see Azure AD activity list. ${ActivityDisplayName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphKeyValue[]] # Indicates additional details on the activity. # To construct, see NOTES section for ADDITIONALDETAILS properties and create a hash table. ${AdditionalDetails}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Refers to the Application Name displayed in the Azure Portal. ${AppDisplayName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Refers to the Unique GUID representing Application Id in the Azure Active Directory. ${AppId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Refers to the Unique GUID indicating Service Principal Id in Azure Active Directory for the corresponding App. ${AppServicePrincipalId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Refers to the Service Principal Name is the Application name in the tenant. ${AppServicePrincipalName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Indicates which resource category that's targeted by the activity. # (For example: User Management, Group Management etc..) ${Category}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Indicates a unique ID that helps correlate activities that span across various services. # Can be used to trace logs across services. ${CorrelationId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Read-only. ${Id}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Indicates information on which service initiated the activity (For example: Self-service Password Management, Core Directory, B2C, Invited Users, Microsoft Identity Manager, Privileged Identity Management. ${LoggedByService}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${OperationType}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # operationResult ${Result}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Describes cause of 'failure' or 'timeout' results. ${ResultReason}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphTargetResource[]] # Indicates information on which resource was changed due to the activity. # Target Resource Type can be User, Device, Directory, App, Role, Group, Policy or Other. # To construct, see NOTES section for TARGETRESOURCES properties and create a hash table. ${TargetResources}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # The identity's display name. # Note that this may not always be available or up to date. # For example, if a user changes their display name, the API may show the new value in a future response, but the items associated with the user won't show up as having changed when using delta. ${UserDisplayName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Indicates the client IP address used by user performing the activity (audit log only). ${UserIPAddress}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Unique identifier for the identity. ${UserId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # The userPrincipalName attribute of the user. ${UserPrincipalName}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter()] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Returns true when the command succeeds ${PassThru}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ Update = 'Microsoft.Graph.Identity.AuditLogs.private\Update-MgAuditLogDirectoryAudit_Update'; UpdateExpanded = 'Microsoft.Graph.Identity.AuditLogs.private\Update-MgAuditLogDirectoryAudit_UpdateExpanded'; UpdateViaIdentity = 'Microsoft.Graph.Identity.AuditLogs.private\Update-MgAuditLogDirectoryAudit_UpdateViaIdentity'; UpdateViaIdentityExpanded = 'Microsoft.Graph.Identity.AuditLogs.private\Update-MgAuditLogDirectoryAudit_UpdateViaIdentityExpanded'; } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } # ---------------------------------------------------------------------------------- # # Copyright Microsoft Corporation # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # ---------------------------------------------------------------------------------- <# .Synopsis Update the navigation property directoryProvisioning in auditLogs .Description Update the navigation property directoryProvisioning in auditLogs .Example PS C:\> {{ Add code here }} {{ Add output here }} .Example PS C:\> {{ Add code here }} {{ Add output here }} .Inputs Microsoft.Graph.PowerShell.Models.IIdentityAuditLogsIdentity .Inputs Microsoft.Graph.PowerShell.Models.IMicrosoftGraphProvisioningObjectSummary .Outputs System.Boolean .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. BODYPARAMETER <IMicrosoftGraphProvisioningObjectSummary>: provisioningObjectSummary [Id <String>]: Read-only. [Action <String>]: [ActivityDateTime <DateTime?>]: [ChangeId <String>]: [CycleId <String>]: [DurationInMilliseconds <Int32?>]: [InitiatedByDisplayName <String>]: [InitiatedById <String>]: [InitiatedByInitiatorType <String>]: initiatorType [JobId <String>]: [ModifiedProperties <IMicrosoftGraphModifiedProperty[]>]: [DisplayName <String>]: Indicates the property name of the target attribute that was changed. [NewValue <String>]: Indicates the updated value for the propery. [OldValue <String>]: Indicates the previous value (before the update) for the property. [ProvisioningSteps <IMicrosoftGraphProvisioningStep[]>]: [Description <String>]: [Details <IMicrosoftGraphDetailsInfo>]: detailsInfo [Name <String>]: [ProvisioningStepType <String>]: provisioningStepType [Status <String>]: provisioningResult [ServicePrincipalDisplayName <String>]: The identity's display name. Note that this may not always be available or up to date. For example, if a user changes their display name, the API may show the new value in a future response, but the items associated with the user won't show up as having changed when using delta. [ServicePrincipalId <String>]: Unique identifier for the identity. [SourceIdentityDetails <IMicrosoftGraphDetailsInfo>]: detailsInfo [SourceIdentityDisplayName <String>]: [SourceIdentityId <String>]: [SourceIdentityType <String>]: [SourceSystemDetails <IMicrosoftGraphDetailsInfo>]: detailsInfo [SourceSystemDisplayName <String>]: [SourceSystemId <String>]: [StatusInfoStatus <String>]: provisioningResult [TargetIdentityDetails <IMicrosoftGraphDetailsInfo>]: detailsInfo [TargetIdentityDisplayName <String>]: [TargetIdentityId <String>]: [TargetIdentityType <String>]: [TargetSystemDetails <IMicrosoftGraphDetailsInfo>]: detailsInfo [TargetSystemDisplayName <String>]: [TargetSystemId <String>]: [TenantId <String>]: INPUTOBJECT <IIdentityAuditLogsIdentity>: Identity Parameter [DirectoryAuditId <String>]: key: directoryAudit-id of directoryAudit [ProvisioningObjectSummaryId <String>]: key: provisioningObjectSummary-id of provisioningObjectSummary [RestrictedSignInId <String>]: key: restrictedSignIn-id of restrictedSignIn [SignInId <String>]: key: signIn-id of signIn MODIFIEDPROPERTIES <IMicrosoftGraphModifiedProperty[]>: . [DisplayName <String>]: Indicates the property name of the target attribute that was changed. [NewValue <String>]: Indicates the updated value for the propery. [OldValue <String>]: Indicates the previous value (before the update) for the property. PROVISIONINGSTEPS <IMicrosoftGraphProvisioningStep[]>: . [Description <String>]: [Details <IMicrosoftGraphDetailsInfo>]: detailsInfo [Name <String>]: [ProvisioningStepType <String>]: provisioningStepType [Status <String>]: provisioningResult .Link https://docs.microsoft.com/en-us/powershell/module/microsoft.graph.identity.auditlogs/update-mgauditlogdirectoryprovisioning #> function Update-MgAuditLogDirectoryProvisioning { [OutputType([System.Boolean])] [CmdletBinding(DefaultParameterSetName='UpdateExpanded', PositionalBinding=$false, SupportsShouldProcess, ConfirmImpact='Medium')] param( [Parameter(ParameterSetName='Update', Mandatory)] [Parameter(ParameterSetName='UpdateExpanded', Mandatory)] [Microsoft.Graph.PowerShell.Category('Path')] [System.String] # key: provisioningObjectSummary-id of provisioningObjectSummary ${ProvisioningObjectSummaryId}, [Parameter(ParameterSetName='UpdateViaIdentity', Mandatory, ValueFromPipeline)] [Parameter(ParameterSetName='UpdateViaIdentityExpanded', Mandatory, ValueFromPipeline)] [Microsoft.Graph.PowerShell.Category('Path')] [Microsoft.Graph.PowerShell.Models.IIdentityAuditLogsIdentity] # Identity Parameter # To construct, see NOTES section for INPUTOBJECT properties and create a hash table. ${InputObject}, [Parameter(ParameterSetName='Update', Mandatory, ValueFromPipeline)] [Parameter(ParameterSetName='UpdateViaIdentity', Mandatory, ValueFromPipeline)] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphProvisioningObjectSummary] # provisioningObjectSummary # To construct, see NOTES section for BODYPARAMETER properties and create a hash table. ${BodyParameter}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${Action}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.DateTime] # . ${ActivityDateTime}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${ChangeId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${CycleId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Int32] # . ${DurationInMilliseconds}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Read-only. ${Id}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${InitiatedByDisplayName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${InitiatedById}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # initiatorType ${InitiatedByInitiatorType}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${JobId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphModifiedProperty[]] # . # To construct, see NOTES section for MODIFIEDPROPERTIES properties and create a hash table. ${ModifiedProperties}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphProvisioningStep[]] # . # To construct, see NOTES section for PROVISIONINGSTEPS properties and create a hash table. ${ProvisioningSteps}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # The identity's display name. # Note that this may not always be available or up to date. # For example, if a user changes their display name, the API may show the new value in a future response, but the items associated with the user won't show up as having changed when using delta. ${ServicePrincipalDisplayName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Unique identifier for the identity. ${ServicePrincipalId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphDetailsInfo] # detailsInfo ${SourceIdentityDetails}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${SourceIdentityDisplayName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${SourceIdentityId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${SourceIdentityType}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphDetailsInfo] # detailsInfo ${SourceSystemDetails}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${SourceSystemDisplayName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${SourceSystemId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # provisioningResult ${StatusInfoStatus}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphDetailsInfo] # detailsInfo ${TargetIdentityDetails}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TargetIdentityDisplayName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TargetIdentityId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TargetIdentityType}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphDetailsInfo] # detailsInfo ${TargetSystemDetails}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TargetSystemDisplayName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TargetSystemId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TenantId}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter()] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Returns true when the command succeeds ${PassThru}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ Update = 'Microsoft.Graph.Identity.AuditLogs.private\Update-MgAuditLogDirectoryProvisioning_Update'; UpdateExpanded = 'Microsoft.Graph.Identity.AuditLogs.private\Update-MgAuditLogDirectoryProvisioning_UpdateExpanded'; UpdateViaIdentity = 'Microsoft.Graph.Identity.AuditLogs.private\Update-MgAuditLogDirectoryProvisioning_UpdateViaIdentity'; UpdateViaIdentityExpanded = 'Microsoft.Graph.Identity.AuditLogs.private\Update-MgAuditLogDirectoryProvisioning_UpdateViaIdentityExpanded'; } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } # ---------------------------------------------------------------------------------- # # Copyright Microsoft Corporation # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # ---------------------------------------------------------------------------------- <# .Synopsis Update the navigation property provisioning in auditLogs .Description Update the navigation property provisioning in auditLogs .Example PS C:\> {{ Add code here }} {{ Add output here }} .Example PS C:\> {{ Add code here }} {{ Add output here }} .Inputs Microsoft.Graph.PowerShell.Models.IIdentityAuditLogsIdentity .Inputs Microsoft.Graph.PowerShell.Models.IMicrosoftGraphProvisioningObjectSummary .Outputs System.Boolean .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. BODYPARAMETER <IMicrosoftGraphProvisioningObjectSummary>: provisioningObjectSummary [Id <String>]: Read-only. [Action <String>]: [ActivityDateTime <DateTime?>]: [ChangeId <String>]: [CycleId <String>]: [DurationInMilliseconds <Int32?>]: [InitiatedByDisplayName <String>]: [InitiatedById <String>]: [InitiatedByInitiatorType <String>]: initiatorType [JobId <String>]: [ModifiedProperties <IMicrosoftGraphModifiedProperty[]>]: [DisplayName <String>]: Indicates the property name of the target attribute that was changed. [NewValue <String>]: Indicates the updated value for the propery. [OldValue <String>]: Indicates the previous value (before the update) for the property. [ProvisioningSteps <IMicrosoftGraphProvisioningStep[]>]: [Description <String>]: [Details <IMicrosoftGraphDetailsInfo>]: detailsInfo [Name <String>]: [ProvisioningStepType <String>]: provisioningStepType [Status <String>]: provisioningResult [ServicePrincipalDisplayName <String>]: The identity's display name. Note that this may not always be available or up to date. For example, if a user changes their display name, the API may show the new value in a future response, but the items associated with the user won't show up as having changed when using delta. [ServicePrincipalId <String>]: Unique identifier for the identity. [SourceIdentityDetails <IMicrosoftGraphDetailsInfo>]: detailsInfo [SourceIdentityDisplayName <String>]: [SourceIdentityId <String>]: [SourceIdentityType <String>]: [SourceSystemDetails <IMicrosoftGraphDetailsInfo>]: detailsInfo [SourceSystemDisplayName <String>]: [SourceSystemId <String>]: [StatusInfoStatus <String>]: provisioningResult [TargetIdentityDetails <IMicrosoftGraphDetailsInfo>]: detailsInfo [TargetIdentityDisplayName <String>]: [TargetIdentityId <String>]: [TargetIdentityType <String>]: [TargetSystemDetails <IMicrosoftGraphDetailsInfo>]: detailsInfo [TargetSystemDisplayName <String>]: [TargetSystemId <String>]: [TenantId <String>]: INPUTOBJECT <IIdentityAuditLogsIdentity>: Identity Parameter [DirectoryAuditId <String>]: key: directoryAudit-id of directoryAudit [ProvisioningObjectSummaryId <String>]: key: provisioningObjectSummary-id of provisioningObjectSummary [RestrictedSignInId <String>]: key: restrictedSignIn-id of restrictedSignIn [SignInId <String>]: key: signIn-id of signIn MODIFIEDPROPERTIES <IMicrosoftGraphModifiedProperty[]>: . [DisplayName <String>]: Indicates the property name of the target attribute that was changed. [NewValue <String>]: Indicates the updated value for the propery. [OldValue <String>]: Indicates the previous value (before the update) for the property. PROVISIONINGSTEPS <IMicrosoftGraphProvisioningStep[]>: . [Description <String>]: [Details <IMicrosoftGraphDetailsInfo>]: detailsInfo [Name <String>]: [ProvisioningStepType <String>]: provisioningStepType [Status <String>]: provisioningResult .Link https://docs.microsoft.com/en-us/powershell/module/microsoft.graph.identity.auditlogs/update-mgauditlogprovisioning #> function Update-MgAuditLogProvisioning { [OutputType([System.Boolean])] [CmdletBinding(DefaultParameterSetName='UpdateExpanded', PositionalBinding=$false, SupportsShouldProcess, ConfirmImpact='Medium')] param( [Parameter(ParameterSetName='Update', Mandatory)] [Parameter(ParameterSetName='UpdateExpanded', Mandatory)] [Microsoft.Graph.PowerShell.Category('Path')] [System.String] # key: provisioningObjectSummary-id of provisioningObjectSummary ${ProvisioningObjectSummaryId}, [Parameter(ParameterSetName='UpdateViaIdentity', Mandatory, ValueFromPipeline)] [Parameter(ParameterSetName='UpdateViaIdentityExpanded', Mandatory, ValueFromPipeline)] [Microsoft.Graph.PowerShell.Category('Path')] [Microsoft.Graph.PowerShell.Models.IIdentityAuditLogsIdentity] # Identity Parameter # To construct, see NOTES section for INPUTOBJECT properties and create a hash table. ${InputObject}, [Parameter(ParameterSetName='Update', Mandatory, ValueFromPipeline)] [Parameter(ParameterSetName='UpdateViaIdentity', Mandatory, ValueFromPipeline)] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphProvisioningObjectSummary] # provisioningObjectSummary # To construct, see NOTES section for BODYPARAMETER properties and create a hash table. ${BodyParameter}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${Action}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.DateTime] # . ${ActivityDateTime}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${ChangeId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${CycleId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Int32] # . ${DurationInMilliseconds}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Read-only. ${Id}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${InitiatedByDisplayName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${InitiatedById}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # initiatorType ${InitiatedByInitiatorType}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${JobId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphModifiedProperty[]] # . # To construct, see NOTES section for MODIFIEDPROPERTIES properties and create a hash table. ${ModifiedProperties}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphProvisioningStep[]] # . # To construct, see NOTES section for PROVISIONINGSTEPS properties and create a hash table. ${ProvisioningSteps}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # The identity's display name. # Note that this may not always be available or up to date. # For example, if a user changes their display name, the API may show the new value in a future response, but the items associated with the user won't show up as having changed when using delta. ${ServicePrincipalDisplayName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Unique identifier for the identity. ${ServicePrincipalId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphDetailsInfo] # detailsInfo ${SourceIdentityDetails}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${SourceIdentityDisplayName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${SourceIdentityId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${SourceIdentityType}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphDetailsInfo] # detailsInfo ${SourceSystemDetails}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${SourceSystemDisplayName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${SourceSystemId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # provisioningResult ${StatusInfoStatus}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphDetailsInfo] # detailsInfo ${TargetIdentityDetails}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TargetIdentityDisplayName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TargetIdentityId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TargetIdentityType}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphDetailsInfo] # detailsInfo ${TargetSystemDetails}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TargetSystemDisplayName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TargetSystemId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TenantId}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter()] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Returns true when the command succeeds ${PassThru}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ Update = 'Microsoft.Graph.Identity.AuditLogs.private\Update-MgAuditLogProvisioning_Update'; UpdateExpanded = 'Microsoft.Graph.Identity.AuditLogs.private\Update-MgAuditLogProvisioning_UpdateExpanded'; UpdateViaIdentity = 'Microsoft.Graph.Identity.AuditLogs.private\Update-MgAuditLogProvisioning_UpdateViaIdentity'; UpdateViaIdentityExpanded = 'Microsoft.Graph.Identity.AuditLogs.private\Update-MgAuditLogProvisioning_UpdateViaIdentityExpanded'; } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } # ---------------------------------------------------------------------------------- # # Copyright Microsoft Corporation # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # ---------------------------------------------------------------------------------- <# .Synopsis Update the navigation property restrictedSignIns in auditLogs .Description Update the navigation property restrictedSignIns in auditLogs .Example PS C:\> {{ Add code here }} {{ Add output here }} .Example PS C:\> {{ Add code here }} {{ Add output here }} .Inputs Microsoft.Graph.PowerShell.Models.IIdentityAuditLogsIdentity .Inputs Microsoft.Graph.PowerShell.Models.IMicrosoftGraphRestrictedSignIn .Outputs System.Boolean .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. APPLIEDCONDITIONALACCESSPOLICIES <IMicrosoftGraphAppliedConditionalAccessPolicy[]>: . [ConditionsNotSatisfied <String>]: conditionalAccessConditions [ConditionsSatisfied <String>]: conditionalAccessConditions [DisplayName <String>]: Refers to the Name of the conditional access policy (example: 'Require MFA for Salesforce'). [EnforcedGrantControls <String[]>]: Refers to the grant controls enforced by the conditional access policy (example: 'Require multi-factor authentication'). [EnforcedSessionControls <String[]>]: Refers to the session controls enforced by the conditional access policy (example: 'Require app enforced controls'). [Id <String>]: Unique GUID of the conditional access polic.y [Result <String>]: appliedConditionalAccessPolicyResult AUTHENTICATIONDETAILS <IMicrosoftGraphAuthenticationDetail[]>: . [AuthenticationMethod <String>]: [AuthenticationMethodDetail <String>]: [AuthenticationStepDateTime <DateTime?>]: [AuthenticationStepRequirement <String>]: [AuthenticationStepResultDetail <String>]: [Succeeded <Boolean?>]: AUTHENTICATIONPROCESSINGDETAILS <IMicrosoftGraphKeyValue[]>: . [Key <String>]: Key for the key-value pair. [Value <String>]: Value for the key-value pair. AUTHENTICATIONREQUIREMENTPOLICIES <IMicrosoftGraphAuthenticationRequirementPolicy[]>: . [Detail <String>]: [RequirementProvider <String>]: requirementProvider BODYPARAMETER <IMicrosoftGraphRestrictedSignIn>: restrictedSignIn [AlternateSignInName <String>]: [AppDisplayName <String>]: App name displayed in the Azure Portal. [AppId <String>]: Unique GUID representing the app ID in the Azure Active Directory. [AppliedConditionalAccessPolicies <IMicrosoftGraphAppliedConditionalAccessPolicy[]>]: [ConditionsNotSatisfied <String>]: conditionalAccessConditions [ConditionsSatisfied <String>]: conditionalAccessConditions [DisplayName <String>]: Refers to the Name of the conditional access policy (example: 'Require MFA for Salesforce'). [EnforcedGrantControls <String[]>]: Refers to the grant controls enforced by the conditional access policy (example: 'Require multi-factor authentication'). [EnforcedSessionControls <String[]>]: Refers to the session controls enforced by the conditional access policy (example: 'Require app enforced controls'). [Id <String>]: Unique GUID of the conditional access polic.y [Result <String>]: appliedConditionalAccessPolicyResult [AuthenticationDetails <IMicrosoftGraphAuthenticationDetail[]>]: [AuthenticationMethod <String>]: [AuthenticationMethodDetail <String>]: [AuthenticationStepDateTime <DateTime?>]: [AuthenticationStepRequirement <String>]: [AuthenticationStepResultDetail <String>]: [Succeeded <Boolean?>]: [AuthenticationMethodsUsed <String[]>]: [AuthenticationProcessingDetails <IMicrosoftGraphKeyValue[]>]: [Key <String>]: Key for the key-value pair. [Value <String>]: Value for the key-value pair. [AuthenticationRequirement <String>]: [AuthenticationRequirementPolicies <IMicrosoftGraphAuthenticationRequirementPolicy[]>]: [Detail <String>]: [RequirementProvider <String>]: requirementProvider [ClientAppUsed <String>]: Identifies the legacy client used for sign-in activity. Includes Browser, Exchange Active Sync, modern clients, IMAP, MAPI, SMTP, and POP. [ConditionalAccessStatus <String>]: conditionalAccessStatus [CorrelationId <String>]: The request ID sent from the client when the sign-in is initiated; used to troubleshoot sign-in activity. [CreatedDateTime <DateTime?>]: Date and time (UTC) the sign-in was initiated. Example: midnight on Jan 1, 2014 is reported as '2014-01-01T00:00:00Z'. [DeviceDetailBrowser <String>]: Indicates the browser information of the used for signing in. [DeviceDetailBrowserId <String>]: [DeviceDetailDeviceId <String>]: Refers to the UniqueID of the device used for signing in. [DeviceDetailDisplayName <String>]: Refers to the name of the device used for signing in. [DeviceDetailIsCompliant <Boolean?>]: Indicates whether the device is compliant. [DeviceDetailIsManaged <Boolean?>]: Indicates whether the device is managed. [DeviceDetailOperatingSystem <String>]: Indicates the operating system name and version used for signing in. [DeviceDetailTrustType <String>]: Provides information about whether the signed-in device is Workplace Joined, AzureAD Joined, Domain Joined. [GeoCoordinateAltitude <Double?>]: Optional. The altitude (height), in feet, above sea level for the item. Read-only. [GeoCoordinateLatitude <Double?>]: Optional. The latitude, in decimal, for the item. Read-only. [GeoCoordinateLongitude <Double?>]: Optional. The longitude, in decimal, for the item. Read-only. [IPAddress <String>]: IP address of the client used to sign in. [IsInteractive <Boolean?>]: Indicates if a sign-in is interactive or not. [LocationCity <String>]: Provides the city where the sign-in originated. This is calculated using latitude/longitude information from the sign-in activity. [LocationCountryOrRegion <String>]: Provides the country code info (2 letter code) where the sign-in originated. This is calculated using latitude/longitude information from the sign-in activity. [LocationState <String>]: Provides the State where the sign-in originated. This is calculated using latitude/longitude information from the sign-in activity. [MfaDetailAuthDetail <String>]: [MfaDetailAuthMethod <String>]: [NetworkLocationDetails <IMicrosoftGraphNetworkLocationDetail[]>]: [NetworkNames <String[]>]: [NetworkType <String>]: networkType [OriginalRequestId <String>]: [ProcessingTimeInMilliseconds <Int32?>]: [ResourceDisplayName <String>]: Name of the resource the user signed into. [ResourceId <String>]: ID of the resource that the user signed into. [RiskDetail <String>]: riskDetail [RiskEventTypes <String[]>]: Risk event types associated with the sign-in. The possible values are: unlikelyTravel, anonymizedIPAddress, maliciousIPAddress, unfamiliarFeatures, malwareInfectedIPAddress, suspiciousIPAddress, leakedCredentials, investigationsThreatIntelligence, generic, and unknownFutureValue. [RiskEventTypesV2 <String[]>]: The list of risk event types associated with the sign-in. Possible values: unlikelyTravel, anonymizedIPAddress, maliciousIPAddress, unfamiliarFeatures, malwareInfectedIPAddress, suspiciousIPAddress, leakedCredentials, investigationsThreatIntelligence, generic, or unknownFutureValue. [RiskLevelAggregated <String>]: riskLevel [RiskLevelDuringSignIn <String>]: riskLevel [RiskState <String>]: riskState [ServicePrincipalId <String>]: [ServicePrincipalName <String>]: [StatusAdditionalDetails <String>]: Provides additional details on the sign-in activity [StatusErrorCode <Int32?>]: Provides the 5-6digit error code that's generated during a sign-in failure. Check out the list of error codes and messages. [StatusFailureReason <String>]: Provides the error message or the reason for failure for the corresponding sign-in activity. Check out the list of error codes and messages. [TokenIssuerName <String>]: [TokenIssuerType <String>]: tokenIssuerType [UserAgent <String>]: [UserDisplayName <String>]: Display name of the user that initiated the sign-in. [UserId <String>]: ID of the user that initiated the sign-in. [UserPrincipalName <String>]: User principal name of the user that initiated the sign-in. [Id <String>]: Read-only. [TargetTenantId <String>]: INPUTOBJECT <IIdentityAuditLogsIdentity>: Identity Parameter [DirectoryAuditId <String>]: key: directoryAudit-id of directoryAudit [ProvisioningObjectSummaryId <String>]: key: provisioningObjectSummary-id of provisioningObjectSummary [RestrictedSignInId <String>]: key: restrictedSignIn-id of restrictedSignIn [SignInId <String>]: key: signIn-id of signIn NETWORKLOCATIONDETAILS <IMicrosoftGraphNetworkLocationDetail[]>: . [NetworkNames <String[]>]: [NetworkType <String>]: networkType .Link https://docs.microsoft.com/en-us/powershell/module/microsoft.graph.identity.auditlogs/update-mgauditlogrestrictedsignin #> function Update-MgAuditLogRestrictedSignIn { [OutputType([System.Boolean])] [CmdletBinding(DefaultParameterSetName='UpdateExpanded', PositionalBinding=$false, SupportsShouldProcess, ConfirmImpact='Medium')] param( [Parameter(ParameterSetName='Update', Mandatory)] [Parameter(ParameterSetName='UpdateExpanded', Mandatory)] [Microsoft.Graph.PowerShell.Category('Path')] [System.String] # key: restrictedSignIn-id of restrictedSignIn ${RestrictedSignInId}, [Parameter(ParameterSetName='UpdateViaIdentity', Mandatory, ValueFromPipeline)] [Parameter(ParameterSetName='UpdateViaIdentityExpanded', Mandatory, ValueFromPipeline)] [Microsoft.Graph.PowerShell.Category('Path')] [Microsoft.Graph.PowerShell.Models.IIdentityAuditLogsIdentity] # Identity Parameter # To construct, see NOTES section for INPUTOBJECT properties and create a hash table. ${InputObject}, [Parameter(ParameterSetName='Update', Mandatory, ValueFromPipeline)] [Parameter(ParameterSetName='UpdateViaIdentity', Mandatory, ValueFromPipeline)] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphRestrictedSignIn] # restrictedSignIn # To construct, see NOTES section for BODYPARAMETER properties and create a hash table. ${BodyParameter}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${AlternateSignInName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # App name displayed in the Azure Portal. ${AppDisplayName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Unique GUID representing the app ID in the Azure Active Directory. ${AppId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphAppliedConditionalAccessPolicy[]] # . # To construct, see NOTES section for APPLIEDCONDITIONALACCESSPOLICIES properties and create a hash table. ${AppliedConditionalAccessPolicies}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphAuthenticationDetail[]] # . # To construct, see NOTES section for AUTHENTICATIONDETAILS properties and create a hash table. ${AuthenticationDetails}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String[]] # . ${AuthenticationMethodsUsed}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphKeyValue[]] # . # To construct, see NOTES section for AUTHENTICATIONPROCESSINGDETAILS properties and create a hash table. ${AuthenticationProcessingDetails}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${AuthenticationRequirement}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphAuthenticationRequirementPolicy[]] # . # To construct, see NOTES section for AUTHENTICATIONREQUIREMENTPOLICIES properties and create a hash table. ${AuthenticationRequirementPolicies}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Identifies the legacy client used for sign-in activity. # Includes Browser, Exchange Active Sync, modern clients, IMAP, MAPI, SMTP, and POP. ${ClientAppUsed}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # conditionalAccessStatus ${ConditionalAccessStatus}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # The request ID sent from the client when the sign-in is initiated; used to troubleshoot sign-in activity. ${CorrelationId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.DateTime] # Date and time (UTC) the sign-in was initiated. # Example: midnight on Jan 1, 2014 is reported as '2014-01-01T00:00:00Z'. ${CreatedDateTime}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Indicates the browser information of the used for signing in. ${DeviceDetailBrowser}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${DeviceDetailBrowserId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Refers to the UniqueID of the device used for signing in. ${DeviceDetailDeviceId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Refers to the name of the device used for signing in. ${DeviceDetailDisplayName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Management.Automation.SwitchParameter] # Indicates whether the device is compliant. ${DeviceDetailIsCompliant}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Management.Automation.SwitchParameter] # Indicates whether the device is managed. ${DeviceDetailIsManaged}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Indicates the operating system name and version used for signing in. ${DeviceDetailOperatingSystem}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Provides information about whether the signed-in device is Workplace Joined, AzureAD Joined, Domain Joined. ${DeviceDetailTrustType}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Double] # Optional. # The altitude (height), in feet, above sea level for the item. # Read-only. ${GeoCoordinateAltitude}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Double] # Optional. # The latitude, in decimal, for the item. # Read-only. ${GeoCoordinateLatitude}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Double] # Optional. # The longitude, in decimal, for the item. # Read-only. ${GeoCoordinateLongitude}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # IP address of the client used to sign in. ${IPAddress}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Read-only. ${Id}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Management.Automation.SwitchParameter] # Indicates if a sign-in is interactive or not. ${IsInteractive}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Provides the city where the sign-in originated. # This is calculated using latitude/longitude information from the sign-in activity. ${LocationCity}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Provides the country code info (2 letter code) where the sign-in originated. # This is calculated using latitude/longitude information from the sign-in activity. ${LocationCountryOrRegion}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Provides the State where the sign-in originated. # This is calculated using latitude/longitude information from the sign-in activity. ${LocationState}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${MfaDetailAuthDetail}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${MfaDetailAuthMethod}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphNetworkLocationDetail[]] # . # To construct, see NOTES section for NETWORKLOCATIONDETAILS properties and create a hash table. ${NetworkLocationDetails}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${OriginalRequestId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Int32] # . ${ProcessingTimeInMilliseconds}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Name of the resource the user signed into. ${ResourceDisplayName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # ID of the resource that the user signed into. ${ResourceId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # riskDetail ${RiskDetail}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String[]] # Risk event types associated with the sign-in. # The possible values are: unlikelyTravel, anonymizedIPAddress, maliciousIPAddress, unfamiliarFeatures, malwareInfectedIPAddress, suspiciousIPAddress, leakedCredentials, investigationsThreatIntelligence, generic, and unknownFutureValue. ${RiskEventTypes}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String[]] # The list of risk event types associated with the sign-in. # Possible values: unlikelyTravel, anonymizedIPAddress, maliciousIPAddress, unfamiliarFeatures, malwareInfectedIPAddress, suspiciousIPAddress, leakedCredentials, investigationsThreatIntelligence, generic, or unknownFutureValue. ${RiskEventTypesV2}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # riskLevel ${RiskLevelAggregated}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # riskLevel ${RiskLevelDuringSignIn}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # riskState ${RiskState}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${ServicePrincipalId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${ServicePrincipalName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Provides additional details on the sign-in activity ${StatusAdditionalDetails}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Int32] # Provides the 5-6digit error code that's generated during a sign-in failure. # Check out the list of error codes and messages. ${StatusErrorCode}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Provides the error message or the reason for failure for the corresponding sign-in activity. # Check out the list of error codes and messages. ${StatusFailureReason}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TargetTenantId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TokenIssuerName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # tokenIssuerType ${TokenIssuerType}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${UserAgent}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Display name of the user that initiated the sign-in. ${UserDisplayName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # ID of the user that initiated the sign-in. ${UserId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # User principal name of the user that initiated the sign-in. ${UserPrincipalName}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter()] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Returns true when the command succeeds ${PassThru}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ Update = 'Microsoft.Graph.Identity.AuditLogs.private\Update-MgAuditLogRestrictedSignIn_Update'; UpdateExpanded = 'Microsoft.Graph.Identity.AuditLogs.private\Update-MgAuditLogRestrictedSignIn_UpdateExpanded'; UpdateViaIdentity = 'Microsoft.Graph.Identity.AuditLogs.private\Update-MgAuditLogRestrictedSignIn_UpdateViaIdentity'; UpdateViaIdentityExpanded = 'Microsoft.Graph.Identity.AuditLogs.private\Update-MgAuditLogRestrictedSignIn_UpdateViaIdentityExpanded'; } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } # ---------------------------------------------------------------------------------- # # Copyright Microsoft Corporation # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # ---------------------------------------------------------------------------------- <# .Synopsis Update auditLogs .Description Update auditLogs .Example PS C:\> {{ Add code here }} {{ Add output here }} .Example PS C:\> {{ Add code here }} {{ Add output here }} .Inputs Microsoft.Graph.PowerShell.Models.IMicrosoftGraphAuditLogRoot .Outputs System.Boolean .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. BODYPARAMETER <IMicrosoftGraphAuditLogRoot>: auditLogRoot [Id <String>]: Read-only. [DirectoryAudits <IMicrosoftGraphDirectoryAudit[]>]: Read-only. Nullable. [Id <String>]: Read-only. [ActivityDateTime <DateTime?>]: Indicates the date and time the activity was performed. The Timestamp type is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z' [ActivityDisplayName <String>]: Indicates the activity name or the operation name (examples: 'Create User' and 'Add member to group'). For full list, see Azure AD activity list. [AdditionalDetails <IMicrosoftGraphKeyValue[]>]: Indicates additional details on the activity. [Key <String>]: Key for the key-value pair. [Value <String>]: Value for the key-value pair. [AppDisplayName <String>]: Refers to the Application Name displayed in the Azure Portal. [AppId <String>]: Refers to the Unique GUID representing Application Id in the Azure Active Directory. [AppServicePrincipalId <String>]: Refers to the Unique GUID indicating Service Principal Id in Azure Active Directory for the corresponding App. [AppServicePrincipalName <String>]: Refers to the Service Principal Name is the Application name in the tenant. [Category <String>]: Indicates which resource category that's targeted by the activity. (For example: User Management, Group Management etc..) [CorrelationId <String>]: Indicates a unique ID that helps correlate activities that span across various services. Can be used to trace logs across services. [LoggedByService <String>]: Indicates information on which service initiated the activity (For example: Self-service Password Management, Core Directory, B2C, Invited Users, Microsoft Identity Manager, Privileged Identity Management. [OperationType <String>]: [Result <String>]: operationResult [ResultReason <String>]: Describes cause of 'failure' or 'timeout' results. [TargetResources <IMicrosoftGraphTargetResource[]>]: Indicates information on which resource was changed due to the activity. Target Resource Type can be User, Device, Directory, App, Role, Group, Policy or Other. [DisplayName <String>]: Indicates the visible name defined for the resource. Typically specified when the resource is created. [GroupType <String>]: groupType [Id <String>]: Indicates the unique ID of the resource. [ModifiedProperties <IMicrosoftGraphModifiedProperty[]>]: Indicates name, old value and new value of each attribute that changed. Property values depend on the operation type. [DisplayName <String>]: Indicates the property name of the target attribute that was changed. [NewValue <String>]: Indicates the updated value for the propery. [OldValue <String>]: Indicates the previous value (before the update) for the property. [Type <String>]: Describes the resource type. Example values include Application, Group, ServicePrincipal, and User. [UserPrincipalName <String>]: When type is set to User, this includes the user name that initiated the action; null for other types. [UserDisplayName <String>]: The identity's display name. Note that this may not always be available or up to date. For example, if a user changes their display name, the API may show the new value in a future response, but the items associated with the user won't show up as having changed when using delta. [UserIPAddress <String>]: Indicates the client IP address used by user performing the activity (audit log only). [UserId <String>]: Unique identifier for the identity. [UserPrincipalName <String>]: The userPrincipalName attribute of the user. [DirectoryProvisioning <IMicrosoftGraphProvisioningObjectSummary[]>]: [Id <String>]: Read-only. [Action <String>]: [ActivityDateTime <DateTime?>]: [ChangeId <String>]: [CycleId <String>]: [DurationInMilliseconds <Int32?>]: [InitiatedByDisplayName <String>]: [InitiatedById <String>]: [InitiatedByInitiatorType <String>]: initiatorType [JobId <String>]: [ModifiedProperties <IMicrosoftGraphModifiedProperty[]>]: [ProvisioningSteps <IMicrosoftGraphProvisioningStep[]>]: [Description <String>]: [Details <IMicrosoftGraphDetailsInfo>]: detailsInfo [Name <String>]: [ProvisioningStepType <String>]: provisioningStepType [Status <String>]: provisioningResult [ServicePrincipalDisplayName <String>]: The identity's display name. Note that this may not always be available or up to date. For example, if a user changes their display name, the API may show the new value in a future response, but the items associated with the user won't show up as having changed when using delta. [ServicePrincipalId <String>]: Unique identifier for the identity. [SourceIdentityDetails <IMicrosoftGraphDetailsInfo>]: detailsInfo [SourceIdentityDisplayName <String>]: [SourceIdentityId <String>]: [SourceIdentityType <String>]: [SourceSystemDetails <IMicrosoftGraphDetailsInfo>]: detailsInfo [SourceSystemDisplayName <String>]: [SourceSystemId <String>]: [StatusInfoStatus <String>]: provisioningResult [TargetIdentityDetails <IMicrosoftGraphDetailsInfo>]: detailsInfo [TargetIdentityDisplayName <String>]: [TargetIdentityId <String>]: [TargetIdentityType <String>]: [TargetSystemDetails <IMicrosoftGraphDetailsInfo>]: detailsInfo [TargetSystemDisplayName <String>]: [TargetSystemId <String>]: [TenantId <String>]: [Provisioning <IMicrosoftGraphProvisioningObjectSummary[]>]: [RestrictedSignIns <IMicrosoftGraphRestrictedSignIn[]>]: [AlternateSignInName <String>]: [AppDisplayName <String>]: App name displayed in the Azure Portal. [AppId <String>]: Unique GUID representing the app ID in the Azure Active Directory. [AppliedConditionalAccessPolicies <IMicrosoftGraphAppliedConditionalAccessPolicy[]>]: [ConditionsNotSatisfied <String>]: conditionalAccessConditions [ConditionsSatisfied <String>]: conditionalAccessConditions [DisplayName <String>]: Refers to the Name of the conditional access policy (example: 'Require MFA for Salesforce'). [EnforcedGrantControls <String[]>]: Refers to the grant controls enforced by the conditional access policy (example: 'Require multi-factor authentication'). [EnforcedSessionControls <String[]>]: Refers to the session controls enforced by the conditional access policy (example: 'Require app enforced controls'). [Id <String>]: Unique GUID of the conditional access polic.y [Result <String>]: appliedConditionalAccessPolicyResult [AuthenticationDetails <IMicrosoftGraphAuthenticationDetail[]>]: [AuthenticationMethod <String>]: [AuthenticationMethodDetail <String>]: [AuthenticationStepDateTime <DateTime?>]: [AuthenticationStepRequirement <String>]: [AuthenticationStepResultDetail <String>]: [Succeeded <Boolean?>]: [AuthenticationMethodsUsed <String[]>]: [AuthenticationProcessingDetails <IMicrosoftGraphKeyValue[]>]: [AuthenticationRequirement <String>]: [AuthenticationRequirementPolicies <IMicrosoftGraphAuthenticationRequirementPolicy[]>]: [Detail <String>]: [RequirementProvider <String>]: requirementProvider [ClientAppUsed <String>]: Identifies the legacy client used for sign-in activity. Includes Browser, Exchange Active Sync, modern clients, IMAP, MAPI, SMTP, and POP. [ConditionalAccessStatus <String>]: conditionalAccessStatus [CorrelationId <String>]: The request ID sent from the client when the sign-in is initiated; used to troubleshoot sign-in activity. [CreatedDateTime <DateTime?>]: Date and time (UTC) the sign-in was initiated. Example: midnight on Jan 1, 2014 is reported as '2014-01-01T00:00:00Z'. [DeviceDetailBrowser <String>]: Indicates the browser information of the used for signing in. [DeviceDetailBrowserId <String>]: [DeviceDetailDeviceId <String>]: Refers to the UniqueID of the device used for signing in. [DeviceDetailDisplayName <String>]: Refers to the name of the device used for signing in. [DeviceDetailIsCompliant <Boolean?>]: Indicates whether the device is compliant. [DeviceDetailIsManaged <Boolean?>]: Indicates whether the device is managed. [DeviceDetailOperatingSystem <String>]: Indicates the operating system name and version used for signing in. [DeviceDetailTrustType <String>]: Provides information about whether the signed-in device is Workplace Joined, AzureAD Joined, Domain Joined. [GeoCoordinateAltitude <Double?>]: Optional. The altitude (height), in feet, above sea level for the item. Read-only. [GeoCoordinateLatitude <Double?>]: Optional. The latitude, in decimal, for the item. Read-only. [GeoCoordinateLongitude <Double?>]: Optional. The longitude, in decimal, for the item. Read-only. [IPAddress <String>]: IP address of the client used to sign in. [IsInteractive <Boolean?>]: Indicates if a sign-in is interactive or not. [LocationCity <String>]: Provides the city where the sign-in originated. This is calculated using latitude/longitude information from the sign-in activity. [LocationCountryOrRegion <String>]: Provides the country code info (2 letter code) where the sign-in originated. This is calculated using latitude/longitude information from the sign-in activity. [LocationState <String>]: Provides the State where the sign-in originated. This is calculated using latitude/longitude information from the sign-in activity. [MfaDetailAuthDetail <String>]: [MfaDetailAuthMethod <String>]: [NetworkLocationDetails <IMicrosoftGraphNetworkLocationDetail[]>]: [NetworkNames <String[]>]: [NetworkType <String>]: networkType [OriginalRequestId <String>]: [ProcessingTimeInMilliseconds <Int32?>]: [ResourceDisplayName <String>]: Name of the resource the user signed into. [ResourceId <String>]: ID of the resource that the user signed into. [RiskDetail <String>]: riskDetail [RiskEventTypes <String[]>]: Risk event types associated with the sign-in. The possible values are: unlikelyTravel, anonymizedIPAddress, maliciousIPAddress, unfamiliarFeatures, malwareInfectedIPAddress, suspiciousIPAddress, leakedCredentials, investigationsThreatIntelligence, generic, and unknownFutureValue. [RiskEventTypesV2 <String[]>]: The list of risk event types associated with the sign-in. Possible values: unlikelyTravel, anonymizedIPAddress, maliciousIPAddress, unfamiliarFeatures, malwareInfectedIPAddress, suspiciousIPAddress, leakedCredentials, investigationsThreatIntelligence, generic, or unknownFutureValue. [RiskLevelAggregated <String>]: riskLevel [RiskLevelDuringSignIn <String>]: riskLevel [RiskState <String>]: riskState [ServicePrincipalId <String>]: [ServicePrincipalName <String>]: [StatusAdditionalDetails <String>]: Provides additional details on the sign-in activity [StatusErrorCode <Int32?>]: Provides the 5-6digit error code that's generated during a sign-in failure. Check out the list of error codes and messages. [StatusFailureReason <String>]: Provides the error message or the reason for failure for the corresponding sign-in activity. Check out the list of error codes and messages. [TokenIssuerName <String>]: [TokenIssuerType <String>]: tokenIssuerType [UserAgent <String>]: [UserDisplayName <String>]: Display name of the user that initiated the sign-in. [UserId <String>]: ID of the user that initiated the sign-in. [UserPrincipalName <String>]: User principal name of the user that initiated the sign-in. [Id <String>]: Read-only. [TargetTenantId <String>]: [SignIns <IMicrosoftGraphSignIn[]>]: Read-only. Nullable. [Id <String>]: Read-only. [AlternateSignInName <String>]: [AppDisplayName <String>]: App name displayed in the Azure Portal. [AppId <String>]: Unique GUID representing the app ID in the Azure Active Directory. [AppliedConditionalAccessPolicies <IMicrosoftGraphAppliedConditionalAccessPolicy[]>]: [AuthenticationDetails <IMicrosoftGraphAuthenticationDetail[]>]: [AuthenticationMethodsUsed <String[]>]: [AuthenticationProcessingDetails <IMicrosoftGraphKeyValue[]>]: [AuthenticationRequirement <String>]: [AuthenticationRequirementPolicies <IMicrosoftGraphAuthenticationRequirementPolicy[]>]: [ClientAppUsed <String>]: Identifies the legacy client used for sign-in activity. Includes Browser, Exchange Active Sync, modern clients, IMAP, MAPI, SMTP, and POP. [ConditionalAccessStatus <String>]: conditionalAccessStatus [CorrelationId <String>]: The request ID sent from the client when the sign-in is initiated; used to troubleshoot sign-in activity. [CreatedDateTime <DateTime?>]: Date and time (UTC) the sign-in was initiated. Example: midnight on Jan 1, 2014 is reported as '2014-01-01T00:00:00Z'. [DeviceDetailBrowser <String>]: Indicates the browser information of the used for signing in. [DeviceDetailBrowserId <String>]: [DeviceDetailDeviceId <String>]: Refers to the UniqueID of the device used for signing in. [DeviceDetailDisplayName <String>]: Refers to the name of the device used for signing in. [DeviceDetailIsCompliant <Boolean?>]: Indicates whether the device is compliant. [DeviceDetailIsManaged <Boolean?>]: Indicates whether the device is managed. [DeviceDetailOperatingSystem <String>]: Indicates the operating system name and version used for signing in. [DeviceDetailTrustType <String>]: Provides information about whether the signed-in device is Workplace Joined, AzureAD Joined, Domain Joined. [GeoCoordinateAltitude <Double?>]: Optional. The altitude (height), in feet, above sea level for the item. Read-only. [GeoCoordinateLatitude <Double?>]: Optional. The latitude, in decimal, for the item. Read-only. [GeoCoordinateLongitude <Double?>]: Optional. The longitude, in decimal, for the item. Read-only. [IPAddress <String>]: IP address of the client used to sign in. [IsInteractive <Boolean?>]: Indicates if a sign-in is interactive or not. [LocationCity <String>]: Provides the city where the sign-in originated. This is calculated using latitude/longitude information from the sign-in activity. [LocationCountryOrRegion <String>]: Provides the country code info (2 letter code) where the sign-in originated. This is calculated using latitude/longitude information from the sign-in activity. [LocationState <String>]: Provides the State where the sign-in originated. This is calculated using latitude/longitude information from the sign-in activity. [MfaDetailAuthDetail <String>]: [MfaDetailAuthMethod <String>]: [NetworkLocationDetails <IMicrosoftGraphNetworkLocationDetail[]>]: [OriginalRequestId <String>]: [ProcessingTimeInMilliseconds <Int32?>]: [ResourceDisplayName <String>]: Name of the resource the user signed into. [ResourceId <String>]: ID of the resource that the user signed into. [RiskDetail <String>]: riskDetail [RiskEventTypes <String[]>]: Risk event types associated with the sign-in. The possible values are: unlikelyTravel, anonymizedIPAddress, maliciousIPAddress, unfamiliarFeatures, malwareInfectedIPAddress, suspiciousIPAddress, leakedCredentials, investigationsThreatIntelligence, generic, and unknownFutureValue. [RiskEventTypesV2 <String[]>]: The list of risk event types associated with the sign-in. Possible values: unlikelyTravel, anonymizedIPAddress, maliciousIPAddress, unfamiliarFeatures, malwareInfectedIPAddress, suspiciousIPAddress, leakedCredentials, investigationsThreatIntelligence, generic, or unknownFutureValue. [RiskLevelAggregated <String>]: riskLevel [RiskLevelDuringSignIn <String>]: riskLevel [RiskState <String>]: riskState [ServicePrincipalId <String>]: [ServicePrincipalName <String>]: [StatusAdditionalDetails <String>]: Provides additional details on the sign-in activity [StatusErrorCode <Int32?>]: Provides the 5-6digit error code that's generated during a sign-in failure. Check out the list of error codes and messages. [StatusFailureReason <String>]: Provides the error message or the reason for failure for the corresponding sign-in activity. Check out the list of error codes and messages. [TokenIssuerName <String>]: [TokenIssuerType <String>]: tokenIssuerType [UserAgent <String>]: [UserDisplayName <String>]: Display name of the user that initiated the sign-in. [UserId <String>]: ID of the user that initiated the sign-in. [UserPrincipalName <String>]: User principal name of the user that initiated the sign-in. DIRECTORYAUDITS <IMicrosoftGraphDirectoryAudit[]>: Read-only. Nullable. [Id <String>]: Read-only. [ActivityDateTime <DateTime?>]: Indicates the date and time the activity was performed. The Timestamp type is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z' [ActivityDisplayName <String>]: Indicates the activity name or the operation name (examples: 'Create User' and 'Add member to group'). For full list, see Azure AD activity list. [AdditionalDetails <IMicrosoftGraphKeyValue[]>]: Indicates additional details on the activity. [Key <String>]: Key for the key-value pair. [Value <String>]: Value for the key-value pair. [AppDisplayName <String>]: Refers to the Application Name displayed in the Azure Portal. [AppId <String>]: Refers to the Unique GUID representing Application Id in the Azure Active Directory. [AppServicePrincipalId <String>]: Refers to the Unique GUID indicating Service Principal Id in Azure Active Directory for the corresponding App. [AppServicePrincipalName <String>]: Refers to the Service Principal Name is the Application name in the tenant. [Category <String>]: Indicates which resource category that's targeted by the activity. (For example: User Management, Group Management etc..) [CorrelationId <String>]: Indicates a unique ID that helps correlate activities that span across various services. Can be used to trace logs across services. [LoggedByService <String>]: Indicates information on which service initiated the activity (For example: Self-service Password Management, Core Directory, B2C, Invited Users, Microsoft Identity Manager, Privileged Identity Management. [OperationType <String>]: [Result <String>]: operationResult [ResultReason <String>]: Describes cause of 'failure' or 'timeout' results. [TargetResources <IMicrosoftGraphTargetResource[]>]: Indicates information on which resource was changed due to the activity. Target Resource Type can be User, Device, Directory, App, Role, Group, Policy or Other. [DisplayName <String>]: Indicates the visible name defined for the resource. Typically specified when the resource is created. [GroupType <String>]: groupType [Id <String>]: Indicates the unique ID of the resource. [ModifiedProperties <IMicrosoftGraphModifiedProperty[]>]: Indicates name, old value and new value of each attribute that changed. Property values depend on the operation type. [DisplayName <String>]: Indicates the property name of the target attribute that was changed. [NewValue <String>]: Indicates the updated value for the propery. [OldValue <String>]: Indicates the previous value (before the update) for the property. [Type <String>]: Describes the resource type. Example values include Application, Group, ServicePrincipal, and User. [UserPrincipalName <String>]: When type is set to User, this includes the user name that initiated the action; null for other types. [UserDisplayName <String>]: The identity's display name. Note that this may not always be available or up to date. For example, if a user changes their display name, the API may show the new value in a future response, but the items associated with the user won't show up as having changed when using delta. [UserIPAddress <String>]: Indicates the client IP address used by user performing the activity (audit log only). [UserId <String>]: Unique identifier for the identity. [UserPrincipalName <String>]: The userPrincipalName attribute of the user. DIRECTORYPROVISIONING <IMicrosoftGraphProvisioningObjectSummary[]>: . [Id <String>]: Read-only. [Action <String>]: [ActivityDateTime <DateTime?>]: [ChangeId <String>]: [CycleId <String>]: [DurationInMilliseconds <Int32?>]: [InitiatedByDisplayName <String>]: [InitiatedById <String>]: [InitiatedByInitiatorType <String>]: initiatorType [JobId <String>]: [ModifiedProperties <IMicrosoftGraphModifiedProperty[]>]: [DisplayName <String>]: Indicates the property name of the target attribute that was changed. [NewValue <String>]: Indicates the updated value for the propery. [OldValue <String>]: Indicates the previous value (before the update) for the property. [ProvisioningSteps <IMicrosoftGraphProvisioningStep[]>]: [Description <String>]: [Details <IMicrosoftGraphDetailsInfo>]: detailsInfo [Name <String>]: [ProvisioningStepType <String>]: provisioningStepType [Status <String>]: provisioningResult [ServicePrincipalDisplayName <String>]: The identity's display name. Note that this may not always be available or up to date. For example, if a user changes their display name, the API may show the new value in a future response, but the items associated with the user won't show up as having changed when using delta. [ServicePrincipalId <String>]: Unique identifier for the identity. [SourceIdentityDetails <IMicrosoftGraphDetailsInfo>]: detailsInfo [SourceIdentityDisplayName <String>]: [SourceIdentityId <String>]: [SourceIdentityType <String>]: [SourceSystemDetails <IMicrosoftGraphDetailsInfo>]: detailsInfo [SourceSystemDisplayName <String>]: [SourceSystemId <String>]: [StatusInfoStatus <String>]: provisioningResult [TargetIdentityDetails <IMicrosoftGraphDetailsInfo>]: detailsInfo [TargetIdentityDisplayName <String>]: [TargetIdentityId <String>]: [TargetIdentityType <String>]: [TargetSystemDetails <IMicrosoftGraphDetailsInfo>]: detailsInfo [TargetSystemDisplayName <String>]: [TargetSystemId <String>]: [TenantId <String>]: PROVISIONING <IMicrosoftGraphProvisioningObjectSummary[]>: . [Id <String>]: Read-only. [Action <String>]: [ActivityDateTime <DateTime?>]: [ChangeId <String>]: [CycleId <String>]: [DurationInMilliseconds <Int32?>]: [InitiatedByDisplayName <String>]: [InitiatedById <String>]: [InitiatedByInitiatorType <String>]: initiatorType [JobId <String>]: [ModifiedProperties <IMicrosoftGraphModifiedProperty[]>]: [DisplayName <String>]: Indicates the property name of the target attribute that was changed. [NewValue <String>]: Indicates the updated value for the propery. [OldValue <String>]: Indicates the previous value (before the update) for the property. [ProvisioningSteps <IMicrosoftGraphProvisioningStep[]>]: [Description <String>]: [Details <IMicrosoftGraphDetailsInfo>]: detailsInfo [Name <String>]: [ProvisioningStepType <String>]: provisioningStepType [Status <String>]: provisioningResult [ServicePrincipalDisplayName <String>]: The identity's display name. Note that this may not always be available or up to date. For example, if a user changes their display name, the API may show the new value in a future response, but the items associated with the user won't show up as having changed when using delta. [ServicePrincipalId <String>]: Unique identifier for the identity. [SourceIdentityDetails <IMicrosoftGraphDetailsInfo>]: detailsInfo [SourceIdentityDisplayName <String>]: [SourceIdentityId <String>]: [SourceIdentityType <String>]: [SourceSystemDetails <IMicrosoftGraphDetailsInfo>]: detailsInfo [SourceSystemDisplayName <String>]: [SourceSystemId <String>]: [StatusInfoStatus <String>]: provisioningResult [TargetIdentityDetails <IMicrosoftGraphDetailsInfo>]: detailsInfo [TargetIdentityDisplayName <String>]: [TargetIdentityId <String>]: [TargetIdentityType <String>]: [TargetSystemDetails <IMicrosoftGraphDetailsInfo>]: detailsInfo [TargetSystemDisplayName <String>]: [TargetSystemId <String>]: [TenantId <String>]: RESTRICTEDSIGNINS <IMicrosoftGraphRestrictedSignIn[]>: . [AlternateSignInName <String>]: [AppDisplayName <String>]: App name displayed in the Azure Portal. [AppId <String>]: Unique GUID representing the app ID in the Azure Active Directory. [AppliedConditionalAccessPolicies <IMicrosoftGraphAppliedConditionalAccessPolicy[]>]: [ConditionsNotSatisfied <String>]: conditionalAccessConditions [ConditionsSatisfied <String>]: conditionalAccessConditions [DisplayName <String>]: Refers to the Name of the conditional access policy (example: 'Require MFA for Salesforce'). [EnforcedGrantControls <String[]>]: Refers to the grant controls enforced by the conditional access policy (example: 'Require multi-factor authentication'). [EnforcedSessionControls <String[]>]: Refers to the session controls enforced by the conditional access policy (example: 'Require app enforced controls'). [Id <String>]: Unique GUID of the conditional access polic.y [Result <String>]: appliedConditionalAccessPolicyResult [AuthenticationDetails <IMicrosoftGraphAuthenticationDetail[]>]: [AuthenticationMethod <String>]: [AuthenticationMethodDetail <String>]: [AuthenticationStepDateTime <DateTime?>]: [AuthenticationStepRequirement <String>]: [AuthenticationStepResultDetail <String>]: [Succeeded <Boolean?>]: [AuthenticationMethodsUsed <String[]>]: [AuthenticationProcessingDetails <IMicrosoftGraphKeyValue[]>]: [Key <String>]: Key for the key-value pair. [Value <String>]: Value for the key-value pair. [AuthenticationRequirement <String>]: [AuthenticationRequirementPolicies <IMicrosoftGraphAuthenticationRequirementPolicy[]>]: [Detail <String>]: [RequirementProvider <String>]: requirementProvider [ClientAppUsed <String>]: Identifies the legacy client used for sign-in activity. Includes Browser, Exchange Active Sync, modern clients, IMAP, MAPI, SMTP, and POP. [ConditionalAccessStatus <String>]: conditionalAccessStatus [CorrelationId <String>]: The request ID sent from the client when the sign-in is initiated; used to troubleshoot sign-in activity. [CreatedDateTime <DateTime?>]: Date and time (UTC) the sign-in was initiated. Example: midnight on Jan 1, 2014 is reported as '2014-01-01T00:00:00Z'. [DeviceDetailBrowser <String>]: Indicates the browser information of the used for signing in. [DeviceDetailBrowserId <String>]: [DeviceDetailDeviceId <String>]: Refers to the UniqueID of the device used for signing in. [DeviceDetailDisplayName <String>]: Refers to the name of the device used for signing in. [DeviceDetailIsCompliant <Boolean?>]: Indicates whether the device is compliant. [DeviceDetailIsManaged <Boolean?>]: Indicates whether the device is managed. [DeviceDetailOperatingSystem <String>]: Indicates the operating system name and version used for signing in. [DeviceDetailTrustType <String>]: Provides information about whether the signed-in device is Workplace Joined, AzureAD Joined, Domain Joined. [GeoCoordinateAltitude <Double?>]: Optional. The altitude (height), in feet, above sea level for the item. Read-only. [GeoCoordinateLatitude <Double?>]: Optional. The latitude, in decimal, for the item. Read-only. [GeoCoordinateLongitude <Double?>]: Optional. The longitude, in decimal, for the item. Read-only. [IPAddress <String>]: IP address of the client used to sign in. [IsInteractive <Boolean?>]: Indicates if a sign-in is interactive or not. [LocationCity <String>]: Provides the city where the sign-in originated. This is calculated using latitude/longitude information from the sign-in activity. [LocationCountryOrRegion <String>]: Provides the country code info (2 letter code) where the sign-in originated. This is calculated using latitude/longitude information from the sign-in activity. [LocationState <String>]: Provides the State where the sign-in originated. This is calculated using latitude/longitude information from the sign-in activity. [MfaDetailAuthDetail <String>]: [MfaDetailAuthMethod <String>]: [NetworkLocationDetails <IMicrosoftGraphNetworkLocationDetail[]>]: [NetworkNames <String[]>]: [NetworkType <String>]: networkType [OriginalRequestId <String>]: [ProcessingTimeInMilliseconds <Int32?>]: [ResourceDisplayName <String>]: Name of the resource the user signed into. [ResourceId <String>]: ID of the resource that the user signed into. [RiskDetail <String>]: riskDetail [RiskEventTypes <String[]>]: Risk event types associated with the sign-in. The possible values are: unlikelyTravel, anonymizedIPAddress, maliciousIPAddress, unfamiliarFeatures, malwareInfectedIPAddress, suspiciousIPAddress, leakedCredentials, investigationsThreatIntelligence, generic, and unknownFutureValue. [RiskEventTypesV2 <String[]>]: The list of risk event types associated with the sign-in. Possible values: unlikelyTravel, anonymizedIPAddress, maliciousIPAddress, unfamiliarFeatures, malwareInfectedIPAddress, suspiciousIPAddress, leakedCredentials, investigationsThreatIntelligence, generic, or unknownFutureValue. [RiskLevelAggregated <String>]: riskLevel [RiskLevelDuringSignIn <String>]: riskLevel [RiskState <String>]: riskState [ServicePrincipalId <String>]: [ServicePrincipalName <String>]: [StatusAdditionalDetails <String>]: Provides additional details on the sign-in activity [StatusErrorCode <Int32?>]: Provides the 5-6digit error code that's generated during a sign-in failure. Check out the list of error codes and messages. [StatusFailureReason <String>]: Provides the error message or the reason for failure for the corresponding sign-in activity. Check out the list of error codes and messages. [TokenIssuerName <String>]: [TokenIssuerType <String>]: tokenIssuerType [UserAgent <String>]: [UserDisplayName <String>]: Display name of the user that initiated the sign-in. [UserId <String>]: ID of the user that initiated the sign-in. [UserPrincipalName <String>]: User principal name of the user that initiated the sign-in. [Id <String>]: Read-only. [TargetTenantId <String>]: SIGNINS <IMicrosoftGraphSignIn[]>: Read-only. Nullable. [Id <String>]: Read-only. [AlternateSignInName <String>]: [AppDisplayName <String>]: App name displayed in the Azure Portal. [AppId <String>]: Unique GUID representing the app ID in the Azure Active Directory. [AppliedConditionalAccessPolicies <IMicrosoftGraphAppliedConditionalAccessPolicy[]>]: [ConditionsNotSatisfied <String>]: conditionalAccessConditions [ConditionsSatisfied <String>]: conditionalAccessConditions [DisplayName <String>]: Refers to the Name of the conditional access policy (example: 'Require MFA for Salesforce'). [EnforcedGrantControls <String[]>]: Refers to the grant controls enforced by the conditional access policy (example: 'Require multi-factor authentication'). [EnforcedSessionControls <String[]>]: Refers to the session controls enforced by the conditional access policy (example: 'Require app enforced controls'). [Id <String>]: Unique GUID of the conditional access polic.y [Result <String>]: appliedConditionalAccessPolicyResult [AuthenticationDetails <IMicrosoftGraphAuthenticationDetail[]>]: [AuthenticationMethod <String>]: [AuthenticationMethodDetail <String>]: [AuthenticationStepDateTime <DateTime?>]: [AuthenticationStepRequirement <String>]: [AuthenticationStepResultDetail <String>]: [Succeeded <Boolean?>]: [AuthenticationMethodsUsed <String[]>]: [AuthenticationProcessingDetails <IMicrosoftGraphKeyValue[]>]: [Key <String>]: Key for the key-value pair. [Value <String>]: Value for the key-value pair. [AuthenticationRequirement <String>]: [AuthenticationRequirementPolicies <IMicrosoftGraphAuthenticationRequirementPolicy[]>]: [Detail <String>]: [RequirementProvider <String>]: requirementProvider [ClientAppUsed <String>]: Identifies the legacy client used for sign-in activity. Includes Browser, Exchange Active Sync, modern clients, IMAP, MAPI, SMTP, and POP. [ConditionalAccessStatus <String>]: conditionalAccessStatus [CorrelationId <String>]: The request ID sent from the client when the sign-in is initiated; used to troubleshoot sign-in activity. [CreatedDateTime <DateTime?>]: Date and time (UTC) the sign-in was initiated. Example: midnight on Jan 1, 2014 is reported as '2014-01-01T00:00:00Z'. [DeviceDetailBrowser <String>]: Indicates the browser information of the used for signing in. [DeviceDetailBrowserId <String>]: [DeviceDetailDeviceId <String>]: Refers to the UniqueID of the device used for signing in. [DeviceDetailDisplayName <String>]: Refers to the name of the device used for signing in. [DeviceDetailIsCompliant <Boolean?>]: Indicates whether the device is compliant. [DeviceDetailIsManaged <Boolean?>]: Indicates whether the device is managed. [DeviceDetailOperatingSystem <String>]: Indicates the operating system name and version used for signing in. [DeviceDetailTrustType <String>]: Provides information about whether the signed-in device is Workplace Joined, AzureAD Joined, Domain Joined. [GeoCoordinateAltitude <Double?>]: Optional. The altitude (height), in feet, above sea level for the item. Read-only. [GeoCoordinateLatitude <Double?>]: Optional. The latitude, in decimal, for the item. Read-only. [GeoCoordinateLongitude <Double?>]: Optional. The longitude, in decimal, for the item. Read-only. [IPAddress <String>]: IP address of the client used to sign in. [IsInteractive <Boolean?>]: Indicates if a sign-in is interactive or not. [LocationCity <String>]: Provides the city where the sign-in originated. This is calculated using latitude/longitude information from the sign-in activity. [LocationCountryOrRegion <String>]: Provides the country code info (2 letter code) where the sign-in originated. This is calculated using latitude/longitude information from the sign-in activity. [LocationState <String>]: Provides the State where the sign-in originated. This is calculated using latitude/longitude information from the sign-in activity. [MfaDetailAuthDetail <String>]: [MfaDetailAuthMethod <String>]: [NetworkLocationDetails <IMicrosoftGraphNetworkLocationDetail[]>]: [NetworkNames <String[]>]: [NetworkType <String>]: networkType [OriginalRequestId <String>]: [ProcessingTimeInMilliseconds <Int32?>]: [ResourceDisplayName <String>]: Name of the resource the user signed into. [ResourceId <String>]: ID of the resource that the user signed into. [RiskDetail <String>]: riskDetail [RiskEventTypes <String[]>]: Risk event types associated with the sign-in. The possible values are: unlikelyTravel, anonymizedIPAddress, maliciousIPAddress, unfamiliarFeatures, malwareInfectedIPAddress, suspiciousIPAddress, leakedCredentials, investigationsThreatIntelligence, generic, and unknownFutureValue. [RiskEventTypesV2 <String[]>]: The list of risk event types associated with the sign-in. Possible values: unlikelyTravel, anonymizedIPAddress, maliciousIPAddress, unfamiliarFeatures, malwareInfectedIPAddress, suspiciousIPAddress, leakedCredentials, investigationsThreatIntelligence, generic, or unknownFutureValue. [RiskLevelAggregated <String>]: riskLevel [RiskLevelDuringSignIn <String>]: riskLevel [RiskState <String>]: riskState [ServicePrincipalId <String>]: [ServicePrincipalName <String>]: [StatusAdditionalDetails <String>]: Provides additional details on the sign-in activity [StatusErrorCode <Int32?>]: Provides the 5-6digit error code that's generated during a sign-in failure. Check out the list of error codes and messages. [StatusFailureReason <String>]: Provides the error message or the reason for failure for the corresponding sign-in activity. Check out the list of error codes and messages. [TokenIssuerName <String>]: [TokenIssuerType <String>]: tokenIssuerType [UserAgent <String>]: [UserDisplayName <String>]: Display name of the user that initiated the sign-in. [UserId <String>]: ID of the user that initiated the sign-in. [UserPrincipalName <String>]: User principal name of the user that initiated the sign-in. .Link https://docs.microsoft.com/en-us/powershell/module/microsoft.graph.identity.auditlogs/update-mgauditlogrootauditlogroot #> function Update-MgAuditLogRootAuditLogRoot { [OutputType([System.Boolean])] [CmdletBinding(DefaultParameterSetName='UpdateExpanded', PositionalBinding=$false, SupportsShouldProcess, ConfirmImpact='Medium')] param( [Parameter(ParameterSetName='Update', Mandatory, ValueFromPipeline)] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphAuditLogRoot] # auditLogRoot # To construct, see NOTES section for BODYPARAMETER properties and create a hash table. ${BodyParameter}, [Parameter(ParameterSetName='UpdateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphDirectoryAudit[]] # Read-only. # Nullable. # To construct, see NOTES section for DIRECTORYAUDITS properties and create a hash table. ${DirectoryAudits}, [Parameter(ParameterSetName='UpdateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphProvisioningObjectSummary[]] # . # To construct, see NOTES section for DIRECTORYPROVISIONING properties and create a hash table. ${DirectoryProvisioning}, [Parameter(ParameterSetName='UpdateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Read-only. ${Id}, [Parameter(ParameterSetName='UpdateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphProvisioningObjectSummary[]] # . # To construct, see NOTES section for PROVISIONING properties and create a hash table. ${Provisioning}, [Parameter(ParameterSetName='UpdateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphRestrictedSignIn[]] # . # To construct, see NOTES section for RESTRICTEDSIGNINS properties and create a hash table. ${RestrictedSignIns}, [Parameter(ParameterSetName='UpdateExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphSignIn[]] # Read-only. # Nullable. # To construct, see NOTES section for SIGNINS properties and create a hash table. ${SignIns}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter()] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Returns true when the command succeeds ${PassThru}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ Update = 'Microsoft.Graph.Identity.AuditLogs.private\Update-MgAuditLogRootAuditLogRoot_Update'; UpdateExpanded = 'Microsoft.Graph.Identity.AuditLogs.private\Update-MgAuditLogRootAuditLogRoot_UpdateExpanded'; } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } # ---------------------------------------------------------------------------------- # # Copyright Microsoft Corporation # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # ---------------------------------------------------------------------------------- <# .Synopsis Update the navigation property signIns in auditLogs .Description Update the navigation property signIns in auditLogs .Example PS C:\> {{ Add code here }} {{ Add output here }} .Example PS C:\> {{ Add code here }} {{ Add output here }} .Inputs Microsoft.Graph.PowerShell.Models.IIdentityAuditLogsIdentity .Inputs Microsoft.Graph.PowerShell.Models.IMicrosoftGraphSignIn .Outputs System.Boolean .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. APPLIEDCONDITIONALACCESSPOLICIES <IMicrosoftGraphAppliedConditionalAccessPolicy[]>: . [ConditionsNotSatisfied <String>]: conditionalAccessConditions [ConditionsSatisfied <String>]: conditionalAccessConditions [DisplayName <String>]: Refers to the Name of the conditional access policy (example: 'Require MFA for Salesforce'). [EnforcedGrantControls <String[]>]: Refers to the grant controls enforced by the conditional access policy (example: 'Require multi-factor authentication'). [EnforcedSessionControls <String[]>]: Refers to the session controls enforced by the conditional access policy (example: 'Require app enforced controls'). [Id <String>]: Unique GUID of the conditional access polic.y [Result <String>]: appliedConditionalAccessPolicyResult AUTHENTICATIONDETAILS <IMicrosoftGraphAuthenticationDetail[]>: . [AuthenticationMethod <String>]: [AuthenticationMethodDetail <String>]: [AuthenticationStepDateTime <DateTime?>]: [AuthenticationStepRequirement <String>]: [AuthenticationStepResultDetail <String>]: [Succeeded <Boolean?>]: AUTHENTICATIONPROCESSINGDETAILS <IMicrosoftGraphKeyValue[]>: . [Key <String>]: Key for the key-value pair. [Value <String>]: Value for the key-value pair. AUTHENTICATIONREQUIREMENTPOLICIES <IMicrosoftGraphAuthenticationRequirementPolicy[]>: . [Detail <String>]: [RequirementProvider <String>]: requirementProvider BODYPARAMETER <IMicrosoftGraphSignIn>: signIn [Id <String>]: Read-only. [AlternateSignInName <String>]: [AppDisplayName <String>]: App name displayed in the Azure Portal. [AppId <String>]: Unique GUID representing the app ID in the Azure Active Directory. [AppliedConditionalAccessPolicies <IMicrosoftGraphAppliedConditionalAccessPolicy[]>]: [ConditionsNotSatisfied <String>]: conditionalAccessConditions [ConditionsSatisfied <String>]: conditionalAccessConditions [DisplayName <String>]: Refers to the Name of the conditional access policy (example: 'Require MFA for Salesforce'). [EnforcedGrantControls <String[]>]: Refers to the grant controls enforced by the conditional access policy (example: 'Require multi-factor authentication'). [EnforcedSessionControls <String[]>]: Refers to the session controls enforced by the conditional access policy (example: 'Require app enforced controls'). [Id <String>]: Unique GUID of the conditional access polic.y [Result <String>]: appliedConditionalAccessPolicyResult [AuthenticationDetails <IMicrosoftGraphAuthenticationDetail[]>]: [AuthenticationMethod <String>]: [AuthenticationMethodDetail <String>]: [AuthenticationStepDateTime <DateTime?>]: [AuthenticationStepRequirement <String>]: [AuthenticationStepResultDetail <String>]: [Succeeded <Boolean?>]: [AuthenticationMethodsUsed <String[]>]: [AuthenticationProcessingDetails <IMicrosoftGraphKeyValue[]>]: [Key <String>]: Key for the key-value pair. [Value <String>]: Value for the key-value pair. [AuthenticationRequirement <String>]: [AuthenticationRequirementPolicies <IMicrosoftGraphAuthenticationRequirementPolicy[]>]: [Detail <String>]: [RequirementProvider <String>]: requirementProvider [ClientAppUsed <String>]: Identifies the legacy client used for sign-in activity. Includes Browser, Exchange Active Sync, modern clients, IMAP, MAPI, SMTP, and POP. [ConditionalAccessStatus <String>]: conditionalAccessStatus [CorrelationId <String>]: The request ID sent from the client when the sign-in is initiated; used to troubleshoot sign-in activity. [CreatedDateTime <DateTime?>]: Date and time (UTC) the sign-in was initiated. Example: midnight on Jan 1, 2014 is reported as '2014-01-01T00:00:00Z'. [DeviceDetailBrowser <String>]: Indicates the browser information of the used for signing in. [DeviceDetailBrowserId <String>]: [DeviceDetailDeviceId <String>]: Refers to the UniqueID of the device used for signing in. [DeviceDetailDisplayName <String>]: Refers to the name of the device used for signing in. [DeviceDetailIsCompliant <Boolean?>]: Indicates whether the device is compliant. [DeviceDetailIsManaged <Boolean?>]: Indicates whether the device is managed. [DeviceDetailOperatingSystem <String>]: Indicates the operating system name and version used for signing in. [DeviceDetailTrustType <String>]: Provides information about whether the signed-in device is Workplace Joined, AzureAD Joined, Domain Joined. [GeoCoordinateAltitude <Double?>]: Optional. The altitude (height), in feet, above sea level for the item. Read-only. [GeoCoordinateLatitude <Double?>]: Optional. The latitude, in decimal, for the item. Read-only. [GeoCoordinateLongitude <Double?>]: Optional. The longitude, in decimal, for the item. Read-only. [IPAddress <String>]: IP address of the client used to sign in. [IsInteractive <Boolean?>]: Indicates if a sign-in is interactive or not. [LocationCity <String>]: Provides the city where the sign-in originated. This is calculated using latitude/longitude information from the sign-in activity. [LocationCountryOrRegion <String>]: Provides the country code info (2 letter code) where the sign-in originated. This is calculated using latitude/longitude information from the sign-in activity. [LocationState <String>]: Provides the State where the sign-in originated. This is calculated using latitude/longitude information from the sign-in activity. [MfaDetailAuthDetail <String>]: [MfaDetailAuthMethod <String>]: [NetworkLocationDetails <IMicrosoftGraphNetworkLocationDetail[]>]: [NetworkNames <String[]>]: [NetworkType <String>]: networkType [OriginalRequestId <String>]: [ProcessingTimeInMilliseconds <Int32?>]: [ResourceDisplayName <String>]: Name of the resource the user signed into. [ResourceId <String>]: ID of the resource that the user signed into. [RiskDetail <String>]: riskDetail [RiskEventTypes <String[]>]: Risk event types associated with the sign-in. The possible values are: unlikelyTravel, anonymizedIPAddress, maliciousIPAddress, unfamiliarFeatures, malwareInfectedIPAddress, suspiciousIPAddress, leakedCredentials, investigationsThreatIntelligence, generic, and unknownFutureValue. [RiskEventTypesV2 <String[]>]: The list of risk event types associated with the sign-in. Possible values: unlikelyTravel, anonymizedIPAddress, maliciousIPAddress, unfamiliarFeatures, malwareInfectedIPAddress, suspiciousIPAddress, leakedCredentials, investigationsThreatIntelligence, generic, or unknownFutureValue. [RiskLevelAggregated <String>]: riskLevel [RiskLevelDuringSignIn <String>]: riskLevel [RiskState <String>]: riskState [ServicePrincipalId <String>]: [ServicePrincipalName <String>]: [StatusAdditionalDetails <String>]: Provides additional details on the sign-in activity [StatusErrorCode <Int32?>]: Provides the 5-6digit error code that's generated during a sign-in failure. Check out the list of error codes and messages. [StatusFailureReason <String>]: Provides the error message or the reason for failure for the corresponding sign-in activity. Check out the list of error codes and messages. [TokenIssuerName <String>]: [TokenIssuerType <String>]: tokenIssuerType [UserAgent <String>]: [UserDisplayName <String>]: Display name of the user that initiated the sign-in. [UserId <String>]: ID of the user that initiated the sign-in. [UserPrincipalName <String>]: User principal name of the user that initiated the sign-in. INPUTOBJECT <IIdentityAuditLogsIdentity>: Identity Parameter [DirectoryAuditId <String>]: key: directoryAudit-id of directoryAudit [ProvisioningObjectSummaryId <String>]: key: provisioningObjectSummary-id of provisioningObjectSummary [RestrictedSignInId <String>]: key: restrictedSignIn-id of restrictedSignIn [SignInId <String>]: key: signIn-id of signIn NETWORKLOCATIONDETAILS <IMicrosoftGraphNetworkLocationDetail[]>: . [NetworkNames <String[]>]: [NetworkType <String>]: networkType .Link https://docs.microsoft.com/en-us/powershell/module/microsoft.graph.identity.auditlogs/update-mgauditlogsignin #> function Update-MgAuditLogSignIn { [OutputType([System.Boolean])] [CmdletBinding(DefaultParameterSetName='UpdateExpanded', PositionalBinding=$false, SupportsShouldProcess, ConfirmImpact='Medium')] param( [Parameter(ParameterSetName='Update', Mandatory)] [Parameter(ParameterSetName='UpdateExpanded', Mandatory)] [Microsoft.Graph.PowerShell.Category('Path')] [System.String] # key: signIn-id of signIn ${SignInId}, [Parameter(ParameterSetName='UpdateViaIdentity', Mandatory, ValueFromPipeline)] [Parameter(ParameterSetName='UpdateViaIdentityExpanded', Mandatory, ValueFromPipeline)] [Microsoft.Graph.PowerShell.Category('Path')] [Microsoft.Graph.PowerShell.Models.IIdentityAuditLogsIdentity] # Identity Parameter # To construct, see NOTES section for INPUTOBJECT properties and create a hash table. ${InputObject}, [Parameter(ParameterSetName='Update', Mandatory, ValueFromPipeline)] [Parameter(ParameterSetName='UpdateViaIdentity', Mandatory, ValueFromPipeline)] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphSignIn] # signIn # To construct, see NOTES section for BODYPARAMETER properties and create a hash table. ${BodyParameter}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${AlternateSignInName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # App name displayed in the Azure Portal. ${AppDisplayName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Unique GUID representing the app ID in the Azure Active Directory. ${AppId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphAppliedConditionalAccessPolicy[]] # . # To construct, see NOTES section for APPLIEDCONDITIONALACCESSPOLICIES properties and create a hash table. ${AppliedConditionalAccessPolicies}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphAuthenticationDetail[]] # . # To construct, see NOTES section for AUTHENTICATIONDETAILS properties and create a hash table. ${AuthenticationDetails}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String[]] # . ${AuthenticationMethodsUsed}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphKeyValue[]] # . # To construct, see NOTES section for AUTHENTICATIONPROCESSINGDETAILS properties and create a hash table. ${AuthenticationProcessingDetails}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${AuthenticationRequirement}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphAuthenticationRequirementPolicy[]] # . # To construct, see NOTES section for AUTHENTICATIONREQUIREMENTPOLICIES properties and create a hash table. ${AuthenticationRequirementPolicies}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Identifies the legacy client used for sign-in activity. # Includes Browser, Exchange Active Sync, modern clients, IMAP, MAPI, SMTP, and POP. ${ClientAppUsed}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # conditionalAccessStatus ${ConditionalAccessStatus}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # The request ID sent from the client when the sign-in is initiated; used to troubleshoot sign-in activity. ${CorrelationId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.DateTime] # Date and time (UTC) the sign-in was initiated. # Example: midnight on Jan 1, 2014 is reported as '2014-01-01T00:00:00Z'. ${CreatedDateTime}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Indicates the browser information of the used for signing in. ${DeviceDetailBrowser}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${DeviceDetailBrowserId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Refers to the UniqueID of the device used for signing in. ${DeviceDetailDeviceId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Refers to the name of the device used for signing in. ${DeviceDetailDisplayName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Management.Automation.SwitchParameter] # Indicates whether the device is compliant. ${DeviceDetailIsCompliant}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Management.Automation.SwitchParameter] # Indicates whether the device is managed. ${DeviceDetailIsManaged}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Indicates the operating system name and version used for signing in. ${DeviceDetailOperatingSystem}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Provides information about whether the signed-in device is Workplace Joined, AzureAD Joined, Domain Joined. ${DeviceDetailTrustType}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Double] # Optional. # The altitude (height), in feet, above sea level for the item. # Read-only. ${GeoCoordinateAltitude}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Double] # Optional. # The latitude, in decimal, for the item. # Read-only. ${GeoCoordinateLatitude}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Double] # Optional. # The longitude, in decimal, for the item. # Read-only. ${GeoCoordinateLongitude}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # IP address of the client used to sign in. ${IPAddress}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Read-only. ${Id}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Management.Automation.SwitchParameter] # Indicates if a sign-in is interactive or not. ${IsInteractive}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Provides the city where the sign-in originated. # This is calculated using latitude/longitude information from the sign-in activity. ${LocationCity}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Provides the country code info (2 letter code) where the sign-in originated. # This is calculated using latitude/longitude information from the sign-in activity. ${LocationCountryOrRegion}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Provides the State where the sign-in originated. # This is calculated using latitude/longitude information from the sign-in activity. ${LocationState}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${MfaDetailAuthDetail}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${MfaDetailAuthMethod}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphNetworkLocationDetail[]] # . # To construct, see NOTES section for NETWORKLOCATIONDETAILS properties and create a hash table. ${NetworkLocationDetails}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${OriginalRequestId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Int32] # . ${ProcessingTimeInMilliseconds}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Name of the resource the user signed into. ${ResourceDisplayName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # ID of the resource that the user signed into. ${ResourceId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # riskDetail ${RiskDetail}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String[]] # Risk event types associated with the sign-in. # The possible values are: unlikelyTravel, anonymizedIPAddress, maliciousIPAddress, unfamiliarFeatures, malwareInfectedIPAddress, suspiciousIPAddress, leakedCredentials, investigationsThreatIntelligence, generic, and unknownFutureValue. ${RiskEventTypes}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String[]] # The list of risk event types associated with the sign-in. # Possible values: unlikelyTravel, anonymizedIPAddress, maliciousIPAddress, unfamiliarFeatures, malwareInfectedIPAddress, suspiciousIPAddress, leakedCredentials, investigationsThreatIntelligence, generic, or unknownFutureValue. ${RiskEventTypesV2}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # riskLevel ${RiskLevelAggregated}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # riskLevel ${RiskLevelDuringSignIn}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # riskState ${RiskState}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${ServicePrincipalId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${ServicePrincipalName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Provides additional details on the sign-in activity ${StatusAdditionalDetails}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.Int32] # Provides the 5-6digit error code that's generated during a sign-in failure. # Check out the list of error codes and messages. ${StatusErrorCode}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Provides the error message or the reason for failure for the corresponding sign-in activity. # Check out the list of error codes and messages. ${StatusFailureReason}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${TokenIssuerName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # tokenIssuerType ${TokenIssuerType}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # . ${UserAgent}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # Display name of the user that initiated the sign-in. ${UserDisplayName}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # ID of the user that initiated the sign-in. ${UserId}, [Parameter(ParameterSetName='UpdateExpanded')] [Parameter(ParameterSetName='UpdateViaIdentityExpanded')] [Microsoft.Graph.PowerShell.Category('Body')] [System.String] # User principal name of the user that initiated the sign-in. ${UserPrincipalName}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter()] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Returns true when the command succeeds ${PassThru}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Graph.PowerShell.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ Update = 'Microsoft.Graph.Identity.AuditLogs.private\Update-MgAuditLogSignIn_Update'; UpdateExpanded = 'Microsoft.Graph.Identity.AuditLogs.private\Update-MgAuditLogSignIn_UpdateExpanded'; UpdateViaIdentity = 'Microsoft.Graph.Identity.AuditLogs.private\Update-MgAuditLogSignIn_UpdateViaIdentity'; UpdateViaIdentityExpanded = 'Microsoft.Graph.Identity.AuditLogs.private\Update-MgAuditLogSignIn_UpdateViaIdentityExpanded'; } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } # SIG # Begin signature block # MIIjkgYJKoZIhvcNAQcCoIIjgzCCI38CAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCBDcfPm22OkPvsi # JV0+eZaD1e9jHmWikP7K2RprFCUiD6CCDYEwggX/MIID56ADAgECAhMzAAABh3IX # chVZQMcJAAAAAAGHMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p # bmcgUENBIDIwMTEwHhcNMjAwMzA0MTgzOTQ3WhcNMjEwMzAzMTgzOTQ3WjB0MQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB # AQDOt8kLc7P3T7MKIhouYHewMFmnq8Ayu7FOhZCQabVwBp2VS4WyB2Qe4TQBT8aB # znANDEPjHKNdPT8Xz5cNali6XHefS8i/WXtF0vSsP8NEv6mBHuA2p1fw2wB/F0dH # sJ3GfZ5c0sPJjklsiYqPw59xJ54kM91IOgiO2OUzjNAljPibjCWfH7UzQ1TPHc4d # weils8GEIrbBRb7IWwiObL12jWT4Yh71NQgvJ9Fn6+UhD9x2uk3dLj84vwt1NuFQ # itKJxIV0fVsRNR3abQVOLqpDugbr0SzNL6o8xzOHL5OXiGGwg6ekiXA1/2XXY7yV # Fc39tledDtZjSjNbex1zzwSXAgMBAAGjggF+MIIBejAfBgNVHSUEGDAWBgorBgEE # AYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQUhov4ZyO96axkJdMjpzu2zVXOJcsw # UAYDVR0RBEkwR6RFMEMxKTAnBgNVBAsTIE1pY3Jvc29mdCBPcGVyYXRpb25zIFB1 # ZXJ0byBSaWNvMRYwFAYDVQQFEw0yMzAwMTIrNDU4Mzg1MB8GA1UdIwQYMBaAFEhu # ZOVQBdOCqhc3NyK1bajKdQKVMFQGA1UdHwRNMEswSaBHoEWGQ2h0dHA6Ly93d3cu # bWljcm9zb2Z0LmNvbS9wa2lvcHMvY3JsL01pY0NvZFNpZ1BDQTIwMTFfMjAxMS0w # Ny0wOC5jcmwwYQYIKwYBBQUHAQEEVTBTMFEGCCsGAQUFBzAChkVodHRwOi8vd3d3 # Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NlcnRzL01pY0NvZFNpZ1BDQTIwMTFfMjAx # MS0wNy0wOC5jcnQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAgEAixmy # S6E6vprWD9KFNIB9G5zyMuIjZAOuUJ1EK/Vlg6Fb3ZHXjjUwATKIcXbFuFC6Wr4K # NrU4DY/sBVqmab5AC/je3bpUpjtxpEyqUqtPc30wEg/rO9vmKmqKoLPT37svc2NV # BmGNl+85qO4fV/w7Cx7J0Bbqk19KcRNdjt6eKoTnTPHBHlVHQIHZpMxacbFOAkJr # qAVkYZdz7ikNXTxV+GRb36tC4ByMNxE2DF7vFdvaiZP0CVZ5ByJ2gAhXMdK9+usx # zVk913qKde1OAuWdv+rndqkAIm8fUlRnr4saSCg7cIbUwCCf116wUJ7EuJDg0vHe # yhnCeHnBbyH3RZkHEi2ofmfgnFISJZDdMAeVZGVOh20Jp50XBzqokpPzeZ6zc1/g # yILNyiVgE+RPkjnUQshd1f1PMgn3tns2Cz7bJiVUaqEO3n9qRFgy5JuLae6UweGf # AeOo3dgLZxikKzYs3hDMaEtJq8IP71cX7QXe6lnMmXU/Hdfz2p897Zd+kU+vZvKI # 3cwLfuVQgK2RZ2z+Kc3K3dRPz2rXycK5XCuRZmvGab/WbrZiC7wJQapgBodltMI5 # GMdFrBg9IeF7/rP4EqVQXeKtevTlZXjpuNhhjuR+2DMt/dWufjXpiW91bo3aH6Ea # jOALXmoxgltCp1K7hrS6gmsvj94cLRf50QQ4U8Qwggd6MIIFYqADAgECAgphDpDS # AAAAAAADMA0GCSqGSIb3DQEBCwUAMIGIMQswCQYDVQQGEwJVUzETMBEGA1UECBMK # V2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0 # IENvcnBvcmF0aW9uMTIwMAYDVQQDEylNaWNyb3NvZnQgUm9vdCBDZXJ0aWZpY2F0 # ZSBBdXRob3JpdHkgMjAxMTAeFw0xMTA3MDgyMDU5MDlaFw0yNjA3MDgyMTA5MDla # MH4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdS # ZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMT # H01pY3Jvc29mdCBDb2RlIFNpZ25pbmcgUENBIDIwMTEwggIiMA0GCSqGSIb3DQEB # AQUAA4ICDwAwggIKAoICAQCr8PpyEBwurdhuqoIQTTS68rZYIZ9CGypr6VpQqrgG # OBoESbp/wwwe3TdrxhLYC/A4wpkGsMg51QEUMULTiQ15ZId+lGAkbK+eSZzpaF7S # 35tTsgosw6/ZqSuuegmv15ZZymAaBelmdugyUiYSL+erCFDPs0S3XdjELgN1q2jz # y23zOlyhFvRGuuA4ZKxuZDV4pqBjDy3TQJP4494HDdVceaVJKecNvqATd76UPe/7 # 4ytaEB9NViiienLgEjq3SV7Y7e1DkYPZe7J7hhvZPrGMXeiJT4Qa8qEvWeSQOy2u # M1jFtz7+MtOzAz2xsq+SOH7SnYAs9U5WkSE1JcM5bmR/U7qcD60ZI4TL9LoDho33 # X/DQUr+MlIe8wCF0JV8YKLbMJyg4JZg5SjbPfLGSrhwjp6lm7GEfauEoSZ1fiOIl # XdMhSz5SxLVXPyQD8NF6Wy/VI+NwXQ9RRnez+ADhvKwCgl/bwBWzvRvUVUvnOaEP # 6SNJvBi4RHxF5MHDcnrgcuck379GmcXvwhxX24ON7E1JMKerjt/sW5+v/N2wZuLB # l4F77dbtS+dJKacTKKanfWeA5opieF+yL4TXV5xcv3coKPHtbcMojyyPQDdPweGF # RInECUzF1KVDL3SV9274eCBYLBNdYJWaPk8zhNqwiBfenk70lrC8RqBsmNLg1oiM # CwIDAQABo4IB7TCCAekwEAYJKwYBBAGCNxUBBAMCAQAwHQYDVR0OBBYEFEhuZOVQ # BdOCqhc3NyK1bajKdQKVMBkGCSsGAQQBgjcUAgQMHgoAUwB1AGIAQwBBMAsGA1Ud # DwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFHItOgIxkEO5FAVO # 4eqnxzHRI4k0MFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwubWljcm9zb2Z0 # LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL01pY1Jvb0NlckF1dDIwMTFfMjAxMV8wM18y # Mi5jcmwwXgYIKwYBBQUHAQEEUjBQME4GCCsGAQUFBzAChkJodHRwOi8vd3d3Lm1p # Y3Jvc29mdC5jb20vcGtpL2NlcnRzL01pY1Jvb0NlckF1dDIwMTFfMjAxMV8wM18y # Mi5jcnQwgZ8GA1UdIASBlzCBlDCBkQYJKwYBBAGCNy4DMIGDMD8GCCsGAQUFBwIB # FjNodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2RvY3MvcHJpbWFyeWNw # cy5odG0wQAYIKwYBBQUHAgIwNB4yIB0ATABlAGcAYQBsAF8AcABvAGwAaQBjAHkA # XwBzAHQAYQB0AGUAbQBlAG4AdAAuIB0wDQYJKoZIhvcNAQELBQADggIBAGfyhqWY # 4FR5Gi7T2HRnIpsLlhHhY5KZQpZ90nkMkMFlXy4sPvjDctFtg/6+P+gKyju/R6mj # 82nbY78iNaWXXWWEkH2LRlBV2AySfNIaSxzzPEKLUtCw/WvjPgcuKZvmPRul1LUd # d5Q54ulkyUQ9eHoj8xN9ppB0g430yyYCRirCihC7pKkFDJvtaPpoLpWgKj8qa1hJ # Yx8JaW5amJbkg/TAj/NGK978O9C9Ne9uJa7lryft0N3zDq+ZKJeYTQ49C/IIidYf # wzIY4vDFLc5bnrRJOQrGCsLGra7lstnbFYhRRVg4MnEnGn+x9Cf43iw6IGmYslmJ # aG5vp7d0w0AFBqYBKig+gj8TTWYLwLNN9eGPfxxvFX1Fp3blQCplo8NdUmKGwx1j # NpeG39rz+PIWoZon4c2ll9DuXWNB41sHnIc+BncG0QaxdR8UvmFhtfDcxhsEvt9B # xw4o7t5lL+yX9qFcltgA1qFGvVnzl6UJS0gQmYAf0AApxbGbpT9Fdx41xtKiop96 # eiL6SJUfq/tHI4D1nvi/a7dLl+LrdXga7Oo3mXkYS//WsyNodeav+vyL6wuA6mk7 # r/ww7QRMjt/fdW1jkT3RnVZOT7+AVyKheBEyIXrvQQqxP/uozKRdwaGIm1dxVk5I # RcBCyZt2WwqASGv9eZ/BvW1taslScxMNelDNMYIVZzCCFWMCAQEwgZUwfjELMAkG # A1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQx # HjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEoMCYGA1UEAxMfTWljcm9z # b2Z0IENvZGUgU2lnbmluZyBQQ0EgMjAxMQITMwAAAYdyF3IVWUDHCQAAAAABhzAN # BglghkgBZQMEAgEFAKCBrjAZBgkqhkiG9w0BCQMxDAYKKwYBBAGCNwIBBDAcBgor # BgEEAYI3AgELMQ4wDAYKKwYBBAGCNwIBFTAvBgkqhkiG9w0BCQQxIgQgHvFOfpqd # Ufc2pkprb85leUEFoHYIbggQz2kytUG1fvMwQgYKKwYBBAGCNwIBDDE0MDKgFIAS # AE0AaQBjAHIAbwBzAG8AZgB0oRqAGGh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbTAN # BgkqhkiG9w0BAQEFAASCAQAn2Ud1E2L7cbtYtq/JWyP6EyprA5SNtdDW16FdKZuX # HNQ5mg6BlOx6owm+RqeygqGSXFduU3QHi+J+YpoaIRnD/mnPeRNvrefv+8/BDIG+ # aABQTGzviH/4+K/p720dwy1zmQKz9D6Xsb0UI2ig/t31Y7IlSt7W3dNsarQLxXY/ # GcpYJi2vuZXIsAcEtyGZZcwiBE4DdN7H+LcTKbQgV9LCv75noPgJwRtMpqJP9BM4 # u8MrdtTfvDlWXE+Gn/nLNDCTVXaHjwHysNAXQMt48Oxyk+bsqg6Uj6LtjVUe3cez # HxrO1azeySq6+tlb8LgTW7jI/5y7jCLeqyiiNjlDIScEoYIS8TCCEu0GCisGAQQB # gjcDAwExghLdMIIS2QYJKoZIhvcNAQcCoIISyjCCEsYCAQMxDzANBglghkgBZQME # AgEFADCCAVUGCyqGSIb3DQEJEAEEoIIBRASCAUAwggE8AgEBBgorBgEEAYRZCgMB # MDEwDQYJYIZIAWUDBAIBBQAEICLhcm1W39gSHiSlh7qk5L+1/s4+swIXrRK5D5iS # 4YrTAgZep1R43TgYEzIwMjAwNTA2MjIyNzE1LjgzNVowBIACAfSggdSkgdEwgc4x # CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRt # b25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKTAnBgNVBAsTIE1p # Y3Jvc29mdCBPcGVyYXRpb25zIFB1ZXJ0byBSaWNvMSYwJAYDVQQLEx1UaGFsZXMg # VFNTIEVTTjo0NjJGLUUzMTktM0YyMDElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUt # U3RhbXAgU2VydmljZaCCDkQwggT1MIID3aADAgECAhMzAAABJMvNAqEXcFyaAAAA # AAEkMA0GCSqGSIb3DQEBCwUAMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNo # aW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29y # cG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEw # MB4XDTE5MTIxOTAxMTQ1N1oXDTIxMDMxNzAxMTQ1N1owgc4xCzAJBgNVBAYTAlVT # MRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQK # ExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKTAnBgNVBAsTIE1pY3Jvc29mdCBPcGVy # YXRpb25zIFB1ZXJ0byBSaWNvMSYwJAYDVQQLEx1UaGFsZXMgVFNTIEVTTjo0NjJG # LUUzMTktM0YyMDElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAgU2Vydmlj # ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJCbKjgNnhjvMlnRNAtx # 7X3N5ZZkSfUFULyWsVJ1pnyMsSITimg1q3OQ1Ikf0/3gg8UG5TIRm7wH8sjBtoB3 # nuzFz11CegIFcanYnt050JvnrUTKeAPUR5pLpTeP3QEgL+CWOc4lTg/XxjnQv01F # D7TTn9DEuO3kp0GQ87Mjd5ssxK0K1q4IWNFAyRpx5n8Vm3Vm1iiVL5FMDUKsl5G/ # SqQdiEDn8cqYbqWMVzWH94PdKdw1mIHToBRCNsR9BHHWzNkSS+R0WRipBSSorKT7 # cuLlEBYhDo8AY3uMGlv0kLRLHASZ+sz2nfkpW2CVt+bHhVmM6/5qiu2f7eYoTYJu # cFECAwEAAaOCARswggEXMB0GA1UdDgQWBBS7HdFyrGKIhDxvypLA1lD/wGRSsDAf # BgNVHSMEGDAWgBTVYzpcijGQ80N7fEYbxTNoWoVtVTBWBgNVHR8ETzBNMEugSaBH # hkVodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL2NybC9wcm9kdWN0cy9NaWNU # aW1TdGFQQ0FfMjAxMC0wNy0wMS5jcmwwWgYIKwYBBQUHAQEETjBMMEoGCCsGAQUF # BzAChj5odHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpL2NlcnRzL01pY1RpbVN0 # YVBDQV8yMDEwLTA3LTAxLmNydDAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsG # AQUFBwMIMA0GCSqGSIb3DQEBCwUAA4IBAQBo3QzNuNRgzdflwA4U7f3e2CcGlwdg # 6ii498cBiSrTpWKO3qqz5pvgHAk4hh6y/FLY80R59inLwcVuyD24S3JEdSie4y1t # C5JptweR1qlxRJCRM4vG7nPtIC4eAMKcXgovu0mTFv7xpFAVpRuvuepR91gIde32 # 8lv1HTTJCV/LBBk83Xi7nCGPF59FxeIrcE32xt4YJgEpEAikeMqvWCTMyPqlmvx9 # J92fxU3cQcw2j2EWwqOD5T3Nz2HWfPV80sihD1A6Y5HhjpS9taDPs7CI58I211F3 # ysegNyOesG3MTrSJHyPMLKYFDxcG1neV0liktv+TW927sUOVczcSUhQLMIIGcTCC # BFmgAwIBAgIKYQmBKgAAAAAAAjANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMC # VVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNV # BAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJv # b3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIwMTAwHhcNMTAwNzAxMjEzNjU1WhcN # MjUwNzAxMjE0NjU1WjB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3Rv # bjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0 # aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDCCASIw # DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKkdDbx3EYo6IOz8E5f1+n9plGt0 # VBDVpQoAgoX77XxoSyxfxcPlYcJ2tz5mK1vwFVMnBDEfQRsalR3OCROOfGEwWbEw # RA/xYIiEVEMM1024OAizQt2TrNZzMFcmgqNFDdDq9UeBzb8kYDJYYEbyWEeGMoQe # dGFnkV+BVLHPk0ySwcSmXdFhE24oxhr5hoC732H8RsEnHSRnEnIaIYqvS2SJUGKx # Xf13Hz3wV3WsvYpCTUBR0Q+cBj5nf/VmwAOWRH7v0Ev9buWayrGo8noqCjHw2k4G # kbaICDXoeByw6ZnNPOcvRLqn9NxkvaQBwSAJk3jN/LzAyURdXhacAQVPIk0CAwEA # AaOCAeYwggHiMBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBTVYzpcijGQ80N7 # fEYbxTNoWoVtVTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMC # AYYwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBTV9lbLj+iiXGJo0T2UkFvX # zpoYxDBWBgNVHR8ETzBNMEugSaBHhkVodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20v # cGtpL2NybC9wcm9kdWN0cy9NaWNSb29DZXJBdXRfMjAxMC0wNi0yMy5jcmwwWgYI # KwYBBQUHAQEETjBMMEoGCCsGAQUFBzAChj5odHRwOi8vd3d3Lm1pY3Jvc29mdC5j # b20vcGtpL2NlcnRzL01pY1Jvb0NlckF1dF8yMDEwLTA2LTIzLmNydDCBoAYDVR0g # AQH/BIGVMIGSMIGPBgkrBgEEAYI3LgMwgYEwPQYIKwYBBQUHAgEWMWh0dHA6Ly93 # d3cubWljcm9zb2Z0LmNvbS9QS0kvZG9jcy9DUFMvZGVmYXVsdC5odG0wQAYIKwYB # BQUHAgIwNB4yIB0ATABlAGcAYQBsAF8AUABvAGwAaQBjAHkAXwBTAHQAYQB0AGUA # bQBlAG4AdAAuIB0wDQYJKoZIhvcNAQELBQADggIBAAfmiFEN4sbgmD+BcQM9naOh # IW+z66bM9TG+zwXiqf76V20ZMLPCxWbJat/15/B4vceoniXj+bzta1RXCCtRgkQS # +7lTjMz0YBKKdsxAQEGb3FwX/1z5Xhc1mCRWS3TvQhDIr79/xn/yN31aPxzymXlK # kVIArzgPF/UveYFl2am1a+THzvbKegBvSzBEJCI8z+0DpZaPWSm8tv0E4XCfMkon # /VWvL/625Y4zu2JfmttXQOnxzplmkIz/amJ/3cVKC5Em4jnsGUpxY517IW3DnKOi # PPp/fZZqkHimbdLhnPkd/DjYlPTGpQqWhqS9nhquBEKDuLWAmyI4ILUl5WTs9/S/ # fmNZJQ96LjlXdqJxqgaKD4kWumGnEcua2A5HmoDF0M2n0O99g/DhO3EJ3110mCII # YdqwUB5vvfHhAN/nMQekkzr3ZUd46PioSKv33nJ+YWtvd6mBy6cJrDm77MbL2IK0 # cs0d9LiFAR6A+xuJKlQ5slvayA1VmXqHczsI5pgt6o3gMy4SKfXAL1QnIffIrE7a # KLixqduWsqdCosnPGUFN4Ib5KpqjEWYw07t0MkvfY3v1mYovG8chr1m1rtxEPJdQ # cdeh0sVV42neV8HR3jDA/czmTfsNv11P6Z0eGTgvvM9YBS7vDaBQNdrvCScc1bN+ # NR4Iuto229Nfj950iEkSoYIC0jCCAjsCAQEwgfyhgdSkgdEwgc4xCzAJBgNVBAYT # AlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYD # VQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKTAnBgNVBAsTIE1pY3Jvc29mdCBP # cGVyYXRpb25zIFB1ZXJ0byBSaWNvMSYwJAYDVQQLEx1UaGFsZXMgVFNTIEVTTjo0 # NjJGLUUzMTktM0YyMDElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAgU2Vy # dmljZaIjCgEBMAcGBSsOAwIaAxUAlwPlNCq+Un54UfxLe/wKS1Xc4nqggYMwgYCk # fjB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMH # UmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQD # Ex1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDANBgkqhkiG9w0BAQUFAAIF # AOJdsGEwIhgPMjAyMDA1MDcwMTUzMzdaGA8yMDIwMDUwODAxNTMzN1owdzA9Bgor # BgEEAYRZCgQBMS8wLTAKAgUA4l2wYQIBADAKAgEAAgIoBQIB/zAHAgEAAgIRBDAK # AgUA4l8B4QIBADA2BgorBgEEAYRZCgQCMSgwJjAMBgorBgEEAYRZCgMCoAowCAIB # AAIDB6EgoQowCAIBAAIDAYagMA0GCSqGSIb3DQEBBQUAA4GBAKx5oiP77i1zb+2Z # r87LFm6116uPt2oHafLWwTJ+P4mcScrwJSkTOwLjCMFjos0E3q03AkwtTTPtymUF # mA5Jwv2twVhlyeGPQdhflgr0H7ciF6Cl/MJ86+ezr7YWEnQmMRBFCto38LBLSWsB # T9uMB8uYhIRmL4Ds+n7llIokvITSMYIDDTCCAwkCAQEwgZMwfDELMAkGA1UEBhMC # VVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNV # BAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRp # bWUtU3RhbXAgUENBIDIwMTACEzMAAAEky80CoRdwXJoAAAAAASQwDQYJYIZIAWUD # BAIBBQCgggFKMBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRABBDAvBgkqhkiG9w0B # CQQxIgQg/beeEyBR389nOhkmsuxwEPZ7be5P+5JJ9Zg/UZ/B9MswgfoGCyqGSIb3 # DQEJEAIvMYHqMIHnMIHkMIG9BCBiOOHoohqL+X7Xa/25jp1wTrQxYlYGLszis/nA # TirjIDCBmDCBgKR+MHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9u # MRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRp # b24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwAhMzAAAB # JMvNAqEXcFyaAAAAAAEkMCIEIMPs9Lh01CcdCtopqUXNDbo999Dp8euiB7o8fKBK # apH7MA0GCSqGSIb3DQEBCwUABIIBAINC4dRIOMQtkVmgSwOS1gjIA4V7dlUzah8f # 59BODlyJ6P1qzlLJV9QjGLQr7erH7VF/rNJt790EpGqMgCTFStAOy9FeyxJzNyN/ # 742UH44QX4DUvdeZLqTebdQXTAxEcpyea0dSVa3iEaJqmhqpuotWKKdlG4OcWE1U # MlHoJi+lcoRRFbkWIXOBxSZdiYfo66MyzlnAiegRq9MglzcWzvGNtBZ2Ca6yFEYq # tbVopT3JpFQUZXNQLySx7e0zdo5uKKbmapn0ZNU7fTJbDZHMq9m43WJy/k0w64zd # e5cuK1YPmv0Xy3pLhZf9YRRXTuJ6e2d+28WAn6P3b2WbwP6dS1Y= # SIG # End signature block |