PSGuerrilla.format.ps1xml
|
<?xml version="1.0" encoding="utf-8" ?>
<Configuration> <ViewDefinitions> <View> <Name>PSGuerrilla.ScanResult</Name> <ViewSelectedBy> <TypeName>PSGuerrilla.ScanResult</TypeName> </ViewSelectedBy> <TableControl> <TableHeaders> <TableColumnHeader><Label>Timestamp</Label><Width>20</Width></TableColumnHeader> <TableColumnHeader><Label>Mode</Label><Width>6</Width></TableColumnHeader> <TableColumnHeader><Label>Users</Label><Width>7</Width></TableColumnHeader> <TableColumnHeader><Label>Events</Label><Width>9</Width></TableColumnHeader> <TableColumnHeader><Label>CRITICAL</Label><Width>10</Width></TableColumnHeader> <TableColumnHeader><Label>HIGH</Label><Width>6</Width></TableColumnHeader> <TableColumnHeader><Label>MEDIUM</Label><Width>8</Width></TableColumnHeader> <TableColumnHeader><Label>LOW</Label><Width>5</Width></TableColumnHeader> <TableColumnHeader><Label>Clean</Label><Width>7</Width></TableColumnHeader> <TableColumnHeader><Label>New</Label><Width>5</Width></TableColumnHeader> </TableHeaders> <TableRowEntries> <TableRowEntry> <TableColumnItems> <TableColumnItem><PropertyName>Timestamp</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>ScanMode</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>TotalUsersScanned</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>TotalEventsAnalyzed</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>CriticalCount</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>HighCount</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>MediumCount</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>LowCount</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>CleanCount</PropertyName></TableColumnItem> <TableColumnItem><ScriptBlock>$_.NewThreats.Count</ScriptBlock></TableColumnItem> </TableColumnItems> </TableRowEntry> </TableRowEntries> </TableControl> </View> <View> <Name>PSGuerrilla.UserProfile</Name> <ViewSelectedBy> <TypeName>PSGuerrilla.UserProfile</TypeName> </ViewSelectedBy> <TableControl> <TableHeaders> <TableColumnHeader><Label>Email</Label><Width>40</Width></TableColumnHeader> <TableColumnHeader><Label>Threat</Label><Width>10</Width></TableColumnHeader> <TableColumnHeader><Label>Score</Label><Width>7</Width></TableColumnHeader> <TableColumnHeader><Label>Attacker IPs</Label><Width>13</Width></TableColumnHeader> <TableColumnHeader><Label>Cloud Logins</Label><Width>13</Width></TableColumnHeader> <TableColumnHeader><Label>Risky Acts</Label><Width>11</Width></TableColumnHeader> <TableColumnHeader><Label>Susp Country</Label><Width>13</Width></TableColumnHeader> <TableColumnHeader><Label>Top Indicator</Label></TableColumnHeader> </TableHeaders> <TableRowEntries> <TableRowEntry> <TableColumnItems> <TableColumnItem><PropertyName>Email</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>ThreatLevel</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>ThreatScore</PropertyName></TableColumnItem> <TableColumnItem><ScriptBlock>$_.KnownAttackerIpLogins.Count</ScriptBlock></TableColumnItem> <TableColumnItem><ScriptBlock>$_.CloudIpLogins.Count</ScriptBlock></TableColumnItem> <TableColumnItem><ScriptBlock>$_.RiskyActions.Count</ScriptBlock></TableColumnItem> <TableColumnItem><ScriptBlock>$_.SuspiciousCountryLogins.Count</ScriptBlock></TableColumnItem> <TableColumnItem><ScriptBlock>if ($_.Indicators.Count -gt 0) { $_.Indicators[0] } else { '' }</ScriptBlock></TableColumnItem> </TableColumnItems> </TableRowEntry> </TableRowEntries> </TableControl> </View> <View> <Name>PSGuerrilla.AuditResult</Name> <ViewSelectedBy> <TypeName>PSGuerrilla.AuditResult</TypeName> </ViewSelectedBy> <TableControl> <TableHeaders> <TableColumnHeader><Label>Timestamp</Label><Width>20</Width></TableColumnHeader> <TableColumnHeader><Label>Domain</Label><Width>25</Width></TableColumnHeader> <TableColumnHeader><Label>Score</Label><Width>7</Width></TableColumnHeader> <TableColumnHeader><Label>Label</Label><Width>22</Width></TableColumnHeader> <TableColumnHeader><Label>CRIT</Label><Width>6</Width></TableColumnHeader> <TableColumnHeader><Label>HIGH</Label><Width>6</Width></TableColumnHeader> <TableColumnHeader><Label>MED</Label><Width>5</Width></TableColumnHeader> <TableColumnHeader><Label>PASS</Label><Width>6</Width></TableColumnHeader> <TableColumnHeader><Label>Total</Label><Width>7</Width></TableColumnHeader> </TableHeaders> <TableRowEntries> <TableRowEntry> <TableColumnItems> <TableColumnItem><PropertyName>Timestamp</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>TenantDomain</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>OverallScore</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>ScoreLabel</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>CriticalCount</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>HighCount</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>MediumCount</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>PassCount</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>TotalChecks</PropertyName></TableColumnItem> </TableColumnItems> </TableRowEntry> </TableRowEntries> </TableControl> </View> <View> <Name>PSGuerrilla.AuditFinding</Name> <ViewSelectedBy> <TypeName>PSGuerrilla.AuditFinding</TypeName> </ViewSelectedBy> <TableControl> <TableHeaders> <TableColumnHeader><Label>CheckId</Label><Width>12</Width></TableColumnHeader> <TableColumnHeader><Label>Severity</Label><Width>10</Width></TableColumnHeader> <TableColumnHeader><Label>Status</Label><Width>8</Width></TableColumnHeader> <TableColumnHeader><Label>Category</Label><Width>25</Width></TableColumnHeader> <TableColumnHeader><Label>CheckName</Label><Width>30</Width></TableColumnHeader> <TableColumnHeader><Label>CurrentValue</Label></TableColumnHeader> </TableHeaders> <TableRowEntries> <TableRowEntry> <TableColumnItems> <TableColumnItem><PropertyName>CheckId</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>Severity</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>Status</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>Category</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>CheckName</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>CurrentValue</PropertyName></TableColumnItem> </TableColumnItems> </TableRowEntry> </TableRowEntries> </TableControl> </View> <View> <Name>PSGuerrilla.ReconResult</Name> <ViewSelectedBy> <TypeName>PSGuerrilla.ReconResult</TypeName> </ViewSelectedBy> <TableControl> <TableHeaders> <TableColumnHeader><Label>Timestamp</Label><Width>20</Width></TableColumnHeader> <TableColumnHeader><Label>Domain</Label><Width>25</Width></TableColumnHeader> <TableColumnHeader><Label>Score</Label><Width>7</Width></TableColumnHeader> <TableColumnHeader><Label>Label</Label><Width>22</Width></TableColumnHeader> <TableColumnHeader><Label>CRIT</Label><Width>6</Width></TableColumnHeader> <TableColumnHeader><Label>HIGH</Label><Width>6</Width></TableColumnHeader> <TableColumnHeader><Label>MED</Label><Width>5</Width></TableColumnHeader> <TableColumnHeader><Label>PASS</Label><Width>6</Width></TableColumnHeader> <TableColumnHeader><Label>FAIL</Label><Width>6</Width></TableColumnHeader> <TableColumnHeader><Label>Total</Label><Width>7</Width></TableColumnHeader> </TableHeaders> <TableRowEntries> <TableRowEntry> <TableColumnItems> <TableColumnItem><PropertyName>Timestamp</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>DomainName</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>OverallScore</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>ScoreLabel</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>CriticalCount</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>HighCount</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>MediumCount</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>PassCount</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>FailCount</PropertyName></TableColumnItem> <TableColumnItem><PropertyName>TotalChecks</PropertyName></TableColumnItem> </TableColumnItems> </TableRowEntry> </TableRowEntries> </TableControl> </View> </ViewDefinitions> </Configuration> |