Auto-commit: 2025-10-31 08:59:02
This commit is contained in:
David Wuibaille
106
API/ComputerGroup - Get.ps1
Normal file
106
API/ComputerGroup - Get.ps1
Normal file
@@ -0,0 +1,106 @@
|
||||
<#
|
||||
.SYNOPSIS
|
||||
Initialize Tanium session from config.json (no env vars). Prefer -CredentialObject (hashtable).
|
||||
Falls back to -BaseURI/-Token or -BaseURI/-ApiToken, then ephemeral CLIXML if needed.
|
||||
#>
|
||||
|
||||
$ErrorActionPreference = 'Stop'
|
||||
try { [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 } catch {}
|
||||
Import-Module Redden-TanREST -Force
|
||||
|
||||
# --- Load config.json ---
|
||||
$configPath = Join-Path $PSScriptRoot 'config.json'
|
||||
if (-not (Test-Path $configPath)) { throw "Configuration file not found: $configPath" }
|
||||
|
||||
Write-Host "Reading configuration from: $configPath"
|
||||
$config = Get-Content -Path $configPath -Raw | ConvertFrom-Json
|
||||
|
||||
$TaniumUrl = $config.TaniumUrl
|
||||
$TaniumApiToken = $config.TaniumApiToken
|
||||
if ([string]::IsNullOrWhiteSpace($TaniumUrl) -or [string]::IsNullOrWhiteSpace($TaniumApiToken)) {
|
||||
throw "Both TaniumUrl and TaniumApiToken must be provided in config.json."
|
||||
}
|
||||
|
||||
# Normalize to bare host (strip scheme and trailing slash)
|
||||
$BaseUriHost = (($TaniumUrl -replace '^https?://','') -replace '/+$','')
|
||||
$SecureToken = $TaniumApiToken | ConvertTo-SecureString -AsPlainText -Force
|
||||
|
||||
# --- Initialize session (feature-detected) ---
|
||||
Write-Host "Initializing Tanium session..."
|
||||
$cmd = Get-Command Initialize-TaniumSession -ErrorAction Stop
|
||||
$paramNames = $cmd.Parameters.Keys
|
||||
$initialized = $false
|
||||
$lastError = $null
|
||||
|
||||
# 1) Preferred: -CredentialObject (expects a hashtable with ContainsKey)
|
||||
if (-not $initialized -and ($paramNames -contains 'CredentialObject')) {
|
||||
try {
|
||||
$credHash = @{
|
||||
baseURI = $BaseUriHost
|
||||
token = $SecureToken
|
||||
}
|
||||
Initialize-TaniumSession -CredentialObject $credHash
|
||||
$initialized = $true
|
||||
Write-Host "Session initialized via -CredentialObject (hashtable)."
|
||||
} catch { $lastError = $_ }
|
||||
}
|
||||
|
||||
# 2) Fallback: -BaseURI/-Token (token may be SecureString or string depending on module)
|
||||
if (-not $initialized -and ($paramNames -contains 'BaseURI') -and ($paramNames -contains 'Token')) {
|
||||
try {
|
||||
Initialize-TaniumSession -BaseURI $BaseUriHost -Token $SecureToken
|
||||
$initialized = $true
|
||||
Write-Host "Session initialized via -BaseURI/-Token (SecureString)."
|
||||
} catch {
|
||||
$lastError = $_
|
||||
try {
|
||||
Initialize-TaniumSession -BaseURI $BaseUriHost -Token $TaniumApiToken
|
||||
$initialized = $true
|
||||
Write-Host "Session initialized via -BaseURI/-Token (plain string)."
|
||||
} catch { $lastError = $_ }
|
||||
}
|
||||
}
|
||||
|
||||
# 3) Fallback: -BaseURI/-ApiToken (some versions use ApiToken)
|
||||
if (-not $initialized -and ($paramNames -contains 'BaseURI') -and ($paramNames -contains 'ApiToken')) {
|
||||
try {
|
||||
Initialize-TaniumSession -BaseURI $BaseUriHost -ApiToken $SecureToken
|
||||
$initialized = $true
|
||||
Write-Host "Session initialized via -BaseURI/-ApiToken (SecureString)."
|
||||
} catch {
|
||||
$lastError = $_
|
||||
try {
|
||||
Initialize-TaniumSession -BaseURI $BaseUriHost -ApiToken $TaniumApiToken
|
||||
$initialized = $true
|
||||
Write-Host "Session initialized via -BaseURI/-ApiToken (plain string)."
|
||||
} catch { $lastError = $_ }
|
||||
}
|
||||
}
|
||||
|
||||
# 4) Last resort: ephemeral CLIXML (-PathToXML), then cleanup
|
||||
if (-not $initialized -and ($paramNames -contains 'PathToXML')) {
|
||||
try {
|
||||
$TempXml = Join-Path $env:TEMP ('tanium-session-{0}.apicred' -f ([guid]::NewGuid()))
|
||||
@{ baseURI = $BaseUriHost; token = $SecureToken } | Export-Clixml -Path $TempXml
|
||||
Initialize-TaniumSession -PathToXML $TempXml
|
||||
Remove-Item $TempXml -Force -ErrorAction SilentlyContinue
|
||||
$initialized = $true
|
||||
Write-Host "Session initialized via -PathToXML (ephemeral file removed)."
|
||||
} catch { $lastError = $_ }
|
||||
}
|
||||
|
||||
if (-not $initialized) {
|
||||
Write-Error "Failed to initialize Tanium session. Last error: $($lastError.Exception.Message)"
|
||||
throw
|
||||
}
|
||||
|
||||
# --- Retrieve & display groups ---
|
||||
Write-Host "Retrieving all Computer Groups..."
|
||||
$groups = Get-ComputerGroup -All
|
||||
|
||||
if (Get-Command Out-GridView -ErrorAction SilentlyContinue) {
|
||||
$groups | Out-GridView -Title 'Tanium Computer Groups'
|
||||
} else {
|
||||
Write-Warning "Out-GridView not available; showing a console table instead."
|
||||
$groups | Format-Table -Auto
|
||||
}
|
||||
Reference in New Issue
Block a user