fix: formatting

This commit is contained in:
DrIOS
2024-06-29 19:54:32 -05:00
parent bd0ce158af
commit c7f7fe11cc
22 changed files with 19 additions and 195 deletions

View File

@@ -5,23 +5,20 @@ function Test-AuditLogSearch {
# Aligned
# Parameters can be added if needed
)
begin {
# Dot source the class script if necessary
#. .\source\Classes\CISAuditResult.ps1
# Initialization code, if needed
$recnum = "3.1.1"
Write-Verbose "Running Test-AuditLogSearch for $recnum..."
<#
Conditions for 3.1.1 (L1) Ensure Microsoft 365 audit log search is Enabled
Validate test for a pass:
- Confirm that the automated test results align with the manual audit steps outlined in the CIS benchmark.
- Specific conditions to check:
- Condition A: Audit log search is enabled in the Microsoft Purview compliance portal.
- Condition B: The audit log retains user and admin activity for 90 days.
- Condition C: Audit log search capabilities are functional (search results are displayed for activities within the past 30 days).
Validate test for a fail:
- Confirm that the failure conditions in the automated test are consistent with the manual audit results.
- Specific conditions to check:
@@ -30,14 +27,10 @@ function Test-AuditLogSearch {
- Condition C: Audit log search capabilities are non-functional (no search results are displayed for activities within the past 30 days).
#>
}
process {
try {
# 3.1.1 (L1) Ensure Microsoft 365 audit log search is Enabled
$auditLogResult = Get-CISExoOutput -Rec $recnum
# Prepare failure reasons and details based on compliance
$failureReasons = if (-not $auditLogResult) {
# Condition A (Fail): Audit log search is not enabled in the Microsoft Purview compliance portal
@@ -46,7 +39,6 @@ function Test-AuditLogSearch {
else {
"N/A"
}
$details = if ($auditLogResult) {
# Condition A (Pass): Audit log search is enabled in the Microsoft Purview compliance portal
"UnifiedAuditLogIngestionEnabled: True"
@@ -54,7 +46,6 @@ function Test-AuditLogSearch {
else {
"UnifiedAuditLogIngestionEnabled: False"
}
# Create and populate the CISAuditResult object
$params = @{
Rec = $recnum
@@ -70,9 +61,8 @@ function Test-AuditLogSearch {
$auditResult = Get-TestError -LastError $LastError -recnum $recnum
}
}
end {
# Return the audit result
return $auditResult
}
}
}