Framework/Listeners/UserReports/README.txt
|
*** This file describes how to interpret the different files created when AzSDK cmdlets are executed ***
Each AzSDK cmdlet writes output to a folder whose location is determined as below: -------------------------------------------------------------- AzSDK-Root-Output-Folder = %LocalAppData%\Microsoft\AzSDKLogs E.g., "C:\Users\userName\AppData\Local\Microsoft\AzSDKLogs" -------------------------------------------------------------- Sub-Folder = Sub_<Subscription Name>\<Timestamp>_<CommandAbbreviation> E.g., "Sub_[yourSubscriptionName]\20170321_183800_GSS)" -------------------------------------------------------------- Thus, the full path to an output folder might look like: E.g., "C:\Users\userName\AppData\Local\Microsoft\AzSDKLogs\Sub_[yourSubscriptionName]\20170321_183800_GSS" By default, cmdlets open this folder upon completion of the cmdlet (we assume you'd be interested in examining the control evaluation status, etc.) -------------------------------------------------------------- The contents of the output folder are organized as under: \SecurityReport-<timestamp>.csv <-- This is the summary CSV file listing all applicable controls and their evaluation status. This file will be generated only for SVT cmdlets like Get-AzSKAzureServicesSecurityStatus, Get-AzSKSubscriptionSecurityStatus etc. \AttestationReport-<timestamp>.csv <-- This is the summary CSV file listing all applicable controls and their attestation details. This file will be generated only for SVT cmdlet Get-AzSKInfo -SubscriptionId <SubscriptionId> -InfoType AttestationInfo. \<Resource_Group_or_Subscription_Name> <-- This corresponds to the resource-group or subscription that was evaluated \<resourceType>.log <-- This is the detailed/raw output log of controls evaluated \Etc \PowerShellOutput.log <-- This is the raw PS console output captured in a file. \EnvironmentDetails.log <-- This is the log file containing environment data of current PowerShell session. \SecurityEvaluationData.json <-- This is the detailed security data for each control that was evaluated. This file will be generated only for SVT cmdlets like Get-AzSKAzureServicesSecurityStatus, Get-AzSKSubscriptionSecurityStatus etc. \FixControlScripts <-- This folder contains scripts to fix the failed controls. The folder is generated only when 'GenerateFixScript' switch is passed and one or more failed controls support automated fixing. \README.txt <-- This is the help file which describes about the 'FixControlScripts' folder. -------------------------------------------------------------- You can use these outputs as follows - 1- The SecurityReport.CSV file provides a quick glimpse of the control results. Investigate those that say 'Verify' or 'Failed'. 2- For 'Failed' or 'Verify' controls, look in the <resourceType>.LOG file (search for 'failed' or by control-id). Understand what caused the control the fail. 3- For 'Verify' controls, you will also find the SecurityEvaluationData.JSON file handy. 4- For some controls, you can also use the 'Recommendation' field in the control output to get the PS command you may need to use. 5- Make any changes to the subscription/resource configurations based on steps 2, 3 and 4. 6- Rerun the cmdlet and verify that the controls you tried to fix are passing now. |