Skip to content

Latest commit

 

History

History
73 lines (61 loc) · 2.93 KB

README.md

File metadata and controls

73 lines (61 loc) · 2.93 KB

ops-tools

A set of handy tools to make it easier to run to Deep Security.

Manager Tools

Bash

config-dsRelay.sh
Query the status of, enable, or disable relay functionality on an agent
config-rehomeAwsDsManager.sh
Used by our cloud formation projects to ensure the correct cloud connector sync'd object is activated
create-iamCloudAccount.sh
Create an IAM user and associated keys, then use those keys to create the DS cloud connector
rest-cloudAccountsCreateAws.sh
Create cloud accounts for all regions
rest-cloudAccountsCreateAws.sh
Create cloud account for GovCloud
rest-tenantsCreate.sh
Create new tenant

Powershell

config-dsRelay.ps1
Query the status of, enable, or disable relay functionality on an agent
config-ipsXforwardedForRule.ps1
Create or update an IPS rule which a list of IPS to be blocked based on header added by an AWS ELB
config-plicy-agentcomm.ps1
Configure manager agent communication direction on a policy
get-allHostsSummary.ps1
Get summary of all host objects in deep security manager similar to dashboard status widget
get-amComponentVersions.ps1
Get detailed agent and am engine versions for a host object
get-computerCreatedEvents.ps1
Get all computer created system events for a given time frame
get-firewallrules.ps1
Get all firewall rules for a given host object
get-hostIpsRules.ps1
Get all ips rules assigned to a policy for each host object in the DSM
get-hostRecoAndAssignedRules.ps1
Get count of assigned and recommended rules for each host object in the DSM
get-macFromInterfaces.ps1
Get all interfaces and their mac addresses for a given host object
get-managedHostCounts.ps1
Get a simple count of all Unmanaged vs not Unmanaged hosts in the DSM
rest-authenticationLogin.ps1
Rest call to get a Security ID token for subsequent calls. SID returned may be used for SOAP or REST calls
rest-managerInfoComponents.ps1
Rest call to get list of current components available in the DSM
setup-dsSoap.ps1
Setup script to leave the caller with a current token in $SID and ManagerService instance in $DSM for use in interactive shell. Also starting authenticaiton for new scripts

Agent tools

awsAgentInstallSamples
UserData and CfnInit snippets for use in integrating Deep Security Agent deployment in AWS automation tooling

Bash

get-dsaPolicy.sh
Query the local DSA for its current policyid and policyname
install-dsa.sh
Working project 'one script to rule them all'; single bash script to download, install, and activate a deep security agent on any linux distro, arch, and version