Erstellen Sie eine Angriffssimulationskampagne für einen Mandanten.
Wählen Sie für diese API die Als am wenigsten privilegierten Berechtigungen gekennzeichneten Berechtigungen aus. Verwenden Sie nur dann eine Berechtigung mit höheren Berechtigungen , wenn dies für Ihre App erforderlich ist. Ausführliche Informationen zu delegierten Berechtigungen und Anwendungsberechtigungen finden Sie unter Berechtigungstypen. Weitere Informationen zu diesen Berechtigungen finden Sie in der Berechtigungsreferenz.
In der folgenden Tabelle sind die Eigenschaften aufgeführt, die beim Erstellen der Simulation erforderlich sind.
Das folgende Beispiel zeigt eine Anfrage.
POST https://graph.microsoft.com/v1.0/security/attackSimulation/simulations
Content-type: application/json
{
"displayName": "Graph Simulation",
"payload@odata.bind": "https://graph.microsoft.com/v1.0/security/attacksimulation/payloads/12345678-9abc-def0-123456789a",
"loginPage@odata.bind": "https://graph.microsoft.com/v1.0/security/attacksimulation/loginPages/1w345678-9abc-def0-123456789a",
"landingPage@odata.bind": "https://graph.microsoft.com/v1.0/security/attacksimulation/landingPages/1c345678-9abc-def0-123456789a",
"createdBy": {
"email": "john@contoso.com"
},
"durationInDays": "3",
"attackTechnique": "credentialHarvesting",
"status": "scheduled",
"includedAccountTarget": {
"@odata.type": "#microsoft.graph.addressBookAccountTargetContent",
"type": "addressBook",
"accountTargetEmails": [
"john@contoso.com"
]
},
"trainingSetting": {
"settingType": "noTraining"
},
"endUserNotificationSetting": {
"notificationPreference": "microsoft",
"settingType": "noTraining",
"positiveReinforcement": {
"deliveryPreference": "deliverAfterCampaignEnd",
"endUserNotification": "https://graph.microsoft.com/v1.0/security/attacksimulation/endUserNotifications/1ewer3678-9abc-def0-123456789a",
"defaultLanguage": "en"
},
"simulationNotification": {
"targettedUserType": "compromised",
"endUserNotification@odata.bind": "https://graph.microsoft.com/v1.0/security/attacksimulation/endUserNotifications/12wer3678-9abc-def0-123456789a",
"defaultLanguage": "en"
}
}
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Models;
var requestBody = new Simulation
{
DisplayName = "Graph Simulation",
CreatedBy = new EmailIdentity
{
Email = "john@contoso.com",
},
DurationInDays = 3,
AttackTechnique = SimulationAttackTechnique.CredentialHarvesting,
Status = SimulationStatus.Scheduled,
IncludedAccountTarget = new AddressBookAccountTargetContent
{
OdataType = "#microsoft.graph.addressBookAccountTargetContent",
Type = AccountTargetContentType.AddressBook,
AccountTargetEmails = new List<string>
{
"john@contoso.com",
},
},
TrainingSetting = new TrainingSetting
{
SettingType = TrainingSettingType.NoTraining,
},
EndUserNotificationSetting = new EndUserNotificationSetting
{
NotificationPreference = EndUserNotificationPreference.Microsoft,
SettingType = EndUserNotificationSettingType.NoTraining,
PositiveReinforcement = new PositiveReinforcementNotification
{
DeliveryPreference = NotificationDeliveryPreference.DeliverAfterCampaignEnd,
EndUserNotification = "https://graph.microsoft.com/v1.0/security/attacksimulation/endUserNotifications/1ewer3678-9abc-def0-123456789a",
DefaultLanguage = "en",
},
AdditionalData = new Dictionary<string, object>
{
{
"simulationNotification" , new
{
TargettedUserType = "compromised",
EndUserNotificationOdataBind = "https://graph.microsoft.com/v1.0/security/attacksimulation/endUserNotifications/12wer3678-9abc-def0-123456789a",
DefaultLanguage = "en",
}
},
},
},
AdditionalData = new Dictionary<string, object>
{
{
"payload@odata.bind" , "https://graph.microsoft.com/v1.0/security/attacksimulation/payloads/12345678-9abc-def0-123456789a"
},
{
"loginPage@odata.bind" , "https://graph.microsoft.com/v1.0/security/attacksimulation/loginPages/1w345678-9abc-def0-123456789a"
},
{
"landingPage@odata.bind" , "https://graph.microsoft.com/v1.0/security/attacksimulation/landingPages/1c345678-9abc-def0-123456789a"
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Security.AttackSimulation.Simulations.PostAsync(requestBody);
Einzelheiten darüber, wie Sie das SDK zu Ihrem Projekt hinzufügen und eine authProvider-Instanz erstellen, finden Sie in der SDK-Dokumentation.
// THE CLI IS IN PREVIEW. NON-PRODUCTION USE ONLY
mgc security attack-simulation simulations create --body '{\
"displayName": "Graph Simulation",\
"payload@odata.bind": "https://graph.microsoft.com/v1.0/security/attacksimulation/payloads/12345678-9abc-def0-123456789a",\
"loginPage@odata.bind": "https://graph.microsoft.com/v1.0/security/attacksimulation/loginPages/1w345678-9abc-def0-123456789a",\
"landingPage@odata.bind": "https://graph.microsoft.com/v1.0/security/attacksimulation/landingPages/1c345678-9abc-def0-123456789a",\
"createdBy": {\
"email": "john@contoso.com"\
},\
"durationInDays": "3",\
"attackTechnique": "credentialHarvesting",\
"status": "scheduled",\
"includedAccountTarget": {\
"@odata.type": "#microsoft.graph.addressBookAccountTargetContent",\
"type": "addressBook",\
"accountTargetEmails": [\
"john@contoso.com"\
]\
},\
"trainingSetting": {\
"settingType": "noTraining"\
},\
"endUserNotificationSetting": {\
"notificationPreference": "microsoft",\
"settingType": "noTraining",\
"positiveReinforcement": {\
"deliveryPreference": "deliverAfterCampaignEnd",\
"endUserNotification": "https://graph.microsoft.com/v1.0/security/attacksimulation/endUserNotifications/1ewer3678-9abc-def0-123456789a",\
"defaultLanguage": "en"\
},\
"simulationNotification": {\
"targettedUserType": "compromised",\
"endUserNotification@odata.bind": "https://graph.microsoft.com/v1.0/security/attacksimulation/endUserNotifications/12wer3678-9abc-def0-123456789a",\
"defaultLanguage": "en"\
}\
}\
}\
'
Einzelheiten darüber, wie Sie das SDK zu Ihrem Projekt hinzufügen und eine authProvider-Instanz erstellen, finden Sie in der SDK-Dokumentation.
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-sdk-go/models"
//other-imports
)
graphClient := msgraphsdk.NewGraphServiceClientWithCredentials(cred, scopes)
requestBody := graphmodels.NewSimulation()
displayName := "Graph Simulation"
requestBody.SetDisplayName(&displayName)
createdBy := graphmodels.NewEmailIdentity()
email := "john@contoso.com"
createdBy.SetEmail(&email)
requestBody.SetCreatedBy(createdBy)
durationInDays := int32(3)
requestBody.SetDurationInDays(&durationInDays)
attackTechnique := graphmodels.CREDENTIALHARVESTING_SIMULATIONATTACKTECHNIQUE
requestBody.SetAttackTechnique(&attackTechnique)
status := graphmodels.SCHEDULED_SIMULATIONSTATUS
requestBody.SetStatus(&status)
includedAccountTarget := graphmodels.NewAddressBookAccountTargetContent()
type := graphmodels.ADDRESSBOOK_ACCOUNTTARGETCONTENTTYPE
includedAccountTarget.SetType(&type)
accountTargetEmails := []string {
"john@contoso.com",
}
includedAccountTarget.SetAccountTargetEmails(accountTargetEmails)
requestBody.SetIncludedAccountTarget(includedAccountTarget)
trainingSetting := graphmodels.NewTrainingSetting()
settingType := graphmodels.NOTRAINING_TRAININGSETTINGTYPE
trainingSetting.SetSettingType(&settingType)
requestBody.SetTrainingSetting(trainingSetting)
endUserNotificationSetting := graphmodels.NewEndUserNotificationSetting()
notificationPreference := graphmodels.MICROSOFT_ENDUSERNOTIFICATIONPREFERENCE
endUserNotificationSetting.SetNotificationPreference(¬ificationPreference)
settingType := graphmodels.NOTRAINING_ENDUSERNOTIFICATIONSETTINGTYPE
endUserNotificationSetting.SetSettingType(&settingType)
positiveReinforcement := graphmodels.NewPositiveReinforcementNotification()
deliveryPreference := graphmodels.DELIVERAFTERCAMPAIGNEND_NOTIFICATIONDELIVERYPREFERENCE
positiveReinforcement.SetDeliveryPreference(&deliveryPreference)
endUserNotification := "https://graph.microsoft.com/v1.0/security/attacksimulation/endUserNotifications/1ewer3678-9abc-def0-123456789a"
positiveReinforcement.SetEndUserNotification(&endUserNotification)
defaultLanguage := "en"
positiveReinforcement.SetDefaultLanguage(&defaultLanguage)
endUserNotificationSetting.SetPositiveReinforcement(positiveReinforcement)
additionalData := map[string]interface{}{
simulationNotification := graphmodels.New()
targettedUserType := "compromised"
simulationNotification.SetTargettedUserType(&targettedUserType)
odataBind := "https://graph.microsoft.com/v1.0/security/attacksimulation/endUserNotifications/12wer3678-9abc-def0-123456789a"
simulationNotification.SetOdataBind(&odataBind)
defaultLanguage := "en"
simulationNotification.SetDefaultLanguage(&defaultLanguage)
endUserNotificationSetting.SetSimulationNotification(simulationNotification)
}
endUserNotificationSetting.SetAdditionalData(additionalData)
requestBody.SetEndUserNotificationSetting(endUserNotificationSetting)
additionalData := map[string]interface{}{
"odataBind" : "https://graph.microsoft.com/v1.0/security/attacksimulation/payloads/12345678-9abc-def0-123456789a",
"odataBind" : "https://graph.microsoft.com/v1.0/security/attacksimulation/loginPages/1w345678-9abc-def0-123456789a",
"odataBind" : "https://graph.microsoft.com/v1.0/security/attacksimulation/landingPages/1c345678-9abc-def0-123456789a",
}
requestBody.SetAdditionalData(additionalData)
simulations, err := graphClient.Security().AttackSimulation().Simulations().Post(context.Background(), requestBody, nil)
Einzelheiten darüber, wie Sie das SDK zu Ihrem Projekt hinzufügen und eine authProvider-Instanz erstellen, finden Sie in der SDK-Dokumentation.
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
Simulation simulation = new Simulation();
simulation.setDisplayName("Graph Simulation");
EmailIdentity createdBy = new EmailIdentity();
createdBy.setEmail("john@contoso.com");
simulation.setCreatedBy(createdBy);
simulation.setDurationInDays(3);
simulation.setAttackTechnique(SimulationAttackTechnique.CredentialHarvesting);
simulation.setStatus(SimulationStatus.Scheduled);
AddressBookAccountTargetContent includedAccountTarget = new AddressBookAccountTargetContent();
includedAccountTarget.setOdataType("#microsoft.graph.addressBookAccountTargetContent");
includedAccountTarget.setType(AccountTargetContentType.AddressBook);
LinkedList<String> accountTargetEmails = new LinkedList<String>();
accountTargetEmails.add("john@contoso.com");
includedAccountTarget.setAccountTargetEmails(accountTargetEmails);
simulation.setIncludedAccountTarget(includedAccountTarget);
TrainingSetting trainingSetting = new TrainingSetting();
trainingSetting.setSettingType(TrainingSettingType.NoTraining);
simulation.setTrainingSetting(trainingSetting);
EndUserNotificationSetting endUserNotificationSetting = new EndUserNotificationSetting();
endUserNotificationSetting.setNotificationPreference(EndUserNotificationPreference.Microsoft);
endUserNotificationSetting.setSettingType(EndUserNotificationSettingType.NoTraining);
PositiveReinforcementNotification positiveReinforcement = new PositiveReinforcementNotification();
positiveReinforcement.setDeliveryPreference(NotificationDeliveryPreference.DeliverAfterCampaignEnd);
positiveReinforcement.setEndUserNotification("https://graph.microsoft.com/v1.0/security/attacksimulation/endUserNotifications/1ewer3678-9abc-def0-123456789a");
positiveReinforcement.setDefaultLanguage("en");
endUserNotificationSetting.setPositiveReinforcement(positiveReinforcement);
HashMap<String, Object> additionalData = new HashMap<String, Object>();
simulationNotification = new ();
simulationNotification.setTargettedUserType("compromised");
simulationNotification.setEndUserNotificationOdataBind("https://graph.microsoft.com/v1.0/security/attacksimulation/endUserNotifications/12wer3678-9abc-def0-123456789a");
simulationNotification.setDefaultLanguage("en");
additionalData.put("simulationNotification", simulationNotification);
endUserNotificationSetting.setAdditionalData(additionalData);
simulation.setEndUserNotificationSetting(endUserNotificationSetting);
HashMap<String, Object> additionalData1 = new HashMap<String, Object>();
additionalData1.put("payload@odata.bind", "https://graph.microsoft.com/v1.0/security/attacksimulation/payloads/12345678-9abc-def0-123456789a");
additionalData1.put("loginPage@odata.bind", "https://graph.microsoft.com/v1.0/security/attacksimulation/loginPages/1w345678-9abc-def0-123456789a");
additionalData1.put("landingPage@odata.bind", "https://graph.microsoft.com/v1.0/security/attacksimulation/landingPages/1c345678-9abc-def0-123456789a");
simulation.setAdditionalData(additionalData1);
Simulation result = graphClient.security().attackSimulation().simulations().post(simulation);
Einzelheiten darüber, wie Sie das SDK zu Ihrem Projekt hinzufügen und eine authProvider-Instanz erstellen, finden Sie in der SDK-Dokumentation.
const options = {
authProvider,
};
const client = Client.init(options);
const simulation = {
displayName: 'Graph Simulation',
'payload@odata.bind': 'https://graph.microsoft.com/v1.0/security/attacksimulation/payloads/12345678-9abc-def0-123456789a',
'loginPage@odata.bind': 'https://graph.microsoft.com/v1.0/security/attacksimulation/loginPages/1w345678-9abc-def0-123456789a',
'landingPage@odata.bind': 'https://graph.microsoft.com/v1.0/security/attacksimulation/landingPages/1c345678-9abc-def0-123456789a',
createdBy: {
email: 'john@contoso.com'
},
durationInDays: '3',
attackTechnique: 'credentialHarvesting',
status: 'scheduled',
includedAccountTarget: {
'@odata.type': '#microsoft.graph.addressBookAccountTargetContent',
type: 'addressBook',
accountTargetEmails: [
'john@contoso.com'
]
},
trainingSetting: {
settingType: 'noTraining'
},
endUserNotificationSetting: {
notificationPreference: 'microsoft',
settingType: 'noTraining',
positiveReinforcement: {
deliveryPreference: 'deliverAfterCampaignEnd',
endUserNotification: 'https://graph.microsoft.com/v1.0/security/attacksimulation/endUserNotifications/1ewer3678-9abc-def0-123456789a',
defaultLanguage: 'en'
},
simulationNotification: {
targettedUserType: 'compromised',
'endUserNotification@odata.bind': 'https://graph.microsoft.com/v1.0/security/attacksimulation/endUserNotifications/12wer3678-9abc-def0-123456789a',
defaultLanguage: 'en'
}
}
};
await client.api('/security/attackSimulation/simulations')
.post(simulation);
Einzelheiten darüber, wie Sie das SDK zu Ihrem Projekt hinzufügen und eine authProvider-Instanz erstellen, finden Sie in der SDK-Dokumentation.
<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\Models\Simulation;
use Microsoft\Graph\Generated\Models\EmailIdentity;
use Microsoft\Graph\Generated\Models\AddressBookAccountTargetContent;
use Microsoft\Graph\Generated\Models\TrainingSetting;
use Microsoft\Graph\Generated\Models\EndUserNotificationSetting;
use Microsoft\Graph\Generated\Models\PositiveReinforcementNotification;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new Simulation();
$requestBody->setDisplayName('Graph Simulation');
$createdBy = new EmailIdentity();
$createdBy->setEmail('john@contoso.com');
$requestBody->setCreatedBy($createdBy);
$requestBody->setDurationInDays(3);
$requestBody->setAttackTechnique(new SimulationAttackTechnique('credentialHarvesting'));
$requestBody->setStatus(new SimulationStatus('scheduled'));
$includedAccountTarget = new AddressBookAccountTargetContent();
$includedAccountTarget->setOdataType('#microsoft.graph.addressBookAccountTargetContent');
$includedAccountTarget->setType(new AccountTargetContentType('addressBook'));
$includedAccountTarget->setAccountTargetEmails(['john@contoso.com', ]);
$requestBody->setIncludedAccountTarget($includedAccountTarget);
$trainingSetting = new TrainingSetting();
$trainingSetting->setSettingType(new TrainingSettingType('noTraining'));
$requestBody->setTrainingSetting($trainingSetting);
$endUserNotificationSetting = new EndUserNotificationSetting();
$endUserNotificationSetting->setNotificationPreference(new EndUserNotificationPreference('microsoft'));
$endUserNotificationSetting->setSettingType(new EndUserNotificationSettingType('noTraining'));
$endUserNotificationSettingPositiveReinforcement = new PositiveReinforcementNotification();
$endUserNotificationSettingPositiveReinforcement->setDeliveryPreference(new NotificationDeliveryPreference('deliverAfterCampaignEnd'));
$endUserNotificationSettingPositiveReinforcement->setEndUserNotification('https://graph.microsoft.com/v1.0/security/attacksimulation/endUserNotifications/1ewer3678-9abc-def0-123456789a');
$endUserNotificationSettingPositiveReinforcement->setDefaultLanguage('en');
$endUserNotificationSetting->setPositiveReinforcement($endUserNotificationSettingPositiveReinforcement);
$additionalData = [
'simulationNotification' => [
'targettedUserType' => 'compromised',
'endUserNotification@odata.bind' => 'https://graph.microsoft.com/v1.0/security/attacksimulation/endUserNotifications/12wer3678-9abc-def0-123456789a',
'defaultLanguage' => 'en',
],
];
$endUserNotificationSetting->setAdditionalData($additionalData);
$requestBody->setEndUserNotificationSetting($endUserNotificationSetting);
$additionalData = [
'payload@odata.bind' => 'https://graph.microsoft.com/v1.0/security/attacksimulation/payloads/12345678-9abc-def0-123456789a',
'loginPage@odata.bind' => 'https://graph.microsoft.com/v1.0/security/attacksimulation/loginPages/1w345678-9abc-def0-123456789a',
'landingPage@odata.bind' => 'https://graph.microsoft.com/v1.0/security/attacksimulation/landingPages/1c345678-9abc-def0-123456789a',
];
$requestBody->setAdditionalData($additionalData);
$result = $graphServiceClient->security()->attackSimulation()->simulations()->post($requestBody)->wait();
Einzelheiten darüber, wie Sie das SDK zu Ihrem Projekt hinzufügen und eine authProvider-Instanz erstellen, finden Sie in der SDK-Dokumentation.
Import-Module Microsoft.Graph.Security
$params = @{
displayName = "Graph Simulation"
"payload@odata.bind" = "https://graph.microsoft.com/v1.0/security/attacksimulation/payloads/12345678-9abc-def0-123456789a"
"loginPage@odata.bind" = "https://graph.microsoft.com/v1.0/security/attacksimulation/loginPages/1w345678-9abc-def0-123456789a"
"landingPage@odata.bind" = "https://graph.microsoft.com/v1.0/security/attacksimulation/landingPages/1c345678-9abc-def0-123456789a"
createdBy = @{
email = "john@contoso.com"
}
durationInDays = "3"
attackTechnique = "credentialHarvesting"
status = "scheduled"
includedAccountTarget = @{
"@odata.type" = "#microsoft.graph.addressBookAccountTargetContent"
type = "addressBook"
accountTargetEmails = @(
"john@contoso.com"
)
}
trainingSetting = @{
settingType = "noTraining"
}
endUserNotificationSetting = @{
notificationPreference = "microsoft"
settingType = "noTraining"
positiveReinforcement = @{
deliveryPreference = "deliverAfterCampaignEnd"
endUserNotification = "https://graph.microsoft.com/v1.0/security/attacksimulation/endUserNotifications/1ewer3678-9abc-def0-123456789a"
defaultLanguage = "en"
}
simulationNotification = @{
targettedUserType = "compromised"
"endUserNotification@odata.bind" = "https://graph.microsoft.com/v1.0/security/attacksimulation/endUserNotifications/12wer3678-9abc-def0-123456789a"
defaultLanguage = "en"
}
}
}
New-MgSecurityAttackSimulation -BodyParameter $params
Einzelheiten darüber, wie Sie das SDK zu Ihrem Projekt hinzufügen und eine authProvider-Instanz erstellen, finden Sie in der SDK-Dokumentation.
from msgraph import GraphServiceClient
from msgraph.generated.models.simulation import Simulation
from msgraph.generated.models.email_identity import EmailIdentity
from msgraph.generated.models.address_book_account_target_content import AddressBookAccountTargetContent
from msgraph.generated.models.training_setting import TrainingSetting
from msgraph.generated.models.end_user_notification_setting import EndUserNotificationSetting
from msgraph.generated.models.positive_reinforcement_notification import PositiveReinforcementNotification
graph_client = GraphServiceClient(credentials, scopes)
request_body = Simulation(
display_name = "Graph Simulation",
created_by = EmailIdentity(
email = "john@contoso.com",
),
duration_in_days = 3,
attack_technique = SimulationAttackTechnique.CredentialHarvesting,
status = SimulationStatus.Scheduled,
included_account_target = AddressBookAccountTargetContent(
odata_type = "#microsoft.graph.addressBookAccountTargetContent",
type = AccountTargetContentType.AddressBook,
account_target_emails = [
"john@contoso.com",
],
),
training_setting = TrainingSetting(
setting_type = TrainingSettingType.NoTraining,
),
end_user_notification_setting = EndUserNotificationSetting(
notification_preference = EndUserNotificationPreference.Microsoft,
setting_type = EndUserNotificationSettingType.NoTraining,
positive_reinforcement = PositiveReinforcementNotification(
delivery_preference = NotificationDeliveryPreference.DeliverAfterCampaignEnd,
end_user_notification = "https://graph.microsoft.com/v1.0/security/attacksimulation/endUserNotifications/1ewer3678-9abc-def0-123456789a",
default_language = "en",
),
additional_data = {
"simulation_notification" : {
"targetted_user_type" : "compromised",
"end_user_notification@odata_bind" : "https://graph.microsoft.com/v1.0/security/attacksimulation/endUserNotifications/12wer3678-9abc-def0-123456789a",
"default_language" : "en",
},
}
),
additional_data = {
"payload@odata_bind" : "https://graph.microsoft.com/v1.0/security/attacksimulation/payloads/12345678-9abc-def0-123456789a",
"login_page@odata_bind" : "https://graph.microsoft.com/v1.0/security/attacksimulation/loginPages/1w345678-9abc-def0-123456789a",
"landing_page@odata_bind" : "https://graph.microsoft.com/v1.0/security/attacksimulation/landingPages/1c345678-9abc-def0-123456789a",
}
)
result = await graph_client.security.attack_simulation.simulations.post(request_body)
Einzelheiten darüber, wie Sie das SDK zu Ihrem Projekt hinzufügen und eine authProvider-Instanz erstellen, finden Sie in der SDK-Dokumentation.
Das folgende Beispiel zeigt die Antwort.