@EnterpriseArchitect To execute the PowerShell Graph command against Azure/Entra ID and send the report to your email address, you can follow these steps:
-
Connect-MgGraph
cmdlet. You will need to provide your credentials and consent to the necessary permissions. - Run the command to get the risk detections with high risk level for the current date:
$date = (Get-Date -Format "yyyy-MM-dd")
$riskDetections = Get-MgRiskDetection -All -Filter "ActivityDateTime ge $date and RiskLevel eq 'high'"
- Check if the
$riskDetections
variable contains any results. If there are no results, you can exit the script. If there are results, you can continue with sending the report to your email address. - Use the
Send-MailMessage
cmdlet to send the report to your email address. Here is an example:
$emailFrom = "sender@example.com"
$emailTo = "recipient@example.com"
$emailSubject = "High Risk Detections Report"
$emailBody = "Please find attached the report for high risk detections for $date." $attachmentPath = "C:\Reports\HighRiskDetections.csv"
$smtpServer = "smtp.example.com"
$smtpPort = 587
$smtpCredential = Get-Credential
$emailParams = @{
From = $emailFrom
To = $emailTo
Subject = $emailSubject
Body = $emailBody
SmtpServer = $smtpServer
SmtpPort = $smtpPort
Credential = $smtpCredential
UseSsl = $true
Attachments = $attachmentPath
}
Send-MailMessage @emailParams
In this example, the report is saved as a CSV file at C:\Reports\HighRiskDetections.csv. You will need to modify the $emailFrom, $emailTo, $smtpServer, $smtpPort, and $smtpCredential variables to match your email settings. You can also modify the email subject and body to your liking.
Save the script as a .ps1 file and schedule it to run at a desired frequency using Azure Automation.
Note: The above suggestion is AI-generated and appears to be valid upon review. Please test it in a test environment before deploying it to production.
Let me know if you have any further questions, feel free to post back.