terasaka

#!/bin/bash

rg=rg-nomedorg
stg=stgnomestg

stgStatus=$(az storage account show --resource-group $rg --name $stg -o tsv --query networkRuleSet.defaultAction)
if [ $stgStatus = "Allow" ]
then
        echo "Restringindo acesso default"
        az storage account update --resource-group $rg --name $stg --default-action Deny > /dev/null

terasaka

#!/bin/bash
# AZURE AppService
# Restringindo acesso a appservice definindo blocos de origens
#
# Informar os ranges linha a linha
ips=( \
x.x.x.x/x \
y.y.y.y/y \
)
# Inicio das regras

terasaka

# PowerShell 7.0.3
# Modulo Az Version 4.4.0
#
# -----------------------

# Pegar as informações, Resource Group e Nome do AppGw para pegar as

$AppGW = Get-AzApplicationGateway -Name Nome-Do-AppGw -ResourceGroupName RG-Do-AppGw

# Remover o certificado que deseja

terasaka

// Logins com sucesso filtrando por usuario, ip e database
AzureDiagnostics
| where succeeded_s contains "true"
| project Login=database_principal_name_s, IP=client_ip_s, DB=database_name_s
| summarize count() by Login, IP, DB
| order by Login

// Falha de logins filtrando por usuario, ip e database
// Alterar dbName para o nome do db que gostaria de filtrar
AzureDiagnostics

terasaka

$FolderToDelete = @("Folder1\To\Clean","Folder2\To\Clean")

$SpaceAtStart = (Get-WmiObject win32_logicaldisk | where { $_.DeviceID -eq $env:SystemDrive }).FreeSpace/1GB
$ProfileDirs = @()
 
Get-ChildItem -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList" | ForEach-Object {
	$UserProfile = (Get-ItemProperty -Path $_.PSPath).ProfileImagePath
	
	if ($Userprofile.substring(0, $($env:windir).length) -eq $env:windir) {
		# Skipping - Profile in Windows Folder

terasaka

<QueryList>
  <Query Id="0" Path="Security">
    <Select Path="Security">*[EventData[Data[@Name='TargetUserName']='login.to.search']]  and *[EventData[Data[@Name='IpAddress'] and (Data='10.0.0.1' or Data='10.0.0.2' or Data='10.0.0.3')]] </Select>
  </Query>
</QueryList>