Get-DuoTrustMonitorEvent
SYNOPSIS
Returns a list of events surfaced by Trust Monitor from the last 180 days.
SYNTAX
Get-DuoTrustMonitorEvent [-ApiHostname] <String> [-Credential] <PSCredential> [[-AccountId] <String>]
[-StartDate] <DateTime> [-EndDate] <DateTime> [[-Type] <String>] [-ProgressAction <ActionPreference>]
[<CommonParameters>]
DESCRIPTION
Returns a list of events surfaced by Trust Monitor from the last 180 days.
EXAMPLES
EXAMPLE 1
$Credential = $(Get-SecureCredential -Name 'DUO_Account' -VaultName 'vault')
PS>$ApiHostname = "api-XXXXXXXX.duosecurity.com"
PS>Get-DuoTrustMonitorEvent -ApiHostname $ApiHostname -Credential $Credential -AccountId "AALSFLAJFKS5AJLKDJ55LA5KS" -StartDate $(Get-Date).AddDays(-30) -EndDate $(Get-Date).AddDays(-1)
PARAMETERS
-ApiHostname
Target API hostname E.g. api-XXXXXXXX.duosecurity.com
Type: String
Parameter Sets: (All)
Aliases:
Required: True
Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
-Credential
PSCredential containing IKEY as username and SKEY as securestring
Type: PSCredential
Parameter Sets: (All)
Aliases:
Required: True
Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
-AccountId
Target account id. IF specified, the Credentials parameter must contain the account API credentials and URL.
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: 3
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
-StartDate
Start date in powershell notation $(Get-Date).AddDays(-30)
Type: DateTime
Parameter Sets: (All)
Aliases:
Required: True
Position: 4
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
-EndDate
End date in powershell notation $(Get-Date).AddDays(-1)
Type: DateTime
Parameter Sets: (All)
Aliases:
Required: True
Position: 5
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
-Type
The type of security event: auth Return security events that are denied anomalous authentications. bypass_status_enabled Return security events that are bypass status enabled. device_registration Return security events that are device registrations.
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: 6
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
-ProgressAction
{{ Fill ProgressAction Description }}
Type: ActionPreference
Parameter Sets: (All)
Aliases: proga
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.