search

invictus-ir / Microsoft-Extractor-Suite

A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.
https://microsoft-365-extractor-suite.readthedocs.io/en/latest/
GNU General Public License v2.0
481 stars 68 forks source link

Update Get-Rules.ps1 #58

Closed angry-bender closed 8 months ago

angry-bender commented 8 months ago

Fixed directory issues as mentioned in #56

Tested and working as expected, however its likely best to test in your environment before accepting the PR.

@JoeyInvictus - It might be worth checking the other modules to see if -Outputdirectory is validated :-) , i made a note of this in #57

JoeyInvictus commented 8 months ago

Hi, thanks a lot again for the pull request! :) I made two small changes:

I swapped the positions of the following two lines for both mailbox and transport rules:

New-Item -ItemType Directory -Force -Name $OutputDir | Out-Null
Write-LogFile -Message "[INFO] Creating the following directory: $OutputDir"

Otherwise, it attempts to write a log file to the output directory before it exists. By reversing their order, it first creates the output directory and then tries to write the log file to it.