Skip to content

A set of handy tools to make it easier for Operations teams to run to Trend Micro Deep Security.

License

Notifications You must be signed in to change notification settings

deep-security/ops-tools

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

70 Commits
 
 
 
 
 
 
 
 

Repository files navigation

Ops Tools for Deep Security

A set of handy tools to make it easier to run to Deep Security.

Table of Contents

Manager Tools

Bash

config-dsRelay.sh
Query the status of, enable, or disable relay functionality on an agent
config-rehomeAwsDsManager.sh
Used by our cloud formation projects to ensure the correct cloud connector sync'd object is activated
create-iamCloudAccount.sh
Create an IAM user and associated keys, then use those keys to create the DS cloud connector
rest-cloudAccountsCreateAws.sh
Create cloud accounts for all regions
rest-cloudAccountsCreateAws.sh
Create cloud account for GovCloud
rest-tenantsCreate.sh
Create new tenant

PowerShell

config-dsRelay.ps1
Query the status of, enable, or disable relay functionality on an agent
config-ipsXforwardedForRule.ps1
Create or update an IPS rule which a list of IPS to be blocked based on header added by an AWS ELB
config-plicy-agentcomm.ps1
Configure manager agent communication direction on a policy
get-allHostsSummary.ps1
Get summary of all host objects in deep security manager similar to dashboard status widget
get-amComponentVersions.ps1
Get detailed agent and am engine versions for a host object
get-computerCreatedEvents.ps1
Get all computer created system events for a given time frame
get-firewallrules.ps1
Get all firewall rules for a given host object
get-hostIpsRules.ps1
Get all ips rules assigned to a policy for each host object in the DSM
get-hostRecoAndAssignedRules.ps1
Get count of assigned and recommended rules for each host object in the DSM
get-macFromInterfaces.ps1
Get all interfaces and their mac addresses for a given host object
get-managedHostCounts.ps1
Get a simple count of all Unmanaged vs not Unmanaged hosts in the DSM
rest-authenticationLogin.ps1
Rest call to get a Security ID token for subsequent calls. SID returned may be used for SOAP or REST calls
rest-managerInfoComponents.ps1
Rest call to get list of current components available in the DSM
setup-dsSoap.ps1
Setup script to leave the caller with a current token in $SID and ManagerService instance in $DSM for use in interactive shell. Also starting authenticaiton for new scripts

Scheduled Task Scripts

EnableStrongCiphers.script
Allows Deep Security to communicate exclusively with strong ciphers

Agent tools

awsAgentInstallSamples
UserData and CfnInit snippets for use in integrating Deep Security Agent deployment in AWS automation tooling

Bash

get-dsaPolicy.sh
Query the local DSA for its current policyid and policyname
install-dsa.sh
Working project 'one script to rule them all'; single bash script to download, install, and activate a deep security agent on any linux distro, arch, and version

Support

This is an Open Source community project. Project contributors may be able to help, depending on their time and availability. Please be specific about what you're trying to do, your system, and steps to reproduce the problem.

For bug reports or feature requests, please open an issue. You are welcome to contribute.

Official support from Trend Micro is not available. Individual contributors may be Trend Micro employees, but are not official support.

Contribute

We accept contributions from the community. To submit changes:

  1. Fork this repository.
  2. Create a new feature branch.
  3. Make your changes.
  4. Submit a pull request with an explanation of your changes or additions.

We will review and work with you to release the code.

About

A set of handy tools to make it easier for Operations teams to run to Trend Micro Deep Security.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published