-
Notifications
You must be signed in to change notification settings - Fork 2
/
DeleteNSGFlowLogs.ps1
148 lines (118 loc) · 3.64 KB
/
DeleteNSGFlowLogs.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
#// Copyright (c) Microsoft Corporation.
#// Licensed under the MIT license.
#region Global
$configPath = '.\RegionSubscriptionConfig.json'
$mutex = $null
#endregion
#region Utilities
function Read-ValuesIgnoringPreviousEntries($readMsg)
{
while ($true)
{
$res = Read-Host $readMsg
if ($res -ne '')
{
return $res
}
}
return ""
}
function Filter-DisabledNSGFlowLogs($flList)
{
[System.Collections.ArrayList]$disabledNSGFlList = @()
Write-Host("Filtering disabled NSG flowlogs")
foreach ($fl in $flList)
{
if ($fl.Enabled)
{
continue
}
$targetResource = Get-AzResource -ResourceId $fl.TargetResourceId
if ($targetResource.ResourceType -eq "Microsoft.Network/networkSecurityGroups")
{
[void]$disabledNSGFlList.Add($fl)
}
}
return $disabledNSGFlList
}
function Delete-FlowLogs($flowLogList)
{
$allSucceeded = @{ "success" = $true }
if ($flowLogList.Length -eq 0)
{
return $allSucceeded.success
}
$flowLogList | ForEach-Object -ThrottleLimit 16 -Parallel {
$fl = $_
Remove-AzNetworkWatcherFlowLog -ResourceId $fl.Id
Start-Sleep -Seconds 10
$deletedFl = Get-AzNetworkWatcherFlowLog -Location $fl.Location -Name $fl.Name -ErrorAction SilentlyContinue
[void]($using:mutex).WaitOne()
try
{
if ($null -eq $deletedFl)
{
Write-Host "Deleted flowlog:" $fl.Name ", TargetResourceId: " $fl.TargetResourceId -ForeGroundColor Green
}
else
{
$allSucceeded.success = $false
Write-Host "Failed to delete flowlog:" $fl.Name ", TargetResourceId: " $fl.TargetResourceId -ForeGroundColor Yellow
}
}
finally
{
($using:mutex).ReleaseMutex()
}
}
Get-Job | Wait-Job
return $allSucceeded.success
}
function Delete-NSGFlowLogs()
{
Write-Host "Getting all disabled NSG flowlogs in region:" $region "and subscription:" $subscriptionId -ForegroundColor Blue
$flList = Get-AzNetworkWatcherFlowLog -Location $region
$disabledNSGFlList = Filter-DisabledNSGFlowLogs $flList
$proceed = Read-ValuesIgnoringPreviousEntries("Proceed with deletion of flowlogs?(y/n)")
$proceed = $proceed.ToLower()
if ($proceed -eq 'y')
{
if ((Delete-FlowLogs $disabledNSGFlList))
{
Write-Host "Deleted all disabled NSG flowlogs in region:" $region "and subscription:" $subscriptionId -ForegroundColor Green
}
else
{
Write-Host "There were some failures in deletion of disabled NSG flowlogs in region:" $region "and subscription:" $subscriptionId ", please take a look" -ForegroundColor Red
}
}
}
#endregion
try
{
$configPath = Read-ValuesIgnoringPreviousEntries("Please enter the path to select config file:")
$subIdRegion = Get-Content -Path $configPath | ConvertFrom-Json -AsHashtable -ErrorAction SilentlyContinue
}
catch
{
Write-Host "Config file is in incorrect json format, please format it correctly" -ForegroundColor Red
return
}
if ($null -eq $subIdRegion)
{
Write-Host "Config file is in incorrect json format, please format it correctly" -ForegroundColor Red
return
}
Connect-AzAccount
$mutex = New-Object Threading.Mutex($false, "MyMutex")
foreach($subId in $subIdRegion.Keys)
{
$subscriptionId = $subId
foreach($reg in $subIdRegion[$subId])
{
$region = $reg
Set-AzContext -SubscriptionId $subscriptionId
Delete-NSGFlowLogs
}
}
$mutex.Close()