From 2c460630ef0826412192f8a9b72549cea14c3e39 Mon Sep 17 00:00:00 2001
From: Tamara Buch <git@tamarabee.com>
Date: Thu, 21 Nov 2024 14:09:52 -0600
Subject: [PATCH] Set/Add Asset Group Enhancement and Purge Functionality 
 (#72)

* Add scanners param to set-qualysassetgroups

* remove-QualysHosts

* Add-QualysAssetGroups change and changelog++

* PSUseSingularNouns

* supportshouldprocess
---
 CHANGELOG.md                                  | 11 ++++++
 src/UofIQualys/UofIQualys.psd1                |  3 +-
 .../public/Add-QualysAssetGroups.ps1          |  9 ++++-
 .../functions/public/Remove-QualysHosts.ps1   | 35 +++++++++++++++++++
 .../public/Set-QualysAssetGroups.ps1          |  9 ++++-
 5 files changed, 64 insertions(+), 3 deletions(-)
 create mode 100644 src/UofIQualys/functions/public/Remove-QualysHosts.ps1

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 0069512..5b9e6b2 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -13,6 +13,17 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Removed
 
+## [1.8.2] - 2024-11-21
+
+### Added
+
+- Remove-QualysHosts: Purges hosts based on IP from Qualys.
+
+### Changed
+
+- Set-QualysAssetGroups: Add Scanners parameter so you can add non-default scanners to asset groups
+- Add-QualysAssetGroups: Add Scanners parameter so you can add non-default scanners to asset groups
+
 ## [1.8.1] - 2024-07-15
 
 ### Added
diff --git a/src/UofIQualys/UofIQualys.psd1 b/src/UofIQualys/UofIQualys.psd1
index c444b8c..3ad90ab 100644
--- a/src/UofIQualys/UofIQualys.psd1
+++ b/src/UofIQualys/UofIQualys.psd1
@@ -103,7 +103,8 @@ FunctionsToExport = @(
     'Add-QualysUserTagAssignment',
     'Get-QualysReports',
     'Save-QualysReport',
-    'Get-QualysAMUser'
+    'Get-QualysAMUser',
+    'Remove-QualysHosts'
     )
 
 # Cmdlets to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no cmdlets to export.
diff --git a/src/UofIQualys/functions/public/Add-QualysAssetGroups.ps1 b/src/UofIQualys/functions/public/Add-QualysAssetGroups.ps1
index 3d8545b..e6e3b45 100644
--- a/src/UofIQualys/functions/public/Add-QualysAssetGroups.ps1
+++ b/src/UofIQualys/functions/public/Add-QualysAssetGroups.ps1
@@ -13,6 +13,8 @@
     The Division of the Asset Group
 .PARAMETER DefaultScanner
     The ID of the scanner to use as the default scanner for this asset group
+.PARAMETER Scanners
+    Comma separated IDs of the scanners to assign to the asset group. Ex "1578772,1578773"
 .EXAMPLE
     Add-QualysAssetGroups -Title "My Asset Group"
 .EXAMPLE
@@ -28,7 +30,8 @@
             [String[]]$IPs,
             [String]$Comments,
             [String]$Division,
-            [Int]$DefaultScanner
+            [Int]$DefaultScanner,
+            [String]$Scanners
         )
 
         process{
@@ -60,6 +63,10 @@
                 $RestSplat.Body['default_appliance_id'] = $DefaultScanner
             }
 
+            If($Scanners){
+                $RestSplat.Body['appliance_ids'] = $Scanners
+            }
+
             $Response = Invoke-QualysRestCall @RestSplat
             if ($Response) {
                 Write-Verbose -Message $Response.SIMPLE_RETURN.RESPONSE.TEXT
diff --git a/src/UofIQualys/functions/public/Remove-QualysHosts.ps1 b/src/UofIQualys/functions/public/Remove-QualysHosts.ps1
new file mode 100644
index 0000000..05f42bc
--- /dev/null
+++ b/src/UofIQualys/functions/public/Remove-QualysHosts.ps1
@@ -0,0 +1,35 @@
+<#
+.Synopsis
+    Purges host assets from Qualys by IP
+.DESCRIPTION
+    Purges host assets from Qualys by IP
+.PARAMETER IPs
+    An array of IPs to purge from Qualys
+.EXAMPLE
+    Remove-QualysHosts -IPs ("192.168.1.1", "192.168.0.0")
+#>
+
+function Remove-QualysHosts{
+    [CmdletBinding(SupportsShouldProcess)]
+    [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseSingularNouns', '',
+            Justification = 'This is consistent with the vendors verbiage')]
+    param (
+        [Parameter(Mandatory=$true)]
+        [String[]]$IPs
+    )
+
+    process{
+        if ($PSCmdlet.ShouldProcess("$($IPs.count) IPs Will be purged from Qualys")){
+            $RestSplat = @{
+                Method = 'POST'
+                RelativeURI = 'asset/host/'
+                Body = @{
+                    action = 'purge'
+                    ips = ($IPs.Trim() -join ", ")
+                }
+            }
+            $Response = Invoke-QualysRestCall @RestSplat
+            $Response.BATCH_RETURN.RESPONSE.BATCH_LIST.BATCH
+        }
+    }
+}
diff --git a/src/UofIQualys/functions/public/Set-QualysAssetGroups.ps1 b/src/UofIQualys/functions/public/Set-QualysAssetGroups.ps1
index 60da4e4..aebd307 100644
--- a/src/UofIQualys/functions/public/Set-QualysAssetGroups.ps1
+++ b/src/UofIQualys/functions/public/Set-QualysAssetGroups.ps1
@@ -19,6 +19,8 @@
     The Division of the Asset Group, typically the Owner Code from CDB
 .PARAMETER DefaultScanner
     The ID of the scanner to use as the default scanner for this asset group
+.PARAMETER Scanners
+    Comma separated IDs of the scanners to assign to the asset group. Ex "1578772,1578773"
 .EXAMPLE
     Set-QualysAssetGroups -Identity '7445535' -Title "My Edited Asset Group Title"
 .EXAMPLE
@@ -37,7 +39,8 @@
             [String[]]$RemoveIPs,
             [String]$Comments,
             [String]$Division,
-            [Int]$DefaultScanner
+            [Int]$DefaultScanner,
+            [String]$Scanners
         )
 
         process{
@@ -90,6 +93,10 @@
                     $RestSplat.Body['set_default_appliance_id'] = $DefaultScanner
                 }
 
+                If($Scanners){
+                    $RestSplat.Body['add_appliance_ids'] = $Scanners
+                }
+
                 $Response = Invoke-QualysRestCall @RestSplat
                 if ($Response) {
                     Write-Verbose -Message $Response.SIMPLE_RETURN.RESPONSE.TEXT