Change plural noun of function name to sinular noun Get-HawkTenantEDi…

…scoveryLogs
T0pCyber · Nov 29, 2024 · c1ad4b6 · c1ad4b6
1 parent e12627c
commit c1ad4b6
Show file tree

Hide file tree

Showing 2 changed files with 34 additions and 28 deletions.
diff --git a/Hawk/functions/Tenant/Get-HawkTenantEDiscoveryLog.ps1 b/Hawk/functions/Tenant/Get-HawkTenantEDiscoveryLog.ps1
@@ -3,9 +3,9 @@
     .SYNOPSIS
         Gets Unified Audit Logs (UAL) data for eDiscovery
     .DESCRIPTION
-        Searches the Unified Audit Log (UAL) for eDiscovery events and activities. 
-        This includes searches, exports, and management activities related to 
-        eDiscovery cases. The function checks for any eDiscovery activities within 
+        Searches the Unified Audit Log (UAL) for eDiscovery events and activities.
+        This includes searches, exports, and management activities related to
+        eDiscovery cases. The function checks for any eDiscovery activities within
         the timeframe specified in the Hawk global configuration object.
         
         The results can help identify:

diff --git a/Hawk/functions/Tenant/Start-HawkTenantInvestigation.ps1 b/Hawk/functions/Tenant/Start-HawkTenantInvestigation.ps1
@@ -1,31 +1,37 @@
 Function Start-HawkTenantInvestigation {
+	<#
+.SYNOPSIS
+    Gathers common data about a tenant.
+.DESCRIPTION
+    Runs all Hawk Basic tenant related cmdlets and gathers data about the tenant's configuration,
+    security settings, and audit logs. This comprehensive investigation helps identify potential
+    security issues and configuration changes.
+
+.PARAMETER Confirm
+    Prompts for confirmation before running operations that could modify system state.
+
+.PARAMETER WhatIf
+    Shows what would happen if the command runs. The command is not run.
+
+.EXAMPLE
+    PS C:\> Start-HawkTenantInvestigation
+    Runs a complete tenant investigation, gathering all available data.
+
+.EXAMPLE
+    PS C:\> Start-HawkTenantInvestigation -WhatIf
+    Shows what data gathering operations would be performed without executing them.
+
+.EXAMPLE
+    PS C:\> Start-HawkTenantInvestigation -Confirm
+    Prompts for confirmation before running each data gathering operation.
+
+.OUTPUTS
+    Various CSV, JSON, and XML files containing investigation results.
+    See help from individual cmdlets for specific output details.
+    All outputs are placed in the $Hawk.FilePath directory.
+#>
 	[CmdletBinding(SupportsShouldProcess)]
 	param()
-
-	<#
-    .SYNOPSIS
-        Gathers common data about a tenant.
-    .DESCRIPTION
-        Runs all Hawk Basic tenant related cmdlets and gathers the data.
-
-        Cmdlet                                  Information Gathered
-        -------------------------               -------------------------
-        Get-HawkTenantConfigurationn           Basic Tenant information
-        Get-HawkTenantEDiscoveryConfiguration  Looks for changes to ediscovery configuration
-        Search-HawkTenantEXOAuditLog          Searches the EXO audit log for activity
-        Get-HawkTenantRBACChanges             Looks for changes to Roles Based Access Control
-    .OUTPUTS
-        See help from individual cmdlets for output list.
-        All outputs are placed in the $Hawk.FilePath directory
-    .EXAMPLE
-        Start-HawkTenantInvestigation
-
-        Runs all of the tenant investigation cmdlets.
-    .EXAMPLE
-        Start-HawkTenantInvestigation -WhatIf
-
-        Shows what actions would be performed without actually executing them.
-    #>
 
 	if ([string]::IsNullOrEmpty($Hawk.FilePath)) {
 		Initialize-HawkGlobalObject