So i want to write something that will read pages of logs from o365 and output to a csv but nothing i have tried or found so far works. Every attempt i make returns an output file of page 1 and that's it.
I know for most on here this is probably a very easy task but has me stumped 🙁
I know the log interrogation works as if i call each page individually and append to the output file everything is there but this means lots of redundant code and i need to know how many pages to call.
I would like to be able to do something along the lines of below, but despite tweaking this is failing:
$Page = 1
Write-Host "Collecting logs – Page $Page..."
$CurrVariable = Get-MailDetailDlpPolicyReport -PageSize 5000 | Select Date, MessageID, SenderAddress, RecipientAddress, Subject, EventType, Action, DLPPolicy, TransportRule, UserAction, Justification, SensitiveInformationType, SensitiveInformationCount, SensitiveInformationConfidence
until ($CurrMessages -eq $null)
If anyone can provide a steer it's very much appreciated.
"I know the log interrogation works as if i call each page individually and append to the output file everything is there but this means lots of redundant code and i need to know how many pages to call."
That's exactly what you have to do, but you don't have to think of "pages" per se.
The command allows you to retrieve entries within a specific date start/stop range. I'd use that for my paging. Grab all the entries for one time period, then the next, and so on, until you're happy that you have enough, or until you start getting empty result sets.
But obviously you can also do actual paging – there's a -Page parameter. And you don't need to know how many pages there's are. Just keep incrementing the page number until you get a result set that's either empty, or smaller than the page size you indicated. That means you're done.