Skip to main content

mondoo_scan_ms365

mondoo scan ms365​

Scan a Microsoft 365 endpoint

Synopsis​

This command triggers a new policy scan for Microsoft 365:

$ mondoo scan ms365 --tenant-id {tennant id} --client-id {client id} --client-secret {client secret}

This example connects to Microsoft 365 using the PKCS #12 formatted certificate:

$ mondoo scan ms365 --tenant-id {tennant id} --client-id {client id} --certificate-path {certificate.pfx} --certificate-secret {certificate secret}
$ mondoo scan ms365 --tenant-id {tennant id} --client-id {client id} --certificate-path {certificate.pfx} --ask-pass
mondoo scan ms365 [flags]

Options​

      --annotation stringToString        annotation for asset (default [])
--ask-pass ask for connection password
--certificate-path string path to certificate that's used for certificate-based authentication in PKCS 12 format (pfx)
--certificate-secret string passphrase for certificate file
--client-id string application (client) ID of the service principal
--client-secret string secret for application
--datareport string set the MS365 datareport for the scan
--detect-cicd tries to detect CI/CD environments and sets the asset category to 'cicd' if detected (default true)
--discover string enable the discovery of nested assets. Supported are 'all|instances|host-instances|container|container-images'
--discover-filter stringToString additional filter for asset discovery (default [])
-h, --help help for ms365
--id-detector string user-override for platform id detection mechanism, supported are hostname, machine-id, aws-ec2, cloud-detect, ssh-host-key, transport-platform-id
-i, --identity-file string selects a file from which the identity (private key) for public key authentication is read
--incognito incognito mode. do not report scan results to the Mondoo platform.
--insecure disable TLS/SSL checks or SSH hostkey config
--inventory-ansible set inventory format to ansible
--inventory-domainlist set inventory format to domain list
--inventory-file string path to inventory file
--no-pager disable interactive scan output pagination
--option stringToString addition connection options, multiple options can be passed in via --option key=value (default [])
-o, --output string set output format: report, yaml, json, junit, csv, compact, full (default "compact")
--pager string enable scan output pagination with custom pagination command. default is 'less -R'
-p, --password string password e.g. for ssh/winrm
--path string path to a local file or directory that the connection should use
--policy strings list of policies to be executed (requires incognito mode), multiple policies can be passed in via --policy POLICY
--policy-bundle strings path to local policy bundle file
--score-threshold int if any score falls below the threshold, exit 1
--sudo run with sudo
--tenant-id string directory (tenant) ID of the service principal

Options inherited from parent commands​

      --config string      config file (default is $HOME/.config/mondoo/mondoo.yml)
--log-level string set log-level: error, warn, info, debug, trace (default "info")
-v, --verbose verbose output

SEE ALSO​