# Publish-BluGenieArtifact



### Publish-BluGenieArtifact <a href="#publish-blugenieartifact" id="publish-blugenieartifact"></a>

### SYNOPSIS <a href="#synopsis" id="synopsis"></a>

Manage Artifact data from a JSON/YAML file to query local and remote systems for a specfic Indicator of compromise or IOC

### SYNTAX <a href="#syntax" id="syntax"></a>

```
Publish-BluGenieArtifact [[-Artifact] <String>] [-Import] [[-Export] <String>] [-Remove] [-Review] [[-ExportType] <String>] [-Walkthrough] [<CommonParameters>]
```

### DESCRIPTION <a href="#description" id="description"></a>

Import, Export, and Review Artifact data from a JSON/YAML file. Artifacts are contructed logic to query local and remote systems for a specfic Indicator of compromise or IOC

IOC is a forensic term that refers to the evidence on a device that points out to a security breach. The data of IOC is gathered after a suspicious incident, security event or unexpected call-outs from the network.

### EXAMPLES <a href="#examples" id="examples"></a>

#### EXAMPLE 1 <a href="#example-1" id="example-1"></a>

```
```

```
Description: Use this commadn to set the Artifact and get it ready for importing or review
Notes: This option uses the default cmdlet name
```

#### EXAMPLE 2 <a href="#example-2" id="example-2"></a>

```
Command: Publish-BGArtifact -Artifact .
```

```
Description: Use this command to quickly bring up the file select dialog to manually select the Artifact to import
Notes: This option uses the Short-Hand cmdlet name
```

#### EXAMPLE 3 <a href="#example-3" id="example-3"></a>

```
Command: BGArtifact -Review
```

```
Description: Use this command to show any issues with the currently selected Artifact.
Notes: This option uses the BG Alias name
```

#### EXAMPLE 4 <a href="#example-4" id="example-4"></a>

```
Command: BGArtifact -Artifact .\Artifacts\TestPack.YAML -Review
```

```
Description: Use this command to Select the Artifact and to process a Review on it with a single command
Notes:
```

#### EXAMPLE 5 <a href="#example-5" id="example-5"></a>

```
Command: BGArtifact -Import
```

```
Description: Use this command to import and utilize an Artifact
Notes: If an Artifact was not previsouly set, a file select dialog will be displayed to manually select the Artifact to import
```

#### EXAMPLE 6 <a href="#example-6" id="example-6"></a>

```
Command: BGArtifact -Artifact .\Artifacts\TestPack.YAML -Import
```

```
Description: Use this command to Select and Import an Artifact to process
Notes:
```

#### EXAMPLE 7 <a href="#example-7" id="example-7"></a>

```
Command: BGArtifact -ExportType 'JSON' -Export .\QueryOpenPorts
```

```
Description: Use this command to export an Artifact to a JSON formated file.
Notes: Items will be saved in the .\Artifacts\ Directory
```

#### EXAMPLE 8 <a href="#example-8" id="example-8"></a>

```
Command: BGArtifact -Export .\QueryOpenPorts
```

```
Description: Use this command to export an Artifact to a YAML formated file.
Notes: YAML is the default export format.  Items will be saved in the .\Artifacts\ Directory
```

#### EXAMPLE 9 <a href="#example-9" id="example-9"></a>

```
Command: BGArtifact -Help
```

```
Description: Use this command to provide you with an interactive help system to show more examples and commands
Notes: If Help / WalkThrough is setup as a parameter, this script will be called to setup the Dynamic Help Menu if not the normal
       Get-Help will be called with the -Full parameter
```

#### EXAMPLE 10 <a href="#example-10" id="example-10"></a>

```
Command: BGArtifact -WalkThrough
```

```
Description: Use this command to provide you with an interactive help system to show more examples and commands
Notes: If Help / WalkThrough is setup as a parameter, this script will be called to setup the Dynamic Help Menu if not the normal
       Get-Help will be called with the -Full parameter
```

### PARAMETERS <a href="#parameters" id="parameters"></a>

#### Artifact <a href="#artifact" id="artifact"></a>

```
-Artifact <String>
   
   Required?                    false
   Position?                    1
   Default value                $global:ConsoleJSONJob
   Accept pipeline input?       false
   Accept wildcard characters?  false
```

#### Import <a href="#import" id="import"></a>

```
-Import [<SwitchParameter>]
   Description: Import a JSON/YAML Artifact to use to query local and remote systems for a specfic IOC
   Notes:
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false
```

#### Export <a href="#export" id="export"></a>

```
-Export <String>
   Description: Export the BluGenie Console settings into a JSON/YAML Artifact
   Notes: YAML is the default export type.  If you want to change it set -Exporttype 'JSON'
   Alias:
   ValidateSet: 'YAML','JSON'
   
   Required?                    false
   Position?                    2
   Default value                
   Accept pipeline input?       false
   Accept wildcard characters?  false
```

#### Remove <a href="#remove" id="remove"></a>

```
-Remove [<SwitchParameter>]
   Description: Remove the currently selected Artifact
   Notes: If there is no Artifact selected and you run the -Import parameter you will be given a file dialog to choose an Artifact
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false
```

#### Review <a href="#review" id="review"></a>

```
-Review [<SwitchParameter>]
   Description: Review a JSON/YAML Artifact without overwritting any predefined Artifact settings
   Notes:  In the BluGenie Conole you can manually update the Artifact settings even while reviewing another Artifact
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false
```

#### ExportType <a href="#exporttype" id="exporttype"></a>

```
-ExportType <String>
   Description: Select what Artifact format to export to.
   Notes:  The default is 'YAML'
   Alias:
   ValidateSet: 'YAML','JSON'
   
   Required?                    false
   Position?                    3
   Default value                YAML
   Accept pipeline input?       false
   Accept wildcard characters?  false
```

#### Walkthrough <a href="#walkthrough" id="walkthrough"></a>

```
-Walkthrough [<SwitchParameter>]
   Description:  Start the dynamic help menu system to help walk through the current command and all of the parameters
   Notes:
   Alias: Help
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false
```

#### CommonParameters <a href="#commonparameters" id="commonparameters"></a>

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about\_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216).