我检查了cron Express:
./aa.ps1 -Resources @(@{ name = "Satya_Test"; description = "test"})
function Get-CsToken {
<#
.SYNOPSIS
Request an OAuth2 access token
.PARAMETER ID
Client Id
.PARAMETER SECRET
Client Secret
.PARAMETER CID
Specific CID to target in MSSP configurations
.PARAMETER CLOUD
CrowdStrike destination cloud [default: 'US']
.PARAMETER PROXY
Web proxy address
#>
[CmdletBinding()]
[OutputType([psobject])]
param(
[string]
$Id,
[string]
$Secret,
[string]
$CID,
[ValidateSet('EU', 'US', 'US-2', 'USFed')]
[string]
$Cloud = 'US',
[string]
$Proxy
)
begin{
# Create $Falcon for logging and caching credentials
if (-not($Falcon)) {
[System.Collections.Hashtable] $Global:Falcon = @{}
}
# Set $Falcon.host based on $Cloud
switch ($Cloud) {
'EU' { $Falcon['host'] = 'https://api.eu-1.crowdstrike.com' }
'US' { $Falcon['host'] = 'https://api.crowdstrike.com' }
'US-2' { $Falcon['host'] = 'https://api.us-2.crowdstrike.com' }
'USFed' { $Falcon['host'] = 'https://api.laggar.gcw.crowdstrike.com' }
}
# Capture parameter input
switch ($PSBoundParameters.Keys) {
'Id' { $Falcon['id'] = $Id }
'Secret' { $Falcon['secret'] = $Secret | ConvertTo-SecureString -AsPlainText -Force }
'CID' { $Falcon['cid'] = [string] $CID }
'Proxy' { $Falcon['proxy'] = $Proxy }
}
# If missing, prompt for Id/Secret
if (-not($Falcon.id)) {
$Falcon['id'] = Read-Host 'Client Id'
}
if (-not($Falcon.secret)) {
$Falcon['secret'] = Read-Host 'Client Secret' -AsSecureString
}
# Clear existing member CID if $CID was not defined
if ((-not($CID)) -and ($Falcon.cid)) {
$Falcon.remove('cid')
}
# Clear existing proxy if $Proxy was not defined
if ((-not($Proxy)) -and ($Falcon.proxy)) {
$Falcon.remove('proxy')
}
}
process{
# Set base parameters
$Param = @{
Uri = '/oauth2/token'
Method = 'post'
Header = @{
accept = 'application/json'
}
Body = 'client_id=' + [string] $Falcon.id + '&client_secret='
}
# Add secret to token request
if ($PSVersionTable.PSVersion.Major -ge 7) {
$Param.Body += ($Falcon.secret | ConvertFrom-SecureString -AsPlainText)
} else {
$Param.Body += ([System.Runtime.InteropServices.Marshal]::PtrToStringAuto(
[System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($Falcon.secret)))
}
# Add member CID, if defined
if ($Falcon.cid) {
$Param.Body += '&member_cid=' + [string] $Falcon.cid
}
$Request = Invoke-CsAPI @Param
# Save token and expiration time to $Falcon
if ($Request.access_token) {
$Falcon['expires'] = ((Get-Date).addSeconds($Request.expires_in))
$Falcon['token'] = [string] $Request.token_type + ' ' + [string] $Request.access_token
}
else {
# Erase $Falcon if token request fails
Remove-Variable -Name Falcon -Scope Global
# Output error
if ($Request.errors) {
$Request.errors
}
else {
$Request
}
}
}
}
function New-CsGroup {
<#
.SYNOPSIS
Create Host Groups by specifying details about the group to create
.PARAMETER RESOURCES
An array of Host Group properties
#>
[CmdletBinding()]
[OutputType([psobject])]
param(
[Parameter(Mandatory = $true)]
[array]
$Resources
)
process{
$Param = @{
Uri = 'https://api.crowdstrike.com/devices/entities/host-groups/v1'
Method = 'post'
Header = @{
accept = 'application/json'
'content-type' = 'application/json'
}
Body = @{ resources = $Resources } | ConvertTo-Json
}
switch ($PSBoundParameters.Keys) {
'Verbose' { $Param['Verbose'] = $true }
'Debug' { $Param['Debug'] = $true }
}
Invoke-CsAPI @Param
}
}
执行结果为:
0 */5 12 30 * ?
或以下cron表达式:
2020-09-30 12:00:00
2020-09-30 12:05:00
2020-09-30 12:10:00
2020-09-30 12:15:00
2020-09-30 12:20:00
2020-09-30 12:25:00
2020-09-30 12:30:00
2020-09-30 12:35:00
执行结果与0 0/5 12 30 * ?
相同。 0 */5 12 30 * ?和0 0/5 12 30 * ?有什么区别,我们应该使用哪一个?