Skip to content

Redundant and exsessive data in JSON output file when using "group-members" flag #69

Closed
@TasteOfSpaghetti

Description

@TasteOfSpaghetti

Hi,

When running AzureHound with the "group-members" flag, it appears that the JSON file contains a whole lot of irrelevant data. This is an issue in large environments. The size of the JSON file can grow to multiple gigabytes, which then cannot be ingested into BHCE due to the size limit (around 400MB from my testing). Using Chophound to cut the file into smaller pieces might do the trick, but even some single group nodes within the JSON are above 400MB which is above the BHCE upload limit for a given file. This results in data ingestion not being possible.

Looking through the JSON file, it appears that attributes on each of the group members like:

assignedLicenses
assignedPlans
provisionedPlans

Take up a large portion of the file.

Additionally, attributes like:

country
department
faxNumber

And a whole lot more, is present in the data for each group member.

I do not see why this data is part of the "group-members" ingestion.

I would think that 95% of the data collected can be removed.

In my mind, only the raw membership data should be included, as in:

groupId (Group ID)
memberId (ID of the groups or users that are members of said group)

All the other data for the groups and users themselves, should not be included in this data collection type.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions