Exporting Vulnerability Assessment Results in Azure Security Center

This post has been republished via RSS; it originally appeared at: New blog articles in Microsoft Tech Community.

With the new Azure Security Center's built-in vulnerability assessment solution (powered by Qualys), you can manage the deployment of the agent and the visualization of the results from a single dashboard. You can learn more about this integration and how it works by reading this article, and watch a quick demo available here.

The vulnerability assessment results that appear in the Azure Security Center dashboard, will look like this:




While this visualization is very helpful and dynamic, one question that comes up very often is: how can I export this assessment to a CSV file? The answer is: you can do that using Azure Resource Graph (ARG)! Follow the steps below to perform this task:


1. In the Azure Portal, go to Resource Graph Explorer as shown below:




2. Type the query below:



 | where type == "microsoft.security/assessments"

 | where * contains "Remediate vulnerabilities found on your virtual machines (powered by Qualys)"

 | summarize by assessmentKey=name //the ID of the assessment

 | join kind=inner (


     | where type == "microsoft.security/assessments/subassessments"

     | extend assessmentKey = extract(".*assessments/(.+?)/.*",1,  id)

 ) on assessmentKey

| project assessmentKey, subassessmentKey=name, id, parse_json(properties), resourceGroup, subscriptionId, tenantId

| extend description = properties.description,

         displayName = properties.displayName,

         resourceId = properties.resourceDetails.id,

         resourceSource = properties.resourceDetails.source,

         category = properties.category,

         severity = properties.status.severity,

         code = properties.status.code,

         timeGenerated = properties.timeGenerated,

         remediation = properties.remediation,

         impact = properties.impact,

         vulnId = properties.id,

         additionalData = properties.additionalData


3. Click Run Query button and you will see the result, similar to figure below:




4. Click Download as CSV button.


Now that you downloaded the CSV, you can open it and consume the data generated by the assessment.


REMEMBER: these articles are REPUBLISHED. Your best bet to get a reply is to follow the link at the top of the post to the ORIGINAL post! BUT you're more than welcome to start discussions here:

This site uses Akismet to reduce spam. Learn how your comment data is processed.