This post has been republished via RSS; it originally appeared at: New blog articles in Microsoft Tech Community.
With the new Azure Security Center's built-in vulnerability assessment solution (powered by Qualys), you can manage the deployment of the agent and the visualization of the results from a single dashboard. You can learn more about this integration and how it works by reading this article, and watch a quick demo available here.
The vulnerability assessment results that appear in the Azure Security Center dashboard, will look like this:
While this visualization is very helpful and dynamic, one question that comes up very often is: how can I export this assessment to a CSV file? The answer is: you can do that using Azure Resource Graph (ARG)! Follow the steps below to perform this task:
1. In the Azure Portal, go to Resource Graph Explorer as shown below:
2. Type the query below:
securityresources
| where type == "microsoft.security/assessments"
| where * contains "Remediate vulnerabilities found on your virtual machines (powered by Qualys)"
| summarize by assessmentKey=name //the ID of the assessment
| join kind=inner (
securityresources
| where type == "microsoft.security/assessments/subassessments"
| extend assessmentKey = extract(".*assessments/(.+?)/.*",1, id)
) on assessmentKey
| project assessmentKey, subassessmentKey=name, id, parse_json(properties), resourceGroup, subscriptionId, tenantId
| extend description = properties.description,
displayName = properties.displayName,
resourceId = properties.resourceDetails.id,
resourceSource = properties.resourceDetails.source,
category = properties.category,
severity = properties.status.severity,
code = properties.status.code,
timeGenerated = properties.timeGenerated,
remediation = properties.remediation,
impact = properties.impact,
vulnId = properties.id,
additionalData = properties.additionalData
3. Click Run Query button and you will see the result, similar to figure below:
4. Click Download as CSV button.
Now that you downloaded the CSV, you can open it and consume the data generated by the assessment.