cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

ASC using Azure Resource Graph Explorer

Bob_Toler
Copper Contributor

‎Oct 12 2020 06:56 AM - last edited on ‎Nov 29 2021 11:43 AM by

‎Oct 12 2020 06:56 AM - last edited on ‎Nov 29 2021 11:43 AM by

ASC using Azure Resource Graph Explorer

I am new to using ASC and looking around to get help using resource graph explorer.  I have reviewed this link:  (https://github.com/Azure/Azure-Security-Center/tree/master/ARG%20queries/Starter%20Kit%20-%20ASC%20R...) on getting some information setup on a dashboard for easier viewing.  As I said, still learning this and I am surely missing something simple I gather to build a dashboard to look like this (see image).  I know that I need to keep tweaking the query to display the right information, but what I have not been able to "stumble across" is a way to view the data from a dashboard that lists all the vulnerability findings to dig into?  The only way I have been able to gather this information is by going into each resource (ie. VMs) and viewing this under security checks or using the Recommendations section and navigating into the same information, using a different path.

 

What I was hoping to do is find a way to list the vulnerabilities found and export those into CSV, as that is the only way to truly breakdown the findings in ASC, which is a lot of manual work.  Just making sure I am looking at this correctly, since I am still new to this and trying to find a few ways to get to the information a bit easier/faster.

 

Thank you,

-Bob

Preview file
309 KB
2,057 Views
0 Likes
1 Reply
Reply
1 Reply
Bob_Toler

‎Oct 15 2020 07:39 AM

‎Oct 15 2020 07:39 AM

Re: ASC using Azure Resource Graph Explorer

@Bob_Toler Just wanted to provide an update on this subject.  I was able to get at least one graph working to show the severity counts, which is a good start.  I am unable to get a list of the resources listed showing the count for that, which is a great next step.  The best option here is to show each resource with the severity counts associated to that single resource.

 

Since I am still new to using ARG to help get that information and then posted as a Dashboard view is the goal for me right now.  Any help on achieving this would be greatly appreciated, if you have the time to review where I am at today.

 

Thank you,

-Bob

Preview file
10 KB
0 Likes
Reply