Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
For information on using these queries in the Azure portal, see Log Analytics tutorial. For the REST API, see Query.
Malicious scan objects per storage account
Scan objects with malicious scan results group by storage account name.
StorageMalwareScanningResults
| where ScanResultType == "Malicious"
| summarize ScannedObjectUris = make_list(ScannedObjectUri), count() by StorageAccountName
Unsuccessful Scans
Unsuccessful scans grouped by verdict and error information with related scanned object uris list, containing failed scans and encrypted objects.
StorageMalwareScanningResults
| where ScanResultType in ("Error", "Not Scanned")
| summarize count(), BlobUris = make_list(BlobUri) by ScanResultType, ScanResultDetails