针对 Azure 容器注册表的 Azure Resource Graph 示例查询
此页面是针对 Azure 容器注册表的 Azure Resource Graph 示例查询的集合。
示例查询
列出容器注册表漏洞评估结果
返回在容器映像上找到的所有漏洞。 若要查看这些安全检测结果,必须启用 Microsoft Defender for Containers。
SecurityResources
| where type == 'microsoft.security/assessments'
| where properties.displayName contains 'Container registry images should have vulnerability findings resolved'
| summarize by assessmentKey=name //the ID of the assessment
| join kind=inner (
securityresources
| where type == 'microsoft.security/assessments/subassessments'
| extend assessmentKey = extract('.*assessments/(.+?)/.*',1, id)
) on assessmentKey
| project assessmentKey, subassessmentKey=name, id, parse_json(properties), resourceGroup, subscriptionId, tenantId
| extend description = properties.description,
displayName = properties.displayName,
resourceId = properties.resourceDetails.id,
resourceSource = properties.resourceDetails.source,
category = properties.category,
severity = properties.status.severity,
code = properties.status.code,
timeGenerated = properties.timeGenerated,
remediation = properties.remediation,
impact = properties.impact,
vulnId = properties.id,
additionalData = properties.additionalData
az graph query -q "SecurityResources | where type == 'microsoft.security/assessments' | where properties.displayName contains 'Container registry images should have vulnerability findings resolved' | summarize by assessmentKey=name //the ID of the assessment | join kind=inner ( securityresources | where type == 'microsoft.security/assessments/subassessments' | extend assessmentKey = extract('.*assessments/(.+?)/.*',1, id) ) on assessmentKey | project assessmentKey, subassessmentKey=name, id, parse_json(properties), resourceGroup, subscriptionId, tenantId | extend description = properties.description, displayName = properties.displayName, resourceId = properties.resourceDetails.id, resourceSource = properties.resourceDetails.source, category = properties.category, severity = properties.status.severity, code = properties.status.code, timeGenerated = properties.timeGenerated, remediation = properties.remediation, impact = properties.impact, vulnId = properties.id, additionalData = properties.additionalData"