有关在 Azure 门户中使用这些查询的信息,请参阅 Log Analytics 教程。 有关 REST API,请参阅 查询。
在给定时间段内显示 Vnet 的所有建议规则
获取建议用于特定 vnet 的规则列表。
let targetResource = <vnetResourceId>
let flowStartTime = <startTime>
let flowEndTime = <endTime>
source
| where TargetResourceId contains targetResource
| where StartTime >= flowStartTime and EndTime <= flowEndTime
| where RuleScope == "Vnet"
| where SummarizationType == "Hourly"
| project
TimeGenerated = now(),
RecommendedRuleName = RecommendedRuleName,
SchemaVersion = SchemaVersion,
StartTime = StartTime,
EndTime = EndTime,
TargetResourceId = TargetResourceId,
TargetResourceIdsList = TargetResourceIdsList,
SrcSubscriptionId = SrcSubscriptionId,
DestSubscriptionId = DestSubscriptionId,
L4Protocol = L4Protocol,
PortCategory = PortCategory,
SrcPublicIpCidrs = SrcPublicIpCidrs,
DestPublicIpCidrs = DestPublicIpCidrs,
SrcServiceTagsList = SrcServiceTagsList,
DestServiceTagsList = DestServiceTagsList,
TotalFlowCount = TotalFlowCount,
DestPortsRanges = DestPortsRanges,
IpRegionDetails = IpRegionDetails,
IpUrls = IpUrls,
UnecryptedFlowDetails = UnecryptedFlowDetails,
RecommendedAction = RecommendedAction