Skip to content
This repository has been archived by the owner on May 7, 2024. It is now read-only.

VM queries added #61

Merged
merged 11 commits into from
Sep 14, 2023
1 change: 1 addition & 0 deletions docs/content/services/compute/virtual-machines/_index.md
Original file line number Diff line number Diff line change
Expand Up @@ -495,6 +495,7 @@ VM insights monitors the performance and health of your virtual machines and vir
**Resources**

- [Overview of VM insights](https://learn.microsoft.com/azure/azure-monitor/vm/vminsights-overview)
- [Did the extension install properly?](https://learn.microsoft.com/en-us/azure/azure-monitor/vm/vminsights-troubleshoot#did-the-extension-install-properly)

**Resource Graph Query/Scripts**

Expand Down
ReneHezser marked this conversation as resolved.
Show resolved Hide resolved
Original file line number Diff line number Diff line change
@@ -1,2 +1,7 @@
// Azure Resource Graph Query
// Under development
// Find all disks that are not encrypted
Resources
| where type == "microsoft.compute/disks"
| project "vm-19", diskName=name, encryptionType=properties.encryption.type, diskState=properties.diskState
| where encryptionType !in ("EncryptionAtRestWithCustomerKey", "EncryptionAtRestWithPlatformAndCustomerKeys", "EncryptionAtRestWithPlatformKey")
| order by diskName asc
ReneHezser marked this conversation as resolved.
Show resolved Hide resolved
Original file line number Diff line number Diff line change
@@ -1 +1,18 @@
under development
// Azure Resource Graph Query
// Find all VMs that do not have the VM Insights extension installed
Resources
| where type == 'microsoft.compute/virtualmachines'
| extend
JoinID = toupper(id),
Name = tostring(properties.osProfile.computerName),
OSType = tostring(properties.storageProfile.osDisk.osType)
| join kind=leftouter(
Resources
| where type == 'microsoft.compute/virtualmachines/extensions'
| extend
VMId = toupper(substring(id, 0, indexof(id, '/extensions'))),
ExtensionName = name
) on $left.JoinID == $right.VMId
| where ExtensionName !contains "MicrosoftMonitoringAgent" and ExtensionName !contains "Microsoft.Azure.Monitoring.DependencyAgent" and ExtensionName !contains "OMSAgentForLinux" and ExtensionName !contains "DependencyAgentLinux"
| summarize Extensions = make_list(ExtensionName) by "vm-20", id, Name, OSType
| order by tolower(Name) asc
ReneHezser marked this conversation as resolved.
Show resolved Hide resolved
Original file line number Diff line number Diff line change
@@ -1,4 +1,9 @@
// Azure Resource Graph Query
// Find all LoadBalancers which only have 1 backend pool defined
Resources
| where type =~ 'Microsoft.Network/loadBalancers'
| summarize count() by resourceGroup
| where count_ <= 1
| extend backendAddressPools = properties.backendAddressPools
| mv-expand backendAddressPool = backendAddressPools
| extend backendIPConfigurations = backendAddressPool.properties.backendIPConfigurations
| where array_length(backendIPConfigurations) < 2
| project "lb-2", name
3 changes: 2 additions & 1 deletion docs/content/services/storage/storage-Account/_index.md
ReneHezser marked this conversation as resolved.
Show resolved Hide resolved
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ The below table shows the list of resiliency recommendations for Storage Account
|[ST-5 - Enable soft delete for recovery of data](#st-5---enable-soft-delete-for-recovery-of-data) | Medium | Preview | No |
|[ST-6 - Enable version for accidental modification](#st-6---enable-version-for-accidental-modification) | Medium | Preview | No |
|[ST-7 - Enable point and time restore for containers for recovery](#st-7---enable-point-and-time-restore-for-containers-for-recovery) | Low | Preview | No |
|[ST-8 - Keep fewer than 1000 versions per blob](#st-8---keep-fewer-than-1000-versions-per-blob) | Low | Preview | No |
|[ST-9 - Configure Diagnostic Settings for all Azure Resources](#st-9---configure-diagnostic-settings-for-all-azure-resources) | Low | Preview | No |

{{< /table >}}
Expand Down Expand Up @@ -197,7 +198,7 @@ Point and time restore support general purpose v2 account in standard performanc

<br><br>


### ST-8 - Keep fewer than 1000 versions per blob

**Impact: Low**

Expand Down
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
"resources
// Azure Resource Graph Query
// Find all Azure classic Storage Account
resources
| where type =~ 'microsoft.classicstorage/storageaccounts'
| project recommendationId = 'st-2', name, id, type"
| project recommendationId = 'st-2', name, id, type
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
Resources | where type =~'microsoft.storage/storageaccounts'
// Azure Resource Graph Query
// Find all Azure Storage Accounts, that do not have an access tier set
Resources
| where type =~'microsoft.storage/storageaccounts'
| where isnull(properties.accessTier)
| project recommendationId = 'st-3', name, id, accessTier="not defined - GeneralPurpose V1
| project recommendationId = 'st-3', name, id, accessTier="not defined - GeneralPurpose V1"
Loading