Get-AzSecuritySqlVulnerabilityAssessmentBaseline

Get SQL vulnerability assessment baseline.

Syntax

Get-AzSecuritySqlVulnerabilityAssessmentBaseline
   [-RuleId <String>]
   -ResourceId <String>
   -WorkspaceId <String>
   -Server <String>
   -Database <String>
   [-DefaultProfile <IAzureContextContainer>]
   [<CommonParameters>]
Get-AzSecuritySqlVulnerabilityAssessmentBaseline
   [-RuleId <String>]
   -WorkspaceId <String>
   -Server <String>
   -Database <String>
   -ComputerName <String>
   -VmUuid <String>
   -AgentId <String>
   -WorkspaceResourceId <String>
   [-DefaultProfile <IAzureContextContainer>]
   [<CommonParameters>]

Description

Get SQL vulnerability assessment baseline.

Examples

Example 1: Get baseline on a specific rule using resource id paramaters

Get-AzSecuritySqlVulnerabilityAssessmentBaseline -ResourceId /subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace/onPremiseMachines/ahabas-dev01.middleeast.corp.microsoft.com_49640166-652f-4ee6-b48b-cfb840b8afe2_4c4c4544-0030-4b10-8039-b8c04f4a3332 -WorkspaceId  ba7c9d0e-a6e3-4997-b575-cf7a18a98a49 -Server AHABASDEV01SRV -Database master -RuleId "VA2108"

Results                                  WorkSpaceId
-------                                  -----------
{VA2108 => [[dbo, db_owner1, SQL_USER]]} ba7c9d0e-a6e3-4997-b575-cf7a18a98a49

Example of using resource id parameters. Supported resources are:

  • ARC: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.HybridCompute/machines/{machineName}
  • VM: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/virtualMachines/{machineName}
  • On-Premise: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/microsoft.operationalinsights/workspaces/{workspaceName}/onPremiseMachines/{machineName}

Example 2: Get baseline on a specific rule using on premise paramaters

Get-AzSecuritySqlVulnerabilityAssessmentBaseline -WorkspaceResourceId /subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace -ComputerName ahabas-dev01.middleeast.corp.microsoft.com -AgentId 49640166-652f-4ee6-b48b-cfb840b8afe2 -VmUuid 4c4c4544-0030-4b10-8039-b8c04f4a3332 -WorkspaceId  ba7c9d0e-a6e3-4997-b575-cf7a18a98a49 -Server AHABASDEV01SRV -Database master -RuleId "VA2108"

Results                                  WorkSpaceId
-------                                  -----------
{VA2108 => [[dbo, db_owner1, SQL_USER]]} ba7c9d0e-a6e3-4997-b575-cf7a18a98a49

Example of using on premise parameters.

Example 3: Get all baselines on a SQL Database

Get-AzSecuritySqlVulnerabilityAssessmentBaseline -WorkspaceResourceId /subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace -ComputerName ahabas-dev01.middleeast.corp.microsoft.com -AgentId 49640166-652f-4ee6-b48b-cfb840b8afe2 -VmUuid 4c4c4544-0030-4b10-8039-b8c04f4a3332 -WorkspaceId  ba7c9d0e-a6e3-4997-b575-cf7a18a98a49 -Server AHABASDEV01SRV -Database master

Results                                                                WorkSpaceId
-------                                                                -----------
{VA1017 => [], VA1018 => [[True]], VA1020 => [], VA1022 => [[False]]…} ba7c9d0e-a6e3-4997-b575-cf7a18a98a49

In this example a rule id is not specified, it returns all the baselines for that database.

Parameters

-AgentId

Agent ID - on premise parameter

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-ComputerName

Computer full name - on premise parameter

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-Database

Database name

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Type:IAzureContextContainer
Aliases:AzContext, AzureRmContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ResourceId

ID of the security resource that you want to invoke the command on. Supported resources are:

  • ARC: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.HybridCompute/machines/{machineName}
  • VM: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/virtualMachines/{machineName}
  • On-Premise: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/microsoft.operationalinsights/workspaces/{workspaceName}/onPremiseMachines/{machineName}
Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-RuleId

Vulnerability assessment rule ID

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Server

Server name

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-VmUuid

Virtual machine universal unique identifier - on premise parameter

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-WorkspaceId

Workspace ID.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-WorkspaceResourceId

Workspace resource ID - on premise parameter

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

Inputs

None

Outputs

PSSqlVulnerabilityAssessmentBaselineResults