az security va sql baseline
View and manage Sql Vulnerability Assessment baseline.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az security va sql baseline delete |
Delete Sql Vulnerability Assessment rule baseline. |
Core | GA |
| az security va sql baseline list |
View Sql Vulnerability Assessment baseline for all rules. |
Core | GA |
| az security va sql baseline set |
Sets Sql Vulnerability Assessment baseline. Replaces the current baseline. |
Core | GA |
| az security va sql baseline show |
View Sql Vulnerability Assessment rule baseline. |
Core | GA |
| az security va sql baseline update |
Update Sql Vulnerability Assessment rule baseline. Replaces the current rule baseline. |
Core | GA |
az security va sql baseline delete
Delete Sql Vulnerability Assessment rule baseline.
az security va sql baseline delete --database-name
--rule-id
--server-name
--vm-resource-id
--workspace-id
[--agent-id]
[--vm-name]
[--vm-uuid]Examples
Delete Sql Vulnerability Assessment rule baseline on an Azure virtual machine.
az security va sql baseline delete --vm-resource-id subscriptions/MySubscription/ResourceGroups/MyResourceGroup/Providers/Microsoft.Compute/VirtualMachines/MyVmName --workspace-id 00000000-0000-0000-0000-000000000000 --server-name MyServerName --database-name MyDbName --rule-id VA9999Delete Sql Vulnerability Assessment rule baseline on an On-Premise machine.
az security va sql baseline delete --vm-resource-id subscriptions/MySubscription/ResourceGroups/MyResourceGroup/Providers/Microsoft.OperationalInsights/Workspaces/MyWorkspaceName --workspace-id 00000000-0000-0000-0000-000000000000 --server-name MyServerName --database-name MyDbName --vm-name MyVmName --agent-id MyAgentId --vm-uuid MyVmUUID --rule-id VA9999Required Parameters
The name of the scanned database.
The ID of the scanned rule. Format: "VAXXXX", where XXXX indicates the number of the rule.
The name of the scanned server.
Resource ID of the scanned machine. For On-Premise machines, please provide your workspace resource ID.
The ID of the workspace connected to the scanned machine.
Optional Parameters
Provide the ID of the agent on the scanned machine, for On-Premise resources only.
Provide the name of the machine, for On-Premise resources only.
Provide the UUID of the scanned machine, for On-Premise resources only.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az security va sql baseline list
View Sql Vulnerability Assessment baseline for all rules.
az security va sql baseline list --database-name
--server-name
--vm-resource-id
--workspace-id
[--agent-id]
[--vm-name]
[--vm-uuid]Examples
View Sql Vulnerability Assessment baseline for all rules on an Azure virtual machine.
az security va sql baseline list --vm-resource-id subscriptions/MySubscription/ResourceGroups/MyResourceGroup/Providers/Microsoft.Compute/VirtualMachines/MyVmName --workspace-id 00000000-0000-0000-0000-000000000000 --server-name MyServerName --database-name MyDbNameView Sql Vulnerability Assessment baseline for all rules on an On-Premise machine.
az security va sql baseline list --vm-resource-id subscriptions/MySubscription/ResourceGroups/MyResourceGroup/Providers/Microsoft.OperationalInsights/Workspaces/MyWorkspaceName --workspace-id 00000000-0000-0000-0000-000000000000 --server-name MyServerName --database-name MyDbName --vm-name MyVmName --agent-id MyAgentId --vm-uuid MyVmUUIDRequired Parameters
The name of the scanned database.
The name of the scanned server.
Resource ID of the scanned machine. For On-Premise machines, please provide your workspace resource ID.
The ID of the workspace connected to the scanned machine.
Optional Parameters
Provide the ID of the agent on the scanned machine, for On-Premise resources only.
Provide the name of the machine, for On-Premise resources only.
Provide the UUID of the scanned machine, for On-Premise resources only.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az security va sql baseline set
Sets Sql Vulnerability Assessment baseline. Replaces the current baseline.
az security va sql baseline set --database-name
--server-name
--vm-resource-id
--workspace-id
[--agent-id]
[--baseline]
[--latest {false, true}]
[--vm-name]
[--vm-uuid]Examples
Sets Sql Vulnerability Assessment baseline on an Azure virtual machine. Replaces the current baseline with latest scan results.
az security va sql baseline set --vm-resource-id subscriptions/MySubscription/ResourceGroups/MyResourceGroup/Providers/Microsoft.Compute/VirtualMachines/MyVmName --workspace-id 00000000-0000-0000-0000-000000000000 --server-name MyServerName --database-name MyDbName --latestSets Sql Vulnerability Assessment baseline on an Azure virtual machine. Replaces the current baseline with provided results.
az security va sql baseline set --vm-resource-id subscriptions/MySubscription/ResourceGroups/MyResourceGroup/Providers/Microsoft.Compute/VirtualMachines/MyVmName --workspace-id 00000000-0000-0000-0000-000000000000 --server-name MyServerName --database-name MyDbName --baseline rule=VA9999 Line1_col1 Line1_col2 Line1_col3 --baseline rule=VA8888 Line1_col1 Line1_col2 --baseline rule=VA9999 Line2_col1 Line2_col2 Line2_col3Sets Sql Vulnerability Assessment baseline on an On-Premise machine. Replaces the current baseline with latest scan results.
az security va sql baseline set --vm-resource-id subscriptions/MySubscription/ResourceGroups/MyResourceGroup/Providers/Microsoft.OperationalInsights/Workspaces/MyWorkspaceName --workspace-id 00000000-0000-0000-0000-000000000000 --server-name MyServerName --database-name MyDbName --vm-name MyVmName --agent-id MyAgentId --vm-uuid MyVmUUID --latestSets Sql Vulnerability Assessment baseline on an On-Premise machine. Replaces the current baseline with provided results.
az security va sql baseline set --vm-resource-id subscriptions/MySubscription/ResourceGroups/MyResourceGroup/Providers/Microsoft.OperationalInsights/Workspaces/MyWorkspaceName --workspace-id 00000000-0000-0000-0000-000000000000 --server-name MyServerName --database-name MyDbName --vm-name MyVmName --agent-id MyAgentId --vm-uuid MyVmUUID --baseline rule=VA9999 Line1_col1 Line1_col2 Line1_col3 --baseline rule=VA8888 Line1_col1 Line1_col2 --baseline rule=VA9999 Line2_col1 Line2_col2 Line2_col3Required Parameters
The name of the scanned database.
The name of the scanned server.
Resource ID of the scanned machine. For On-Premise machines, please provide your workspace resource ID.
The ID of the workspace connected to the scanned machine.
Optional Parameters
Provide the ID of the agent on the scanned machine, for On-Premise resources only.
Baseline records to be set. The following example will set a baseline for two rules: --baseline rule=VA1111 line1_w1 line1_w2 --baseline rule=VA2222 line1_w1 line1_w2 line1_w3 --baseline rule=VA1111 line2_w1 line2_w2.
Use this argument without parameters to set baseline upon latest scan results.
Provide the name of the machine, for On-Premise resources only.
Provide the UUID of the scanned machine, for On-Premise resources only.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az security va sql baseline show
View Sql Vulnerability Assessment rule baseline.
az security va sql baseline show --database-name
--rule-id
--server-name
--vm-resource-id
--workspace-id
[--agent-id]
[--vm-name]
[--vm-uuid]Examples
View Sql Vulnerability Assessment rule baseline on an Azure virtual machine.
az security va sql baseline show --vm-resource-id subscriptions/MySubscription/ResourceGroups/MyResourceGroup/Providers/Microsoft.Compute/VirtualMachines/MyVmName --workspace-id 00000000-0000-0000-0000-000000000000 --server-name MyServerName --database-name MyDbName --rule-id VA9999View Sql Vulnerability Assessment rule baseline on an On-Premise machine.
az security va sql baseline show --vm-resource-id subscriptions/MySubscription/ResourceGroups/MyResourceGroup/Providers/Microsoft.OperationalInsights/Workspaces/MyWorkspaceName --workspace-id 00000000-0000-0000-0000-000000000000 --server-name MyServerName --database-name MyDbName --vm-name MyVmName --agent-id MyAgentId --vm-uuid MyVmUUID --rule-id VA9999Required Parameters
The name of the scanned database.
The ID of the scanned rule. Format: "VAXXXX", where XXXX indicates the number of the rule.
The name of the scanned server.
Resource ID of the scanned machine. For On-Premise machines, please provide your workspace resource ID.
The ID of the workspace connected to the scanned machine.
Optional Parameters
Provide the ID of the agent on the scanned machine, for On-Premise resources only.
Provide the name of the machine, for On-Premise resources only.
Provide the UUID of the scanned machine, for On-Premise resources only.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az security va sql baseline update
Update Sql Vulnerability Assessment rule baseline. Replaces the current rule baseline.
az security va sql baseline update --database-name
--rule-id
--server-name
--vm-resource-id
--workspace-id
[--agent-id]
[--baseline]
[--latest {false, true}]
[--vm-name]
[--vm-uuid]Examples
Update Sql Vulnerability Assessment rule baseline on an Azure virtual machine. Replaces the current rule baseline with latest scan results.
az security va sql baseline update --vm-resource-id subscriptions/MySubscription/ResourceGroups/MyResourceGroup/Providers/Microsoft.Compute/VirtualMachines/MyVmName --workspace-id 00000000-0000-0000-0000-000000000000 --server-name MyServerName --database-name MyDbName --rule-id VA9999 --latestUpdate Sql Vulnerability Assessment rule baseline on an Azure virtual machine. Replaces the current rule baseline with provided results.
az security va sql baseline update --vm-resource-id subscriptions/MySubscription/ResourceGroups/MyResourceGroup/Providers/Microsoft.Compute/VirtualMachines/MyVmName --workspace-id 00000000-0000-0000-0000-000000000000 --server-name MyServerName --database-name MyDbName --rule-id VA9999 --baseline Line1_Col1 Line1_Col2 --baseline Line2_Col1 Line2_Col2Update Sql Vulnerability Assessment rule baseline on an On-Premise machine. Replaces the current rule baseline with latest scan results.
az security va sql baseline update --vm-resource-id subscriptions/MySubscription/ResourceGroups/MyResourceGroup/Providers/Microsoft.OperationalInsights/Workspaces/MyWorkspaceName --workspace-id 00000000-0000-0000-0000-000000000000 --server-name MyServerName --database-name MyDbName --vm-name MyVmName --agent-id MyAgentId --vm-uuid MyVmUUID --rule-id VA9999 --latestUpdate Sql Vulnerability Assessment rule baseline on an On-Premise machine. Replaces the current rule baseline with provided results.
az security va sql baseline update --vm-resource-id subscriptions/MySubscription/ResourceGroups/MyResourceGroup/Providers/Microsoft.OperationalInsights/Workspaces/MyWorkspaceName --workspace-id 00000000-0000-0000-0000-000000000000 --server-name MyServerName --database-name MyDbName --vm-name MyVmName --agent-id MyAgentId --vm-uuid MyVmUUID --rule-id VA9999 --baseline Line1_Col1 Line1_Col2 --baseline Line2_Col1 Line2_Col2Required Parameters
The name of the scanned database.
The ID of the scanned rule. Format: "VAXXXX", where XXXX indicates the number of the rule.
The name of the scanned server.
Resource ID of the scanned machine. For On-Premise machines, please provide your workspace resource ID.
The ID of the workspace connected to the scanned machine.
Optional Parameters
Provide the ID of the agent on the scanned machine, for On-Premise resources only.
Baseline records to be set. The following example will set a baseline with two records: --baseline line1_w1 line1_w2 line1_w3 --baseline line2_w1 line2_w2 line2_w3.
Use this argument without parameters to set baseline upon latest scan results.
Provide the name of the machine, for On-Premise resources only.
Provide the UUID of the scanned machine, for On-Premise resources only.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
