Share via


Export-SqlVulnerabilityAssessmentScan

Exports a Vulnerability Assessment scan to a file.

Syntax

Export-SqlVulnerabilityAssessmentScan
      -ScanResult <ScanResult>
      -FolderPath <String>
      [-Force]
      [<CommonParameters>]

Description

The Export-SqlVulnerabilityAssessmentScan cmdlet exports a Vulnerability Assessment scan to a file. Currently the command supports exporting a scan to Excel (.xlsx) file format only.

Module requirements: version 21+ on PowerShell 5.1; version 22+ on PowerShell 7.x.

This cmdlet was removed in v22.3+ of the module.

Examples

Example 1: Export a Vulnerability Assessment scan to Excel file

PS C:\> $scanResult = Invoke-SqlVulnerabilityAssessmentScan -ServerInstance "MyComputer\MainInstance" -Database some_database
PS C:\> $scanResult | Export-SqlVulnerabilityAssessmentScan -FolderPath "ScanResult.xlsx"

In this example, we invoke a Vulnerability Assessment scan on a database then export it to an Excel file.

Example 2: Iterate over databases on some servers and export VA scans to Excel files

PS C:\> @('localhost\SQL2016', 'localhost\SQL2017') | 
  Get-SqlDatabase |
  Where-Object { $_.Name -like 'keep_*' } |
  ForEach-Object  {
    Invoke-SqlVulnerabilityAssessmentScan -ServerInstance $_.Parent -Database $_.Name | 
    Export-SqlVulnerabilityAssessmentScan -FolderPath "$($env:TEMP)\$(($_.Parent).Name -replace '\\', '_' )_$($_.Name)_ScanResult.xlsx"
  }

PS C:\> dir "$env:TEMP\*_ScanResult.xlsx"

    Directory: C:\Users\someuser\AppData\Local\Temp

Mode                LastWriteTime         Length Name
----                -------------         ------ ----
-a----        10/6/2018   1:19 AM          80050 SQL2016_keep_MDW_ScanResult.xlsx
-a----        10/6/2018   1:19 AM          80355 SQL2017_keep_MyDB_ScanResult.xlsx
-a----        10/6/2018   1:19 AM          79416 SQL2017_Keep_WideWorldImporters_ScanResult.xlsx

In this example, we show a simple way to quickly scan databases on a set of SQL Servers (in this case, 2 instances running on the local machine). The list of databases is filtered on the name, so only the ones whose names start with "keep_" are scanned). The results are stored under the TEMP folder in Excel files with a name that identifies the server and the databases the scan referred to.

Parameters

-FolderPath

Where the exported file will be saved

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-Force

Whether to force overwrite of the file if it already exists. If this parameter is not present, you will be prompted before the operation continues.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ScanResult

The Vulnerability Assessment scan result to export. The scan result must contain the relevant security checks' metadata.

Type:ScanResult
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

Inputs

Microsoft.SqlServer.VulnerabilityAssessment.ScanResult

Outputs

System.Object