steampipe plugin install azure

Table: azure_security_center_setting - Query Azure Security Center Settings using SQL

Azure Security Center is a unified infrastructure security management system that strengthens the security posture of data centers and provides advanced threat protection across hybrid workloads in the cloud. It provides a centralized way to monitor and respond to security issues across your Azure resources, including virtual machines, databases, web applications, and more. Azure Security Center helps you stay informed about the security status and take appropriate actions when predefined conditions are met.

Table Usage Guide

The azure_security_center_setting table provides insights into settings within Azure Security Center. As a Security Analyst, explore setting-specific details through this table, including configurations, contact details, and auto provisioning settings. Utilize it to uncover information about settings, such as those with auto provisioning enabled, the contact details for security notifications, and the verification of security configurations.

Examples

Basic info

Discover the segments that are enabled in the Azure Security Center. This query is useful for quickly assessing the active areas of your security configuration.

select
id,
name,
enabled
from
azure_security_center_setting;
select
id,
name,
enabled
from
azure_security_center_setting;

List the enabled settings for security center

Explore which security settings are currently activated in the Azure Security Center to ensure your system is adequately protected and compliant with security protocols. This is useful for maintaining a secure environment and identifying any potential gaps in your security configuration.

select
id,
name,
type
from
azure_security_center_setting
where
enabled;
select
id,
name,
type
from
azure_security_center_setting
where
enabled = 1;

Control examples

Schema for azure_security_center_setting

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
cloud_environmenttextThe Azure Cloud Environment.
enabledbooleanCheck if the setting is enabled.
idtextThe resource id.
kindtextThe kind of the setting.
nametext=The resource name.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
subscription_idtext=, !=, ~~, ~~*, !~~, !~~*The Azure Subscription ID in which the resource is located.
titletextTitle of the resource.
typetextThe resource type.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- azure

You can pass the configuration to the command with the --config argument:

steampipe_export_azure --config '<your_config>' azure_security_center_setting