Skip to content

Commit

Permalink
Fix #20 - Bug rule hits by resource filter (#22)
Browse files Browse the repository at this point in the history
  • Loading branch information
@webtonize
webtonize authored Jan 6, 2024
1 parent b1e0a4b commit b0f7a04
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion src/bicep/modules/azdo-rule-hits-by-resource.bicep
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ var workbook = {
name: 'resourceName'
label: 'Resource Name'
type: 2
isRequired: true
multiSelect: true
quote: '\''
delimiter: ','
Expand Down Expand Up @@ -55,7 +56,7 @@ var workbook = {
type: 3
content: {
version: 'KqlItem/1.0'
query: '\r\nPSRule_CL\r\n| where TimeGenerated >= datetime_add(\'day\', -1, now()) and (TargetName_s in ({resourceName}) or \'All Resources\' == {resourceName})\r\n| extend a=parse_json(Annotations_s), f=parse_json(Field_s)\r\n| extend [\'Resource Id\']=f.id, Severity=a.severity, [\'Rule Help Url\']=a.[\'online version\'],Category=a.category\r\n| extend severity_level = case(\r\n Severity == "Informational" and Outcome_s == \'Fail\', 1,\r\n Severity == "Important" and Outcome_s == \'Fail\', 2,\r\n Severity == "Severe" and Outcome_s == \'Fail\', 3,\r\n Severity == "Critical" and Outcome_s == \'Fail\', 4,\r\n 0)\r\n| project [\'Resource FQN\']=TargetName_s,Rule=DisplayName_s,Outcome=Outcome_s,Severity,[\'Rule Help Url\'],severity_level\r\n| sort by severity_level desc'
query: 'PSRule_CL\r\n| where TimeGenerated >= datetime_add(\'day\', -1, now()) and (\'All Resources\' in ({resourceName}) or TargetName_s in ({resourceName}))\r\n| extend a=parse_json(Annotations_s), f=parse_json(Field_s)\r\n| extend [\'Resource Id\']=f.id, Severity=a.severity, [\'Rule Help Url\']=a.[\'online version\'],Category=a.category\r\n| extend severity_level = case(\r\n Severity == "Informational" and Outcome_s == \'Fail\', 1,\r\n Severity == "Important" and Outcome_s == \'Fail\', 2,\r\n Severity == "Severe" and Outcome_s == \'Fail\', 3,\r\n Severity == "Critical" and Outcome_s == \'Fail\', 4,\r\n 0)\r\n| project [\'Resource FQN\']=TargetName_s,Rule=DisplayName_s,Outcome=Outcome_s,Severity,[\'Rule Help Url\'],severity_level\r\n| sort by severity_level desc'
size: 0
timeContext: {
durationMs: 86400000
Expand Down

0 comments on commit b0f7a04

Please sign in to comment.