Sql Vulnerability Assessment Scan Results - List

Tjänst:

Defender for Cloud

API-version:

2023-02-01-preview

Hämtar en lista över genomsökningsresultat för en enda genomsökningspost.

GET https://management.azure.com/{resourceId}/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/{scanId}/scanResults?workspaceId={workspaceId}&api-version=2023-02-01-preview

URI-parametrar

Name	I	Obligatorisk	Typ	Description
resourceId	path	True	string	Resursens identifierare.
scanId	path	True	string	Genomsöknings-ID:t. Skriv "senaste" för att hämta genomsökningsresultatet för den senaste genomsökningen.
api-version	query	True	string	API-versionen.
workspaceId	query	True	string	Arbetsytans ID.

Svar

Name	Typ	Description
200 OK	ScanResults	Returnerar listan över genomsökningsresultat.
Other Status Codes	CloudError	Felsvar som beskriver varför åtgärden misslyckades.

Säkerhet

azure_auth

Azure Active Directory OAuth2 Flow

Typ: oauth2
Flow: implicit
Auktoriseringswebbadress: https://login.microsoftonline.com/common/oauth2/authorize

Omfattningar

Name	Description
user_impersonation	personifiera ditt användarkonto

Exempel

List scan results

List scan results of the latest scan

List scan results

Exempelbegäran

HTTP

GET https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/Scheduled-20200623/scanResults?workspaceId=55555555-6666-7777-8888-999999999999&api-version=2023-02-01-preview

Java

/**
 * Samples for SqlVulnerabilityAssessmentScanResults List.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/examples/
     * sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_List.json
     */
    /**
     * Sample code: List scan results.
     * 
     * @param manager Entry point to SecurityManager.
     */
    public static void listScanResults(com.azure.resourcemanager.security.SecurityManager manager) {
        manager.sqlVulnerabilityAssessmentScanResults().listWithResponse("Scheduled-20200623",
            "55555555-6666-7777-8888-999999999999",
            "subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master",
            com.azure.core.util.Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Go

package armsecurity_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/examples/sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_List.json
func ExampleSQLVulnerabilityAssessmentScanResultsClient_List_listScanResults() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	res, err := clientFactory.NewSQLVulnerabilityAssessmentScanResultsClient().List(ctx, "Scheduled-20200623", "55555555-6666-7777-8888-999999999999", "subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master", nil)
	if err != nil {
		log.Fatalf("failed to finish the request: %v", err)
	}
	// You could use response here. We use blank identifier for just demo purposes.
	_ = res
	// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
	// res.ScanResults = armsecurity.ScanResults{
	// 	Value: []*armsecurity.ScanResult{
	// 		{
	// 			Name: to.Ptr("VA2062"),
	// 			Type: to.Ptr("Microsoft.Security/sqlVulnerabilityAssessments/scans/scanResults"),
	// 			ID: to.Ptr("/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/Scheduled-20200623/scanResults/VA2062"),
	// 			Properties: &armsecurity.ScanResultProperties{
	// 				IsTrimmed: to.Ptr(false),
	// 				QueryResults: [][]*string{
	// 				},
	// 				Remediation: &armsecurity.Remediation{
	// 					Description: to.Ptr("Remove database firewall rules that grant excessive access"),
	// 					Automated: to.Ptr(false),
	// 					PortalLink: to.Ptr(""),
	// 					Scripts: []*string{
	// 					},
	// 				},
	// 				RuleID: to.Ptr("VA2062"),
	// 				RuleMetadata: &armsecurity.VaRule{
	// 					Description: to.Ptr("The Azure SQL Database-level firewall helps protect your data by preventing all access to your database until you specify which IP addresses have permission. Database-level firewall rules grant access to the specific database based on the originating IP address of each request.\n\nDatabase-level firewall rules for master and user databases can only be created and managed through Transact-SQL (unlike server-level firewall rules which can also be created and managed using the Azure portal or PowerShell). For more details please see: https://docs.microsoft.com/en-us/azure/sql-database/sql-database-firewall-configure\n\nThis check verifies that database-level firewall rules do not grant excessive access."),
	// 					BenchmarkReferences: []*armsecurity.BenchmarkReference{
	// 					},
	// 					Category: to.Ptr("SurfaceAreaReduction"),
	// 					QueryCheck: &armsecurity.QueryCheck{
	// 						ColumnNames: []*string{
	// 							to.Ptr("Firewall Rule Name"),
	// 							to.Ptr("Start Address"),
	// 							to.Ptr("End Address")},
	// 							ExpectedResult: [][]*string{
	// 							},
	// 							Query: to.Ptr("SELECT name\n    ,start_ip_address\n    ,end_ip_address\nFROM sys.database_firewall_rules\nWHERE ( \n        (CONVERT(bigint, parsename(end_ip_address, 1)) +\n         CONVERT(bigint, parsename(end_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(end_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(end_ip_address, 4)) * 16777216 ) \n        - \n        (CONVERT(bigint, parsename(start_ip_address, 1)) +\n         CONVERT(bigint, parsename(start_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(start_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(start_ip_address, 4)) * 16777216 )\n      ) > 255;"),
	// 						},
	// 						Rationale: to.Ptr("Often, administrators add rules that grant excessive access as part of a troubleshooting process - to eliminate the firewall as the source of a problem, they simply create a rule that allows all traffic to pass to the affected database.\n\nGranting excessive access using database firewall rules is a clear security concern, as it violates the principle of least privilege by allowing unnecessary access to your database. In fact, it's the equivalent of placing the database outside of the firewall."),
	// 						RuleID: to.Ptr("VA2062"),
	// 						RuleType: to.Ptr(armsecurity.RuleTypeNegativeList),
	// 						Severity: to.Ptr(armsecurity.RuleSeverityHigh),
	// 						Title: to.Ptr("Database-level firewall rules should not grant excessive access"),
	// 					},
	// 					Status: to.Ptr(armsecurity.RuleStatusNonFinding),
	// 				},
	// 			},
	// 			{
	// 				Name: to.Ptr("VA2063"),
	// 				Type: to.Ptr("Microsoft.Security/sqlVulnerabilityAssessments/scans/scanResults"),
	// 				ID: to.Ptr("/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/Scheduled-20200623/scanResults/VA2063"),
	// 				Properties: &armsecurity.ScanResultProperties{
	// 					BaselineAdjustedResult: &armsecurity.BaselineAdjustedResult{
	// 						Baseline: &armsecurity.Baseline{
	// 							ExpectedResults: [][]*string{
	// 								[]*string{
	// 									to.Ptr("Test"),
	// 									to.Ptr("0.0.0.0"),
	// 									to.Ptr("125.125.125.125")}},
	// 									UpdatedTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-02-04T12:49:41.027Z"); return t}()),
	// 								},
	// 								ResultsNotInBaseline: [][]*string{
	// 								},
	// 								ResultsOnlyInBaseline: [][]*string{
	// 								},
	// 								Status: to.Ptr(armsecurity.RuleStatusNonFinding),
	// 							},
	// 							IsTrimmed: to.Ptr(false),
	// 							QueryResults: [][]*string{
	// 								[]*string{
	// 									to.Ptr("Test"),
	// 									to.Ptr("0.0.0.0"),
	// 									to.Ptr("125.125.125.125")}},
	// 									Remediation: &armsecurity.Remediation{
	// 										Description: to.Ptr("Remove server firewall rules that grant excessive access"),
	// 										Automated: to.Ptr(false),
	// 										PortalLink: to.Ptr("ReviewServerFirewallRules"),
	// 										Scripts: []*string{
	// 											to.Ptr("EXECUTE sp_delete_firewall_rule N'Test';")},
	// 										},
	// 										RuleID: to.Ptr("VA2063"),
	// 										RuleMetadata: &armsecurity.VaRule{
	// 											Description: to.Ptr("The Azure SQL server-level firewall helps protect your server by preventing all access to your databases until you specify which IP addresses have permission. Server-level firewall rules grant access to all databases that belong to the server based on the originating IP address of each request.\n\nServer-level firewall rules can only be created and managed through Transact-SQL as well as through the Azure portal or PowerShell. For more details please see: https://docs.microsoft.com/en-us/azure/sql-database/sql-database-firewall-configure\n\nThis check verifies that server-level firewall rules do not grant excessive access."),
	// 											BenchmarkReferences: []*armsecurity.BenchmarkReference{
	// 											},
	// 											Category: to.Ptr("SurfaceAreaReduction"),
	// 											QueryCheck: &armsecurity.QueryCheck{
	// 												ColumnNames: []*string{
	// 													to.Ptr("Firewall Rule Name"),
	// 													to.Ptr("Start Address"),
	// 													to.Ptr("End Address")},
	// 													ExpectedResult: [][]*string{
	// 													},
	// 													Query: to.Ptr("SELECT name\n    ,start_ip_address\n    ,end_ip_address\nFROM sys.firewall_rules\nWHERE ( \n        (CONVERT(bigint, parsename(end_ip_address, 1)) +\n         CONVERT(bigint, parsename(end_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(end_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(end_ip_address, 4)) * 16777216 ) \n        - \n        (CONVERT(bigint, parsename(start_ip_address, 1)) +\n         CONVERT(bigint, parsename(start_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(start_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(start_ip_address, 4)) * 16777216 )\n      ) > 255;"),
	// 												},
	// 												Rationale: to.Ptr("Often, administrators add rules that grant excessive access as part of a troubleshooting process � to eliminate the firewall as the source of a problem, they simply create a rule that allows all traffic to pass to the affected server.\n\nGranting excessive access using server firewall rules is a clear security concern, as it violates the principle of least privilege by allowing unnecessary access to your databases. In fact, it's the equivalent of placing the server outside of the firewall."),
	// 												RuleID: to.Ptr("VA2063"),
	// 												RuleType: to.Ptr(armsecurity.RuleTypeNegativeList),
	// 												Severity: to.Ptr(armsecurity.RuleSeverityHigh),
	// 												Title: to.Ptr("Server-level firewall rules should not grant excessive access"),
	// 											},
	// 											Status: to.Ptr(armsecurity.RuleStatusFinding),
	// 										},
	// 								}},
	// 							}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

JavaScript

const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Gets a list of scan results for a single scan record.
 *
 * @summary Gets a list of scan results for a single scan record.
 * x-ms-original-file: specification/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/examples/sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_List.json
 */
async function listScanResults() {
  const scanId = "Scheduled-20200623";
  const workspaceId = "55555555-6666-7777-8888-999999999999";
  const resourceId =
    "subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master";
  const credential = new DefaultAzureCredential();
  const client = new SecurityCenter(credential);
  const result = await client.sqlVulnerabilityAssessmentScanResults.list(
    scanId,
    workspaceId,
    resourceId,
  );
  console.log(result);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

dotnet

using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.SecurityCenter;
using Azure.ResourceManager.SecurityCenter.Models;

// Generated from example definition: specification/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/examples/sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_List.json
// this example is just showing the usage of "SqlVulnerabilityAssessmentScanResults_List" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this SqlVulnerabilityAssessmentScanResource created on azure
// for more information of creating SqlVulnerabilityAssessmentScanResource, please refer to the document of SqlVulnerabilityAssessmentScanResource
string resourceId = "subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master";
string scanId = "Scheduled-20200623";
ResourceIdentifier sqlVulnerabilityAssessmentScanResourceId = SqlVulnerabilityAssessmentScanResource.CreateResourceIdentifier(resourceId, scanId);
SqlVulnerabilityAssessmentScanResource sqlVulnerabilityAssessmentScan = client.GetSqlVulnerabilityAssessmentScanResource(sqlVulnerabilityAssessmentScanResourceId);

// invoke the operation and iterate over the result
Guid workspaceId = Guid.Parse("55555555-6666-7777-8888-999999999999");
await foreach (SqlVulnerabilityAssessmentScanResult item in sqlVulnerabilityAssessmentScan.GetSqlVulnerabilityAssessmentScanResultsAsync(workspaceId))
{
    Console.WriteLine($"Succeeded: {item}");
}

Console.WriteLine($"Succeeded");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Exempelsvar

Statuskod:

200

{
  "value": [
    {
      "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/Scheduled-20200623/scanResults/VA2062",
      "name": "VA2062",
      "type": "Microsoft.Security/sqlVulnerabilityAssessments/scans/scanResults",
      "properties": {
        "ruleId": "VA2062",
        "status": "NonFinding",
        "isTrimmed": false,
        "queryResults": [],
        "remediation": {
          "description": "Remove database firewall rules that grant excessive access",
          "scripts": [],
          "automated": false,
          "portalLink": ""
        },
        "baselineAdjustedResult": null,
        "ruleMetadata": {
          "ruleId": "VA2062",
          "severity": "High",
          "category": "SurfaceAreaReduction",
          "ruleType": "NegativeList",
          "title": "Database-level firewall rules should not grant excessive access",
          "description": "The Azure SQL Database-level firewall helps protect your data by preventing all access to your database until you specify which IP addresses have permission. Database-level firewall rules grant access to the specific database based on the originating IP address of each request.\n\nDatabase-level firewall rules for master and user databases can only be created and managed through Transact-SQL (unlike server-level firewall rules which can also be created and managed using the Azure portal or PowerShell). For more details please see: https://docs.microsoft.com/en-us/azure/sql-database/sql-database-firewall-configure\n\nThis check verifies that database-level firewall rules do not grant excessive access.",
          "rationale": "Often, administrators add rules that grant excessive access as part of a troubleshooting process - to eliminate the firewall as the source of a problem, they simply create a rule that allows all traffic to pass to the affected database.\n\nGranting excessive access using database firewall rules is a clear security concern, as it violates the principle of least privilege by allowing unnecessary access to your database. In fact, it's the equivalent of placing the database outside of the firewall.",
          "queryCheck": {
            "query": "SELECT name\n    ,start_ip_address\n    ,end_ip_address\nFROM sys.database_firewall_rules\nWHERE ( \n        (CONVERT(bigint, parsename(end_ip_address, 1)) +\n         CONVERT(bigint, parsename(end_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(end_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(end_ip_address, 4)) * 16777216 ) \n        - \n        (CONVERT(bigint, parsename(start_ip_address, 1)) +\n         CONVERT(bigint, parsename(start_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(start_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(start_ip_address, 4)) * 16777216 )\n      ) > 255;",
            "expectedResult": [],
            "columnNames": [
              "Firewall Rule Name",
              "Start Address",
              "End Address"
            ]
          },
          "benchmarkReferences": []
        }
      }
    },
    {
      "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/Scheduled-20200623/scanResults/VA2063",
      "name": "VA2063",
      "type": "Microsoft.Security/sqlVulnerabilityAssessments/scans/scanResults",
      "properties": {
        "ruleId": "VA2063",
        "status": "Finding",
        "isTrimmed": false,
        "queryResults": [
          [
            "Test",
            "0.0.0.0",
            "125.125.125.125"
          ]
        ],
        "remediation": {
          "description": "Remove server firewall rules that grant excessive access",
          "scripts": [
            "EXECUTE sp_delete_firewall_rule N'Test';"
          ],
          "automated": false,
          "portalLink": "ReviewServerFirewallRules"
        },
        "baselineAdjustedResult": {
          "baseline": {
            "expectedResults": [
              [
                "Test",
                "0.0.0.0",
                "125.125.125.125"
              ]
            ],
            "updatedTime": "2020-02-04T12:49:41.027771+00:00"
          },
          "status": "NonFinding",
          "resultsNotInBaseline": [],
          "resultsOnlyInBaseline": []
        },
        "ruleMetadata": {
          "ruleId": "VA2063",
          "severity": "High",
          "category": "SurfaceAreaReduction",
          "ruleType": "NegativeList",
          "title": "Server-level firewall rules should not grant excessive access",
          "description": "The Azure SQL server-level firewall helps protect your server by preventing all access to your databases until you specify which IP addresses have permission. Server-level firewall rules grant access to all databases that belong to the server based on the originating IP address of each request.\n\nServer-level firewall rules can only be created and managed through Transact-SQL as well as through the Azure portal or PowerShell. For more details please see: https://docs.microsoft.com/en-us/azure/sql-database/sql-database-firewall-configure\n\nThis check verifies that server-level firewall rules do not grant excessive access.",
          "rationale": "Often, administrators add rules that grant excessive access as part of a troubleshooting process � to eliminate the firewall as the source of a problem, they simply create a rule that allows all traffic to pass to the affected server.\n\nGranting excessive access using server firewall rules is a clear security concern, as it violates the principle of least privilege by allowing unnecessary access to your databases. In fact, it's the equivalent of placing the server outside of the firewall.",
          "queryCheck": {
            "query": "SELECT name\n    ,start_ip_address\n    ,end_ip_address\nFROM sys.firewall_rules\nWHERE ( \n        (CONVERT(bigint, parsename(end_ip_address, 1)) +\n         CONVERT(bigint, parsename(end_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(end_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(end_ip_address, 4)) * 16777216 ) \n        - \n        (CONVERT(bigint, parsename(start_ip_address, 1)) +\n         CONVERT(bigint, parsename(start_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(start_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(start_ip_address, 4)) * 16777216 )\n      ) > 255;",
            "expectedResult": [],
            "columnNames": [
              "Firewall Rule Name",
              "Start Address",
              "End Address"
            ]
          },
          "benchmarkReferences": []
        }
      }
    }
  ]
}

List scan results of the latest scan

Exempelbegäran

HTTP

GET https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/latest/scanResults?workspaceId=55555555-6666-7777-8888-999999999999&api-version=2023-02-01-preview

Java

/**
 * Samples for SqlVulnerabilityAssessmentScanResults List.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/examples/
     * sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_ListLatest.json
     */
    /**
     * Sample code: List scan results of the latest scan.
     * 
     * @param manager Entry point to SecurityManager.
     */
    public static void listScanResultsOfTheLatestScan(com.azure.resourcemanager.security.SecurityManager manager) {
        manager.sqlVulnerabilityAssessmentScanResults().listWithResponse("latest",
            "55555555-6666-7777-8888-999999999999",
            "subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master",
            com.azure.core.util.Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Go

package armsecurity_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/examples/sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_ListLatest.json
func ExampleSQLVulnerabilityAssessmentScanResultsClient_List_listScanResultsOfTheLatestScan() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	res, err := clientFactory.NewSQLVulnerabilityAssessmentScanResultsClient().List(ctx, "latest", "55555555-6666-7777-8888-999999999999", "subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master", nil)
	if err != nil {
		log.Fatalf("failed to finish the request: %v", err)
	}
	// You could use response here. We use blank identifier for just demo purposes.
	_ = res
	// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
	// res.ScanResults = armsecurity.ScanResults{
	// 	Value: []*armsecurity.ScanResult{
	// 		{
	// 			Name: to.Ptr("VA2062"),
	// 			Type: to.Ptr("Microsoft.Security/sqlVulnerabilityAssessments/scans/scanResults"),
	// 			ID: to.Ptr("/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/Scheduled-20200623/scanResults/VA2062"),
	// 			Properties: &armsecurity.ScanResultProperties{
	// 				IsTrimmed: to.Ptr(false),
	// 				QueryResults: [][]*string{
	// 				},
	// 				Remediation: &armsecurity.Remediation{
	// 					Description: to.Ptr("Remove database firewall rules that grant excessive access"),
	// 					Automated: to.Ptr(false),
	// 					PortalLink: to.Ptr(""),
	// 					Scripts: []*string{
	// 					},
	// 				},
	// 				RuleID: to.Ptr("VA2062"),
	// 				RuleMetadata: &armsecurity.VaRule{
	// 					Description: to.Ptr("The Azure SQL Database-level firewall helps protect your data by preventing all access to your database until you specify which IP addresses have permission. Database-level firewall rules grant access to the specific database based on the originating IP address of each request.\n\nDatabase-level firewall rules for master and user databases can only be created and managed through Transact-SQL (unlike server-level firewall rules which can also be created and managed using the Azure portal or PowerShell). For more details please see: https://docs.microsoft.com/en-us/azure/sql-database/sql-database-firewall-configure\n\nThis check verifies that database-level firewall rules do not grant excessive access."),
	// 					BenchmarkReferences: []*armsecurity.BenchmarkReference{
	// 					},
	// 					Category: to.Ptr("SurfaceAreaReduction"),
	// 					QueryCheck: &armsecurity.QueryCheck{
	// 						ColumnNames: []*string{
	// 							to.Ptr("Firewall Rule Name"),
	// 							to.Ptr("Start Address"),
	// 							to.Ptr("End Address")},
	// 							ExpectedResult: [][]*string{
	// 							},
	// 							Query: to.Ptr("SELECT name\n    ,start_ip_address\n    ,end_ip_address\nFROM sys.database_firewall_rules\nWHERE ( \n        (CONVERT(bigint, parsename(end_ip_address, 1)) +\n         CONVERT(bigint, parsename(end_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(end_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(end_ip_address, 4)) * 16777216 ) \n        - \n        (CONVERT(bigint, parsename(start_ip_address, 1)) +\n         CONVERT(bigint, parsename(start_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(start_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(start_ip_address, 4)) * 16777216 )\n      ) > 255;"),
	// 						},
	// 						Rationale: to.Ptr("Often, administrators add rules that grant excessive access as part of a troubleshooting process - to eliminate the firewall as the source of a problem, they simply create a rule that allows all traffic to pass to the affected database.\n\nGranting excessive access using database firewall rules is a clear security concern, as it violates the principle of least privilege by allowing unnecessary access to your database. In fact, it's the equivalent of placing the database outside of the firewall."),
	// 						RuleID: to.Ptr("VA2062"),
	// 						RuleType: to.Ptr(armsecurity.RuleTypeNegativeList),
	// 						Severity: to.Ptr(armsecurity.RuleSeverityHigh),
	// 						Title: to.Ptr("Database-level firewall rules should not grant excessive access"),
	// 					},
	// 					Status: to.Ptr(armsecurity.RuleStatusNonFinding),
	// 				},
	// 			},
	// 			{
	// 				Name: to.Ptr("VA2063"),
	// 				Type: to.Ptr("Microsoft.Security/sqlVulnerabilityAssessments/scans/scanResults"),
	// 				ID: to.Ptr("/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/Scheduled-20200623/scanResults/VA2063"),
	// 				Properties: &armsecurity.ScanResultProperties{
	// 					BaselineAdjustedResult: &armsecurity.BaselineAdjustedResult{
	// 						Baseline: &armsecurity.Baseline{
	// 							ExpectedResults: [][]*string{
	// 								[]*string{
	// 									to.Ptr("Test"),
	// 									to.Ptr("0.0.0.0"),
	// 									to.Ptr("125.125.125.125")}},
	// 									UpdatedTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-02-04T12:49:41.027Z"); return t}()),
	// 								},
	// 								ResultsNotInBaseline: [][]*string{
	// 								},
	// 								ResultsOnlyInBaseline: [][]*string{
	// 								},
	// 								Status: to.Ptr(armsecurity.RuleStatusNonFinding),
	// 							},
	// 							IsTrimmed: to.Ptr(false),
	// 							QueryResults: [][]*string{
	// 								[]*string{
	// 									to.Ptr("Test"),
	// 									to.Ptr("0.0.0.0"),
	// 									to.Ptr("125.125.125.125")}},
	// 									Remediation: &armsecurity.Remediation{
	// 										Description: to.Ptr("Remove server firewall rules that grant excessive access"),
	// 										Automated: to.Ptr(false),
	// 										PortalLink: to.Ptr("ReviewServerFirewallRules"),
	// 										Scripts: []*string{
	// 											to.Ptr("EXECUTE sp_delete_firewall_rule N'Test';")},
	// 										},
	// 										RuleID: to.Ptr("VA2063"),
	// 										RuleMetadata: &armsecurity.VaRule{
	// 											Description: to.Ptr("The Azure SQL server-level firewall helps protect your server by preventing all access to your databases until you specify which IP addresses have permission. Server-level firewall rules grant access to all databases that belong to the server based on the originating IP address of each request.\n\nServer-level firewall rules can only be created and managed through Transact-SQL as well as through the Azure portal or PowerShell. For more details please see: https://docs.microsoft.com/en-us/azure/sql-database/sql-database-firewall-configure\n\nThis check verifies that server-level firewall rules do not grant excessive access."),
	// 											BenchmarkReferences: []*armsecurity.BenchmarkReference{
	// 											},
	// 											Category: to.Ptr("SurfaceAreaReduction"),
	// 											QueryCheck: &armsecurity.QueryCheck{
	// 												ColumnNames: []*string{
	// 													to.Ptr("Firewall Rule Name"),
	// 													to.Ptr("Start Address"),
	// 													to.Ptr("End Address")},
	// 													ExpectedResult: [][]*string{
	// 													},
	// 													Query: to.Ptr("SELECT name\n    ,start_ip_address\n    ,end_ip_address\nFROM sys.firewall_rules\nWHERE ( \n        (CONVERT(bigint, parsename(end_ip_address, 1)) +\n         CONVERT(bigint, parsename(end_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(end_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(end_ip_address, 4)) * 16777216 ) \n        - \n        (CONVERT(bigint, parsename(start_ip_address, 1)) +\n         CONVERT(bigint, parsename(start_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(start_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(start_ip_address, 4)) * 16777216 )\n      ) > 255;"),
	// 												},
	// 												Rationale: to.Ptr("Often, administrators add rules that grant excessive access as part of a troubleshooting process � to eliminate the firewall as the source of a problem, they simply create a rule that allows all traffic to pass to the affected server.\n\nGranting excessive access using server firewall rules is a clear security concern, as it violates the principle of least privilege by allowing unnecessary access to your databases. In fact, it's the equivalent of placing the server outside of the firewall."),
	// 												RuleID: to.Ptr("VA2063"),
	// 												RuleType: to.Ptr(armsecurity.RuleTypeNegativeList),
	// 												Severity: to.Ptr(armsecurity.RuleSeverityHigh),
	// 												Title: to.Ptr("Server-level firewall rules should not grant excessive access"),
	// 											},
	// 											Status: to.Ptr(armsecurity.RuleStatusFinding),
	// 										},
	// 								}},
	// 							}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

JavaScript

const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Gets a list of scan results for a single scan record.
 *
 * @summary Gets a list of scan results for a single scan record.
 * x-ms-original-file: specification/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/examples/sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_ListLatest.json
 */
async function listScanResultsOfTheLatestScan() {
  const scanId = "latest";
  const workspaceId = "55555555-6666-7777-8888-999999999999";
  const resourceId =
    "subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master";
  const credential = new DefaultAzureCredential();
  const client = new SecurityCenter(credential);
  const result = await client.sqlVulnerabilityAssessmentScanResults.list(
    scanId,
    workspaceId,
    resourceId,
  );
  console.log(result);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

dotnet

using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.SecurityCenter;
using Azure.ResourceManager.SecurityCenter.Models;

// Generated from example definition: specification/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/examples/sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_ListLatest.json
// this example is just showing the usage of "SqlVulnerabilityAssessmentScanResults_List" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this SqlVulnerabilityAssessmentScanResource created on azure
// for more information of creating SqlVulnerabilityAssessmentScanResource, please refer to the document of SqlVulnerabilityAssessmentScanResource
string resourceId = "subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master";
string scanId = "latest";
ResourceIdentifier sqlVulnerabilityAssessmentScanResourceId = SqlVulnerabilityAssessmentScanResource.CreateResourceIdentifier(resourceId, scanId);
SqlVulnerabilityAssessmentScanResource sqlVulnerabilityAssessmentScan = client.GetSqlVulnerabilityAssessmentScanResource(sqlVulnerabilityAssessmentScanResourceId);

// invoke the operation and iterate over the result
Guid workspaceId = Guid.Parse("55555555-6666-7777-8888-999999999999");
await foreach (SqlVulnerabilityAssessmentScanResult item in sqlVulnerabilityAssessmentScan.GetSqlVulnerabilityAssessmentScanResultsAsync(workspaceId))
{
    Console.WriteLine($"Succeeded: {item}");
}

Console.WriteLine($"Succeeded");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Exempelsvar

Statuskod:

200

{
  "value": [
    {
      "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/Scheduled-20200623/scanResults/VA2062",
      "name": "VA2062",
      "type": "Microsoft.Security/sqlVulnerabilityAssessments/scans/scanResults",
      "properties": {
        "ruleId": "VA2062",
        "status": "NonFinding",
        "isTrimmed": false,
        "queryResults": [],
        "remediation": {
          "description": "Remove database firewall rules that grant excessive access",
          "scripts": [],
          "automated": false,
          "portalLink": ""
        },
        "baselineAdjustedResult": null,
        "ruleMetadata": {
          "ruleId": "VA2062",
          "severity": "High",
          "category": "SurfaceAreaReduction",
          "ruleType": "NegativeList",
          "title": "Database-level firewall rules should not grant excessive access",
          "description": "The Azure SQL Database-level firewall helps protect your data by preventing all access to your database until you specify which IP addresses have permission. Database-level firewall rules grant access to the specific database based on the originating IP address of each request.\n\nDatabase-level firewall rules for master and user databases can only be created and managed through Transact-SQL (unlike server-level firewall rules which can also be created and managed using the Azure portal or PowerShell). For more details please see: https://docs.microsoft.com/en-us/azure/sql-database/sql-database-firewall-configure\n\nThis check verifies that database-level firewall rules do not grant excessive access.",
          "rationale": "Often, administrators add rules that grant excessive access as part of a troubleshooting process - to eliminate the firewall as the source of a problem, they simply create a rule that allows all traffic to pass to the affected database.\n\nGranting excessive access using database firewall rules is a clear security concern, as it violates the principle of least privilege by allowing unnecessary access to your database. In fact, it's the equivalent of placing the database outside of the firewall.",
          "queryCheck": {
            "query": "SELECT name\n    ,start_ip_address\n    ,end_ip_address\nFROM sys.database_firewall_rules\nWHERE ( \n        (CONVERT(bigint, parsename(end_ip_address, 1)) +\n         CONVERT(bigint, parsename(end_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(end_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(end_ip_address, 4)) * 16777216 ) \n        - \n        (CONVERT(bigint, parsename(start_ip_address, 1)) +\n         CONVERT(bigint, parsename(start_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(start_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(start_ip_address, 4)) * 16777216 )\n      ) > 255;",
            "expectedResult": [],
            "columnNames": [
              "Firewall Rule Name",
              "Start Address",
              "End Address"
            ]
          },
          "benchmarkReferences": []
        }
      }
    },
    {
      "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/Scheduled-20200623/scanResults/VA2063",
      "name": "VA2063",
      "type": "Microsoft.Security/sqlVulnerabilityAssessments/scans/scanResults",
      "properties": {
        "ruleId": "VA2063",
        "status": "Finding",
        "isTrimmed": false,
        "queryResults": [
          [
            "Test",
            "0.0.0.0",
            "125.125.125.125"
          ]
        ],
        "remediation": {
          "description": "Remove server firewall rules that grant excessive access",
          "scripts": [
            "EXECUTE sp_delete_firewall_rule N'Test';"
          ],
          "automated": false,
          "portalLink": "ReviewServerFirewallRules"
        },
        "baselineAdjustedResult": {
          "baseline": {
            "expectedResults": [
              [
                "Test",
                "0.0.0.0",
                "125.125.125.125"
              ]
            ],
            "updatedTime": "2020-02-04T12:49:41.027771+00:00"
          },
          "status": "NonFinding",
          "resultsNotInBaseline": [],
          "resultsOnlyInBaseline": []
        },
        "ruleMetadata": {
          "ruleId": "VA2063",
          "severity": "High",
          "category": "SurfaceAreaReduction",
          "ruleType": "NegativeList",
          "title": "Server-level firewall rules should not grant excessive access",
          "description": "The Azure SQL server-level firewall helps protect your server by preventing all access to your databases until you specify which IP addresses have permission. Server-level firewall rules grant access to all databases that belong to the server based on the originating IP address of each request.\n\nServer-level firewall rules can only be created and managed through Transact-SQL as well as through the Azure portal or PowerShell. For more details please see: https://docs.microsoft.com/en-us/azure/sql-database/sql-database-firewall-configure\n\nThis check verifies that server-level firewall rules do not grant excessive access.",
          "rationale": "Often, administrators add rules that grant excessive access as part of a troubleshooting process � to eliminate the firewall as the source of a problem, they simply create a rule that allows all traffic to pass to the affected server.\n\nGranting excessive access using server firewall rules is a clear security concern, as it violates the principle of least privilege by allowing unnecessary access to your databases. In fact, it's the equivalent of placing the server outside of the firewall.",
          "queryCheck": {
            "query": "SELECT name\n    ,start_ip_address\n    ,end_ip_address\nFROM sys.firewall_rules\nWHERE ( \n        (CONVERT(bigint, parsename(end_ip_address, 1)) +\n         CONVERT(bigint, parsename(end_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(end_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(end_ip_address, 4)) * 16777216 ) \n        - \n        (CONVERT(bigint, parsename(start_ip_address, 1)) +\n         CONVERT(bigint, parsename(start_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(start_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(start_ip_address, 4)) * 16777216 )\n      ) > 255;",
            "expectedResult": [],
            "columnNames": [
              "Firewall Rule Name",
              "Start Address",
              "End Address"
            ]
          },
          "benchmarkReferences": []
        }
      }
    }
  ]
}

Definitioner

Name	Description
Baseline	Originalplansinformation.
BaselineAdjustedResult	Regelresultatet justerat med baslinje.
BenchmarkReference	Referensvärdet refererar till.
CloudError	Vanligt felsvar för alla Azure Resource Manager-API:er för att returnera felinformation för misslyckade åtgärder. (Detta följer även formatet för OData-felsvar.).
CloudErrorBody	Felinformationen.
ErrorAdditionalInfo	Ytterligare information om resurshanteringsfelet.
QueryCheck	Information om regelfrågan.
Remediation	Reparationsinformation.
RuleSeverity	Regelns allvarlighetsgrad.
RuleStatus	Status för regelresultat.
RuleType	Regeltypen.
ScanResult	Ett resultat av en sårbarhetsbedömningsgenomsökning för en enda regel.
ScanResultProperties	En resultategenskaper för sårbarhetsbedömningsgenomsökning för en enda regel.
ScanResults	En lista över genomsökningsresultat för sårbarhetsbedömning.
VaRule	information om metadata för sårbarhetsbedömningsregeln.

Baseline

Originalplansinformation.

Name	Typ	Description
expectedResults	string[]	Förväntade resultat.
updatedTime	string	Uppdateringstid för baslinje (UTC).

BaselineAdjustedResult

Regelresultatet justerat med baslinje.

Name	Typ	Description
baseline	Baseline	Originalplansinformation.
resultsNotInBaseline	string[]	Resultat som inte finns i baslinjen.
resultsOnlyInBaseline	string[]	Resultat som finns i baslinjen.
status	RuleStatus	Status för regelresultat.

BenchmarkReference

Referensvärdet refererar till.

Name	Typ	Description
benchmark	string	Referensnamnet.
reference	string	Referensvärdet.

CloudError

Vanligt felsvar för alla Azure Resource Manager-API:er för att returnera felinformation för misslyckade åtgärder. (Detta följer även formatet för OData-felsvar.).

Name	Typ	Description
error.additionalInfo	ErrorAdditionalInfo[]	Ytterligare information om felet.
error.code	string	Felkoden.
error.details	CloudErrorBody[]	Felinformationen.
error.message	string	Felmeddelandet.
error.target	string	Felmålet.

CloudErrorBody

Felinformationen.

Name	Typ	Description
additionalInfo	ErrorAdditionalInfo[]	Ytterligare information om felet.
code	string	Felkoden.
details	CloudErrorBody[]	Felinformationen.
message	string	Felmeddelandet.
target	string	Felmålet.

ErrorAdditionalInfo

Ytterligare information om resurshanteringsfelet.

Name	Typ	Description
info	object	Ytterligare information.
type	string	Ytterligare informationstyp.

QueryCheck

Information om regelfrågan.

Name	Typ	Description
columnNames	string[]	Kolumnnamn för förväntat resultat.
expectedResult	string[]	Förväntat resultat.
query	string	Regelfrågan.

Remediation

Reparationsinformation.

Name	Typ	Description
automated	boolean	Är reparation automatiserad.
description	string	Reparationsbeskrivning.
portalLink	string	Valfri länk för att åtgärda i Azure-portalen.
scripts	string[]	Reparationsskript.

RuleSeverity

Regelns allvarlighetsgrad.

Name	Typ	Description
High	string	Hög
Informational	string	Informativt
Low	string	Låg
Medium	string	Medium
Obsolete	string	Föråldrad

RuleStatus

Status för regelresultat.

Name	Typ	Description
Finding	string	Hitta
InternalError	string	InternalError
NonFinding	string	Icke-förfining

RuleType

Regeltypen.

Name	Typ	Description
BaselineExpected	string	BaselineExpected
Binary	string	Binär
NegativeList	string	Negativ lista
PositiveList	string	PositiveList

ScanResult

Ett resultat av en sårbarhetsbedömningsgenomsökning för en enda regel.

Name	Typ	Description
id	string	Resurs-ID
name	string	Resursnamn
properties	ScanResultProperties	En resultategenskaper för sårbarhetsbedömningsgenomsökning för en enda regel.
type	string	Resurstyp

ScanResultProperties

En resultategenskaper för sårbarhetsbedömningsgenomsökning för en enda regel.

Name	Typ	Description
baselineAdjustedResult	BaselineAdjustedResult	Regelresultatet justerat med baslinje.
isTrimmed	boolean	Anger om resultaten som anges här är trimmade.
queryResults	string[]	Resultatet av frågan som kördes.
remediation	Remediation	Reparationsinformation.
ruleId	string	Regel-ID:t.
ruleMetadata	VaRule	information om metadata för sårbarhetsbedömningsregeln.
status	RuleStatus	Status för regelresultat.

ScanResults

En lista över genomsökningsresultat för sårbarhetsbedömning.

Name	Typ	Description
value	ScanResult[]	Lista över genomsökningsresultat för sårbarhetsbedömning.

VaRule

information om metadata för sårbarhetsbedömningsregeln.

Name	Typ	Description
benchmarkReferences	BenchmarkReference[]	Referensvärdet refererar till.
category	string	Regelkategorin.
description	string	Regelbeskrivningen.
queryCheck	QueryCheck	Information om regelfrågan.
rationale	string	Regelmotivering.
ruleId	string	Regel-ID:t.
ruleType	RuleType	Regeltypen.
severity	RuleSeverity	Regelns allvarlighetsgrad.
title	string	Regelrubriken.