Log PSRule analysis results to Azure Monitor.

azure azure-monitor cmdlet powershell powershell-module psrule

Перейти к файлу

dependabot[bot] a939c3cca5 Bump Newtonsoft.Json from 12.0.3 to 13.0.1 in /src/PSRule.Monitor (#73 ) * Bump Newtonsoft.Json from 12.0.3 to 13.0.1 in /src/PSRule.Monitor Bumps [Newtonsoft.Json](https://github.com/JamesNK/Newtonsoft.Json) from 12.0.3 to 13.0.1. - [Release notes](https://github.com/JamesNK/Newtonsoft.Json/releases) - [Commits](https://github.com/JamesNK/Newtonsoft.Json/compare/12.0.3...13.0.1) --- updated-dependencies: - dependency-name: Newtonsoft.Json dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> * Bump change log * Fix pipeline * Fix CI pipeline * Update ubuntu image Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Bernie White <bewhite@microsoft.com>		2022-06-29 22:13:09 +10:00
.azure-pipelines	Bump Newtonsoft.Json from 12.0.3 to 13.0.1 in /src/PSRule.Monitor (#73 )	2022-06-29 22:13:09 +10:00
.github	Bump Newtonsoft.Json from 12.0.3 to 13.0.1 in /src/PSRule.Monitor (#73 )	2022-06-29 22:13:09 +10:00
.ps-rule	Added OSS rules for checking repository files (#18 )	2020-07-01 19:35:32 +10:00
.vscode	Bump Newtonsoft.Json from 12.0.3 to 13.0.1 in /src/PSRule.Monitor (#73 )	2022-06-29 22:13:09 +10:00
docs	Added duration of rule execution #49 (#50 )	2021-08-26 11:43:42 +10:00
src/PSRule.Monitor	Bump Newtonsoft.Json from 12.0.3 to 13.0.1 in /src/PSRule.Monitor (#73 )	2022-06-29 22:13:09 +10:00
tests/PSRule.Monitor.Tests	Bump Microsoft.NET.Test.Sdk from 17.1.0 to 17.2.0 (#70 )	2022-05-19 07:38:49 +10:00
.gitignore	Added convention and ingestion #29 #46 #44 #45 #32 (#47 )	2021-08-18 23:54:17 +10:00
CHANGELOG.md	Bump Newtonsoft.Json from 12.0.3 to 13.0.1 in /src/PSRule.Monitor (#73 )	2022-06-29 22:13:09 +10:00
CODE_OF_CONDUCT.md	Initial CODE_OF_CONDUCT.md commit	2019-11-28 03:49:34 -08:00
CONTRIBUTING.md	Add project files (#1 )	2019-11-28 22:27:54 +10:00
LICENSE	Map resource Id from input data #6 #7 (#8 )	2019-12-14 00:19:34 +10:00
PSRule.Monitor.sln	Add data, field, and module name properties #30 #31 (#34 )	2021-04-20 02:51:05 +10:00
README.md	Added duration of rule execution #49 (#50 )	2021-08-26 11:43:42 +10:00
SECURITY.md	Add project files (#1 )	2019-11-28 22:27:54 +10:00
SUPPORT.md	Updated CI pipeline (#38 )	2021-05-10 21:42:29 +10:00
ThirdPartyNotices.txt	Add third party notice and quality updates (#5 )	2019-11-30 01:07:44 +10:00
nuget.config	Add data, field, and module name properties #30 #31 (#34 )	2021-04-20 02:51:05 +10:00
pipeline.build.ps1	Added convention and ingestion #29 #46 #44 #45 #32 (#47 )	2021-08-18 23:54:17 +10:00
ps-project.yaml	Added OSS rules for checking repository files (#18 )	2020-07-01 19:35:32 +10:00
ps-rule.yaml	Updated CI pipeline (#38 )	2021-05-10 21:42:29 +10:00

README.md

PSRule for Azure Monitor

Log PSRule analysis results to Azure Monitor.

Support

This project uses GitHub Issues to track bugs and feature requests. Please search the existing issues before filing new issues to avoid duplicates.

For new issues, file your bug or feature request as a new issue.
For help, discussion, and support questions about using this project, join or start a discussion.

If you have any problems with the PSRule engine, please check the project GitHub issues page instead.

Support for this project/ product is limited to the resources listed above.

Getting the module

This project requires the PSRule PowerShell module. For detail on installation and dependencies see install.

You can download and install these modules from the PowerShell Gallery.

Module	Description	Downloads / instructions
PSRule.Monitor	Log PSRule analysis results to Azure Monitor.	latest / instructions

Getting started

Upload results with PSRule convention

A convention can be used to upload the results of a PSRule analysis to Azure Monitor. To use the convention:

Install the PSRule.Monitor module from the PowerShell Gallery.
Include the PSRule.Monitor module. This can be set in PSRule options or specified at runtime as a parameter.
Reference Monitor.LogAnalytics.Import convention. This can be set in PSRule options or specified at runtime as a parameter.

For example:

include:
  module:
  - 'PSRule.Monitor'

convention:
  include:
  - 'Monitor.LogAnalytics.Import

When using the convention a Log Analytics workspace must be specified. This can be done by setting the following environment variables:

PSRULE_CONFIGURATION_MONITOR_WORKSPACE_ID - Containing the Log Analytics workspace ID.
PSRULE_CONFIGURATION_MONITOR_WORKSPACE_KEY - Containing either the primary or secondary key to the workspace. This value is sensitive and should be stored securely. To protect this value, avoid storing it in source control.

For example:

# PowerShell: Setting environment variable
$Env:PSRULE_CONFIGURATION_MONITOR_WORKSPACE_ID = '00000000-0000-0000-0000-000000000000'
$Env:PSRULE_CONFIGURATION_MONITOR_WORKSPACE_KEY = Get-Secret -Name 'WORKSPACE_KEY' -AsPlainText

# GitHub Actions: Setting environment variable with microsoft/ps-rule action
- name: Run PSRule analysis
  uses: microsoft/ps-rule@main
  env:
    PSRULE_CONFIGURATION_MONITOR_WORKSPACE_ID: 00000000-0000-0000-0000-000000000000
    PSRULE_CONFIGURATION_MONITOR_WORKSPACE_KEY: ${{ secrets.WORKSPACE_KEY }}

# Azure Pipelines: Setting environment variable with ps-rule-assert task
- task: ps-rule-assert@0
  displayName: Run PSRule analysis
  inputs:
    inputType: repository
  env:
    PSRULE_CONFIGURATION_MONITOR_WORKSPACE_ID: 00000000-0000-0000-0000-000000000000
    PSRULE_CONFIGURATION_MONITOR_WORKSPACE_KEY: $(WORKSPACE_KEY)

Upload results with PowerShell

To upload results from PSRule to Azure Monitor, use the Send-PSRuleMonitorRecord cmdlet. Results can by piped directly from Invoke-PSRule or stored and piped from a variable.

The Send-PSRuleMonitorRecord cmdlet requires a Log Analytics workspace to send data to. A workspace can be specified by using the -WorkspaceId and -SharedKey parameters.

For example:

$data | Invoke-PSRule | Send-PSRuleMonitorRecord -WorkspaceId <workspaceId> -SharedKey <primaryKey>;

The following example shows using analysis results from a pre-built module:

$results = Invoke-PSRule -InputPath .\*.json -Module 'PSRule.Rules.Azure';
$results | Send-PSRuleMonitorRecord -WorkspaceId <workspaceId> -SharedKey <primaryKey>;

Querying logs from Azure Monitor

By default, PSRule results are stored in the PSRule_CL table. The results can be queries from the Log Analytics workspace using Kusto.

The following query returns all rule records from the last hour that failed:

PSRule_CL
| where Outcome_s == "Fail" and TimeGenerated > ago(1h)

To query these results from PowerShell use:

Invoke-AzOperationalInsightsQuery -WorkspaceId <workspaceId> -Query 'PSRule_CL | where Outcome_s == "Fail" and TimeGenerated > ago(1h)'

Language reference

Commands

The following commands exist in the PSRule.Monitor module:

Send-PSRuleMonitorRecord - Send analysis results from PSRule to Azure Monitor.

Changes and versioning

Modules in this repository will use the semantic versioning model to declare breaking changes from v1.0.0. Prior to v1.0.0, breaking changes may be introduced in minor (0.x.0) version increments. For a list of module changes please see the change log.

Pre-release module versions are created on major commits and can be installed from the PowerShell Gallery. Pre-release versions should be considered experimental. Modules and change log details for pre-releases will be removed as standard releases are made available.

Contributing

This project welcomes contributions and suggestions. If you are ready to contribute, please visit the contribution guide.

Code of Conduct

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

Maintainers

Bernie White

License

This project is licensed under the MIT License.