Create rich, interactive reports of Security Center data

Azure Monitor Workbooks provide a flexible canvas for data analysis and the creation of rich visual reports within the Azure portal. They allow you to tap into multiple data sources from across Azure, and combine them into unified interactive experiences.

Workbooks provide a rich set of capabilities for visualizing your Azure data. For detailed examples of each visualization type, see the visualizations examples and documentation.

Within Azure Security Center, you can access the built-in reports to track your organization’s security posture. You can also build custom reports to view a wide range of data from Security Center or other supported data sources.

Secure score over time report

Availability

Aspect Details
Release state: Preview
The Azure Preview Supplemental Terms include additional legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.
Pricing: Free
Required roles and permissions: To save workbooks, you must have at least Workbook Contributor permissions on the target resource group
Clouds: Yes Commercial clouds
Yes National/Sovereign (US Gov, China Gov, Other Gov)

With the integrated Azure Workbooks functionality, Azure Security Center makes it straightforward to build your own custom, interactive reports. Security Center also includes a workbook gallery with the following reports ready for your customization:

  • Secure Score Over Time - Track your subscriptions' scores and changes to recommendations for your resources
  • System Updates - View missing system updates by resources, OS, severity, and more
  • Vulnerability Assessment Findings - View the findings of vulnerability scans of your Azure resources

Gallery of built-in workbooks in Azure Security Center

Choose one of the supplied reports or create your own.

Tip

Use the Edit button to customize any of the supplied reports to your satisfaction. When you're done editing, select Save and your changes will be saved to a new workbook.

Editing the supplied workbooks to customize them for your particular needs

Use the 'Secure Score Over Time' report

This report uses secure score data from your Log Analytics workspace. That data needs to be exported from the continuous export tool as described in Configure continuous export from the Security Center pages in Azure portal.

When you set up the continuous export, set the export frequency to both streaming updates and snapshots.

For the secure score over time workbook you'll need to select both of these options from the export frequency settings in your continuous export configuration

Note

Snapshots get exported weekly, so you'll need to wait at least one week for the first snapshot to be exported before you can view data in this report.

Tip

To configure continuous export across your organization, use the supplied Azure Policy 'DeployIfNotExist' policies described in Configure continuous export at scale.

The secure score over time report has five graphs for the subscriptions reporting to the selected workspaces:

Graph Example
Score trends for the last week and month
Use this section to monitor the current score and general trends of the scores for your subscriptions.
Trends for secure score on the built-in report
Aggregated score for all selected subscriptions
Hover your mouse over any point in the trend line to see the aggregated score at any date in the selected time range.
Aggregated score for all selected subscriptions
Recommendations with the most unhealthy resources
This table helps you triage the recommendations that have had the most resources changed to unhealthy over the selected period.
Recommendations with the most unhealthy resources
Scores for specific security controls
Security Center's security controls are logical groupings of recommendations. This chart shows you, at a glance, the weekly scores for all of your controls.
Scores for your security controls over the selected time period
Resources changes
Recommendations with the most resources that have changed state (healthy, unhealthy, or not applicable) during the selected period are listed here. Select any recommendation from the list to open a new table listing the specific resources.
Recommendations with the most resources that have changed health state

Use the 'System Updates' report

This report is based on the security recommendation "System updates should be installed on your machines".

The report helps you identify machines with outstanding updates.

You can view the situation for the selected subscriptions according to:

  • The list of resources with outstanding updates
  • The list of updates missing from your resources

Security Center's system updates report based on the missing updates security recommendation

Use the 'Vulnerability Assessment Findings' report

Security Center includes vulnerability scanners for your machines, containers in container registries, and SQL servers.

Learn more about using these scanners:

Findings for each of these scanners are reported in separate recommendations:

  • Vulnerabilities in your virtual machines should be remediated
  • Vulnerabilities in Azure Container Registry images should be remediated (powered by Qualys)
  • Vulnerability assessment findings on your SQL databases should be remediated
  • Vulnerability assessment findings on your SQL servers on machines should be remediated

This report gathers these findings and organizes them by severity, resource type, and category.

Security Center's vulnerability assessment findings report

Import workbooks from other workbook galleries

If you've built workbooks in other Azure services and want to move them into your Azure Security Center workbooks gallery:

  1. Open the target workbook.

  2. From the toolbar, select Edit.

    Editing an Azure Monitor workbook

  3. From the toolbar, select </> to enter the Advanced Editor.

    Launching the advanced editor to get the Gallery Template JSON code

  4. Copy the workbook's Gallery Template JSON.

  5. Open workbooks gallery in Security Center and from the menu bar select New.

  6. Select the </> to enter the Advanced Editor.

  7. Paste in the entire Gallery Template JSON.

  8. Select Apply.

  9. From the toolbar, select Save As.

    Saving the workbook to the gallery in Security Center

  10. Enter the required details for saving the workbook:

    1. A name for the workbook
    2. The desired region
    3. Subscription, resource group, and sharing as appropriate.

You'll find your saved workbook in the Recently modified workbooks category.

Next steps

This article described Security Center's integrated Azure Monitor Workbooks page with built-in reports and the option to build your own custom, interactive reports.