你当前正在访问 Microsoft Azure Global Edition 技术文档网站。如果需要访问由世纪互联运营的 Microsoft Azure 中国技术文档网站，请访问 https://docs.azure.cn。

针对 Azure Arc 的 Azure Resource Graph 示例查询

2025-05-20

Azure Resource Graph 是一项 Azure 服务，可用于大规模查询，帮助你有效地管理环境。查询是使用 Kusto 查询语言（KQL）创建的。有关详细信息，请参阅了解 Azure Resource Graph 查询语言。

本页提供 Azure Arc 的示例 Azure Resource Graph 查询列表。可以通过 Azure PowerShell 或 Azure CLI 或在 Azure 门户中使用 Resource Graph 资源管理器运行这些查询。可以随意修改查询以满足你的需求。

小窍门

可以使用 Azure 中的 Microsoft Copilot 使用自然语言创作 Azure Resource Graph 查询。有关详细信息，请参阅在 Azure 中使用 Microsoft Copilot 获取资源信息。

常规 Arc 示例查询

获取已启用 Azure Arc 的自定义位置支持的资源类型

提供已启用 Azure Arc 的自定义位置支持的资源类型列表。

ExtendedLocationResources
| where type == 'microsoft.extendedlocation/customlocations/enabledresourcetypes'

az graph query -q "ExtendedLocationResources | where type == 'microsoft.extendedlocation/customlocations/enabledresourcetypes'"

Search-AzGraph -Query "ExtendedLocationResources | where type == 'microsoft.extendedlocation/customlocations/enabledresourcetypes'"

列出支持 VMware 或 SCVMM 的已启用 Azure Arc 的自定义位置

提供支持 VMware 或 SCVMM 资源类型的所有已启用 Azure Arc 的自定义位置的列表。

Resources
| where type =~ 'microsoft.extendedlocation/customlocations' and properties.provisioningState =~ 'succeeded'
| extend clusterExtensionIds=properties.clusterExtensionIds
| mvexpand clusterExtensionIds
| extend clusterExtensionId = tolower(clusterExtensionIds)
| join kind=leftouter(
  ExtendedLocationResources
  | where type =~ 'microsoft.extendedlocation/customLocations/enabledResourcetypes'
  | project clusterExtensionId = tolower(properties.clusterExtensionId), extensionType = tolower(properties.extensionType)
  | where extensionType in~ ('microsoft.scvmm','microsoft.vmware')
) on clusterExtensionId
| where extensionType in~ ('microsoft.scvmm','microsoft.vmware')
| summarize virtualMachineKindsEnabled=make_set(extensionType) by id,name,___location
| sort by name asc

az graph query -q "Resources | where type =~ 'microsoft.extendedlocation/customlocations' and properties.provisioningState =~ 'succeeded' | extend clusterExtensionIds=properties.clusterExtensionIds | mvexpand clusterExtensionIds | extend clusterExtensionId = tolower(clusterExtensionIds) | join kind=leftouter( ExtendedLocationResources | where type =~ 'microsoft.extendedlocation/customLocations/enabledResourcetypes' | project clusterExtensionId = tolower(properties.clusterExtensionId), extensionType = tolower(properties.extensionType) | where extensionType in~ ('microsoft.scvmm','microsoft.vmware') ) on clusterExtensionId | where extensionType in~ ('microsoft.scvmm','microsoft.vmware') | summarize virtualMachineKindsEnabled=make_set(extensionType) by id,name,___location | sort by name asc"

Search-AzGraph -Query "Resources | where type =~ 'microsoft.extendedlocation/customlocations' and properties.provisioningState =~ 'succeeded' | extend clusterExtensionIds=properties.clusterExtensionIds | mvexpand clusterExtensionIds | extend clusterExtensionId = tolower(clusterExtensionIds) | join kind=leftouter( ExtendedLocationResources | where type =~ 'microsoft.extendedlocation/customLocations/enabledResourcetypes' | project clusterExtensionId = tolower(properties.clusterExtensionId), extensionType = tolower(properties.extensionType) | where extensionType in~ ('microsoft.scvmm','microsoft.vmware') ) on clusterExtensionId | where extensionType in~ ('microsoft.scvmm','microsoft.vmware') | summarize virtualMachineKindsEnabled=make_set(extensionType) by id,name,___location | sort by name asc"

已启用 Arc 的服务器示例查询

按域获取已启用 Arc 的服务器的计数和百分比

此查询汇总domainName上的属性，并使用含 bin 的计算创建一个 Pct 列，来表示每个域中已启用 Arc 的服务器的百分比。

Resources
| where type == 'microsoft.hybridcompute/machines'
| project ___domain=tostring(properties.domainName)
| summarize Domains=make_list(___domain), TotalMachineCount=sum(1)
| mvexpand EachDomain = Domains
| summarize PerDomainMachineCount = count() by tostring(EachDomain), TotalMachineCount
| extend Pct = 100 * bin(todouble(PerDomainMachineCount) / todouble(TotalMachineCount), 0.001)

az graph query -q "Resources | where type == 'microsoft.hybridcompute/machines' | project ___domain=tostring(properties.domainName) | summarize Domains=make_list(___domain), TotalMachineCount=sum(1) | mvexpand EachDomain = Domains | summarize PerDomainMachineCount = count() by tostring(EachDomain), TotalMachineCount | extend Pct = 100 * bin(todouble(PerDomainMachineCount) / todouble(TotalMachineCount), 0.001)"

Search-AzGraph -Query "Resources | where type == 'microsoft.hybridcompute/machines' | project ___domain=tostring(properties.domainName) | summarize Domains=make_list(___domain), TotalMachineCount=sum(1) | mvexpand EachDomain = Domains | summarize PerDomainMachineCount = count() by tostring(EachDomain), TotalMachineCount | extend Pct = 100 * bin(todouble(PerDomainMachineCount) / todouble(TotalMachineCount), 0.001)"

列出已启用 Azure Arc 的服务器上安装的所有扩展

首先，此查询对混合计算机资源类型使用 project 以获取大写的 ID (toupper())、获取计算机名称以及机器上运行的操作系统。获取大写的资源 ID 是准备 join 另一个属性的好方法。然后，此查询使用将 join 作为 kind 的 leftouter，通过匹配扩展 ID 的大写 substring 来获取扩展。 /extensions/<ExtensionName> 之前的 ID 部分与混合计算机 ID 的格式相同，因此我们将此属性用于 join。然后会针对虚拟机扩展的名称将 summarize 用于 make_list 以合并每个扩展的名称，其中 ID、OSName 和 ComputerName 在单个数组属性中是相同的。最后，我们使用按小写 OSName 进行排序asc。默认情况下，order by 为降序。

Resources
| where type == 'microsoft.hybridcompute/machines'
| project
  id,
  JoinID = toupper(id),
  ComputerName = tostring(properties.osProfile.computerName),
  OSName = tostring(properties.osName)
| join kind=leftouter(
  Resources
  | where type == 'microsoft.hybridcompute/machines/extensions'
  | project
    MachineId = toupper(substring(id, 0, indexof(id, '/extensions'))),
    ExtensionName = name
) on $left.JoinID == $right.MachineId
| summarize Extensions = make_list(ExtensionName) by id, ComputerName, OSName
| order by tolower(OSName) asc

az graph query -q "Resources | where type == 'microsoft.hybridcompute/machines' | project id, JoinID = toupper(id), ComputerName = tostring(properties.osProfile.computerName), OSName = tostring(properties.osName) | join kind=leftouter( Resources | where type == 'microsoft.hybridcompute/machines/extensions' | project  MachineId = toupper(substring(id, 0, indexof(id, '/extensions'))),  ExtensionName = name ) on \$left.JoinID == \$right.MachineId | summarize Extensions = make_list(ExtensionName) by id, ComputerName, OSName | order by tolower(OSName) asc"

Search-AzGraph -Query "Resources | where type == 'microsoft.hybridcompute/machines' | project id, JoinID = toupper(id), ComputerName = tostring(properties.osProfile.computerName), OSName = tostring(properties.osName) | join kind=leftouter( Resources | where type == 'microsoft.hybridcompute/machines/extensions' | project  MachineId = toupper(substring(id, 0, indexof(id, '/extensions'))),  ExtensionName = name ) on $left.JoinID == $right.MachineId | summarize Extensions = make_list(ExtensionName) by id, ComputerName, OSName | order by tolower(OSName) asc"

列出未运行代理的最新发布版且已启用 Arc 的服务器

此查询返回所有运行 Connected Machine 代理过时版本且已启用 Arc 的服务器。结果中不包含状态为“已过期”的代理。该查询使用 leftouterjoin 将顾问提出的关于任何已标识为过时的 Connected Machine Agent 的建议和混合计算机组合在一起，以筛选掉一段时间内未与 Azure 通信的任何代理。

AdvisorResources
| where type == 'microsoft.advisor/recommendations'
| where properties.category == 'HighAvailability'
| where properties.shortDescription.solution == 'Upgrade to the latest version of the Azure Connected Machine agent'
| project
    id,
    JoinId = toupper(properties.resourceMetadata.resourceId),
    machineName = tostring(properties.impactedValue),
    agentVersion = tostring(properties.extendedProperties.installedVersion),
    expectedVersion = tostring(properties.extendedProperties.latestVersion)
| join kind=leftouter(
  Resources
  | where type == 'microsoft.hybridcompute/machines'
  | project
    machineId = toupper(id),
    status = tostring (properties.status)
  ) on $left.JoinId == $right.machineId
| where status != 'Expired'
| summarize by id, machineName, agentVersion, expectedVersion
| order by tolower(machineName) asc

az graph query -q "AdvisorResources | where type == 'microsoft.advisor/recommendations' | where properties.category == 'HighAvailability' | where properties.shortDescription.solution == 'Upgrade to the latest version of the Azure Connected Machine agent' | project  id,  JoinId = toupper(properties.resourceMetadata.resourceId),  machineName = tostring(properties.impactedValue),  agentVersion = tostring(properties.extendedProperties.installedVersion),  expectedVersion = tostring(properties.extendedProperties.latestVersion) | join kind=leftouter( Resources | where type == 'microsoft.hybridcompute/machines' | project  machineId = toupper(id),  status = tostring (properties.status) ) on \$left.JoinId == \$right.machineId | where status != 'Expired' | summarize by id, machineName, agentVersion, expectedVersion | order by tolower(machineName) asc"

Search-AzGraph -Query "AdvisorResources | where type == 'microsoft.advisor/recommendations' | where properties.category == 'HighAvailability' | where properties.shortDescription.solution == 'Upgrade to the latest version of the Azure Connected Machine agent' | project  id,  JoinId = toupper(properties.resourceMetadata.resourceId),  machineName = tostring(properties.impactedValue),  agentVersion = tostring(properties.extendedProperties.installedVersion),  expectedVersion = tostring(properties.extendedProperties.latestVersion) | join kind=leftouter( Resources | where type == 'microsoft.hybridcompute/machines' | project  machineId = toupper(id),  status = tostring (properties.status) ) on $left.JoinId == $right.machineId | where status != 'Expired' | summarize by id, machineName, agentVersion, expectedVersion | order by tolower(machineName) asc"

列出已安装 SQL Server、PostgreSQL 或 MySQL 的已启用 Arc 的服务器

此查询返回安装了 SQL Server、PostgreSQL 或 MySQL 的所有已启用 Arc 的服务器。

resources
| where type =~ 'microsoft.hybridcompute/machines'
| extend machineId = tolower(tostring(id)), datacenter = iif(isnull(tags.Datacenter), '', tags.Datacenter), status = tostring(properties.status)
| extend mssqlinstalled = coalesce(tobool(properties.detectedProperties.mssqldiscovered),false)
| extend pgsqlinstalled = coalesce(tobool(properties.detectedProperties.pgsqldiscovered),false)
| extend mysqlinstalled = coalesce(tobool(properties.detectedProperties.mysqldiscovered),false)
| extend osSku = properties.osSku, osName = properties.osName, osVersion = properties.osVersion
| extend coreCount = tostring(properties.detectedProperties.logicalCoreCount), totalPhysicalMemoryinGB = tostring(properties.detectedProperties.totalPhysicalMemoryInGigabytes) 
| extend operatingSystem = iif(isnotnull(osSku), osSku, osName)
| where mssqlinstalled or mysqlinstalled or pgsqlinstalled
| project id ,name, type, resourceGroup, subscriptionId, ___location, kind, osVersion, status, osSku,coreCount,totalPhysicalMemoryinGB,tags, mssqlinstalled, mysqlinstalled, pgsqlinstalled
| sort by (tolower(tostring(name))) asc

az graph query -q "resources | where type =~ 'microsoft.hybridcompute/machines' | extend machineId = tolower(tostring(id)), datacenter = iif(isnull(tags.Datacenter), '', tags.Datacenter), status = tostring(properties.status) | extend mssqlinstalled = coalesce(tobool(properties.detectedProperties.mssqldiscovered),false) | extend pgsqlinstalled = coalesce(tobool(properties.detectedProperties.pgsqldiscovered),false) | extend mysqlinstalled = coalesce(tobool(properties.detectedProperties.mysqldiscovered),false) | extend osSku = properties.osSku, osName = properties.osName, osVersion = properties.osVersion | extend coreCount = tostring(properties.detectedProperties.logicalCoreCount), totalPhysicalMemoryinGB = tostring(properties.detectedProperties.totalPhysicalMemoryInGigabytes)  | extend operatingSystem = iif(isnotnull(osSku), osSku, osName) | where mssqlinstalled or mysqlinstalled or pgsqlinstalled | project id ,name, type, resourceGroup, subscriptionId, ___location, kind, osVersion, status, osSku,coreCount,totalPhysicalMemoryinGB,tags, mssqlinstalled, mysqlinstalled, pgsqlinstalled | sort by (tolower(tostring(name))) asc"

Search-AzGraph -Query "resources | where type =~ 'microsoft.hybridcompute/machines' | extend machineId = tolower(tostring(id)), datacenter = iif(isnull(tags.Datacenter), '', tags.Datacenter), status = tostring(properties.status) | extend mssqlinstalled = coalesce(tobool(properties.detectedProperties.mssqldiscovered),false) | extend pgsqlinstalled = coalesce(tobool(properties.detectedProperties.pgsqldiscovered),false) | extend mysqlinstalled = coalesce(tobool(properties.detectedProperties.mysqldiscovered),false) | extend osSku = properties.osSku, osName = properties.osName, osVersion = properties.osVersion | extend coreCount = tostring(properties.detectedProperties.logicalCoreCount), totalPhysicalMemoryinGB = tostring(properties.detectedProperties.totalPhysicalMemoryInGigabytes)  | extend operatingSystem = iif(isnotnull(osSku), osSku, osName) | where mssqlinstalled or mysqlinstalled or pgsqlinstalled | project id ,name, type, resourceGroup, subscriptionId, ___location, kind, osVersion, status, osSku,coreCount,totalPhysicalMemoryinGB,tags, mssqlinstalled, mysqlinstalled, pgsqlinstalled | sort by (tolower(tostring(name))) asc"

已启用 Arc 的 Kubernetes 示例查询

列出所有已启用 Azure Arc 的 Kubernetes 资源

返回每个已启用 Azure Arc 的 Kubernetes 群集和每个群集的相关元数据的列表。

Resources
| project id, subscriptionId, ___location, type, properties.agentVersion, properties.kubernetesVersion, properties.distribution, properties.infrastructure, properties.totalNodeCount, properties.totalCoreCount
| where type =~ 'Microsoft.Kubernetes/connectedClusters'

az graph query -q "Resources | project id, subscriptionId, ___location, type, properties.agentVersion, properties.kubernetesVersion, properties.distribution, properties.infrastructure, properties.totalNodeCount, properties.totalCoreCount | where type =~ 'Microsoft.Kubernetes/connectedClusters'"

Search-AzGraph -Query "Resources | project id, subscriptionId, ___location, type, properties.agentVersion, properties.kubernetesVersion, properties.distribution, properties.infrastructure, properties.totalNodeCount, properties.totalCoreCount | where type =~ 'Microsoft.Kubernetes/connectedClusters'"

列出所有具有 Azure Monitor 扩展的已启用 Azure Arc 的 Kubernetes 群集

返回每个已启用 Azure Arc 的 Kubernetes 群集（安装有 Azure Monitor 扩展）的已连接的群集 ID。

KubernetesConfigurationResources
| where type == 'microsoft.kubernetesconfiguration/extensions'
| where properties.ExtensionType  == 'microsoft.azuremonitor.containers'
| parse id with connectedClusterId '/providers/Microsoft.KubernetesConfiguration/Extensions' *
| project connectedClusterId

az graph query -q "KubernetesConfigurationResources | where type == 'microsoft.kubernetesconfiguration/extensions' | where properties.ExtensionType == 'microsoft.azuremonitor.containers' | parse id with connectedClusterId '/providers/Microsoft.KubernetesConfiguration/Extensions' * | project connectedClusterId"

Search-AzGraph -Query "KubernetesConfigurationResources | where type == 'microsoft.kubernetesconfiguration/extensions' | where properties.ExtensionType == 'microsoft.azuremonitor.containers' | parse id with connectedClusterId '/providers/Microsoft.KubernetesConfiguration/Extensions' * | project connectedClusterId"

列出所有没有 Azure Monitor 扩展的已启用 Azure Arc 的 Kubernetes 群集

返回每个已启用 Azure Arc 的 Kubernetes 群集（缺少 Azure Monitor 扩展）的已连接群集 ID。

Resources
| where type =~ 'Microsoft.Kubernetes/connectedClusters' | extend connectedClusterId = tolower(id) | project connectedClusterId
| join kind = leftouter
  (KubernetesConfigurationResources
  | where type == 'microsoft.kubernetesconfiguration/extensions'
  | where properties.ExtensionType  == 'microsoft.azuremonitor.containers'
  | parse tolower(id) with connectedClusterId '/providers/microsoft.kubernetesconfiguration/extensions' *
  | project connectedClusterId
)  on connectedClusterId
| where connectedClusterId1 == ''
| project connectedClusterId

az graph query -q "Resources | where type =~ 'Microsoft.Kubernetes/connectedClusters' | extend connectedClusterId = tolower(id) | project connectedClusterId | join kind = leftouter (KubernetesConfigurationResources | where type == 'microsoft.kubernetesconfiguration/extensions' | where properties.ExtensionType == 'microsoft.azuremonitor.containers' | parse tolower(id) with connectedClusterId '/providers/microsoft.kubernetesconfiguration/extensions' * | project connectedClusterId ) on connectedClusterId | where connectedClusterId1 == '' | project connectedClusterId"

Search-AzGraph -Query "Resources | where type =~ 'Microsoft.Kubernetes/connectedClusters' | extend connectedClusterId = tolower(id) | project connectedClusterId | join kind = leftouter (KubernetesConfigurationResources | where type == 'microsoft.kubernetesconfiguration/extensions' | where properties.ExtensionType == 'microsoft.azuremonitor.containers' | parse tolower(id) with connectedClusterId '/providers/microsoft.kubernetesconfiguration/extensions' * | project connectedClusterId ) on connectedClusterId | where connectedClusterId1 == '' | project connectedClusterId"

列出包含 Flux 配置的所有群集

返回至少包含一个 connectedCluster 的群集的 managedCluster 和 fluxConfiguration ID。

resources
| where type =~ 'Microsoft.Kubernetes/connectedClusters' or type =~ 'Microsoft.ContainerService/managedClusters' | extend clusterId = tolower(id) | project clusterId
| join
( kubernetesconfigurationresources
| where type == 'microsoft.kubernetesconfiguration/fluxconfigurations'
| parse tolower(id) with clusterId '/providers/microsoft.kubernetesconfiguration/fluxconfigurations' *
| project clusterId
) on clusterId
| project clusterId

az graph query -q "resources | where type =~ 'Microsoft.Kubernetes/connectedClusters' or type =~ 'Microsoft.ContainerService/managedClusters' | extend clusterId = tolower(id) | project clusterId | join ( kubernetesconfigurationresources | where type == 'microsoft.kubernetesconfiguration/fluxconfigurations' | parse tolower(id) with clusterId '/providers/microsoft.kubernetesconfiguration/fluxconfigurations' * | project clusterId ) on clusterId | project clusterId"

Search-AzGraph -Query "resources | where type =~ 'Microsoft.Kubernetes/connectedClusters' or type =~ 'Microsoft.ContainerService/managedClusters' | extend clusterId = tolower(id) | project clusterId | join ( kubernetesconfigurationresources | where type == 'microsoft.kubernetesconfiguration/fluxconfigurations' | parse tolower(id) with clusterId '/providers/microsoft.kubernetesconfiguration/fluxconfigurations' * | project clusterId ) on clusterId | project clusterId"

列出所有处于不合规状态的 Flux 配置

返回无法同步群集上资源的配置的 fluxConfiguration ID。

kubernetesconfigurationresources
| where type == 'microsoft.kubernetesconfiguration/fluxconfigurations'
| where properties.complianceState == 'Non-Compliant'
| project id

az graph query -q "kubernetesconfigurationresources | where type == 'microsoft.kubernetesconfiguration/fluxconfigurations' | where properties.complianceState == 'Non-Compliant' | project id"

Search-AzGraph -Query "kubernetesconfigurationresources | where type == 'microsoft.kubernetesconfiguration/fluxconfigurations' | where properties.complianceState == 'Non-Compliant' | project id"

后续步骤

详细了解查询语言。
详细了解如何浏览资源。

通过