The kusto query below will give you a list of all manually added routes/UDRs in all of your Route Tables(RT) in all subnets in all subscriptions. (Where you have access).
This is a great way to keep track of your UDRs…lest they get out of hand…
You will get the following info from each UDR:
Subcription Name
Resource Group Name
Subnet Name
RT Name
UDR Name
Target Prefix
Next Hop Type
Next Hop IP Address
Provisioning State
Has BGP Override
In my current Azure network, the total UDR count is around 413, in 39 different RTs. Its not easy to keep track and t-shoot the network, not easy at all.
Use different sort or where clauses to filter and sort on what you are currently looking for, if you for example filter on
| where addressPrefix == ‘0.0.0.0/0’
you will see only the routes for ‘unrouted’ traffic.
| where nextHopType == ‘VirtualAppliance’
will list all routes to your(?) Virtual appliance Firewall, and so on.
(You can add the where clauses at the end below the last line)
resources | where type =~ "Microsoft.Network/routeTables" | mv-expand rules = properties.routes | join kind=leftouter (resourcecontainers | where type=='microsoft.resources/subscriptions' | project SubcriptionName=name, subscriptionId) on subscriptionId | extend subnet_name = split((split(tostring(properties.subnets), '/'))[10], '"')[0] | extend addressPrefix = tostring(rules.properties.addressPrefix) | extend nextHopType = tostring(rules.properties.nextHopType) | extend nextHopIpAddress = tostring(rules.properties.nextHopIpAddress) | extend hasBgpOverride = tostring(rules.properties.hasBgpOverride) | extend provisioningState = tostring(rules.properties.provisioningState) | extend udrname = rules.name | extend rtname = name | project SubcriptionName, resourceGroup, subnet_name, rtname, udrname, addressPrefix, nextHopType, nextHopIpAddress, provisioningState, hasBgpOverride | sort by SubcriptionName, resourceGroup asc, rtname asc, addressPrefix asc
References
https://docs.microsoft.com/en-us/azure/governance/resource-graph/samples/advanced?tabs=azure-cli
___________________________________________________________________________________________________
Enjoy!
Regards
blksthl 
it might be me, as I am a bit of a noob at Kusto and Graph, but I cannot get this to work! can you show the actual command you run?
Hi, sorry for the really slow response here…
For anyone interested, its the query in the post, paste it as is and run
resources
| where type =~ “Microsoft.Network/routeTables”
| mv-expand rules = properties.routes
| join kind=leftouter (resourcecontainers
| where type==’microsoft.resources/subscriptions’
| project SubcriptionName=name, subscriptionId) on subscriptionId
| extend subnet_name = split((split(tostring(properties.subnets), ‘/’))[10], ‘”‘)[0]
| extend addressPrefix = tostring(rules.properties.addressPrefix)
| extend nextHopType = tostring(rules.properties.nextHopType)
| extend nextHopIpAddress = tostring(rules.properties.nextHopIpAddress)
| extend hasBgpOverride = tostring(rules.properties.hasBgpOverride)
| extend provisioningState = tostring(rules.properties.provisioningState)
| extend udrname = rules.name
| extend rtname = name
| project SubcriptionName, resourceGroup, subnet_name, rtname, udrname, addressPrefix, nextHopType, nextHopIpAddress, provisioningState, hasBgpOverride
| sort by SubcriptionName, resourceGroup asc, rtname asc, addressPrefix asc
Is it possible to add number of subnets associated with a given UDR?
Hi.
You should be able to get what you want using count()
https://docs.microsoft.com/en-us/azure/data-explorer/kusto/query/count-aggfunction