securityinsight

package
v32.3.0+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 8, 2019 License: Apache-2.0 Imports: 11 Imported by: 0

Documentation

Overview

Package securityinsight implements the Azure ARM Securityinsight service API version 2019-01-01-preview.

API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider

Index

Constants

View Source
const (
	// DefaultBaseURI is the default URI used for the service Securityinsight
	DefaultBaseURI = "https://management.azure.com"
)

Variables

This section is empty.

Functions

func UserAgent

func UserAgent() string

UserAgent returns the UserAgent string to use when sending http.Requests.

func Version

func Version() string

Version returns the semantic version (see http://semver.org) of the client.

Types

type AADDataConnector

type AADDataConnector struct {
	// AADDataConnectorProperties - AAD (Azure Active Directory) data connector properties.
	*AADDataConnectorProperties `json:"properties,omitempty"`
	// ID - READ-ONLY; Azure resource Id
	ID *string `json:"id,omitempty"`
	// Type - READ-ONLY; Azure resource type
	Type *string `json:"type,omitempty"`
	// Name - READ-ONLY; Azure resource name
	Name *string `json:"name,omitempty"`
	// Etag - Etag of the data connector.
	Etag *string `json:"etag,omitempty"`
	// Kind - Possible values include: 'KindDataConnector', 'KindOffice365', 'KindThreatIntelligence', 'KindAmazonWebServicesCloudTrail', 'KindAzureActiveDirectory', 'KindAzureSecurityCenter', 'KindMicrosoftCloudAppSecurity', 'KindAzureAdvancedThreatProtection', 'KindMicrosoftDefenderAdvancedThreatProtection'
	Kind KindBasicDataConnector `json:"kind,omitempty"`
}

AADDataConnector represents AAD (Azure Active Directory) data connector.

func (AADDataConnector) AsAADDataConnector

func (adc AADDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

AsAADDataConnector is the BasicDataConnector implementation for AADDataConnector.

func (AADDataConnector) AsAATPDataConnector

func (adc AADDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

AsAATPDataConnector is the BasicDataConnector implementation for AADDataConnector.

func (AADDataConnector) AsASCDataConnector

func (adc AADDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

AsASCDataConnector is the BasicDataConnector implementation for AADDataConnector.

func (AADDataConnector) AsAwsCloudTrailDataConnector

func (adc AADDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for AADDataConnector.

func (AADDataConnector) AsBasicDataConnector

func (adc AADDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

AsBasicDataConnector is the BasicDataConnector implementation for AADDataConnector.

func (AADDataConnector) AsDataConnector

func (adc AADDataConnector) AsDataConnector() (*DataConnector, bool)

AsDataConnector is the BasicDataConnector implementation for AADDataConnector.

func (AADDataConnector) AsMCASDataConnector

func (adc AADDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

AsMCASDataConnector is the BasicDataConnector implementation for AADDataConnector.

func (AADDataConnector) AsMDATPDataConnector

func (adc AADDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

AsMDATPDataConnector is the BasicDataConnector implementation for AADDataConnector.

func (AADDataConnector) AsOfficeDataConnector

func (adc AADDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

AsOfficeDataConnector is the BasicDataConnector implementation for AADDataConnector.

func (AADDataConnector) AsTIDataConnector

func (adc AADDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

AsTIDataConnector is the BasicDataConnector implementation for AADDataConnector.

func (AADDataConnector) MarshalJSON

func (adc AADDataConnector) MarshalJSON() ([]byte, error)

MarshalJSON is the custom marshaler for AADDataConnector.

func (*AADDataConnector) UnmarshalJSON

func (adc *AADDataConnector) UnmarshalJSON(body []byte) error

UnmarshalJSON is the custom unmarshaler for AADDataConnector struct.

type AADDataConnectorProperties

type AADDataConnectorProperties struct {
	// TenantID - The tenant id to connect to, and get the data from.
	TenantID *string `json:"tenantId,omitempty"`
	// DataTypes - The available data types for the connector.
	DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"`
}

AADDataConnectorProperties AAD (Azure Active Directory) data connector properties.

type AATPDataConnector

type AATPDataConnector struct {
	// AATPDataConnectorProperties - AATP (Azure Advanced Threat Protection) data connector properties.
	*AATPDataConnectorProperties `json:"properties,omitempty"`
	// ID - READ-ONLY; Azure resource Id
	ID *string `json:"id,omitempty"`
	// Type - READ-ONLY; Azure resource type
	Type *string `json:"type,omitempty"`
	// Name - READ-ONLY; Azure resource name
	Name *string `json:"name,omitempty"`
	// Etag - Etag of the data connector.
	Etag *string `json:"etag,omitempty"`
	// Kind - Possible values include: 'KindDataConnector', 'KindOffice365', 'KindThreatIntelligence', 'KindAmazonWebServicesCloudTrail', 'KindAzureActiveDirectory', 'KindAzureSecurityCenter', 'KindMicrosoftCloudAppSecurity', 'KindAzureAdvancedThreatProtection', 'KindMicrosoftDefenderAdvancedThreatProtection'
	Kind KindBasicDataConnector `json:"kind,omitempty"`
}

AATPDataConnector represents AATP (Azure Advanced Threat Protection) data connector.

func (AATPDataConnector) AsAADDataConnector

func (adc AATPDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

AsAADDataConnector is the BasicDataConnector implementation for AATPDataConnector.

func (AATPDataConnector) AsAATPDataConnector

func (adc AATPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

AsAATPDataConnector is the BasicDataConnector implementation for AATPDataConnector.

func (AATPDataConnector) AsASCDataConnector

func (adc AATPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

AsASCDataConnector is the BasicDataConnector implementation for AATPDataConnector.

func (AATPDataConnector) AsAwsCloudTrailDataConnector

func (adc AATPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for AATPDataConnector.

func (AATPDataConnector) AsBasicDataConnector

func (adc AATPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

AsBasicDataConnector is the BasicDataConnector implementation for AATPDataConnector.

func (AATPDataConnector) AsDataConnector

func (adc AATPDataConnector) AsDataConnector() (*DataConnector, bool)

AsDataConnector is the BasicDataConnector implementation for AATPDataConnector.

func (AATPDataConnector) AsMCASDataConnector

func (adc AATPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

AsMCASDataConnector is the BasicDataConnector implementation for AATPDataConnector.

func (AATPDataConnector) AsMDATPDataConnector

func (adc AATPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

AsMDATPDataConnector is the BasicDataConnector implementation for AATPDataConnector.

func (AATPDataConnector) AsOfficeDataConnector

func (adc AATPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

AsOfficeDataConnector is the BasicDataConnector implementation for AATPDataConnector.

func (AATPDataConnector) AsTIDataConnector

func (adc AATPDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

AsTIDataConnector is the BasicDataConnector implementation for AATPDataConnector.

func (AATPDataConnector) MarshalJSON

func (adc AATPDataConnector) MarshalJSON() ([]byte, error)

MarshalJSON is the custom marshaler for AATPDataConnector.

func (*AATPDataConnector) UnmarshalJSON

func (adc *AATPDataConnector) UnmarshalJSON(body []byte) error

UnmarshalJSON is the custom unmarshaler for AATPDataConnector struct.

type AATPDataConnectorProperties

type AATPDataConnectorProperties struct {
	// TenantID - The tenant id to connect to, and get the data from.
	TenantID *string `json:"tenantId,omitempty"`
	// DataTypes - The available data types for the connector.
	DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"`
}

AATPDataConnectorProperties AATP (Azure Advanced Threat Protection) data connector properties.

type ASCDataConnector

type ASCDataConnector struct {
	// ASCDataConnectorProperties - ASC (Azure Security Center) data connector properties.
	*ASCDataConnectorProperties `json:"properties,omitempty"`
	// ID - READ-ONLY; Azure resource Id
	ID *string `json:"id,omitempty"`
	// Type - READ-ONLY; Azure resource type
	Type *string `json:"type,omitempty"`
	// Name - READ-ONLY; Azure resource name
	Name *string `json:"name,omitempty"`
	// Etag - Etag of the data connector.
	Etag *string `json:"etag,omitempty"`
	// Kind - Possible values include: 'KindDataConnector', 'KindOffice365', 'KindThreatIntelligence', 'KindAmazonWebServicesCloudTrail', 'KindAzureActiveDirectory', 'KindAzureSecurityCenter', 'KindMicrosoftCloudAppSecurity', 'KindAzureAdvancedThreatProtection', 'KindMicrosoftDefenderAdvancedThreatProtection'
	Kind KindBasicDataConnector `json:"kind,omitempty"`
}

ASCDataConnector represents ASC (Azure Security Center) data connector.

func (ASCDataConnector) AsAADDataConnector

func (adc ASCDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

AsAADDataConnector is the BasicDataConnector implementation for ASCDataConnector.

func (ASCDataConnector) AsAATPDataConnector

func (adc ASCDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

AsAATPDataConnector is the BasicDataConnector implementation for ASCDataConnector.

func (ASCDataConnector) AsASCDataConnector

func (adc ASCDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

AsASCDataConnector is the BasicDataConnector implementation for ASCDataConnector.

func (ASCDataConnector) AsAwsCloudTrailDataConnector

func (adc ASCDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for ASCDataConnector.

func (ASCDataConnector) AsBasicDataConnector

func (adc ASCDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

AsBasicDataConnector is the BasicDataConnector implementation for ASCDataConnector.

func (ASCDataConnector) AsDataConnector

func (adc ASCDataConnector) AsDataConnector() (*DataConnector, bool)

AsDataConnector is the BasicDataConnector implementation for ASCDataConnector.

func (ASCDataConnector) AsMCASDataConnector

func (adc ASCDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

AsMCASDataConnector is the BasicDataConnector implementation for ASCDataConnector.

func (ASCDataConnector) AsMDATPDataConnector

func (adc ASCDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

AsMDATPDataConnector is the BasicDataConnector implementation for ASCDataConnector.

func (ASCDataConnector) AsOfficeDataConnector

func (adc ASCDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

AsOfficeDataConnector is the BasicDataConnector implementation for ASCDataConnector.

func (ASCDataConnector) AsTIDataConnector

func (adc ASCDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

AsTIDataConnector is the BasicDataConnector implementation for ASCDataConnector.

func (ASCDataConnector) MarshalJSON

func (adc ASCDataConnector) MarshalJSON() ([]byte, error)

MarshalJSON is the custom marshaler for ASCDataConnector.

func (*ASCDataConnector) UnmarshalJSON

func (adc *ASCDataConnector) UnmarshalJSON(body []byte) error

UnmarshalJSON is the custom unmarshaler for ASCDataConnector struct.

type ASCDataConnectorProperties

type ASCDataConnectorProperties struct {
	// SubscriptionID - The subscription id to connect to, and get the data from.
	SubscriptionID *string `json:"subscriptionId,omitempty"`
	// DataTypes - The available data types for the connector.
	DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"`
}

ASCDataConnectorProperties MCAS (Microsoft Cloud App Security) data connector properties.

type AccountEntity

type AccountEntity struct {
	// AccountEntityProperties - Account entity properties
	*AccountEntityProperties `json:"properties,omitempty"`
	// ID - READ-ONLY; Azure resource Id
	ID *string `json:"id,omitempty"`
	// Type - READ-ONLY; Azure resource type
	Type *string `json:"type,omitempty"`
	// Name - READ-ONLY; Azure resource name
	Name *string `json:"name,omitempty"`
	// Kind - Possible values include: 'KindEntity', 'KindAccount', 'KindHost', 'KindFile'
	Kind KindBasicEntity `json:"kind,omitempty"`
}

AccountEntity represents an account entity.

func (AccountEntity) AsAccountEntity

func (ae AccountEntity) AsAccountEntity() (*AccountEntity, bool)

AsAccountEntity is the BasicEntity implementation for AccountEntity.

func (AccountEntity) AsBasicEntity

func (ae AccountEntity) AsBasicEntity() (BasicEntity, bool)

AsBasicEntity is the BasicEntity implementation for AccountEntity.

func (AccountEntity) AsEntity

func (ae AccountEntity) AsEntity() (*Entity, bool)

AsEntity is the BasicEntity implementation for AccountEntity.

func (AccountEntity) AsFileEntity

func (ae AccountEntity) AsFileEntity() (*FileEntity, bool)

AsFileEntity is the BasicEntity implementation for AccountEntity.

func (AccountEntity) AsHostEntity

func (ae AccountEntity) AsHostEntity() (*HostEntity, bool)

AsHostEntity is the BasicEntity implementation for AccountEntity.

func (AccountEntity) MarshalJSON

func (ae AccountEntity) MarshalJSON() ([]byte, error)

MarshalJSON is the custom marshaler for AccountEntity.

func (*AccountEntity) UnmarshalJSON

func (ae *AccountEntity) UnmarshalJSON(body []byte) error

UnmarshalJSON is the custom unmarshaler for AccountEntity struct.

type AccountEntityProperties

type AccountEntityProperties struct {
	// AccountName - READ-ONLY; The name of the account. This field should hold only the name without any domain added to it, i.e. administrator.
	AccountName *string `json:"accountName,omitempty"`
	// NtDomain - READ-ONLY; The NetBIOS domain name as it appears in the alert format – domain\username. Examples: NT AUTHORITY.
	NtDomain *string `json:"ntDomain,omitempty"`
	// UpnSuffix - READ-ONLY; The user principal name suffix for the account, in some cases it is also the domain name. Examples: contoso.com.
	UpnSuffix *string `json:"upnSuffix,omitempty"`
	// Sid - READ-ONLY; The account security identifier, e.g. S-1-5-18.
	Sid *string `json:"sid,omitempty"`
	// AadTenantID - READ-ONLY; The Azure Active Directory tenant id.
	AadTenantID *string `json:"aadTenantId,omitempty"`
	// AadUserID - READ-ONLY; The Azure Active Directory user id.
	AadUserID *string `json:"aadUserId,omitempty"`
	// Puid - READ-ONLY; The Azure Active Directory Passport User ID.
	Puid *string `json:"puid,omitempty"`
	// IsDomainJoined - READ-ONLY; Determines whether this is a domain account.
	IsDomainJoined *bool `json:"isDomainJoined,omitempty"`
	// ObjectGUID - READ-ONLY; The objectGUID attribute is a single-value attribute that is the unique identifier for the object, assigned by active directory.
	ObjectGUID *uuid.UUID `json:"objectGuid,omitempty"`
}

AccountEntityProperties account entity property bag.

type Action

type Action struct {
	autorest.Response `json:"-"`
	// Etag - Etag of the action.
	Etag *string `json:"etag,omitempty"`
	// ActionProperties - Action properties
	*ActionProperties `json:"properties,omitempty"`
	// ID - READ-ONLY; Azure resource Id
	ID *string `json:"id,omitempty"`
	// Type - READ-ONLY; Azure resource type
	Type *string `json:"type,omitempty"`
	// Name - READ-ONLY; Azure resource name
	Name *string `json:"name,omitempty"`
}

Action action for alert rule.

func (Action) MarshalJSON

func (a Action) MarshalJSON() ([]byte, error)

MarshalJSON is the custom marshaler for Action.

func (*Action) UnmarshalJSON

func (a *Action) UnmarshalJSON(body []byte) error

UnmarshalJSON is the custom unmarshaler for Action struct.

type ActionProperties

type ActionProperties struct {
	// TriggerURI - The uri for the action to trigger.
	TriggerURI *string `json:"triggerUri,omitempty"`
}

ActionProperties action property bag.

type ActionsClient

type ActionsClient struct {
	BaseClient
}

ActionsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider

func NewActionsClient

func NewActionsClient(subscriptionID string) ActionsClient

NewActionsClient creates an instance of the ActionsClient client.

func NewActionsClientWithBaseURI

func NewActionsClientWithBaseURI(baseURI string, subscriptionID string) ActionsClient

NewActionsClientWithBaseURI creates an instance of the ActionsClient client.

func (ActionsClient) ListByAlertRule

func (client ActionsClient) ListByAlertRule(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string) (result ActionsListPage, err error)

ListByAlertRule gets all actions of alert rule. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace. ruleID - alert rule ID

func (ActionsClient) ListByAlertRuleComplete

func (client ActionsClient) ListByAlertRuleComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string) (result ActionsListIterator, err error)

ListByAlertRuleComplete enumerates all values, automatically crossing page boundaries as required.

func (ActionsClient) ListByAlertRulePreparer

func (client ActionsClient) ListByAlertRulePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string) (*http.Request, error)

ListByAlertRulePreparer prepares the ListByAlertRule request.

func (ActionsClient) ListByAlertRuleResponder

func (client ActionsClient) ListByAlertRuleResponder(resp *http.Response) (result ActionsList, err error)

ListByAlertRuleResponder handles the response to the ListByAlertRule request. The method always closes the http.Response Body.

func (ActionsClient) ListByAlertRuleSender

func (client ActionsClient) ListByAlertRuleSender(req *http.Request) (*http.Response, error)

ListByAlertRuleSender sends the ListByAlertRule request. The method will close the http.Response Body if it receives an error.

type ActionsList

type ActionsList struct {
	autorest.Response `json:"-"`
	// NextLink - READ-ONLY; URL to fetch the next set of actions.
	NextLink *string `json:"nextLink,omitempty"`
	// Value - Array of actions.
	Value *[]Action `json:"value,omitempty"`
}

ActionsList list all the actions.

func (ActionsList) IsEmpty

func (al ActionsList) IsEmpty() bool

IsEmpty returns true if the ListResult contains no values.

type ActionsListIterator

type ActionsListIterator struct {
	// contains filtered or unexported fields
}

ActionsListIterator provides access to a complete listing of Action values.

func NewActionsListIterator

func NewActionsListIterator(page ActionsListPage) ActionsListIterator

Creates a new instance of the ActionsListIterator type.

func (*ActionsListIterator) Next

func (iter *ActionsListIterator) Next() error

Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.

func (*ActionsListIterator) NextWithContext

func (iter *ActionsListIterator) NextWithContext(ctx context.Context) (err error)

NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.

func (ActionsListIterator) NotDone

func (iter ActionsListIterator) NotDone() bool

NotDone returns true if the enumeration should be started or is not yet complete.

func (ActionsListIterator) Response

func (iter ActionsListIterator) Response() ActionsList

Response returns the raw server response from the last page request.

func (ActionsListIterator) Value

func (iter ActionsListIterator) Value() Action

Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.

type ActionsListPage

type ActionsListPage struct {
	// contains filtered or unexported fields
}

ActionsListPage contains a page of Action values.

func NewActionsListPage

func NewActionsListPage(getNextPage func(context.Context, ActionsList) (ActionsList, error)) ActionsListPage

Creates a new instance of the ActionsListPage type.

func (*ActionsListPage) Next

func (page *ActionsListPage) Next() error

Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.

func (*ActionsListPage) NextWithContext

func (page *ActionsListPage) NextWithContext(ctx context.Context) (err error)

NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.

func (ActionsListPage) NotDone

func (page ActionsListPage) NotDone() bool

NotDone returns true if the page enumeration should be started or is not yet complete.

func (ActionsListPage) Response

func (page ActionsListPage) Response() ActionsList

Response returns the raw server response from the last page request.

func (ActionsListPage) Values

func (page ActionsListPage) Values() []Action

Values returns the slice of values for the current page or nil if there are no values.

type Aggregations

type Aggregations struct {
	autorest.Response `json:"-"`
	// ID - READ-ONLY; Azure resource Id
	ID *string `json:"id,omitempty"`
	// Type - READ-ONLY; Azure resource type
	Type *string `json:"type,omitempty"`
	// Name - READ-ONLY; Azure resource name
	Name *string `json:"name,omitempty"`
	// Kind - Possible values include: 'KindAggregations', 'KindCasesAggregation'
	Kind KindBasicAggregations `json:"kind,omitempty"`
}

Aggregations the aggregation.

func (Aggregations) AsAggregations

func (a Aggregations) AsAggregations() (*Aggregations, bool)

AsAggregations is the BasicAggregations implementation for Aggregations.

func (Aggregations) AsBasicAggregations

func (a Aggregations) AsBasicAggregations() (BasicAggregations, bool)

AsBasicAggregations is the BasicAggregations implementation for Aggregations.

func (Aggregations) AsCasesAggregation

func (a Aggregations) AsCasesAggregation() (*CasesAggregation, bool)

AsCasesAggregation is the BasicAggregations implementation for Aggregations.

func (Aggregations) MarshalJSON

func (a Aggregations) MarshalJSON() ([]byte, error)

MarshalJSON is the custom marshaler for Aggregations.

type AggregationsKind

type AggregationsKind string

AggregationsKind enumerates the values for aggregations kind.

const (
	// AggregationsKindCasesAggregation ...
	AggregationsKindCasesAggregation AggregationsKind = "CasesAggregation"
)

func PossibleAggregationsKindValues

func PossibleAggregationsKindValues() []AggregationsKind

PossibleAggregationsKindValues returns an array of possible values for the AggregationsKind const type.

type AggregationsKind1

type AggregationsKind1 struct {
	// Kind - The kind of the setting. Possible values include: 'AggregationsKindCasesAggregation'
	Kind AggregationsKind `json:"kind,omitempty"`
}

AggregationsKind1 describes an Azure resource with kind.

type AggregationsModel

type AggregationsModel struct {
	autorest.Response `json:"-"`
	Value             BasicAggregations `json:"value,omitempty"`
}

AggregationsModel ...

func (*AggregationsModel) UnmarshalJSON

func (am *AggregationsModel) UnmarshalJSON(body []byte) error

UnmarshalJSON is the custom unmarshaler for AggregationsModel struct.

type AlertRule

type AlertRule struct {
	autorest.Response `json:"-"`
	// ID - READ-ONLY; Azure resource Id
	ID *string `json:"id,omitempty"`
	// Type - READ-ONLY; Azure resource type
	Type *string `json:"type,omitempty"`
	// Name - READ-ONLY; Azure resource name
	Name *string `json:"name,omitempty"`
	// Etag - Etag of the alert rule.
	Etag *string `json:"etag,omitempty"`
	// Kind - Possible values include: 'KindAlertRule', 'KindScheduled'
	Kind Kind `json:"kind,omitempty"`
}

AlertRule alert rule.

func (AlertRule) AsAlertRule

func (ar AlertRule) AsAlertRule() (*AlertRule, bool)

AsAlertRule is the BasicAlertRule implementation for AlertRule.

func (AlertRule) AsBasicAlertRule

func (ar AlertRule) AsBasicAlertRule() (BasicAlertRule, bool)

AsBasicAlertRule is the BasicAlertRule implementation for AlertRule.

func (AlertRule) AsScheduledAlertRule

func (ar AlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)

AsScheduledAlertRule is the BasicAlertRule implementation for AlertRule.

func (AlertRule) MarshalJSON

func (ar AlertRule) MarshalJSON() ([]byte, error)

MarshalJSON is the custom marshaler for AlertRule.

type AlertRuleKind

type AlertRuleKind string

AlertRuleKind enumerates the values for alert rule kind.

const (
	// Scheduled ...
	Scheduled AlertRuleKind = "Scheduled"
)

func PossibleAlertRuleKindValues

func PossibleAlertRuleKindValues() []AlertRuleKind

PossibleAlertRuleKindValues returns an array of possible values for the AlertRuleKind const type.

type AlertRuleKind1

type AlertRuleKind1 struct {
	// Kind - The kind of the alert rule. Possible values include: 'Scheduled'
	Kind AlertRuleKind `json:"kind,omitempty"`
}

AlertRuleKind1 describes an Azure resource with kind.

type AlertRuleModel

type AlertRuleModel struct {
	autorest.Response `json:"-"`
	Value             BasicAlertRule `json:"value,omitempty"`
}

AlertRuleModel ...

func (*AlertRuleModel) UnmarshalJSON

func (arm *AlertRuleModel) UnmarshalJSON(body []byte) error

UnmarshalJSON is the custom unmarshaler for AlertRuleModel struct.

type AlertRulesClient

type AlertRulesClient struct {
	BaseClient
}

AlertRulesClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider

func NewAlertRulesClient

func NewAlertRulesClient(subscriptionID string) AlertRulesClient

NewAlertRulesClient creates an instance of the AlertRulesClient client.

func NewAlertRulesClientWithBaseURI

func NewAlertRulesClientWithBaseURI(baseURI string, subscriptionID string) AlertRulesClient

NewAlertRulesClientWithBaseURI creates an instance of the AlertRulesClient client.

func (AlertRulesClient) CreateOrUpdate

func (client AlertRulesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string, alertRule BasicAlertRule) (result AlertRuleModel, err error)

CreateOrUpdate creates or updates the alert rule. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace. ruleID - alert rule ID alertRule - the alert rule

func (AlertRulesClient) CreateOrUpdateAction

func (client AlertRulesClient) CreateOrUpdateAction(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string, actionID string, action Action) (result Action, err error)

CreateOrUpdateAction creates or updates the action of alert rule. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace. ruleID - alert rule ID actionID - action ID action - the action

func (AlertRulesClient) CreateOrUpdateActionPreparer

func (client AlertRulesClient) CreateOrUpdateActionPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string, actionID string, action Action) (*http.Request, error)

CreateOrUpdateActionPreparer prepares the CreateOrUpdateAction request.

func (AlertRulesClient) CreateOrUpdateActionResponder

func (client AlertRulesClient) CreateOrUpdateActionResponder(resp *http.Response) (result Action, err error)

CreateOrUpdateActionResponder handles the response to the CreateOrUpdateAction request. The method always closes the http.Response Body.

func (AlertRulesClient) CreateOrUpdateActionSender

func (client AlertRulesClient) CreateOrUpdateActionSender(req *http.Request) (*http.Response, error)

CreateOrUpdateActionSender sends the CreateOrUpdateAction request. The method will close the http.Response Body if it receives an error.

func (AlertRulesClient) CreateOrUpdatePreparer

func (client AlertRulesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string, alertRule BasicAlertRule) (*http.Request, error)

CreateOrUpdatePreparer prepares the CreateOrUpdate request.

func (AlertRulesClient) CreateOrUpdateResponder

func (client AlertRulesClient) CreateOrUpdateResponder(resp *http.Response) (result AlertRuleModel, err error)

CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always closes the http.Response Body.

func (AlertRulesClient) CreateOrUpdateSender

func (client AlertRulesClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)

CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the http.Response Body if it receives an error.

func (AlertRulesClient) Delete

func (client AlertRulesClient) Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string) (result autorest.Response, err error)

Delete delete the alert rule. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace. ruleID - alert rule ID

func (AlertRulesClient) DeleteAction

func (client AlertRulesClient) DeleteAction(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string, actionID string) (result autorest.Response, err error)

DeleteAction delete the action of alert rule. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace. ruleID - alert rule ID actionID - action ID

func (AlertRulesClient) DeleteActionPreparer

func (client AlertRulesClient) DeleteActionPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string, actionID string) (*http.Request, error)

DeleteActionPreparer prepares the DeleteAction request.

func (AlertRulesClient) DeleteActionResponder

func (client AlertRulesClient) DeleteActionResponder(resp *http.Response) (result autorest.Response, err error)

DeleteActionResponder handles the response to the DeleteAction request. The method always closes the http.Response Body.

func (AlertRulesClient) DeleteActionSender

func (client AlertRulesClient) DeleteActionSender(req *http.Request) (*http.Response, error)

DeleteActionSender sends the DeleteAction request. The method will close the http.Response Body if it receives an error.

func (AlertRulesClient) DeletePreparer

func (client AlertRulesClient) DeletePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string) (*http.Request, error)

DeletePreparer prepares the Delete request.

func (AlertRulesClient) DeleteResponder

func (client AlertRulesClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

DeleteResponder handles the response to the Delete request. The method always closes the http.Response Body.

func (AlertRulesClient) DeleteSender

func (client AlertRulesClient) DeleteSender(req *http.Request) (*http.Response, error)

DeleteSender sends the Delete request. The method will close the http.Response Body if it receives an error.

func (AlertRulesClient) Get

func (client AlertRulesClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string) (result AlertRuleModel, err error)

Get gets the alert rule. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace. ruleID - alert rule ID

func (AlertRulesClient) GetAction

func (client AlertRulesClient) GetAction(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string, actionID string) (result Action, err error)

GetAction gets the action of alert rule. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace. ruleID - alert rule ID actionID - action ID

func (AlertRulesClient) GetActionPreparer

func (client AlertRulesClient) GetActionPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string, actionID string) (*http.Request, error)

GetActionPreparer prepares the GetAction request.

func (AlertRulesClient) GetActionResponder

func (client AlertRulesClient) GetActionResponder(resp *http.Response) (result Action, err error)

GetActionResponder handles the response to the GetAction request. The method always closes the http.Response Body.

func (AlertRulesClient) GetActionSender

func (client AlertRulesClient) GetActionSender(req *http.Request) (*http.Response, error)

GetActionSender sends the GetAction request. The method will close the http.Response Body if it receives an error.

func (AlertRulesClient) GetPreparer

func (client AlertRulesClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string) (*http.Request, error)

GetPreparer prepares the Get request.

func (AlertRulesClient) GetResponder

func (client AlertRulesClient) GetResponder(resp *http.Response) (result AlertRuleModel, err error)

GetResponder handles the response to the Get request. The method always closes the http.Response Body.

func (AlertRulesClient) GetSender

func (client AlertRulesClient) GetSender(req *http.Request) (*http.Response, error)

GetSender sends the Get request. The method will close the http.Response Body if it receives an error.

func (AlertRulesClient) List

func (client AlertRulesClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result AlertRulesListPage, err error)

List gets all alert rules. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace.

func (AlertRulesClient) ListComplete

func (client AlertRulesClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result AlertRulesListIterator, err error)

ListComplete enumerates all values, automatically crossing page boundaries as required.

func (AlertRulesClient) ListPreparer

func (client AlertRulesClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (*http.Request, error)

ListPreparer prepares the List request.

func (AlertRulesClient) ListResponder

func (client AlertRulesClient) ListResponder(resp *http.Response) (result AlertRulesList, err error)

ListResponder handles the response to the List request. The method always closes the http.Response Body.

func (AlertRulesClient) ListSender

func (client AlertRulesClient) ListSender(req *http.Request) (*http.Response, error)

ListSender sends the List request. The method will close the http.Response Body if it receives an error.

type AlertRulesList

type AlertRulesList struct {
	autorest.Response `json:"-"`
	// NextLink - READ-ONLY; URL to fetch the next set of alert rules.
	NextLink *string `json:"nextLink,omitempty"`
	// Value - Array of alert rules.
	Value *[]BasicAlertRule `json:"value,omitempty"`
}

AlertRulesList list all the alert rules.

func (AlertRulesList) IsEmpty

func (arl AlertRulesList) IsEmpty() bool

IsEmpty returns true if the ListResult contains no values.

func (*AlertRulesList) UnmarshalJSON

func (arl *AlertRulesList) UnmarshalJSON(body []byte) error

UnmarshalJSON is the custom unmarshaler for AlertRulesList struct.

type AlertRulesListIterator

type AlertRulesListIterator struct {
	// contains filtered or unexported fields
}

AlertRulesListIterator provides access to a complete listing of AlertRule values.

func NewAlertRulesListIterator

func NewAlertRulesListIterator(page AlertRulesListPage) AlertRulesListIterator

Creates a new instance of the AlertRulesListIterator type.

func (*AlertRulesListIterator) Next

func (iter *AlertRulesListIterator) Next() error

Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.

func (*AlertRulesListIterator) NextWithContext

func (iter *AlertRulesListIterator) NextWithContext(ctx context.Context) (err error)

NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.

func (AlertRulesListIterator) NotDone

func (iter AlertRulesListIterator) NotDone() bool

NotDone returns true if the enumeration should be started or is not yet complete.

func (AlertRulesListIterator) Response

func (iter AlertRulesListIterator) Response() AlertRulesList

Response returns the raw server response from the last page request.

func (AlertRulesListIterator) Value

Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.

type AlertRulesListPage

type AlertRulesListPage struct {
	// contains filtered or unexported fields
}

AlertRulesListPage contains a page of BasicAlertRule values.

func NewAlertRulesListPage

func NewAlertRulesListPage(getNextPage func(context.Context, AlertRulesList) (AlertRulesList, error)) AlertRulesListPage

Creates a new instance of the AlertRulesListPage type.

func (*AlertRulesListPage) Next

func (page *AlertRulesListPage) Next() error

Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.

func (*AlertRulesListPage) NextWithContext

func (page *AlertRulesListPage) NextWithContext(ctx context.Context) (err error)

NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.

func (AlertRulesListPage) NotDone

func (page AlertRulesListPage) NotDone() bool

NotDone returns true if the page enumeration should be started or is not yet complete.

func (AlertRulesListPage) Response

func (page AlertRulesListPage) Response() AlertRulesList

Response returns the raw server response from the last page request.

func (AlertRulesListPage) Values

func (page AlertRulesListPage) Values() []BasicAlertRule

Values returns the slice of values for the current page or nil if there are no values.

type AlertSeverity

type AlertSeverity string

AlertSeverity enumerates the values for alert severity.

const (
	// High High severity
	High AlertSeverity = "High"
	// Informational Informational severity
	Informational AlertSeverity = "Informational"
	// Low Low severity
	Low AlertSeverity = "Low"
	// Medium Medium severity
	Medium AlertSeverity = "Medium"
)

func PossibleAlertSeverityValues

func PossibleAlertSeverityValues() []AlertSeverity

PossibleAlertSeverityValues returns an array of possible values for the AlertSeverity const type.

type AlertsDataTypeOfDataConnector

type AlertsDataTypeOfDataConnector struct {
	// Alerts - Alerts data type connection.
	Alerts *AlertsDataTypeOfDataConnectorAlerts `json:"alerts,omitempty"`
}

AlertsDataTypeOfDataConnector alerts data type for data connectors.

type AlertsDataTypeOfDataConnectorAlerts

type AlertsDataTypeOfDataConnectorAlerts struct {
	// State - Describe whether this data type connection is enabled or not. Possible values include: 'Enabled', 'Disabled'
	State DataTypeState `json:"state,omitempty"`
}

AlertsDataTypeOfDataConnectorAlerts alerts data type connection.

type AwsCloudTrailDataConnector

type AwsCloudTrailDataConnector struct {
	// AwsCloudTrailDataConnectorProperties - Amazon Web Services CloudTrail data connector properties.
	*AwsCloudTrailDataConnectorProperties `json:"properties,omitempty"`
	// ID - READ-ONLY; Azure resource Id
	ID *string `json:"id,omitempty"`
	// Type - READ-ONLY; Azure resource type
	Type *string `json:"type,omitempty"`
	// Name - READ-ONLY; Azure resource name
	Name *string `json:"name,omitempty"`
	// Etag - Etag of the data connector.
	Etag *string `json:"etag,omitempty"`
	// Kind - Possible values include: 'KindDataConnector', 'KindOffice365', 'KindThreatIntelligence', 'KindAmazonWebServicesCloudTrail', 'KindAzureActiveDirectory', 'KindAzureSecurityCenter', 'KindMicrosoftCloudAppSecurity', 'KindAzureAdvancedThreatProtection', 'KindMicrosoftDefenderAdvancedThreatProtection'
	Kind KindBasicDataConnector `json:"kind,omitempty"`
}

AwsCloudTrailDataConnector represents Amazon Web Services CloudTrail data connector.

func (AwsCloudTrailDataConnector) AsAADDataConnector

func (actdc AwsCloudTrailDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

AsAADDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.

func (AwsCloudTrailDataConnector) AsAATPDataConnector

func (actdc AwsCloudTrailDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

AsAATPDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.

func (AwsCloudTrailDataConnector) AsASCDataConnector

func (actdc AwsCloudTrailDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

AsASCDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.

func (AwsCloudTrailDataConnector) AsAwsCloudTrailDataConnector

func (actdc AwsCloudTrailDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.

func (AwsCloudTrailDataConnector) AsBasicDataConnector

func (actdc AwsCloudTrailDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

AsBasicDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.

func (AwsCloudTrailDataConnector) AsDataConnector

func (actdc AwsCloudTrailDataConnector) AsDataConnector() (*DataConnector, bool)

AsDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.

func (AwsCloudTrailDataConnector) AsMCASDataConnector

func (actdc AwsCloudTrailDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

AsMCASDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.

func (AwsCloudTrailDataConnector) AsMDATPDataConnector

func (actdc AwsCloudTrailDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

AsMDATPDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.

func (AwsCloudTrailDataConnector) AsOfficeDataConnector

func (actdc AwsCloudTrailDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

AsOfficeDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.

func (AwsCloudTrailDataConnector) AsTIDataConnector

func (actdc AwsCloudTrailDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

AsTIDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.

func (AwsCloudTrailDataConnector) MarshalJSON

func (actdc AwsCloudTrailDataConnector) MarshalJSON() ([]byte, error)

MarshalJSON is the custom marshaler for AwsCloudTrailDataConnector.

func (*AwsCloudTrailDataConnector) UnmarshalJSON

func (actdc *AwsCloudTrailDataConnector) UnmarshalJSON(body []byte) error

UnmarshalJSON is the custom unmarshaler for AwsCloudTrailDataConnector struct.

type AwsCloudTrailDataConnectorDataTypes

type AwsCloudTrailDataConnectorDataTypes struct {
	// Logs - Logs data type.
	Logs *AwsCloudTrailDataConnectorDataTypesLogs `json:"logs,omitempty"`
}

AwsCloudTrailDataConnectorDataTypes the available data types for Amazon Web Services CloudTrail data connector.

type AwsCloudTrailDataConnectorDataTypesLogs

type AwsCloudTrailDataConnectorDataTypesLogs struct {
	// State - Describe whether this data type connection is enabled or not. Possible values include: 'Enabled', 'Disabled'
	State DataTypeState `json:"state,omitempty"`
}

AwsCloudTrailDataConnectorDataTypesLogs logs data type.

type AwsCloudTrailDataConnectorProperties

type AwsCloudTrailDataConnectorProperties struct {
	// AwsRoleArn - The Aws Role Arn (with CloudTrailReadOnly policy) that is used to access the Aws account.
	AwsRoleArn *string `json:"awsRoleArn,omitempty"`
	// DataTypes - The available data types for the connector.
	DataTypes *AwsCloudTrailDataConnectorDataTypes `json:"dataTypes,omitempty"`
}

AwsCloudTrailDataConnectorProperties amazon Web Services CloudTrail data connector properties.

type BaseClient

type BaseClient struct {
	autorest.Client
	BaseURI        string
	SubscriptionID string
}

BaseClient is the base client for Securityinsight.

func New

func New(subscriptionID string) BaseClient

New creates an instance of the BaseClient client.

func NewWithBaseURI

func NewWithBaseURI(baseURI string, subscriptionID string) BaseClient

NewWithBaseURI creates an instance of the BaseClient client.

type BasicAggregations

type BasicAggregations interface {
	AsCasesAggregation() (*CasesAggregation, bool)
	AsAggregations() (*Aggregations, bool)
}

BasicAggregations the aggregation.

type BasicAlertRule

type BasicAlertRule interface {
	AsScheduledAlertRule() (*ScheduledAlertRule, bool)
	AsAlertRule() (*AlertRule, bool)
}

BasicAlertRule alert rule.

type BasicDataConnector

type BasicDataConnector interface {
	AsOfficeDataConnector() (*OfficeDataConnector, bool)
	AsTIDataConnector() (*TIDataConnector, bool)
	AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
	AsAADDataConnector() (*AADDataConnector, bool)
	AsASCDataConnector() (*ASCDataConnector, bool)
	AsMCASDataConnector() (*MCASDataConnector, bool)
	AsAATPDataConnector() (*AATPDataConnector, bool)
	AsMDATPDataConnector() (*MDATPDataConnector, bool)
	AsDataConnector() (*DataConnector, bool)
}

BasicDataConnector data connector.

type BasicEntity

type BasicEntity interface {
	AsAccountEntity() (*AccountEntity, bool)
	AsHostEntity() (*HostEntity, bool)
	AsFileEntity() (*FileEntity, bool)
	AsEntity() (*Entity, bool)
}

BasicEntity specific entity.

type BasicSettings

type BasicSettings interface {
	AsUebaSettings() (*UebaSettings, bool)
	AsToggleSettings() (*ToggleSettings, bool)
	AsSettings() (*Settings, bool)
}

BasicSettings the Setting.

type Bookmark

type Bookmark struct {
	autorest.Response `json:"-"`
	// Etag - Etag of the bookmark.
	Etag *string `json:"etag,omitempty"`
	// BookmarkProperties - Bookmark properties
	*BookmarkProperties `json:"properties,omitempty"`
	// ID - READ-ONLY; Azure resource Id
	ID *string `json:"id,omitempty"`
	// Type - READ-ONLY; Azure resource type
	Type *string `json:"type,omitempty"`
	// Name - READ-ONLY; Azure resource name
	Name *string `json:"name,omitempty"`
}

Bookmark represents a bookmark in Azure Security Insights.

func (Bookmark) MarshalJSON

func (b Bookmark) MarshalJSON() ([]byte, error)

MarshalJSON is the custom marshaler for Bookmark.

func (*Bookmark) UnmarshalJSON

func (b *Bookmark) UnmarshalJSON(body []byte) error

UnmarshalJSON is the custom unmarshaler for Bookmark struct.

type BookmarkList

type BookmarkList struct {
	autorest.Response `json:"-"`
	// NextLink - READ-ONLY; URL to fetch the next set of cases.
	NextLink *string `json:"nextLink,omitempty"`
	// Value - Array of bookmarks.
	Value *[]Bookmark `json:"value,omitempty"`
}

BookmarkList list all the bookmarks.

func (BookmarkList) IsEmpty

func (bl BookmarkList) IsEmpty() bool

IsEmpty returns true if the ListResult contains no values.

type BookmarkListIterator

type BookmarkListIterator struct {
	// contains filtered or unexported fields
}

BookmarkListIterator provides access to a complete listing of Bookmark values.

func NewBookmarkListIterator

func NewBookmarkListIterator(page BookmarkListPage) BookmarkListIterator

Creates a new instance of the BookmarkListIterator type.

func (*BookmarkListIterator) Next

func (iter *BookmarkListIterator) Next() error

Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.

func (*BookmarkListIterator) NextWithContext

func (iter *BookmarkListIterator) NextWithContext(ctx context.Context) (err error)

NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.

func (BookmarkListIterator) NotDone

func (iter BookmarkListIterator) NotDone() bool

NotDone returns true if the enumeration should be started or is not yet complete.

func (BookmarkListIterator) Response

func (iter BookmarkListIterator) Response() BookmarkList

Response returns the raw server response from the last page request.

func (BookmarkListIterator) Value

func (iter BookmarkListIterator) Value() Bookmark

Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.

type BookmarkListPage

type BookmarkListPage struct {
	// contains filtered or unexported fields
}

BookmarkListPage contains a page of Bookmark values.

func NewBookmarkListPage

func NewBookmarkListPage(getNextPage func(context.Context, BookmarkList) (BookmarkList, error)) BookmarkListPage

Creates a new instance of the BookmarkListPage type.

func (*BookmarkListPage) Next

func (page *BookmarkListPage) Next() error

Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.

func (*BookmarkListPage) NextWithContext

func (page *BookmarkListPage) NextWithContext(ctx context.Context) (err error)

NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.

func (BookmarkListPage) NotDone

func (page BookmarkListPage) NotDone() bool

NotDone returns true if the page enumeration should be started or is not yet complete.

func (BookmarkListPage) Response

func (page BookmarkListPage) Response() BookmarkList

Response returns the raw server response from the last page request.

func (BookmarkListPage) Values

func (page BookmarkListPage) Values() []Bookmark

Values returns the slice of values for the current page or nil if there are no values.

type BookmarkProperties

type BookmarkProperties struct {
	// DisplayName - The display name of the bookmark
	DisplayName *string `json:"displayName,omitempty"`
	// LastUpdatedTimeUtc - The last time the bookmark was updated
	LastUpdatedTimeUtc *date.Time `json:"lastUpdatedTimeUtc,omitempty"`
	// CreatedTimeUtc - The time the bookmark was created
	CreatedTimeUtc *date.Time `json:"createdTimeUtc,omitempty"`
	// CreatedBy - Describes a user that created the bookmark
	CreatedBy *UserInfo `json:"createdBy,omitempty"`
	// UpdatedBy - Describes a user that updated the bookmark
	UpdatedBy *UserInfo `json:"updatedBy,omitempty"`
	// Notes - The notes of the bookmark
	Notes *string `json:"notes,omitempty"`
	// Labels - List of labels relevant to this bookmark
	Labels *[]string `json:"labels,omitempty"`
	// Query - The query of the bookmark.
	Query *string `json:"query,omitempty"`
}

BookmarkProperties describes bookmark properties

type BookmarksClient

type BookmarksClient struct {
	BaseClient
}

BookmarksClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider

func NewBookmarksClient

func NewBookmarksClient(subscriptionID string) BookmarksClient

NewBookmarksClient creates an instance of the BookmarksClient client.

func NewBookmarksClientWithBaseURI

func NewBookmarksClientWithBaseURI(baseURI string, subscriptionID string) BookmarksClient

NewBookmarksClientWithBaseURI creates an instance of the BookmarksClient client.

func (BookmarksClient) CreateOrUpdate

func (client BookmarksClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, bookmark Bookmark) (result Bookmark, err error)

CreateOrUpdate creates or updates the bookmark. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace. bookmarkID - bookmark ID bookmark - the bookmark

func (BookmarksClient) CreateOrUpdatePreparer

func (client BookmarksClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, bookmark Bookmark) (*http.Request, error)

CreateOrUpdatePreparer prepares the CreateOrUpdate request.

func (BookmarksClient) CreateOrUpdateResponder

func (client BookmarksClient) CreateOrUpdateResponder(resp *http.Response) (result Bookmark, err error)

CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always closes the http.Response Body.

func (BookmarksClient) CreateOrUpdateSender

func (client BookmarksClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)

CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the http.Response Body if it receives an error.

func (BookmarksClient) Delete

func (client BookmarksClient) Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string) (result autorest.Response, err error)

Delete delete the bookmark. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace. bookmarkID - bookmark ID

func (BookmarksClient) DeletePreparer

func (client BookmarksClient) DeletePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string) (*http.Request, error)

DeletePreparer prepares the Delete request.

func (BookmarksClient) DeleteResponder

func (client BookmarksClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

DeleteResponder handles the response to the Delete request. The method always closes the http.Response Body.

func (BookmarksClient) DeleteSender

func (client BookmarksClient) DeleteSender(req *http.Request) (*http.Response, error)

DeleteSender sends the Delete request. The method will close the http.Response Body if it receives an error.

func (BookmarksClient) Get

func (client BookmarksClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string) (result Bookmark, err error)

Get gets a bookmark. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace. bookmarkID - bookmark ID

func (BookmarksClient) GetPreparer

func (client BookmarksClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string) (*http.Request, error)

GetPreparer prepares the Get request.

func (BookmarksClient) GetResponder

func (client BookmarksClient) GetResponder(resp *http.Response) (result Bookmark, err error)

GetResponder handles the response to the Get request. The method always closes the http.Response Body.

func (BookmarksClient) GetSender

func (client BookmarksClient) GetSender(req *http.Request) (*http.Response, error)

GetSender sends the Get request. The method will close the http.Response Body if it receives an error.

func (BookmarksClient) List

func (client BookmarksClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result BookmarkListPage, err error)

List gets all bookmarks. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace.

func (BookmarksClient) ListComplete

func (client BookmarksClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result BookmarkListIterator, err error)

ListComplete enumerates all values, automatically crossing page boundaries as required.

func (BookmarksClient) ListPreparer

func (client BookmarksClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (*http.Request, error)

ListPreparer prepares the List request.

func (BookmarksClient) ListResponder

func (client BookmarksClient) ListResponder(resp *http.Response) (result BookmarkList, err error)

ListResponder handles the response to the List request. The method always closes the http.Response Body.

func (BookmarksClient) ListSender

func (client BookmarksClient) ListSender(req *http.Request) (*http.Response, error)

ListSender sends the List request. The method will close the http.Response Body if it receives an error.

type Case

type Case struct {
	autorest.Response `json:"-"`
	// Etag - Etag of the alert rule.
	Etag *string `json:"etag,omitempty"`
	// CaseProperties - Case properties
	*CaseProperties `json:"properties,omitempty"`
	// ID - READ-ONLY; Azure resource Id
	ID *string `json:"id,omitempty"`
	// Type - READ-ONLY; Azure resource type
	Type *string `json:"type,omitempty"`
	// Name - READ-ONLY; Azure resource name
	Name *string `json:"name,omitempty"`
}

Case represents a case in Azure Security Insights.

func (Case) MarshalJSON

func (c Case) MarshalJSON() ([]byte, error)

MarshalJSON is the custom marshaler for Case.

func (*Case) UnmarshalJSON

func (c *Case) UnmarshalJSON(body []byte) error

UnmarshalJSON is the custom unmarshaler for Case struct.

type CaseList

type CaseList struct {
	autorest.Response `json:"-"`
	// NextLink - READ-ONLY; URL to fetch the next set of cases.
	NextLink *string `json:"nextLink,omitempty"`
	// Value - Array of cases.
	Value *[]Case `json:"value,omitempty"`
}

CaseList list all the cases.

func (CaseList) IsEmpty

func (cl CaseList) IsEmpty() bool

IsEmpty returns true if the ListResult contains no values.

type CaseListIterator

type CaseListIterator struct {
	// contains filtered or unexported fields
}

CaseListIterator provides access to a complete listing of Case values.

func NewCaseListIterator

func NewCaseListIterator(page CaseListPage) CaseListIterator

Creates a new instance of the CaseListIterator type.

func (*CaseListIterator) Next

func (iter *CaseListIterator) Next() error

Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.

func (*CaseListIterator) NextWithContext

func (iter *CaseListIterator) NextWithContext(ctx context.Context) (err error)

NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.

func (CaseListIterator) NotDone

func (iter CaseListIterator) NotDone() bool

NotDone returns true if the enumeration should be started or is not yet complete.

func (CaseListIterator) Response

func (iter CaseListIterator) Response() CaseList

Response returns the raw server response from the last page request.

func (CaseListIterator) Value

func (iter CaseListIterator) Value() Case

Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.

type CaseListPage

type CaseListPage struct {
	// contains filtered or unexported fields
}

CaseListPage contains a page of Case values.

func NewCaseListPage

func NewCaseListPage(getNextPage func(context.Context, CaseList) (CaseList, error)) CaseListPage

Creates a new instance of the CaseListPage type.

func (*CaseListPage) Next

func (page *CaseListPage) Next() error

Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.

func (*CaseListPage) NextWithContext

func (page *CaseListPage) NextWithContext(ctx context.Context) (err error)

NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.

func (CaseListPage) NotDone

func (page CaseListPage) NotDone() bool

NotDone returns true if the page enumeration should be started or is not yet complete.

func (CaseListPage) Response

func (page CaseListPage) Response() CaseList

Response returns the raw server response from the last page request.

func (CaseListPage) Values

func (page CaseListPage) Values() []Case

Values returns the slice of values for the current page or nil if there are no values.

type CaseProperties

type CaseProperties struct {
	// LastUpdatedTimeUtc - The last time the case was updated
	LastUpdatedTimeUtc *date.Time `json:"lastUpdatedTimeUtc,omitempty"`
	// CreatedTimeUtc - The time the case was created
	CreatedTimeUtc *date.Time `json:"createdTimeUtc,omitempty"`
	// EndTimeUtc - The end time of the case
	EndTimeUtc *date.Time `json:"endTimeUtc,omitempty"`
	// StartTimeUtc - The start time of the case
	StartTimeUtc *date.Time `json:"startTimeUtc,omitempty"`
	// Labels - List of labels relevant to this case
	Labels *[]string `json:"labels,omitempty"`
	// Description - The description of the case
	Description *string `json:"description,omitempty"`
	// Title - The title of the case
	Title *string `json:"title,omitempty"`
	// AssignedTo - Describes a user that the case is assigned to
	AssignedTo *UserInfo `json:"assignedTo,omitempty"`
	// Severity - The severity of the case. Possible values include: 'CaseSeverityCritical', 'CaseSeverityHigh', 'CaseSeverityMedium', 'CaseSeverityLow', 'CaseSeverityInformational'
	Severity CaseSeverity `json:"severity,omitempty"`
	// Status - The status of the case. Possible values include: 'CaseStatusDraft', 'CaseStatusNew', 'CaseStatusInProgress', 'CaseStatusClosed'
	Status CaseStatus `json:"status,omitempty"`
	// CloseReason - The reason the case was closed. Possible values include: 'Resolved', 'Dismissed', 'Other'
	CloseReason CloseReason `json:"closeReason,omitempty"`
}

CaseProperties describes case properties

type CaseSeverity

type CaseSeverity string

CaseSeverity enumerates the values for case severity.

const (
	// CaseSeverityCritical Critical severity
	CaseSeverityCritical CaseSeverity = "Critical"
	// CaseSeverityHigh High severity
	CaseSeverityHigh CaseSeverity = "High"
	// CaseSeverityInformational Informational severity
	CaseSeverityInformational CaseSeverity = "Informational"
	// CaseSeverityLow Low severity
	CaseSeverityLow CaseSeverity = "Low"
	// CaseSeverityMedium Medium severity
	CaseSeverityMedium CaseSeverity = "Medium"
)

func PossibleCaseSeverityValues

func PossibleCaseSeverityValues() []CaseSeverity

PossibleCaseSeverityValues returns an array of possible values for the CaseSeverity const type.

type CaseStatus

type CaseStatus string

CaseStatus enumerates the values for case status.

const (
	// CaseStatusClosed A non active case
	CaseStatusClosed CaseStatus = "Closed"
	// CaseStatusDraft Case that wasn't promoted yet to active
	CaseStatusDraft CaseStatus = "Draft"
	// CaseStatusInProgress An active case which is handled
	CaseStatusInProgress CaseStatus = "InProgress"
	// CaseStatusNew An active case which isn't handled currently
	CaseStatusNew CaseStatus = "New"
)

func PossibleCaseStatusValues

func PossibleCaseStatusValues() []CaseStatus

PossibleCaseStatusValues returns an array of possible values for the CaseStatus const type.

type CasesAggregation

type CasesAggregation struct {
	// CasesAggregationProperties - Properties of aggregations results of cases.
	*CasesAggregationProperties `json:"properties,omitempty"`
	// ID - READ-ONLY; Azure resource Id
	ID *string `json:"id,omitempty"`
	// Type - READ-ONLY; Azure resource type
	Type *string `json:"type,omitempty"`
	// Name - READ-ONLY; Azure resource name
	Name *string `json:"name,omitempty"`
	// Kind - Possible values include: 'KindAggregations', 'KindCasesAggregation'
	Kind KindBasicAggregations `json:"kind,omitempty"`
}

CasesAggregation represents aggregations results for cases.

func (CasesAggregation) AsAggregations

func (ca CasesAggregation) AsAggregations() (*Aggregations, bool)

AsAggregations is the BasicAggregations implementation for CasesAggregation.

func (CasesAggregation) AsBasicAggregations

func (ca CasesAggregation) AsBasicAggregations() (BasicAggregations, bool)

AsBasicAggregations is the BasicAggregations implementation for CasesAggregation.

func (CasesAggregation) AsCasesAggregation

func (ca CasesAggregation) AsCasesAggregation() (*CasesAggregation, bool)

AsCasesAggregation is the BasicAggregations implementation for CasesAggregation.

func (CasesAggregation) MarshalJSON

func (ca CasesAggregation) MarshalJSON() ([]byte, error)

MarshalJSON is the custom marshaler for CasesAggregation.

func (*CasesAggregation) UnmarshalJSON

func (ca *CasesAggregation) UnmarshalJSON(body []byte) error

UnmarshalJSON is the custom unmarshaler for CasesAggregation struct.

type CasesAggregationBySeverityProperties

type CasesAggregationBySeverityProperties struct {
	// TotalCriticalSeverity - READ-ONLY; Total amount of open cases with severity Critical
	TotalCriticalSeverity *int32 `json:"totalCriticalSeverity,omitempty"`
	// TotalHighSeverity - READ-ONLY; Total amount of open cases with severity High
	TotalHighSeverity *int32 `json:"totalHighSeverity,omitempty"`
	// TotalMediumSeverity - READ-ONLY; Total amount of open cases with severity medium
	TotalMediumSeverity *int32 `json:"totalMediumSeverity,omitempty"`
	// TotalLowSeverity - READ-ONLY; Total amount of open cases with severity Low
	TotalLowSeverity *int32 `json:"totalLowSeverity,omitempty"`
	// TotalInformationalSeverity - READ-ONLY; Total amount of open cases with severity Informational
	TotalInformationalSeverity *int32 `json:"totalInformationalSeverity,omitempty"`
}

CasesAggregationBySeverityProperties aggregative results of cases by severity property bag.

type CasesAggregationByStatusProperties

type CasesAggregationByStatusProperties struct {
	// TotalNewStatus - READ-ONLY; Total amount of open cases with status New
	TotalNewStatus *int32 `json:"totalNewStatus,omitempty"`
	// TotalInProgressStatus - READ-ONLY; Total amount of open cases with status InProgress
	TotalInProgressStatus *int32 `json:"totalInProgressStatus,omitempty"`
	// TotalResolvedStatus - READ-ONLY; Total amount of open cases with status Resolved
	TotalResolvedStatus *int32 `json:"totalResolvedStatus,omitempty"`
	// TotalDismissedStatus - READ-ONLY; Total amount of open cases with status Dismissed
	TotalDismissedStatus *int32 `json:"totalDismissedStatus,omitempty"`
}

CasesAggregationByStatusProperties aggregative results of cases by status property bag.

type CasesAggregationProperties

type CasesAggregationProperties struct {
	// AggregationBySeverity - Aggregations results by case severity.
	AggregationBySeverity *CasesAggregationBySeverityProperties `json:"aggregationBySeverity,omitempty"`
	// AggregationByStatus - Aggregations results by case status.
	AggregationByStatus *CasesAggregationByStatusProperties `json:"aggregationByStatus,omitempty"`
}

CasesAggregationProperties aggregative results of cases property bag.

type CasesAggregationsClient

type CasesAggregationsClient struct {
	BaseClient
}

CasesAggregationsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider

func NewCasesAggregationsClient

func NewCasesAggregationsClient(subscriptionID string) CasesAggregationsClient

NewCasesAggregationsClient creates an instance of the CasesAggregationsClient client.

func NewCasesAggregationsClientWithBaseURI

func NewCasesAggregationsClientWithBaseURI(baseURI string, subscriptionID string) CasesAggregationsClient

NewCasesAggregationsClientWithBaseURI creates an instance of the CasesAggregationsClient client.

func (CasesAggregationsClient) Get

func (client CasesAggregationsClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, aggregationsName string) (result AggregationsModel, err error)

Get get aggregative result for the given resources under the defined workspace Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace. aggregationsName - the aggregation name. Supports - Cases

func (CasesAggregationsClient) GetPreparer

func (client CasesAggregationsClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, aggregationsName string) (*http.Request, error)

GetPreparer prepares the Get request.

func (CasesAggregationsClient) GetResponder

func (client CasesAggregationsClient) GetResponder(resp *http.Response) (result AggregationsModel, err error)

GetResponder handles the response to the Get request. The method always closes the http.Response Body.

func (CasesAggregationsClient) GetSender

func (client CasesAggregationsClient) GetSender(req *http.Request) (*http.Response, error)

GetSender sends the Get request. The method will close the http.Response Body if it receives an error.

type CasesClient

type CasesClient struct {
	BaseClient
}

CasesClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider

func NewCasesClient

func NewCasesClient(subscriptionID string) CasesClient

NewCasesClient creates an instance of the CasesClient client.

func NewCasesClientWithBaseURI

func NewCasesClientWithBaseURI(baseURI string, subscriptionID string) CasesClient

NewCasesClientWithBaseURI creates an instance of the CasesClient client.

func (CasesClient) CreateOrUpdate

func (client CasesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, caseParameter Case) (result Case, err error)

CreateOrUpdate creates or updates the case. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace. caseID - case ID caseParameter - the case

func (CasesClient) CreateOrUpdatePreparer

func (client CasesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, caseParameter Case) (*http.Request, error)

CreateOrUpdatePreparer prepares the CreateOrUpdate request.

func (CasesClient) CreateOrUpdateResponder

func (client CasesClient) CreateOrUpdateResponder(resp *http.Response) (result Case, err error)

CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always closes the http.Response Body.

func (CasesClient) CreateOrUpdateSender

func (client CasesClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)

CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the http.Response Body if it receives an error.

func (CasesClient) Delete

func (client CasesClient) Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string) (result autorest.Response, err error)

Delete delete the case. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace. caseID - case ID

func (CasesClient) DeletePreparer

func (client CasesClient) DeletePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string) (*http.Request, error)

DeletePreparer prepares the Delete request.

func (CasesClient) DeleteResponder

func (client CasesClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

DeleteResponder handles the response to the Delete request. The method always closes the http.Response Body.

func (CasesClient) DeleteSender

func (client CasesClient) DeleteSender(req *http.Request) (*http.Response, error)

DeleteSender sends the Delete request. The method will close the http.Response Body if it receives an error.

func (CasesClient) Get

func (client CasesClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string) (result Case, err error)

Get gets a case. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace. caseID - case ID

func (CasesClient) GetPreparer

func (client CasesClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string) (*http.Request, error)

GetPreparer prepares the Get request.

func (CasesClient) GetResponder

func (client CasesClient) GetResponder(resp *http.Response) (result Case, err error)

GetResponder handles the response to the Get request. The method always closes the http.Response Body.

func (CasesClient) GetSender

func (client CasesClient) GetSender(req *http.Request) (*http.Response, error)

GetSender sends the Get request. The method will close the http.Response Body if it receives an error.

func (CasesClient) List

func (client CasesClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result CaseListPage, err error)

List gets all cases. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace.

func (CasesClient) ListComplete

func (client CasesClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result CaseListIterator, err error)

ListComplete enumerates all values, automatically crossing page boundaries as required.

func (CasesClient) ListPreparer

func (client CasesClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (*http.Request, error)

ListPreparer prepares the List request.

func (CasesClient) ListResponder

func (client CasesClient) ListResponder(resp *http.Response) (result CaseList, err error)

ListResponder handles the response to the List request. The method always closes the http.Response Body.

func (CasesClient) ListSender

func (client CasesClient) ListSender(req *http.Request) (*http.Response, error)

ListSender sends the List request. The method will close the http.Response Body if it receives an error.

type CloseReason

type CloseReason string

CloseReason enumerates the values for close reason.

const (
	// Dismissed Case was dismissed
	Dismissed CloseReason = "Dismissed"
	// Other Case was closed for another reason
	Other CloseReason = "Other"
	// Resolved Case was resolved
	Resolved CloseReason = "Resolved"
)

func PossibleCloseReasonValues

func PossibleCloseReasonValues() []CloseReason

PossibleCloseReasonValues returns an array of possible values for the CloseReason const type.

type CloudError

type CloudError struct {
	// CloudErrorBody - Error data
	*CloudErrorBody `json:"error,omitempty"`
}

CloudError error response structure.

func (CloudError) MarshalJSON

func (ce CloudError) MarshalJSON() ([]byte, error)

MarshalJSON is the custom marshaler for CloudError.

func (*CloudError) UnmarshalJSON

func (ce *CloudError) UnmarshalJSON(body []byte) error

UnmarshalJSON is the custom unmarshaler for CloudError struct.

type CloudErrorBody

type CloudErrorBody struct {
	// Code - READ-ONLY; An identifier for the error. Codes are invariant and are intended to be consumed programmatically.
	Code *string `json:"code,omitempty"`
	// Message - READ-ONLY; A message describing the error, intended to be suitable for display in a user interface.
	Message *string `json:"message,omitempty"`
}

CloudErrorBody error details.

type DataConnector

type DataConnector struct {
	autorest.Response `json:"-"`
	// ID - READ-ONLY; Azure resource Id
	ID *string `json:"id,omitempty"`
	// Type - READ-ONLY; Azure resource type
	Type *string `json:"type,omitempty"`
	// Name - READ-ONLY; Azure resource name
	Name *string `json:"name,omitempty"`
	// Etag - Etag of the data connector.
	Etag *string `json:"etag,omitempty"`
	// Kind - Possible values include: 'KindDataConnector', 'KindOffice365', 'KindThreatIntelligence', 'KindAmazonWebServicesCloudTrail', 'KindAzureActiveDirectory', 'KindAzureSecurityCenter', 'KindMicrosoftCloudAppSecurity', 'KindAzureAdvancedThreatProtection', 'KindMicrosoftDefenderAdvancedThreatProtection'
	Kind KindBasicDataConnector `json:"kind,omitempty"`
}

DataConnector data connector.

func (DataConnector) AsAADDataConnector

func (dc DataConnector) AsAADDataConnector() (*AADDataConnector, bool)

AsAADDataConnector is the BasicDataConnector implementation for DataConnector.

func (DataConnector) AsAATPDataConnector

func (dc DataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

AsAATPDataConnector is the BasicDataConnector implementation for DataConnector.

func (DataConnector) AsASCDataConnector

func (dc DataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

AsASCDataConnector is the BasicDataConnector implementation for DataConnector.

func (DataConnector) AsAwsCloudTrailDataConnector

func (dc DataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for DataConnector.

func (DataConnector) AsBasicDataConnector

func (dc DataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

AsBasicDataConnector is the BasicDataConnector implementation for DataConnector.

func (DataConnector) AsDataConnector

func (dc DataConnector) AsDataConnector() (*DataConnector, bool)

AsDataConnector is the BasicDataConnector implementation for DataConnector.

func (DataConnector) AsMCASDataConnector

func (dc DataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

AsMCASDataConnector is the BasicDataConnector implementation for DataConnector.

func (DataConnector) AsMDATPDataConnector

func (dc DataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

AsMDATPDataConnector is the BasicDataConnector implementation for DataConnector.

func (DataConnector) AsOfficeDataConnector

func (dc DataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

AsOfficeDataConnector is the BasicDataConnector implementation for DataConnector.

func (DataConnector) AsTIDataConnector

func (dc DataConnector) AsTIDataConnector() (*TIDataConnector, bool)

AsTIDataConnector is the BasicDataConnector implementation for DataConnector.

func (DataConnector) MarshalJSON

func (dc DataConnector) MarshalJSON() ([]byte, error)

MarshalJSON is the custom marshaler for DataConnector.

type DataConnectorDataTypeCommon

type DataConnectorDataTypeCommon struct {
	// State - Describe whether this data type connection is enabled or not. Possible values include: 'Enabled', 'Disabled'
	State DataTypeState `json:"state,omitempty"`
}

DataConnectorDataTypeCommon common field for data type in data connectors.

type DataConnectorKind

type DataConnectorKind string

DataConnectorKind enumerates the values for data connector kind.

const (
	// AmazonWebServicesCloudTrail ...
	AmazonWebServicesCloudTrail DataConnectorKind = "AmazonWebServicesCloudTrail"
	// AzureActiveDirectory ...
	AzureActiveDirectory DataConnectorKind = "AzureActiveDirectory"
	// AzureAdvancedThreatProtection ...
	AzureAdvancedThreatProtection DataConnectorKind = "AzureAdvancedThreatProtection"
	// AzureSecurityCenter ...
	AzureSecurityCenter DataConnectorKind = "AzureSecurityCenter"
	// MicrosoftCloudAppSecurity ...
	MicrosoftCloudAppSecurity DataConnectorKind = "MicrosoftCloudAppSecurity"
	// MicrosoftDefenderAdvancedThreatProtection ...
	MicrosoftDefenderAdvancedThreatProtection DataConnectorKind = "MicrosoftDefenderAdvancedThreatProtection"
	// Office365 ...
	Office365 DataConnectorKind = "Office365"
	// ThreatIntelligence ...
	ThreatIntelligence DataConnectorKind = "ThreatIntelligence"
)

func PossibleDataConnectorKindValues

func PossibleDataConnectorKindValues() []DataConnectorKind

PossibleDataConnectorKindValues returns an array of possible values for the DataConnectorKind const type.

type DataConnectorKind1

type DataConnectorKind1 struct {
	// Kind - The kind of the data connector. Possible values include: 'AzureActiveDirectory', 'AzureSecurityCenter', 'MicrosoftCloudAppSecurity', 'ThreatIntelligence', 'Office365', 'AmazonWebServicesCloudTrail', 'AzureAdvancedThreatProtection', 'MicrosoftDefenderAdvancedThreatProtection'
	Kind DataConnectorKind `json:"kind,omitempty"`
}

DataConnectorKind1 describes an Azure resource with kind.

type DataConnectorList

type DataConnectorList struct {
	autorest.Response `json:"-"`
	// NextLink - READ-ONLY; URL to fetch the next set of data connectors.
	NextLink *string `json:"nextLink,omitempty"`
	// Value - Array of data connectors.
	Value *[]BasicDataConnector `json:"value,omitempty"`
}

DataConnectorList list all the data connectors.

func (DataConnectorList) IsEmpty

func (dcl DataConnectorList) IsEmpty() bool

IsEmpty returns true if the ListResult contains no values.

func (*DataConnectorList) UnmarshalJSON

func (dcl *DataConnectorList) UnmarshalJSON(body []byte) error

UnmarshalJSON is the custom unmarshaler for DataConnectorList struct.

type DataConnectorListIterator

type DataConnectorListIterator struct {
	// contains filtered or unexported fields
}

DataConnectorListIterator provides access to a complete listing of DataConnector values.

func NewDataConnectorListIterator

func NewDataConnectorListIterator(page DataConnectorListPage) DataConnectorListIterator

Creates a new instance of the DataConnectorListIterator type.

func (*DataConnectorListIterator) Next

func (iter *DataConnectorListIterator) Next() error

Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.

func (*DataConnectorListIterator) NextWithContext

func (iter *DataConnectorListIterator) NextWithContext(ctx context.Context) (err error)

NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.

func (DataConnectorListIterator) NotDone

func (iter DataConnectorListIterator) NotDone() bool

NotDone returns true if the enumeration should be started or is not yet complete.

func (DataConnectorListIterator) Response

Response returns the raw server response from the last page request.

func (DataConnectorListIterator) Value

Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.

type DataConnectorListPage

type DataConnectorListPage struct {
	// contains filtered or unexported fields
}

DataConnectorListPage contains a page of BasicDataConnector values.

func NewDataConnectorListPage

func NewDataConnectorListPage(getNextPage func(context.Context, DataConnectorList) (DataConnectorList, error)) DataConnectorListPage

Creates a new instance of the DataConnectorListPage type.

func (*DataConnectorListPage) Next

func (page *DataConnectorListPage) Next() error

Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.

func (*DataConnectorListPage) NextWithContext

func (page *DataConnectorListPage) NextWithContext(ctx context.Context) (err error)

NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.

func (DataConnectorListPage) NotDone

func (page DataConnectorListPage) NotDone() bool

NotDone returns true if the page enumeration should be started or is not yet complete.

func (DataConnectorListPage) Response

func (page DataConnectorListPage) Response() DataConnectorList

Response returns the raw server response from the last page request.

func (DataConnectorListPage) Values

func (page DataConnectorListPage) Values() []BasicDataConnector

Values returns the slice of values for the current page or nil if there are no values.

type DataConnectorModel

type DataConnectorModel struct {
	autorest.Response `json:"-"`
	Value             BasicDataConnector `json:"value,omitempty"`
}

DataConnectorModel ...

func (*DataConnectorModel) UnmarshalJSON

func (dcm *DataConnectorModel) UnmarshalJSON(body []byte) error

UnmarshalJSON is the custom unmarshaler for DataConnectorModel struct.

type DataConnectorTenantID

type DataConnectorTenantID struct {
	// TenantID - The tenant id to connect to, and get the data from.
	TenantID *string `json:"tenantId,omitempty"`
}

DataConnectorTenantID properties data connector on tenant level.

type DataConnectorWithAlertsProperties

type DataConnectorWithAlertsProperties struct {
	// DataTypes - The available data types for the connector.
	DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"`
}

DataConnectorWithAlertsProperties data connector properties.

type DataConnectorsClient

type DataConnectorsClient struct {
	BaseClient
}

DataConnectorsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider

func NewDataConnectorsClient

func NewDataConnectorsClient(subscriptionID string) DataConnectorsClient

NewDataConnectorsClient creates an instance of the DataConnectorsClient client.

func NewDataConnectorsClientWithBaseURI

func NewDataConnectorsClientWithBaseURI(baseURI string, subscriptionID string) DataConnectorsClient

NewDataConnectorsClientWithBaseURI creates an instance of the DataConnectorsClient client.

func (DataConnectorsClient) CreateOrUpdate

func (client DataConnectorsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, dataConnectorID string, dataConnector BasicDataConnector) (result DataConnectorModel, err error)

CreateOrUpdate creates or updates the data connector. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace. dataConnectorID - connector ID dataConnector - the data connector

func (DataConnectorsClient) CreateOrUpdatePreparer

func (client DataConnectorsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, dataConnectorID string, dataConnector BasicDataConnector) (*http.Request, error)

CreateOrUpdatePreparer prepares the CreateOrUpdate request.

func (DataConnectorsClient) CreateOrUpdateResponder

func (client DataConnectorsClient) CreateOrUpdateResponder(resp *http.Response) (result DataConnectorModel, err error)

CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always closes the http.Response Body.

func (DataConnectorsClient) CreateOrUpdateSender

func (client DataConnectorsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)

CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the http.Response Body if it receives an error.

func (DataConnectorsClient) Delete

func (client DataConnectorsClient) Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, dataConnectorID string) (result autorest.Response, err error)

Delete delete the data connector. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace. dataConnectorID - connector ID

func (DataConnectorsClient) DeletePreparer

func (client DataConnectorsClient) DeletePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, dataConnectorID string) (*http.Request, error)

DeletePreparer prepares the Delete request.

func (DataConnectorsClient) DeleteResponder

func (client DataConnectorsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

DeleteResponder handles the response to the Delete request. The method always closes the http.Response Body.

func (DataConnectorsClient) DeleteSender

func (client DataConnectorsClient) DeleteSender(req *http.Request) (*http.Response, error)

DeleteSender sends the Delete request. The method will close the http.Response Body if it receives an error.

func (DataConnectorsClient) Get

func (client DataConnectorsClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, dataConnectorID string) (result DataConnectorModel, err error)

Get gets a data connector. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace. dataConnectorID - connector ID

func (DataConnectorsClient) GetPreparer

func (client DataConnectorsClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, dataConnectorID string) (*http.Request, error)

GetPreparer prepares the Get request.

func (DataConnectorsClient) GetResponder

func (client DataConnectorsClient) GetResponder(resp *http.Response) (result DataConnectorModel, err error)

GetResponder handles the response to the Get request. The method always closes the http.Response Body.

func (DataConnectorsClient) GetSender

func (client DataConnectorsClient) GetSender(req *http.Request) (*http.Response, error)

GetSender sends the Get request. The method will close the http.Response Body if it receives an error.

func (DataConnectorsClient) List

func (client DataConnectorsClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result DataConnectorListPage, err error)

List gets all data connectors. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace.

func (DataConnectorsClient) ListComplete

func (client DataConnectorsClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result DataConnectorListIterator, err error)

ListComplete enumerates all values, automatically crossing page boundaries as required.

func (DataConnectorsClient) ListPreparer

func (client DataConnectorsClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (*http.Request, error)

ListPreparer prepares the List request.

func (DataConnectorsClient) ListResponder

func (client DataConnectorsClient) ListResponder(resp *http.Response) (result DataConnectorList, err error)

ListResponder handles the response to the List request. The method always closes the http.Response Body.

func (DataConnectorsClient) ListSender

func (client DataConnectorsClient) ListSender(req *http.Request) (*http.Response, error)

ListSender sends the List request. The method will close the http.Response Body if it receives an error.

type DataTypeState

type DataTypeState string

DataTypeState enumerates the values for data type state.

const (
	// Disabled ...
	Disabled DataTypeState = "Disabled"
	// Enabled ...
	Enabled DataTypeState = "Enabled"
)

func PossibleDataTypeStateValues

func PossibleDataTypeStateValues() []DataTypeState

PossibleDataTypeStateValues returns an array of possible values for the DataTypeState const type.

type EntitiesClient

type EntitiesClient struct {
	BaseClient
}

EntitiesClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider

func NewEntitiesClient

func NewEntitiesClient(subscriptionID string) EntitiesClient

NewEntitiesClient creates an instance of the EntitiesClient client.

func NewEntitiesClientWithBaseURI

func NewEntitiesClientWithBaseURI(baseURI string, subscriptionID string) EntitiesClient

NewEntitiesClientWithBaseURI creates an instance of the EntitiesClient client.

func (EntitiesClient) Get

func (client EntitiesClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string) (result EntityModel, err error)

Get gets an entity. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace. entityID - entity ID

func (EntitiesClient) GetPreparer

func (client EntitiesClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string) (*http.Request, error)

GetPreparer prepares the Get request.

func (EntitiesClient) GetResponder

func (client EntitiesClient) GetResponder(resp *http.Response) (result EntityModel, err error)

GetResponder handles the response to the Get request. The method always closes the http.Response Body.

func (EntitiesClient) GetSender

func (client EntitiesClient) GetSender(req *http.Request) (*http.Response, error)

GetSender sends the Get request. The method will close the http.Response Body if it receives an error.

func (EntitiesClient) List

func (client EntitiesClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result EntityListPage, err error)

List gets all entities. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace.

func (EntitiesClient) ListComplete

func (client EntitiesClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result EntityListIterator, err error)

ListComplete enumerates all values, automatically crossing page boundaries as required.

func (EntitiesClient) ListPreparer

func (client EntitiesClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (*http.Request, error)

ListPreparer prepares the List request.

func (EntitiesClient) ListResponder

func (client EntitiesClient) ListResponder(resp *http.Response) (result EntityList, err error)

ListResponder handles the response to the List request. The method always closes the http.Response Body.

func (EntitiesClient) ListSender

func (client EntitiesClient) ListSender(req *http.Request) (*http.Response, error)

ListSender sends the List request. The method will close the http.Response Body if it receives an error.

type Entity

type Entity struct {
	autorest.Response `json:"-"`
	// ID - READ-ONLY; Azure resource Id
	ID *string `json:"id,omitempty"`
	// Type - READ-ONLY; Azure resource type
	Type *string `json:"type,omitempty"`
	// Name - READ-ONLY; Azure resource name
	Name *string `json:"name,omitempty"`
	// Kind - Possible values include: 'KindEntity', 'KindAccount', 'KindHost', 'KindFile'
	Kind KindBasicEntity `json:"kind,omitempty"`
}

Entity specific entity.

func (Entity) AsAccountEntity

func (e Entity) AsAccountEntity() (*AccountEntity, bool)

AsAccountEntity is the BasicEntity implementation for Entity.

func (Entity) AsBasicEntity

func (e Entity) AsBasicEntity() (BasicEntity, bool)

AsBasicEntity is the BasicEntity implementation for Entity.

func (Entity) AsEntity

func (e Entity) AsEntity() (*Entity, bool)

AsEntity is the BasicEntity implementation for Entity.

func (Entity) AsFileEntity

func (e Entity) AsFileEntity() (*FileEntity, bool)

AsFileEntity is the BasicEntity implementation for Entity.

func (Entity) AsHostEntity

func (e Entity) AsHostEntity() (*HostEntity, bool)

AsHostEntity is the BasicEntity implementation for Entity.

func (Entity) MarshalJSON

func (e Entity) MarshalJSON() ([]byte, error)

MarshalJSON is the custom marshaler for Entity.

type EntityKind

type EntityKind string

EntityKind enumerates the values for entity kind.

const (
	// Account Entity represents account in the system.
	Account EntityKind = "Account"
	// File Entity represents file in the system.
	File EntityKind = "File"
	// Host Entity represents host in the system.
	Host EntityKind = "Host"
)

func PossibleEntityKindValues

func PossibleEntityKindValues() []EntityKind

PossibleEntityKindValues returns an array of possible values for the EntityKind const type.

type EntityKind1

type EntityKind1 struct {
	// Kind - The kind of the entity. Possible values include: 'Account', 'Host', 'File'
	Kind EntityKind `json:"kind,omitempty"`
}

EntityKind1 describes an Azure resource with kind.

type EntityList

type EntityList struct {
	autorest.Response `json:"-"`
	// NextLink - READ-ONLY; URL to fetch the next set of entities.
	NextLink *string `json:"nextLink,omitempty"`
	// Value - Array of entities.
	Value *[]BasicEntity `json:"value,omitempty"`
}

EntityList list of all the entities.

func (EntityList) IsEmpty

func (el EntityList) IsEmpty() bool

IsEmpty returns true if the ListResult contains no values.

func (*EntityList) UnmarshalJSON

func (el *EntityList) UnmarshalJSON(body []byte) error

UnmarshalJSON is the custom unmarshaler for EntityList struct.

type EntityListIterator

type EntityListIterator struct {
	// contains filtered or unexported fields
}

EntityListIterator provides access to a complete listing of Entity values.

func NewEntityListIterator

func NewEntityListIterator(page EntityListPage) EntityListIterator

Creates a new instance of the EntityListIterator type.

func (*EntityListIterator) Next

func (iter *EntityListIterator) Next() error

Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.

func (*EntityListIterator) NextWithContext

func (iter *EntityListIterator) NextWithContext(ctx context.Context) (err error)

NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.

func (EntityListIterator) NotDone

func (iter EntityListIterator) NotDone() bool

NotDone returns true if the enumeration should be started or is not yet complete.

func (EntityListIterator) Response

func (iter EntityListIterator) Response() EntityList

Response returns the raw server response from the last page request.

func (EntityListIterator) Value

func (iter EntityListIterator) Value() BasicEntity

Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.

type EntityListPage

type EntityListPage struct {
	// contains filtered or unexported fields
}

EntityListPage contains a page of BasicEntity values.

func NewEntityListPage

func NewEntityListPage(getNextPage func(context.Context, EntityList) (EntityList, error)) EntityListPage

Creates a new instance of the EntityListPage type.

func (*EntityListPage) Next

func (page *EntityListPage) Next() error

Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.

func (*EntityListPage) NextWithContext

func (page *EntityListPage) NextWithContext(ctx context.Context) (err error)

NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.

func (EntityListPage) NotDone

func (page EntityListPage) NotDone() bool

NotDone returns true if the page enumeration should be started or is not yet complete.

func (EntityListPage) Response

func (page EntityListPage) Response() EntityList

Response returns the raw server response from the last page request.

func (EntityListPage) Values

func (page EntityListPage) Values() []BasicEntity

Values returns the slice of values for the current page or nil if there are no values.

type EntityModel

type EntityModel struct {
	autorest.Response `json:"-"`
	Value             BasicEntity `json:"value,omitempty"`
}

EntityModel ...

func (*EntityModel) UnmarshalJSON

func (em *EntityModel) UnmarshalJSON(body []byte) error

UnmarshalJSON is the custom unmarshaler for EntityModel struct.

type EntityQueriesClient

type EntityQueriesClient struct {
	BaseClient
}

EntityQueriesClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider

func NewEntityQueriesClient

func NewEntityQueriesClient(subscriptionID string) EntityQueriesClient

NewEntityQueriesClient creates an instance of the EntityQueriesClient client.

func NewEntityQueriesClientWithBaseURI

func NewEntityQueriesClientWithBaseURI(baseURI string, subscriptionID string) EntityQueriesClient

NewEntityQueriesClientWithBaseURI creates an instance of the EntityQueriesClient client.

func (EntityQueriesClient) Get

func (client EntityQueriesClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityQueryID string) (result EntityQuery, err error)

Get gets an entity query. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace. entityQueryID - entity query ID

func (EntityQueriesClient) GetPreparer

func (client EntityQueriesClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityQueryID string) (*http.Request, error)

GetPreparer prepares the Get request.

func (EntityQueriesClient) GetResponder

func (client EntityQueriesClient) GetResponder(resp *http.Response) (result EntityQuery, err error)

GetResponder handles the response to the Get request. The method always closes the http.Response Body.

func (EntityQueriesClient) GetSender

func (client EntityQueriesClient) GetSender(req *http.Request) (*http.Response, error)

GetSender sends the Get request. The method will close the http.Response Body if it receives an error.

func (EntityQueriesClient) List

func (client EntityQueriesClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result EntityQueryListPage, err error)

List gets all entity queries. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace.

func (EntityQueriesClient) ListComplete

func (client EntityQueriesClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result EntityQueryListIterator, err error)

ListComplete enumerates all values, automatically crossing page boundaries as required.

func (EntityQueriesClient) ListPreparer

func (client EntityQueriesClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (*http.Request, error)

ListPreparer prepares the List request.

func (EntityQueriesClient) ListResponder

func (client EntityQueriesClient) ListResponder(resp *http.Response) (result EntityQueryList, err error)

ListResponder handles the response to the List request. The method always closes the http.Response Body.

func (EntityQueriesClient) ListSender

func (client EntityQueriesClient) ListSender(req *http.Request) (*http.Response, error)

ListSender sends the List request. The method will close the http.Response Body if it receives an error.

type EntityQuery

type EntityQuery struct {
	autorest.Response `json:"-"`
	// EntityQueryProperties - Entity query properties
	*EntityQueryProperties `json:"properties,omitempty"`
	// ID - READ-ONLY; Azure resource Id
	ID *string `json:"id,omitempty"`
	// Type - READ-ONLY; Azure resource type
	Type *string `json:"type,omitempty"`
	// Name - READ-ONLY; Azure resource name
	Name *string `json:"name,omitempty"`
}

EntityQuery specific entity query.

func (EntityQuery) MarshalJSON

func (eq EntityQuery) MarshalJSON() ([]byte, error)

MarshalJSON is the custom marshaler for EntityQuery.

func (*EntityQuery) UnmarshalJSON

func (eq *EntityQuery) UnmarshalJSON(body []byte) error

UnmarshalJSON is the custom unmarshaler for EntityQuery struct.

type EntityQueryList

type EntityQueryList struct {
	autorest.Response `json:"-"`
	// NextLink - READ-ONLY; URL to fetch the next set of entity queries.
	NextLink *string `json:"nextLink,omitempty"`
	// Value - Array of entity queries.
	Value *[]EntityQuery `json:"value,omitempty"`
}

EntityQueryList list of all the entity queries.

func (EntityQueryList) IsEmpty

func (eql EntityQueryList) IsEmpty() bool

IsEmpty returns true if the ListResult contains no values.

type EntityQueryListIterator

type EntityQueryListIterator struct {
	// contains filtered or unexported fields
}

EntityQueryListIterator provides access to a complete listing of EntityQuery values.

func NewEntityQueryListIterator

func NewEntityQueryListIterator(page EntityQueryListPage) EntityQueryListIterator

Creates a new instance of the EntityQueryListIterator type.

func (*EntityQueryListIterator) Next

func (iter *EntityQueryListIterator) Next() error

Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.

func (*EntityQueryListIterator) NextWithContext

func (iter *EntityQueryListIterator) NextWithContext(ctx context.Context) (err error)

NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.

func (EntityQueryListIterator) NotDone

func (iter EntityQueryListIterator) NotDone() bool

NotDone returns true if the enumeration should be started or is not yet complete.

func (EntityQueryListIterator) Response

func (iter EntityQueryListIterator) Response() EntityQueryList

Response returns the raw server response from the last page request.

func (EntityQueryListIterator) Value

func (iter EntityQueryListIterator) Value() EntityQuery

Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.

type EntityQueryListPage

type EntityQueryListPage struct {
	// contains filtered or unexported fields
}

EntityQueryListPage contains a page of EntityQuery values.

func NewEntityQueryListPage

func NewEntityQueryListPage(getNextPage func(context.Context, EntityQueryList) (EntityQueryList, error)) EntityQueryListPage

Creates a new instance of the EntityQueryListPage type.

func (*EntityQueryListPage) Next

func (page *EntityQueryListPage) Next() error

Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.

func (*EntityQueryListPage) NextWithContext

func (page *EntityQueryListPage) NextWithContext(ctx context.Context) (err error)

NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.

func (EntityQueryListPage) NotDone

func (page EntityQueryListPage) NotDone() bool

NotDone returns true if the page enumeration should be started or is not yet complete.

func (EntityQueryListPage) Response

func (page EntityQueryListPage) Response() EntityQueryList

Response returns the raw server response from the last page request.

func (EntityQueryListPage) Values

func (page EntityQueryListPage) Values() []EntityQuery

Values returns the slice of values for the current page or nil if there are no values.

type EntityQueryProperties

type EntityQueryProperties struct {
	// QueryTemplate - The template query string to be parsed and formatted
	QueryTemplate *string `json:"queryTemplate,omitempty"`
	// InputEntityType - The type of the query's source entity
	InputEntityType *string `json:"inputEntityType,omitempty"`
	// InputFields - List of the fields of the source entity that are required to run the query
	InputFields *[]string `json:"inputFields,omitempty"`
	// OutputEntityTypes - List of the desired output types to be constructed from the result
	OutputEntityTypes *[]string `json:"outputEntityTypes,omitempty"`
	// DataSources - List of the data sources that are required to run the query
	DataSources *[]string `json:"dataSources,omitempty"`
	// DisplayName - The query display name
	DisplayName *string `json:"displayName,omitempty"`
}

EntityQueryProperties describes entity query properties

type FileEntity

type FileEntity struct {
	// FileEntityProperties - File entity properties
	*FileEntityProperties `json:"properties,omitempty"`
	// ID - READ-ONLY; Azure resource Id
	ID *string `json:"id,omitempty"`
	// Type - READ-ONLY; Azure resource type
	Type *string `json:"type,omitempty"`
	// Name - READ-ONLY; Azure resource name
	Name *string `json:"name,omitempty"`
	// Kind - Possible values include: 'KindEntity', 'KindAccount', 'KindHost', 'KindFile'
	Kind KindBasicEntity `json:"kind,omitempty"`
}

FileEntity represents a file entity.

func (FileEntity) AsAccountEntity

func (fe FileEntity) AsAccountEntity() (*AccountEntity, bool)

AsAccountEntity is the BasicEntity implementation for FileEntity.

func (FileEntity) AsBasicEntity

func (fe FileEntity) AsBasicEntity() (BasicEntity, bool)

AsBasicEntity is the BasicEntity implementation for FileEntity.

func (FileEntity) AsEntity

func (fe FileEntity) AsEntity() (*Entity, bool)

AsEntity is the BasicEntity implementation for FileEntity.

func (FileEntity) AsFileEntity

func (fe FileEntity) AsFileEntity() (*FileEntity, bool)

AsFileEntity is the BasicEntity implementation for FileEntity.

func (FileEntity) AsHostEntity

func (fe FileEntity) AsHostEntity() (*HostEntity, bool)

AsHostEntity is the BasicEntity implementation for FileEntity.

func (FileEntity) MarshalJSON

func (fe FileEntity) MarshalJSON() ([]byte, error)

MarshalJSON is the custom marshaler for FileEntity.

func (*FileEntity) UnmarshalJSON

func (fe *FileEntity) UnmarshalJSON(body []byte) error

UnmarshalJSON is the custom unmarshaler for FileEntity struct.

type FileEntityProperties

type FileEntityProperties struct {
	// Directory - READ-ONLY; The full path to the file.
	Directory *string `json:"directory,omitempty"`
	// FileName - READ-ONLY; The file name without path (some alerts might not include path).
	FileName *string `json:"fileName,omitempty"`
}

FileEntityProperties file entity property bag.

type HostEntity

type HostEntity struct {
	// HostEntityProperties - Host entity properties
	*HostEntityProperties `json:"properties,omitempty"`
	// ID - READ-ONLY; Azure resource Id
	ID *string `json:"id,omitempty"`
	// Type - READ-ONLY; Azure resource type
	Type *string `json:"type,omitempty"`
	// Name - READ-ONLY; Azure resource name
	Name *string `json:"name,omitempty"`
	// Kind - Possible values include: 'KindEntity', 'KindAccount', 'KindHost', 'KindFile'
	Kind KindBasicEntity `json:"kind,omitempty"`
}

HostEntity represents a host entity.

func (HostEntity) AsAccountEntity

func (he HostEntity) AsAccountEntity() (*AccountEntity, bool)

AsAccountEntity is the BasicEntity implementation for HostEntity.

func (HostEntity) AsBasicEntity

func (he HostEntity) AsBasicEntity() (BasicEntity, bool)

AsBasicEntity is the BasicEntity implementation for HostEntity.

func (HostEntity) AsEntity

func (he HostEntity) AsEntity() (*Entity, bool)

AsEntity is the BasicEntity implementation for HostEntity.

func (HostEntity) AsFileEntity

func (he HostEntity) AsFileEntity() (*FileEntity, bool)

AsFileEntity is the BasicEntity implementation for HostEntity.

func (HostEntity) AsHostEntity

func (he HostEntity) AsHostEntity() (*HostEntity, bool)

AsHostEntity is the BasicEntity implementation for HostEntity.

func (HostEntity) MarshalJSON

func (he HostEntity) MarshalJSON() ([]byte, error)

MarshalJSON is the custom marshaler for HostEntity.

func (*HostEntity) UnmarshalJSON

func (he *HostEntity) UnmarshalJSON(body []byte) error

UnmarshalJSON is the custom unmarshaler for HostEntity struct.

type HostEntityProperties

type HostEntityProperties struct {
	// DNSDomain - READ-ONLY; The DNS domain that this host belongs to. Should contain the compete DNS suffix for the domain
	DNSDomain *string `json:"dnsDomain,omitempty"`
	// NtDomain - READ-ONLY; The NT domain that this host belongs to.
	NtDomain *string `json:"ntDomain,omitempty"`
	// HostName - READ-ONLY; The hostname without the domain suffix.
	HostName *string `json:"hostName,omitempty"`
	// NetBiosName - READ-ONLY; The host name (pre-windows2000).
	NetBiosName *string `json:"netBiosName,omitempty"`
	// AzureID - READ-ONLY; The azure resource id of the VM.
	AzureID *string `json:"azureID,omitempty"`
	// OmsAgentID - READ-ONLY; The OMS agent id, if the host has OMS agent installed.
	OmsAgentID *string `json:"omsAgentID,omitempty"`
	// OsFamily - The operating system type. Possible values include: 'Linux', 'Windows', 'Android', 'IOS'
	OsFamily OSFamily `json:"osFamily,omitempty"`
	// OsVersion - READ-ONLY; A free text representation of the operating system. This field is meant to hold specific versions the are more fine grained than OSFamily or future values not supported by OSFamily enumeration
	OsVersion *string `json:"osVersion,omitempty"`
	// IsDomainJoined - READ-ONLY; Determines whether this host belongs to a domain.
	IsDomainJoined *bool `json:"isDomainJoined,omitempty"`
}

HostEntityProperties host entity property bag.

type Kind

type Kind string

Kind enumerates the values for kind.

const (
	// KindAlertRule ...
	KindAlertRule Kind = "AlertRule"
	// KindScheduled ...
	KindScheduled Kind = "Scheduled"
)

func PossibleKindValues

func PossibleKindValues() []Kind

PossibleKindValues returns an array of possible values for the Kind const type.

type KindBasicAggregations

type KindBasicAggregations string

KindBasicAggregations enumerates the values for kind basic aggregations.

const (
	// KindAggregations ...
	KindAggregations KindBasicAggregations = "Aggregations"
	// KindCasesAggregation ...
	KindCasesAggregation KindBasicAggregations = "CasesAggregation"
)

func PossibleKindBasicAggregationsValues

func PossibleKindBasicAggregationsValues() []KindBasicAggregations

PossibleKindBasicAggregationsValues returns an array of possible values for the KindBasicAggregations const type.

type KindBasicDataConnector

type KindBasicDataConnector string

KindBasicDataConnector enumerates the values for kind basic data connector.

const (
	// KindAmazonWebServicesCloudTrail ...
	KindAmazonWebServicesCloudTrail KindBasicDataConnector = "AmazonWebServicesCloudTrail"
	// KindAzureActiveDirectory ...
	KindAzureActiveDirectory KindBasicDataConnector = "AzureActiveDirectory"
	// KindAzureAdvancedThreatProtection ...
	KindAzureAdvancedThreatProtection KindBasicDataConnector = "AzureAdvancedThreatProtection"
	// KindAzureSecurityCenter ...
	KindAzureSecurityCenter KindBasicDataConnector = "AzureSecurityCenter"
	// KindDataConnector ...
	KindDataConnector KindBasicDataConnector = "DataConnector"
	// KindMicrosoftCloudAppSecurity ...
	KindMicrosoftCloudAppSecurity KindBasicDataConnector = "MicrosoftCloudAppSecurity"
	// KindMicrosoftDefenderAdvancedThreatProtection ...
	KindMicrosoftDefenderAdvancedThreatProtection KindBasicDataConnector = "MicrosoftDefenderAdvancedThreatProtection"
	// KindOffice365 ...
	KindOffice365 KindBasicDataConnector = "Office365"
	// KindThreatIntelligence ...
	KindThreatIntelligence KindBasicDataConnector = "ThreatIntelligence"
)

func PossibleKindBasicDataConnectorValues

func PossibleKindBasicDataConnectorValues() []KindBasicDataConnector

PossibleKindBasicDataConnectorValues returns an array of possible values for the KindBasicDataConnector const type.

type KindBasicEntity

type KindBasicEntity string

KindBasicEntity enumerates the values for kind basic entity.

const (
	// KindAccount ...
	KindAccount KindBasicEntity = "Account"
	// KindEntity ...
	KindEntity KindBasicEntity = "Entity"
	// KindFile ...
	KindFile KindBasicEntity = "File"
	// KindHost ...
	KindHost KindBasicEntity = "Host"
)

func PossibleKindBasicEntityValues

func PossibleKindBasicEntityValues() []KindBasicEntity

PossibleKindBasicEntityValues returns an array of possible values for the KindBasicEntity const type.

type KindBasicSettings

type KindBasicSettings string

KindBasicSettings enumerates the values for kind basic settings.

const (
	// KindSettings ...
	KindSettings KindBasicSettings = "Settings"
	// KindToggleSettings ...
	KindToggleSettings KindBasicSettings = "ToggleSettings"
	// KindUebaSettings ...
	KindUebaSettings KindBasicSettings = "UebaSettings"
)

func PossibleKindBasicSettingsValues

func PossibleKindBasicSettingsValues() []KindBasicSettings

PossibleKindBasicSettingsValues returns an array of possible values for the KindBasicSettings const type.

type LicenseStatus

type LicenseStatus string

LicenseStatus enumerates the values for license status.

const (
	// LicenseStatusDisabled ...
	LicenseStatusDisabled LicenseStatus = "Disabled"
	// LicenseStatusEnabled ...
	LicenseStatusEnabled LicenseStatus = "Enabled"
)

func PossibleLicenseStatusValues

func PossibleLicenseStatusValues() []LicenseStatus

PossibleLicenseStatusValues returns an array of possible values for the LicenseStatus const type.

type MCASDataConnector

type MCASDataConnector struct {
	// MCASDataConnectorProperties - MCAS (Microsoft Cloud App Security) data connector properties.
	*MCASDataConnectorProperties `json:"properties,omitempty"`
	// ID - READ-ONLY; Azure resource Id
	ID *string `json:"id,omitempty"`
	// Type - READ-ONLY; Azure resource type
	Type *string `json:"type,omitempty"`
	// Name - READ-ONLY; Azure resource name
	Name *string `json:"name,omitempty"`
	// Etag - Etag of the data connector.
	Etag *string `json:"etag,omitempty"`
	// Kind - Possible values include: 'KindDataConnector', 'KindOffice365', 'KindThreatIntelligence', 'KindAmazonWebServicesCloudTrail', 'KindAzureActiveDirectory', 'KindAzureSecurityCenter', 'KindMicrosoftCloudAppSecurity', 'KindAzureAdvancedThreatProtection', 'KindMicrosoftDefenderAdvancedThreatProtection'
	Kind KindBasicDataConnector `json:"kind,omitempty"`
}

MCASDataConnector represents MCAS (Microsoft Cloud App Security) data connector.

func (MCASDataConnector) AsAADDataConnector

func (mdc MCASDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

AsAADDataConnector is the BasicDataConnector implementation for MCASDataConnector.

func (MCASDataConnector) AsAATPDataConnector

func (mdc MCASDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

AsAATPDataConnector is the BasicDataConnector implementation for MCASDataConnector.

func (MCASDataConnector) AsASCDataConnector

func (mdc MCASDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

AsASCDataConnector is the BasicDataConnector implementation for MCASDataConnector.

func (MCASDataConnector) AsAwsCloudTrailDataConnector

func (mdc MCASDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for MCASDataConnector.

func (MCASDataConnector) AsBasicDataConnector

func (mdc MCASDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

AsBasicDataConnector is the BasicDataConnector implementation for MCASDataConnector.

func (MCASDataConnector) AsDataConnector

func (mdc MCASDataConnector) AsDataConnector() (*DataConnector, bool)

AsDataConnector is the BasicDataConnector implementation for MCASDataConnector.

func (MCASDataConnector) AsMCASDataConnector

func (mdc MCASDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

AsMCASDataConnector is the BasicDataConnector implementation for MCASDataConnector.

func (MCASDataConnector) AsMDATPDataConnector

func (mdc MCASDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

AsMDATPDataConnector is the BasicDataConnector implementation for MCASDataConnector.

func (MCASDataConnector) AsOfficeDataConnector

func (mdc MCASDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

AsOfficeDataConnector is the BasicDataConnector implementation for MCASDataConnector.

func (MCASDataConnector) AsTIDataConnector

func (mdc MCASDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

AsTIDataConnector is the BasicDataConnector implementation for MCASDataConnector.

func (MCASDataConnector) MarshalJSON

func (mdc MCASDataConnector) MarshalJSON() ([]byte, error)

MarshalJSON is the custom marshaler for MCASDataConnector.

func (*MCASDataConnector) UnmarshalJSON

func (mdc *MCASDataConnector) UnmarshalJSON(body []byte) error

UnmarshalJSON is the custom unmarshaler for MCASDataConnector struct.

type MCASDataConnectorDataTypes

type MCASDataConnectorDataTypes struct {
	// DiscoveryLogs - Discovery log data type connection.
	DiscoveryLogs *MCASDataConnectorDataTypesDiscoveryLogs `json:"discoveryLogs,omitempty"`
	// Alerts - Alerts data type connection.
	Alerts *AlertsDataTypeOfDataConnectorAlerts `json:"alerts,omitempty"`
}

MCASDataConnectorDataTypes the available data types for MCAS (Microsoft Cloud App Security) data connector.

type MCASDataConnectorDataTypesDiscoveryLogs

type MCASDataConnectorDataTypesDiscoveryLogs struct {
	// State - Describe whether this data type connection is enabled or not. Possible values include: 'Enabled', 'Disabled'
	State DataTypeState `json:"state,omitempty"`
}

MCASDataConnectorDataTypesDiscoveryLogs discovery log data type connection.

type MCASDataConnectorProperties

type MCASDataConnectorProperties struct {
	// DataTypes - The available data types for the connector.
	DataTypes *MCASDataConnectorDataTypes `json:"dataTypes,omitempty"`
	// TenantID - The tenant id to connect to, and get the data from.
	TenantID *string `json:"tenantId,omitempty"`
}

MCASDataConnectorProperties MCAS (Microsoft Cloud App Security) data connector properties.

type MDATPDataConnector

type MDATPDataConnector struct {
	// MDATPDataConnectorProperties - MDATP (Microsoft Defender Advanced Threat Protection) data connector properties.
	*MDATPDataConnectorProperties `json:"properties,omitempty"`
	// ID - READ-ONLY; Azure resource Id
	ID *string `json:"id,omitempty"`
	// Type - READ-ONLY; Azure resource type
	Type *string `json:"type,omitempty"`
	// Name - READ-ONLY; Azure resource name
	Name *string `json:"name,omitempty"`
	// Etag - Etag of the data connector.
	Etag *string `json:"etag,omitempty"`
	// Kind - Possible values include: 'KindDataConnector', 'KindOffice365', 'KindThreatIntelligence', 'KindAmazonWebServicesCloudTrail', 'KindAzureActiveDirectory', 'KindAzureSecurityCenter', 'KindMicrosoftCloudAppSecurity', 'KindAzureAdvancedThreatProtection', 'KindMicrosoftDefenderAdvancedThreatProtection'
	Kind KindBasicDataConnector `json:"kind,omitempty"`
}

MDATPDataConnector represents MDATP (Microsoft Defender Advanced Threat Protection) data connector.

func (MDATPDataConnector) AsAADDataConnector

func (mdc MDATPDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

AsAADDataConnector is the BasicDataConnector implementation for MDATPDataConnector.

func (MDATPDataConnector) AsAATPDataConnector

func (mdc MDATPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

AsAATPDataConnector is the BasicDataConnector implementation for MDATPDataConnector.

func (MDATPDataConnector) AsASCDataConnector

func (mdc MDATPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

AsASCDataConnector is the BasicDataConnector implementation for MDATPDataConnector.

func (MDATPDataConnector) AsAwsCloudTrailDataConnector

func (mdc MDATPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for MDATPDataConnector.

func (MDATPDataConnector) AsBasicDataConnector

func (mdc MDATPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

AsBasicDataConnector is the BasicDataConnector implementation for MDATPDataConnector.

func (MDATPDataConnector) AsDataConnector

func (mdc MDATPDataConnector) AsDataConnector() (*DataConnector, bool)

AsDataConnector is the BasicDataConnector implementation for MDATPDataConnector.

func (MDATPDataConnector) AsMCASDataConnector

func (mdc MDATPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

AsMCASDataConnector is the BasicDataConnector implementation for MDATPDataConnector.

func (MDATPDataConnector) AsMDATPDataConnector

func (mdc MDATPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

AsMDATPDataConnector is the BasicDataConnector implementation for MDATPDataConnector.

func (MDATPDataConnector) AsOfficeDataConnector

func (mdc MDATPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

AsOfficeDataConnector is the BasicDataConnector implementation for MDATPDataConnector.

func (MDATPDataConnector) AsTIDataConnector

func (mdc MDATPDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

AsTIDataConnector is the BasicDataConnector implementation for MDATPDataConnector.

func (MDATPDataConnector) MarshalJSON

func (mdc MDATPDataConnector) MarshalJSON() ([]byte, error)

MarshalJSON is the custom marshaler for MDATPDataConnector.

func (*MDATPDataConnector) UnmarshalJSON

func (mdc *MDATPDataConnector) UnmarshalJSON(body []byte) error

UnmarshalJSON is the custom unmarshaler for MDATPDataConnector struct.

type MDATPDataConnectorProperties

type MDATPDataConnectorProperties struct {
	// TenantID - The tenant id to connect to, and get the data from.
	TenantID *string `json:"tenantId,omitempty"`
	// DataTypes - The available data types for the connector.
	DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"`
}

MDATPDataConnectorProperties MDATP (Microsoft Defender Advanced Threat Protection) data connector properties.

type OSFamily

type OSFamily string

OSFamily enumerates the values for os family.

const (
	// Android Host with Android operating system.
	Android OSFamily = "Android"
	// IOS Host with IOS operating system.
	IOS OSFamily = "IOS"
	// Linux Host with Linux operating system.
	Linux OSFamily = "Linux"
	// Windows Host with Windows operating system.
	Windows OSFamily = "Windows"
)

func PossibleOSFamilyValues

func PossibleOSFamilyValues() []OSFamily

PossibleOSFamilyValues returns an array of possible values for the OSFamily const type.

type OfficeConsent

type OfficeConsent struct {
	autorest.Response `json:"-"`
	// OfficeConsentProperties - Office consent properties
	*OfficeConsentProperties `json:"properties,omitempty"`
	// ID - READ-ONLY; Azure resource Id
	ID *string `json:"id,omitempty"`
	// Type - READ-ONLY; Azure resource type
	Type *string `json:"type,omitempty"`
	// Name - READ-ONLY; Azure resource name
	Name *string `json:"name,omitempty"`
}

OfficeConsent consent for Office365 tenant that already made.

func (OfficeConsent) MarshalJSON

func (oc OfficeConsent) MarshalJSON() ([]byte, error)

MarshalJSON is the custom marshaler for OfficeConsent.

func (*OfficeConsent) UnmarshalJSON

func (oc *OfficeConsent) UnmarshalJSON(body []byte) error

UnmarshalJSON is the custom unmarshaler for OfficeConsent struct.

type OfficeConsentList

type OfficeConsentList struct {
	autorest.Response `json:"-"`
	// NextLink - READ-ONLY; URL to fetch the next set of office consents.
	NextLink *string `json:"nextLink,omitempty"`
	// Value - Array of the consents.
	Value *[]OfficeConsent `json:"value,omitempty"`
}

OfficeConsentList list of all the office365 consents.

func (OfficeConsentList) IsEmpty

func (ocl OfficeConsentList) IsEmpty() bool

IsEmpty returns true if the ListResult contains no values.

type OfficeConsentListIterator

type OfficeConsentListIterator struct {
	// contains filtered or unexported fields
}

OfficeConsentListIterator provides access to a complete listing of OfficeConsent values.

func NewOfficeConsentListIterator

func NewOfficeConsentListIterator(page OfficeConsentListPage) OfficeConsentListIterator

Creates a new instance of the OfficeConsentListIterator type.

func (*OfficeConsentListIterator) Next

func (iter *OfficeConsentListIterator) Next() error

Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.

func (*OfficeConsentListIterator) NextWithContext

func (iter *OfficeConsentListIterator) NextWithContext(ctx context.Context) (err error)

NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.

func (OfficeConsentListIterator) NotDone

func (iter OfficeConsentListIterator) NotDone() bool

NotDone returns true if the enumeration should be started or is not yet complete.

func (OfficeConsentListIterator) Response

Response returns the raw server response from the last page request.

func (OfficeConsentListIterator) Value

Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.

type OfficeConsentListPage

type OfficeConsentListPage struct {
	// contains filtered or unexported fields
}

OfficeConsentListPage contains a page of OfficeConsent values.

func NewOfficeConsentListPage

func NewOfficeConsentListPage(getNextPage func(context.Context, OfficeConsentList) (OfficeConsentList, error)) OfficeConsentListPage

Creates a new instance of the OfficeConsentListPage type.

func (*OfficeConsentListPage) Next

func (page *OfficeConsentListPage) Next() error

Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.

func (*OfficeConsentListPage) NextWithContext

func (page *OfficeConsentListPage) NextWithContext(ctx context.Context) (err error)

NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.

func (OfficeConsentListPage) NotDone

func (page OfficeConsentListPage) NotDone() bool

NotDone returns true if the page enumeration should be started or is not yet complete.

func (OfficeConsentListPage) Response

func (page OfficeConsentListPage) Response() OfficeConsentList

Response returns the raw server response from the last page request.

func (OfficeConsentListPage) Values

func (page OfficeConsentListPage) Values() []OfficeConsent

Values returns the slice of values for the current page or nil if there are no values.

type OfficeConsentProperties

type OfficeConsentProperties struct {
	// TenantID - The tenantId of the Office365 with the consent.
	TenantID *string `json:"tenantId,omitempty"`
	// TenantName - READ-ONLY; The tenant name of the Office365 with the consent.
	TenantName *string `json:"tenantName,omitempty"`
}

OfficeConsentProperties consent property bag.

type OfficeConsentsClient

type OfficeConsentsClient struct {
	BaseClient
}

OfficeConsentsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider

func NewOfficeConsentsClient

func NewOfficeConsentsClient(subscriptionID string) OfficeConsentsClient

NewOfficeConsentsClient creates an instance of the OfficeConsentsClient client.

func NewOfficeConsentsClientWithBaseURI

func NewOfficeConsentsClientWithBaseURI(baseURI string, subscriptionID string) OfficeConsentsClient

NewOfficeConsentsClientWithBaseURI creates an instance of the OfficeConsentsClient client.

func (OfficeConsentsClient) Delete

func (client OfficeConsentsClient) Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, consentID string) (result autorest.Response, err error)

Delete delete the office365 consent. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace. consentID - consent ID

func (OfficeConsentsClient) DeletePreparer

func (client OfficeConsentsClient) DeletePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, consentID string) (*http.Request, error)

DeletePreparer prepares the Delete request.

func (OfficeConsentsClient) DeleteResponder

func (client OfficeConsentsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

DeleteResponder handles the response to the Delete request. The method always closes the http.Response Body.

func (OfficeConsentsClient) DeleteSender

func (client OfficeConsentsClient) DeleteSender(req *http.Request) (*http.Response, error)

DeleteSender sends the Delete request. The method will close the http.Response Body if it receives an error.

func (OfficeConsentsClient) Get

func (client OfficeConsentsClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, consentID string) (result OfficeConsent, err error)

Get gets an office365 consent. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace. consentID - consent ID

func (OfficeConsentsClient) GetPreparer

func (client OfficeConsentsClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, consentID string) (*http.Request, error)

GetPreparer prepares the Get request.

func (OfficeConsentsClient) GetResponder

func (client OfficeConsentsClient) GetResponder(resp *http.Response) (result OfficeConsent, err error)

GetResponder handles the response to the Get request. The method always closes the http.Response Body.

func (OfficeConsentsClient) GetSender

func (client OfficeConsentsClient) GetSender(req *http.Request) (*http.Response, error)

GetSender sends the Get request. The method will close the http.Response Body if it receives an error.

func (OfficeConsentsClient) List

func (client OfficeConsentsClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result OfficeConsentListPage, err error)

List gets all office365 consents. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace.

func (OfficeConsentsClient) ListComplete

func (client OfficeConsentsClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result OfficeConsentListIterator, err error)

ListComplete enumerates all values, automatically crossing page boundaries as required.

func (OfficeConsentsClient) ListPreparer

func (client OfficeConsentsClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (*http.Request, error)

ListPreparer prepares the List request.

func (OfficeConsentsClient) ListResponder

func (client OfficeConsentsClient) ListResponder(resp *http.Response) (result OfficeConsentList, err error)

ListResponder handles the response to the List request. The method always closes the http.Response Body.

func (OfficeConsentsClient) ListSender

func (client OfficeConsentsClient) ListSender(req *http.Request) (*http.Response, error)

ListSender sends the List request. The method will close the http.Response Body if it receives an error.

type OfficeDataConnector

type OfficeDataConnector struct {
	// OfficeDataConnectorProperties - Office data connector properties.
	*OfficeDataConnectorProperties `json:"properties,omitempty"`
	// ID - READ-ONLY; Azure resource Id
	ID *string `json:"id,omitempty"`
	// Type - READ-ONLY; Azure resource type
	Type *string `json:"type,omitempty"`
	// Name - READ-ONLY; Azure resource name
	Name *string `json:"name,omitempty"`
	// Etag - Etag of the data connector.
	Etag *string `json:"etag,omitempty"`
	// Kind - Possible values include: 'KindDataConnector', 'KindOffice365', 'KindThreatIntelligence', 'KindAmazonWebServicesCloudTrail', 'KindAzureActiveDirectory', 'KindAzureSecurityCenter', 'KindMicrosoftCloudAppSecurity', 'KindAzureAdvancedThreatProtection', 'KindMicrosoftDefenderAdvancedThreatProtection'
	Kind KindBasicDataConnector `json:"kind,omitempty"`
}

OfficeDataConnector represents office data connector.

func (OfficeDataConnector) AsAADDataConnector

func (odc OfficeDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

AsAADDataConnector is the BasicDataConnector implementation for OfficeDataConnector.

func (OfficeDataConnector) AsAATPDataConnector

func (odc OfficeDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

AsAATPDataConnector is the BasicDataConnector implementation for OfficeDataConnector.

func (OfficeDataConnector) AsASCDataConnector

func (odc OfficeDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

AsASCDataConnector is the BasicDataConnector implementation for OfficeDataConnector.

func (OfficeDataConnector) AsAwsCloudTrailDataConnector

func (odc OfficeDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for OfficeDataConnector.

func (OfficeDataConnector) AsBasicDataConnector

func (odc OfficeDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

AsBasicDataConnector is the BasicDataConnector implementation for OfficeDataConnector.

func (OfficeDataConnector) AsDataConnector

func (odc OfficeDataConnector) AsDataConnector() (*DataConnector, bool)

AsDataConnector is the BasicDataConnector implementation for OfficeDataConnector.

func (OfficeDataConnector) AsMCASDataConnector

func (odc OfficeDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

AsMCASDataConnector is the BasicDataConnector implementation for OfficeDataConnector.

func (OfficeDataConnector) AsMDATPDataConnector

func (odc OfficeDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

AsMDATPDataConnector is the BasicDataConnector implementation for OfficeDataConnector.

func (OfficeDataConnector) AsOfficeDataConnector

func (odc OfficeDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

AsOfficeDataConnector is the BasicDataConnector implementation for OfficeDataConnector.

func (OfficeDataConnector) AsTIDataConnector

func (odc OfficeDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

AsTIDataConnector is the BasicDataConnector implementation for OfficeDataConnector.

func (OfficeDataConnector) MarshalJSON

func (odc OfficeDataConnector) MarshalJSON() ([]byte, error)

MarshalJSON is the custom marshaler for OfficeDataConnector.

func (*OfficeDataConnector) UnmarshalJSON

func (odc *OfficeDataConnector) UnmarshalJSON(body []byte) error

UnmarshalJSON is the custom unmarshaler for OfficeDataConnector struct.

type OfficeDataConnectorDataTypes

type OfficeDataConnectorDataTypes struct {
	// SharePoint - SharePoint data type connection.
	SharePoint *OfficeDataConnectorDataTypesSharePoint `json:"sharePoint,omitempty"`
	// Exchange - Exchange data type connection.
	Exchange *OfficeDataConnectorDataTypesExchange `json:"exchange,omitempty"`
}

OfficeDataConnectorDataTypes the available data types for office data connector.

type OfficeDataConnectorDataTypesExchange

type OfficeDataConnectorDataTypesExchange struct {
	// State - Describe whether this data type connection is enabled or not. Possible values include: 'Enabled', 'Disabled'
	State DataTypeState `json:"state,omitempty"`
}

OfficeDataConnectorDataTypesExchange exchange data type connection.

type OfficeDataConnectorDataTypesSharePoint

type OfficeDataConnectorDataTypesSharePoint struct {
	// State - Describe whether this data type connection is enabled or not. Possible values include: 'Enabled', 'Disabled'
	State DataTypeState `json:"state,omitempty"`
}

OfficeDataConnectorDataTypesSharePoint sharePoint data type connection.

type OfficeDataConnectorProperties

type OfficeDataConnectorProperties struct {
	// DataTypes - The available data types for the connector.
	DataTypes *OfficeDataConnectorDataTypes `json:"dataTypes,omitempty"`
	// TenantID - The tenant id to connect to, and get the data from.
	TenantID *string `json:"tenantId,omitempty"`
}

OfficeDataConnectorProperties office data connector properties.

type Operation

type Operation struct {
	// Name - Name of the operation
	Name *string `json:"name,omitempty"`
	// Display - Properties of the operation
	Display *OperationDisplay `json:"display,omitempty"`
}

Operation operation provided by provider

type OperationDisplay

type OperationDisplay struct {
	// Provider - Provider name
	Provider *string `json:"provider,omitempty"`
	// Resource - Resource name
	Resource *string `json:"resource,omitempty"`
	// Operation - Operation name
	Operation *string `json:"operation,omitempty"`
	// Description - Description of the operation
	Description *string `json:"description,omitempty"`
}

OperationDisplay properties of the operation

type OperationsClient

type OperationsClient struct {
	BaseClient
}

OperationsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider

func NewOperationsClient

func NewOperationsClient(subscriptionID string) OperationsClient

NewOperationsClient creates an instance of the OperationsClient client.

func NewOperationsClientWithBaseURI

func NewOperationsClientWithBaseURI(baseURI string, subscriptionID string) OperationsClient

NewOperationsClientWithBaseURI creates an instance of the OperationsClient client.

func (OperationsClient) List

func (client OperationsClient) List(ctx context.Context) (result OperationsListPage, err error)

List lists all operations available Azure Security Insights Resource Provider.

func (OperationsClient) ListComplete

func (client OperationsClient) ListComplete(ctx context.Context) (result OperationsListIterator, err error)

ListComplete enumerates all values, automatically crossing page boundaries as required.

func (OperationsClient) ListPreparer

func (client OperationsClient) ListPreparer(ctx context.Context) (*http.Request, error)

ListPreparer prepares the List request.

func (OperationsClient) ListResponder

func (client OperationsClient) ListResponder(resp *http.Response) (result OperationsList, err error)

ListResponder handles the response to the List request. The method always closes the http.Response Body.

func (OperationsClient) ListSender

func (client OperationsClient) ListSender(req *http.Request) (*http.Response, error)

ListSender sends the List request. The method will close the http.Response Body if it receives an error.

type OperationsList

type OperationsList struct {
	autorest.Response `json:"-"`
	// NextLink - URL to fetch the next set of operations.
	NextLink *string `json:"nextLink,omitempty"`
	// Value - Array of operations
	Value *[]Operation `json:"value,omitempty"`
}

OperationsList lists the operations available in the SecurityInsights RP.

func (OperationsList) IsEmpty

func (ol OperationsList) IsEmpty() bool

IsEmpty returns true if the ListResult contains no values.

type OperationsListIterator

type OperationsListIterator struct {
	// contains filtered or unexported fields
}

OperationsListIterator provides access to a complete listing of Operation values.

func NewOperationsListIterator

func NewOperationsListIterator(page OperationsListPage) OperationsListIterator

Creates a new instance of the OperationsListIterator type.

func (*OperationsListIterator) Next

func (iter *OperationsListIterator) Next() error

Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.

func (*OperationsListIterator) NextWithContext

func (iter *OperationsListIterator) NextWithContext(ctx context.Context) (err error)

NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.

func (OperationsListIterator) NotDone

func (iter OperationsListIterator) NotDone() bool

NotDone returns true if the enumeration should be started or is not yet complete.

func (OperationsListIterator) Response

func (iter OperationsListIterator) Response() OperationsList

Response returns the raw server response from the last page request.

func (OperationsListIterator) Value

func (iter OperationsListIterator) Value() Operation

Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.

type OperationsListPage

type OperationsListPage struct {
	// contains filtered or unexported fields
}

OperationsListPage contains a page of Operation values.

func NewOperationsListPage

func NewOperationsListPage(getNextPage func(context.Context, OperationsList) (OperationsList, error)) OperationsListPage

Creates a new instance of the OperationsListPage type.

func (*OperationsListPage) Next

func (page *OperationsListPage) Next() error

Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.

func (*OperationsListPage) NextWithContext

func (page *OperationsListPage) NextWithContext(ctx context.Context) (err error)

NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.

func (OperationsListPage) NotDone

func (page OperationsListPage) NotDone() bool

NotDone returns true if the page enumeration should be started or is not yet complete.

func (OperationsListPage) Response

func (page OperationsListPage) Response() OperationsList

Response returns the raw server response from the last page request.

func (OperationsListPage) Values

func (page OperationsListPage) Values() []Operation

Values returns the slice of values for the current page or nil if there are no values.

type ProductSettingsClient

type ProductSettingsClient struct {
	BaseClient
}

ProductSettingsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider

func NewProductSettingsClient

func NewProductSettingsClient(subscriptionID string) ProductSettingsClient

NewProductSettingsClient creates an instance of the ProductSettingsClient client.

func NewProductSettingsClientWithBaseURI

func NewProductSettingsClientWithBaseURI(baseURI string, subscriptionID string) ProductSettingsClient

NewProductSettingsClientWithBaseURI creates an instance of the ProductSettingsClient client.

func (ProductSettingsClient) Get

func (client ProductSettingsClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, settingsName string) (result SettingsModel, err error)

Get gets a setting. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace. settingsName - the setting name. Supports- Fusion, UEBA

func (ProductSettingsClient) GetPreparer

func (client ProductSettingsClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, settingsName string) (*http.Request, error)

GetPreparer prepares the Get request.

func (ProductSettingsClient) GetResponder

func (client ProductSettingsClient) GetResponder(resp *http.Response) (result SettingsModel, err error)

GetResponder handles the response to the Get request. The method always closes the http.Response Body.

func (ProductSettingsClient) GetSender

func (client ProductSettingsClient) GetSender(req *http.Request) (*http.Response, error)

GetSender sends the Get request. The method will close the http.Response Body if it receives an error.

func (ProductSettingsClient) Update

func (client ProductSettingsClient) Update(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, settingsName string, settings BasicSettings) (result SettingsModel, err error)

Update updates the setting. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. operationalInsightsResourceProvider - the namespace of workspaces resource provider- Microsoft.OperationalInsights. workspaceName - the name of the workspace. settingsName - the setting name. Supports- Fusion, UEBA settings - the setting

func (ProductSettingsClient) UpdatePreparer

func (client ProductSettingsClient) UpdatePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, settingsName string, settings BasicSettings) (*http.Request, error)

UpdatePreparer prepares the Update request.

func (ProductSettingsClient) UpdateResponder

func (client ProductSettingsClient) UpdateResponder(resp *http.Response) (result SettingsModel, err error)

UpdateResponder handles the response to the Update request. The method always closes the http.Response Body.

func (ProductSettingsClient) UpdateSender

func (client ProductSettingsClient) UpdateSender(req *http.Request) (*http.Response, error)

UpdateSender sends the Update request. The method will close the http.Response Body if it receives an error.

type Resource

type Resource struct {
	// ID - READ-ONLY; Azure resource Id
	ID *string `json:"id,omitempty"`
	// Type - READ-ONLY; Azure resource type
	Type *string `json:"type,omitempty"`
	// Name - READ-ONLY; Azure resource name
	Name *string `json:"name,omitempty"`
}

Resource an azure resource object

type ScheduledAlertRule

type ScheduledAlertRule struct {
	// ScheduledAlertRuleProperties - Scheduled alert rule properties
	*ScheduledAlertRuleProperties `json:"properties,omitempty"`
	// ID - READ-ONLY; Azure resource Id
	ID *string `json:"id,omitempty"`
	// Type - READ-ONLY; Azure resource type
	Type *string `json:"type,omitempty"`
	// Name - READ-ONLY; Azure resource name
	Name *string `json:"name,omitempty"`
	// Etag - Etag of the alert rule.
	Etag *string `json:"etag,omitempty"`
	// Kind - Possible values include: 'KindAlertRule', 'KindScheduled'
	Kind Kind `json:"kind,omitempty"`
}

ScheduledAlertRule represents scheduled alert rule.

func (ScheduledAlertRule) AsAlertRule

func (sar ScheduledAlertRule) AsAlertRule() (*AlertRule, bool)

AsAlertRule is the BasicAlertRule implementation for ScheduledAlertRule.

func (ScheduledAlertRule) AsBasicAlertRule

func (sar ScheduledAlertRule) AsBasicAlertRule() (BasicAlertRule, bool)

AsBasicAlertRule is the BasicAlertRule implementation for ScheduledAlertRule.

func (ScheduledAlertRule) AsScheduledAlertRule

func (sar ScheduledAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)

AsScheduledAlertRule is the BasicAlertRule implementation for ScheduledAlertRule.

func (ScheduledAlertRule) MarshalJSON

func (sar ScheduledAlertRule) MarshalJSON() ([]byte, error)

MarshalJSON is the custom marshaler for ScheduledAlertRule.

func (*ScheduledAlertRule) UnmarshalJSON

func (sar *ScheduledAlertRule) UnmarshalJSON(body []byte) error

UnmarshalJSON is the custom unmarshaler for ScheduledAlertRule struct.

type ScheduledAlertRuleProperties

type ScheduledAlertRuleProperties struct {
	// DisplayName - The display name for alerts created by this alert rule.
	DisplayName *string `json:"displayName,omitempty"`
	// Description - The description of the alert rule.
	Description *string `json:"description,omitempty"`
	// Severity - The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium', 'Low', 'Informational'
	Severity AlertSeverity `json:"severity,omitempty"`
	// Enabled - Determines whether this alert rule is enabled or disabled.
	Enabled *bool `json:"enabled,omitempty"`
	// Query - The query that creates alerts for this rule.
	Query *string `json:"query,omitempty"`
	// QueryFrequency - The frequency (in ISO 8601 duration format) for this alert rule to run.
	QueryFrequency *string `json:"queryFrequency,omitempty"`
	// QueryPeriod - The period (in ISO 8601 duration format) that this alert rule looks at.
	QueryPeriod *string `json:"queryPeriod,omitempty"`
	// TriggerOperator - The operation against the threshold that triggers alert rule. Possible values include: 'GreaterThan', 'LessThan', 'Equal', 'NotEqual'
	TriggerOperator TriggerOperator `json:"triggerOperator,omitempty"`
	// TriggerThreshold - The threshold triggers this alert rule.
	TriggerThreshold *int32 `json:"triggerThreshold,omitempty"`
	// SuppressionEnabled - Determines whether the suppression for this alert rule is enabled or disabled.
	SuppressionEnabled *bool `json:"suppressionEnabled,omitempty"`
	// SuppressionDuration - The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered.
	SuppressionDuration *string `json:"suppressionDuration,omitempty"`
	// LastModifiedUtc - READ-ONLY; The last time that this alert has been modified.
	LastModifiedUtc *string `json:"lastModifiedUtc,omitempty"`
}

ScheduledAlertRuleProperties alert rule property bag.

type SettingKind

type SettingKind string

SettingKind enumerates the values for setting kind.

const (
	// SettingKindToggleSettings ...
	SettingKindToggleSettings SettingKind = "ToggleSettings"
	// SettingKindUebaSettings ...
	SettingKindUebaSettings SettingKind = "UebaSettings"
)

func PossibleSettingKindValues

func PossibleSettingKindValues() []SettingKind

PossibleSettingKindValues returns an array of possible values for the SettingKind const type.

type Settings

type Settings struct {
	autorest.Response `json:"-"`
	// ID - READ-ONLY; Azure resource Id
	ID *string `json:"id,omitempty"`
	// Type - READ-ONLY; Azure resource type
	Type *string `json:"type,omitempty"`
	// Name - READ-ONLY; Azure resource name
	Name *string `json:"name,omitempty"`
	// Etag - Etag of the alert rule.
	Etag *string `json:"etag,omitempty"`
	// Kind - Possible values include: 'KindSettings', 'KindUebaSettings', 'KindToggleSettings'
	Kind KindBasicSettings `json:"kind,omitempty"`
}

Settings the Setting.

func (Settings) AsBasicSettings

func (s Settings) AsBasicSettings() (BasicSettings, bool)

AsBasicSettings is the BasicSettings implementation for Settings.

func (Settings) AsSettings

func (s Settings) AsSettings() (*Settings, bool)

AsSettings is the BasicSettings implementation for Settings.

func (Settings) AsToggleSettings

func (s Settings) AsToggleSettings() (*ToggleSettings, bool)

AsToggleSettings is the BasicSettings implementation for Settings.

func (Settings) AsUebaSettings

func (s Settings) AsUebaSettings() (*UebaSettings, bool)

AsUebaSettings is the BasicSettings implementation for Settings.

func (Settings) MarshalJSON

func (s Settings) MarshalJSON() ([]byte, error)

MarshalJSON is the custom marshaler for Settings.

type SettingsKind

type SettingsKind struct {
	// Kind - The kind of the setting. Possible values include: 'SettingKindUebaSettings', 'SettingKindToggleSettings'
	Kind SettingKind `json:"kind,omitempty"`
}

SettingsKind describes an Azure resource with kind.

type SettingsModel

type SettingsModel struct {
	autorest.Response `json:"-"`
	Value             BasicSettings `json:"value,omitempty"`
}

SettingsModel ...

func (*SettingsModel) UnmarshalJSON

func (sm *SettingsModel) UnmarshalJSON(body []byte) error

UnmarshalJSON is the custom unmarshaler for SettingsModel struct.

type StatusInMcas

type StatusInMcas string

StatusInMcas enumerates the values for status in mcas.

const (
	// StatusInMcasDisabled ...
	StatusInMcasDisabled StatusInMcas = "Disabled"
	// StatusInMcasEnabled ...
	StatusInMcasEnabled StatusInMcas = "Enabled"
)

func PossibleStatusInMcasValues

func PossibleStatusInMcasValues() []StatusInMcas

PossibleStatusInMcasValues returns an array of possible values for the StatusInMcas const type.

type TIDataConnector

type TIDataConnector struct {
	// TIDataConnectorProperties - TI (Threat Intelligence) data connector properties.
	*TIDataConnectorProperties `json:"properties,omitempty"`
	// ID - READ-ONLY; Azure resource Id
	ID *string `json:"id,omitempty"`
	// Type - READ-ONLY; Azure resource type
	Type *string `json:"type,omitempty"`
	// Name - READ-ONLY; Azure resource name
	Name *string `json:"name,omitempty"`
	// Etag - Etag of the data connector.
	Etag *string `json:"etag,omitempty"`
	// Kind - Possible values include: 'KindDataConnector', 'KindOffice365', 'KindThreatIntelligence', 'KindAmazonWebServicesCloudTrail', 'KindAzureActiveDirectory', 'KindAzureSecurityCenter', 'KindMicrosoftCloudAppSecurity', 'KindAzureAdvancedThreatProtection', 'KindMicrosoftDefenderAdvancedThreatProtection'
	Kind KindBasicDataConnector `json:"kind,omitempty"`
}

TIDataConnector represents threat intelligence data connector.

func (TIDataConnector) AsAADDataConnector

func (tdc TIDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

AsAADDataConnector is the BasicDataConnector implementation for TIDataConnector.

func (TIDataConnector) AsAATPDataConnector

func (tdc TIDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

AsAATPDataConnector is the BasicDataConnector implementation for TIDataConnector.

func (TIDataConnector) AsASCDataConnector

func (tdc TIDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

AsASCDataConnector is the BasicDataConnector implementation for TIDataConnector.

func (TIDataConnector) AsAwsCloudTrailDataConnector

func (tdc TIDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for TIDataConnector.

func (TIDataConnector) AsBasicDataConnector

func (tdc TIDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

AsBasicDataConnector is the BasicDataConnector implementation for TIDataConnector.

func (TIDataConnector) AsDataConnector

func (tdc TIDataConnector) AsDataConnector() (*DataConnector, bool)

AsDataConnector is the BasicDataConnector implementation for TIDataConnector.

func (TIDataConnector) AsMCASDataConnector

func (tdc TIDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

AsMCASDataConnector is the BasicDataConnector implementation for TIDataConnector.

func (TIDataConnector) AsMDATPDataConnector

func (tdc TIDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

AsMDATPDataConnector is the BasicDataConnector implementation for TIDataConnector.

func (TIDataConnector) AsOfficeDataConnector

func (tdc TIDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

AsOfficeDataConnector is the BasicDataConnector implementation for TIDataConnector.

func (TIDataConnector) AsTIDataConnector

func (tdc TIDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

AsTIDataConnector is the BasicDataConnector implementation for TIDataConnector.

func (TIDataConnector) MarshalJSON

func (tdc TIDataConnector) MarshalJSON() ([]byte, error)

MarshalJSON is the custom marshaler for TIDataConnector.

func (*TIDataConnector) UnmarshalJSON

func (tdc *TIDataConnector) UnmarshalJSON(body []byte) error

UnmarshalJSON is the custom unmarshaler for TIDataConnector struct.

type TIDataConnectorDataTypes

type TIDataConnectorDataTypes struct {
	// Indicators - Data type for indicators connection.
	Indicators *TIDataConnectorDataTypesIndicators `json:"indicators,omitempty"`
}

TIDataConnectorDataTypes the available data types for TI (Threat Intelligence) data connector.

type TIDataConnectorDataTypesIndicators

type TIDataConnectorDataTypesIndicators struct {
	// State - Describe whether this data type connection is enabled or not. Possible values include: 'Enabled', 'Disabled'
	State DataTypeState `json:"state,omitempty"`
}

TIDataConnectorDataTypesIndicators data type for indicators connection.

type TIDataConnectorProperties

type TIDataConnectorProperties struct {
	// DataTypes - The available data types for the connector.
	DataTypes *TIDataConnectorDataTypes `json:"dataTypes,omitempty"`
	// TenantID - The tenant id to connect to, and get the data from.
	TenantID *string `json:"tenantId,omitempty"`
}

TIDataConnectorProperties TI (Threat Intelligence) data connector properties.

type ToggleSettings

type ToggleSettings struct {
	// ToggleSettingsProperties - toggle properties
	*ToggleSettingsProperties `json:"properties,omitempty"`
	// ID - READ-ONLY; Azure resource Id
	ID *string `json:"id,omitempty"`
	// Type - READ-ONLY; Azure resource type
	Type *string `json:"type,omitempty"`
	// Name - READ-ONLY; Azure resource name
	Name *string `json:"name,omitempty"`
	// Etag - Etag of the alert rule.
	Etag *string `json:"etag,omitempty"`
	// Kind - Possible values include: 'KindSettings', 'KindUebaSettings', 'KindToggleSettings'
	Kind KindBasicSettings `json:"kind,omitempty"`
}

ToggleSettings settings with single toggle.

func (ToggleSettings) AsBasicSettings

func (ts ToggleSettings) AsBasicSettings() (BasicSettings, bool)

AsBasicSettings is the BasicSettings implementation for ToggleSettings.

func (ToggleSettings) AsSettings

func (ts ToggleSettings) AsSettings() (*Settings, bool)

AsSettings is the BasicSettings implementation for ToggleSettings.

func (ToggleSettings) AsToggleSettings

func (ts ToggleSettings) AsToggleSettings() (*ToggleSettings, bool)

AsToggleSettings is the BasicSettings implementation for ToggleSettings.

func (ToggleSettings) AsUebaSettings

func (ts ToggleSettings) AsUebaSettings() (*UebaSettings, bool)

AsUebaSettings is the BasicSettings implementation for ToggleSettings.

func (ToggleSettings) MarshalJSON

func (ts ToggleSettings) MarshalJSON() ([]byte, error)

MarshalJSON is the custom marshaler for ToggleSettings.

func (*ToggleSettings) UnmarshalJSON

func (ts *ToggleSettings) UnmarshalJSON(body []byte) error

UnmarshalJSON is the custom unmarshaler for ToggleSettings struct.

type ToggleSettingsProperties

type ToggleSettingsProperties struct {
	// IsEnabled - Determines whether the setting is enable or disabled.
	IsEnabled *bool `json:"isEnabled,omitempty"`
}

ToggleSettingsProperties toggle property bag.

type TriggerOperator

type TriggerOperator string

TriggerOperator enumerates the values for trigger operator.

const (
	// Equal ...
	Equal TriggerOperator = "Equal"
	// GreaterThan ...
	GreaterThan TriggerOperator = "GreaterThan"
	// LessThan ...
	LessThan TriggerOperator = "LessThan"
	// NotEqual ...
	NotEqual TriggerOperator = "NotEqual"
)

func PossibleTriggerOperatorValues

func PossibleTriggerOperatorValues() []TriggerOperator

PossibleTriggerOperatorValues returns an array of possible values for the TriggerOperator const type.

type UebaSettings

type UebaSettings struct {
	// UebaSettingsProperties - User and Entity Behavior Analytics settings properties
	*UebaSettingsProperties `json:"properties,omitempty"`
	// ID - READ-ONLY; Azure resource Id
	ID *string `json:"id,omitempty"`
	// Type - READ-ONLY; Azure resource type
	Type *string `json:"type,omitempty"`
	// Name - READ-ONLY; Azure resource name
	Name *string `json:"name,omitempty"`
	// Etag - Etag of the alert rule.
	Etag *string `json:"etag,omitempty"`
	// Kind - Possible values include: 'KindSettings', 'KindUebaSettings', 'KindToggleSettings'
	Kind KindBasicSettings `json:"kind,omitempty"`
}

UebaSettings represents settings for User and Entity Behavior Analytics enablement.

func (UebaSettings) AsBasicSettings

func (us UebaSettings) AsBasicSettings() (BasicSettings, bool)

AsBasicSettings is the BasicSettings implementation for UebaSettings.

func (UebaSettings) AsSettings

func (us UebaSettings) AsSettings() (*Settings, bool)

AsSettings is the BasicSettings implementation for UebaSettings.

func (UebaSettings) AsToggleSettings

func (us UebaSettings) AsToggleSettings() (*ToggleSettings, bool)

AsToggleSettings is the BasicSettings implementation for UebaSettings.

func (UebaSettings) AsUebaSettings

func (us UebaSettings) AsUebaSettings() (*UebaSettings, bool)

AsUebaSettings is the BasicSettings implementation for UebaSettings.

func (UebaSettings) MarshalJSON

func (us UebaSettings) MarshalJSON() ([]byte, error)

MarshalJSON is the custom marshaler for UebaSettings.

func (*UebaSettings) UnmarshalJSON

func (us *UebaSettings) UnmarshalJSON(body []byte) error

UnmarshalJSON is the custom unmarshaler for UebaSettings struct.

type UebaSettingsProperties

type UebaSettingsProperties struct {
	// IsEnabled - Determines whether User and Entity Behavior Analytics is enabled for this workspace.
	IsEnabled *bool `json:"isEnabled,omitempty"`
	// StatusInMcas - READ-ONLY; Determines whether User and Entity Behavior Analytics is enabled from MCAS (Microsoft Cloud App Security). Possible values include: 'StatusInMcasEnabled', 'StatusInMcasDisabled'
	StatusInMcas StatusInMcas `json:"statusInMcas,omitempty"`
	// AtpLicenseStatus - READ-ONLY; Determines whether the tenant has ATP (Advanced Threat Protection) license. Possible values include: 'LicenseStatusEnabled', 'LicenseStatusDisabled'
	AtpLicenseStatus LicenseStatus `json:"atpLicenseStatus,omitempty"`
}

UebaSettingsProperties user and Entity Behavior Analytics settings property bag.

type UserInfo

type UserInfo struct {
	// ObjectID - The object id of the user.
	ObjectID *uuid.UUID `json:"objectId,omitempty"`
	// Email - The email of the user.
	Email *string `json:"email,omitempty"`
	// Name - The name of the user.
	Name *string `json:"name,omitempty"`
}

UserInfo user information that made some action

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL