Documentation ¶
Overview ¶
Deprecated: Please note, this package has been deprecated. A replacement package is available github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights(https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights). We strongly encourage you to upgrade to continue receiving updates. See [Migration Guide](https://aka.ms/azsdk/golang/t2/migration) for guidance on upgrading. Refer to our [deprecation policy](https://azure.github.io/azure-sdk/policies_support.html) for more details.
Package securityinsight implements the Azure ARM Securityinsight service API version 2021-09-01-preview.
API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
Index ¶
- Constants
- func UserAgent() string
- func Version() string
- type AADCheckRequirements
- func (acr AADCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
- func (acr AADCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
- func (acr AADCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
- func (acr AADCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
- func (acr AADCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
- func (acr AADCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
- func (acr AADCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
- func (acr AADCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
- func (acr AADCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
- func (acr AADCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
- func (acr AADCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
- func (acr AADCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
- func (acr AADCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
- func (acr AADCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
- func (acr AADCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
- func (acr AADCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
- func (acr AADCheckRequirements) MarshalJSON() ([]byte, error)
- func (acr *AADCheckRequirements) UnmarshalJSON(body []byte) error
- type AADCheckRequirementsProperties
- type AADDataConnector
- func (adc AADDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
- func (adc AADDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
- func (adc AADDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
- func (adc AADDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
- func (adc AADDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
- func (adc AADDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
- func (adc AADDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
- func (adc AADDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
- func (adc AADDataConnector) AsDataConnector() (*DataConnector, bool)
- func (adc AADDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
- func (adc AADDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
- func (adc AADDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
- func (adc AADDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
- func (adc AADDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
- func (adc AADDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
- func (adc AADDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
- func (adc AADDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
- func (adc AADDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
- func (adc AADDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
- func (adc AADDataConnector) MarshalJSON() ([]byte, error)
- func (adc *AADDataConnector) UnmarshalJSON(body []byte) error
- type AADDataConnectorProperties
- type AATPCheckRequirements
- func (acr AATPCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
- func (acr AATPCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
- func (acr AATPCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
- func (acr AATPCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
- func (acr AATPCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
- func (acr AATPCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
- func (acr AATPCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
- func (acr AATPCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
- func (acr AATPCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
- func (acr AATPCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
- func (acr AATPCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
- func (acr AATPCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
- func (acr AATPCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
- func (acr AATPCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
- func (acr AATPCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
- func (acr AATPCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
- func (acr AATPCheckRequirements) MarshalJSON() ([]byte, error)
- func (acr *AATPCheckRequirements) UnmarshalJSON(body []byte) error
- type AATPCheckRequirementsProperties
- type AATPDataConnector
- func (adc AATPDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
- func (adc AATPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
- func (adc AATPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
- func (adc AATPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
- func (adc AATPDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
- func (adc AATPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
- func (adc AATPDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
- func (adc AATPDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
- func (adc AATPDataConnector) AsDataConnector() (*DataConnector, bool)
- func (adc AATPDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
- func (adc AATPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
- func (adc AATPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
- func (adc AATPDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
- func (adc AATPDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
- func (adc AATPDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
- func (adc AATPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
- func (adc AATPDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
- func (adc AATPDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
- func (adc AATPDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
- func (adc AATPDataConnector) MarshalJSON() ([]byte, error)
- func (adc *AATPDataConnector) UnmarshalJSON(body []byte) error
- type AATPDataConnectorProperties
- type APIPollingParameters
- type ASCCheckRequirements
- func (acr ASCCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
- func (acr ASCCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
- func (acr ASCCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
- func (acr ASCCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
- func (acr ASCCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
- func (acr ASCCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
- func (acr ASCCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
- func (acr ASCCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
- func (acr ASCCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
- func (acr ASCCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
- func (acr ASCCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
- func (acr ASCCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
- func (acr ASCCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
- func (acr ASCCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
- func (acr ASCCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
- func (acr ASCCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
- func (acr ASCCheckRequirements) MarshalJSON() ([]byte, error)
- func (acr *ASCCheckRequirements) UnmarshalJSON(body []byte) error
- type ASCCheckRequirementsProperties
- type ASCDataConnector
- func (adc ASCDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
- func (adc ASCDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
- func (adc ASCDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
- func (adc ASCDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
- func (adc ASCDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
- func (adc ASCDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
- func (adc ASCDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
- func (adc ASCDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
- func (adc ASCDataConnector) AsDataConnector() (*DataConnector, bool)
- func (adc ASCDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
- func (adc ASCDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
- func (adc ASCDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
- func (adc ASCDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
- func (adc ASCDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
- func (adc ASCDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
- func (adc ASCDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
- func (adc ASCDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
- func (adc ASCDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
- func (adc ASCDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
- func (adc ASCDataConnector) MarshalJSON() ([]byte, error)
- func (adc *ASCDataConnector) UnmarshalJSON(body []byte) error
- type ASCDataConnectorProperties
- type AccountEntity
- func (ae AccountEntity) AsAccountEntity() (*AccountEntity, bool)
- func (ae AccountEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
- func (ae AccountEntity) AsBasicEntity() (BasicEntity, bool)
- func (ae AccountEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
- func (ae AccountEntity) AsDNSEntity() (*DNSEntity, bool)
- func (ae AccountEntity) AsEntity() (*Entity, bool)
- func (ae AccountEntity) AsFileEntity() (*FileEntity, bool)
- func (ae AccountEntity) AsFileHashEntity() (*FileHashEntity, bool)
- func (ae AccountEntity) AsHostEntity() (*HostEntity, bool)
- func (ae AccountEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
- func (ae AccountEntity) AsIPEntity() (*IPEntity, bool)
- func (ae AccountEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
- func (ae AccountEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
- func (ae AccountEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
- func (ae AccountEntity) AsMailboxEntity() (*MailboxEntity, bool)
- func (ae AccountEntity) AsMalwareEntity() (*MalwareEntity, bool)
- func (ae AccountEntity) AsProcessEntity() (*ProcessEntity, bool)
- func (ae AccountEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
- func (ae AccountEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
- func (ae AccountEntity) AsSecurityAlert() (*SecurityAlert, bool)
- func (ae AccountEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
- func (ae AccountEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
- func (ae AccountEntity) AsURLEntity() (*URLEntity, bool)
- func (ae AccountEntity) MarshalJSON() ([]byte, error)
- func (ae *AccountEntity) UnmarshalJSON(body []byte) error
- type AccountEntityProperties
- type ActionPropertiesBase
- type ActionRequest
- type ActionRequestProperties
- type ActionResponse
- type ActionResponseProperties
- type ActionType
- type ActionsClient
- func (client ActionsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ActionResponse, err error)
- func (client ActionsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client ActionsClient) CreateOrUpdateResponder(resp *http.Response) (result ActionResponse, err error)
- func (client ActionsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)
- func (client ActionsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)
- func (client ActionsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client ActionsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
- func (client ActionsClient) DeleteSender(req *http.Request) (*http.Response, error)
- func (client ActionsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ActionResponse, err error)
- func (client ActionsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client ActionsClient) GetResponder(resp *http.Response) (result ActionResponse, err error)
- func (client ActionsClient) GetSender(req *http.Request) (*http.Response, error)
- func (client ActionsClient) ListByAlertRule(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ActionsListPage, err error)
- func (client ActionsClient) ListByAlertRuleComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ActionsListIterator, err error)
- func (client ActionsClient) ListByAlertRulePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client ActionsClient) ListByAlertRuleResponder(resp *http.Response) (result ActionsList, err error)
- func (client ActionsClient) ListByAlertRuleSender(req *http.Request) (*http.Response, error)
- type ActionsList
- type ActionsListIterator
- type ActionsListPage
- type ActivityCustomEntityQuery
- func (aceq ActivityCustomEntityQuery) AsActivityCustomEntityQuery() (*ActivityCustomEntityQuery, bool)
- func (aceq ActivityCustomEntityQuery) AsBasicCustomEntityQuery() (BasicCustomEntityQuery, bool)
- func (aceq ActivityCustomEntityQuery) AsCustomEntityQuery() (*CustomEntityQuery, bool)
- func (aceq ActivityCustomEntityQuery) MarshalJSON() ([]byte, error)
- func (aceq *ActivityCustomEntityQuery) UnmarshalJSON(body []byte) error
- type ActivityEntityQueriesProperties
- type ActivityEntityQueriesPropertiesQueryDefinitions
- type ActivityEntityQuery
- func (aeq ActivityEntityQuery) AsActivityEntityQuery() (*ActivityEntityQuery, bool)
- func (aeq ActivityEntityQuery) AsBasicEntityQuery() (BasicEntityQuery, bool)
- func (aeq ActivityEntityQuery) AsEntityQuery() (*EntityQuery, bool)
- func (aeq ActivityEntityQuery) AsExpansionEntityQuery() (*ExpansionEntityQuery, bool)
- func (aeq ActivityEntityQuery) MarshalJSON() ([]byte, error)
- func (aeq *ActivityEntityQuery) UnmarshalJSON(body []byte) error
- type ActivityEntityQueryTemplate
- func (aeqt ActivityEntityQueryTemplate) AsActivityEntityQueryTemplate() (*ActivityEntityQueryTemplate, bool)
- func (aeqt ActivityEntityQueryTemplate) AsBasicEntityQueryTemplate() (BasicEntityQueryTemplate, bool)
- func (aeqt ActivityEntityQueryTemplate) AsEntityQueryTemplate() (*EntityQueryTemplate, bool)
- func (aeqt ActivityEntityQueryTemplate) MarshalJSON() ([]byte, error)
- func (aeqt *ActivityEntityQueryTemplate) UnmarshalJSON(body []byte) error
- type ActivityEntityQueryTemplateProperties
- type ActivityEntityQueryTemplatePropertiesQueryDefinitions
- type ActivityTimelineItem
- func (ati ActivityTimelineItem) AsActivityTimelineItem() (*ActivityTimelineItem, bool)
- func (ati ActivityTimelineItem) AsBasicEntityTimelineItem() (BasicEntityTimelineItem, bool)
- func (ati ActivityTimelineItem) AsBookmarkTimelineItem() (*BookmarkTimelineItem, bool)
- func (ati ActivityTimelineItem) AsEntityTimelineItem() (*EntityTimelineItem, bool)
- func (ati ActivityTimelineItem) AsSecurityAlertTimelineItem() (*SecurityAlertTimelineItem, bool)
- func (ati ActivityTimelineItem) MarshalJSON() ([]byte, error)
- type AlertDetail
- type AlertDetailsOverride
- type AlertRule
- func (ar AlertRule) AsAlertRule() (*AlertRule, bool)
- func (ar AlertRule) AsBasicAlertRule() (BasicAlertRule, bool)
- func (ar AlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)
- func (ar AlertRule) AsMLBehaviorAnalyticsAlertRule() (*MLBehaviorAnalyticsAlertRule, bool)
- func (ar AlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)
- func (ar AlertRule) AsNrtAlertRule() (*NrtAlertRule, bool)
- func (ar AlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)
- func (ar AlertRule) AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool)
- func (ar AlertRule) MarshalJSON() ([]byte, error)
- type AlertRuleKind
- type AlertRuleModel
- type AlertRuleTemplate
- func (art AlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)
- func (art AlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)
- func (art AlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)
- func (art AlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate() (*MLBehaviorAnalyticsAlertRuleTemplate, bool)
- func (art AlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)
- func (art AlertRuleTemplate) AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool)
- func (art AlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)
- func (art AlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool)
- func (art AlertRuleTemplate) MarshalJSON() ([]byte, error)
- type AlertRuleTemplateDataSource
- type AlertRuleTemplateModel
- type AlertRuleTemplatePropertiesBase
- type AlertRuleTemplatesClient
- func (client AlertRuleTemplatesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result AlertRuleTemplateModel, err error)
- func (client AlertRuleTemplatesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client AlertRuleTemplatesClient) GetResponder(resp *http.Response) (result AlertRuleTemplateModel, err error)
- func (client AlertRuleTemplatesClient) GetSender(req *http.Request) (*http.Response, error)
- func (client AlertRuleTemplatesClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRuleTemplatesListPage, err error)
- func (client AlertRuleTemplatesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRuleTemplatesListIterator, err error)
- func (client AlertRuleTemplatesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
- func (client AlertRuleTemplatesClient) ListResponder(resp *http.Response) (result AlertRuleTemplatesList, err error)
- func (client AlertRuleTemplatesClient) ListSender(req *http.Request) (*http.Response, error)
- type AlertRuleTemplatesList
- type AlertRuleTemplatesListIterator
- func (iter *AlertRuleTemplatesListIterator) Next() error
- func (iter *AlertRuleTemplatesListIterator) NextWithContext(ctx context.Context) (err error)
- func (iter AlertRuleTemplatesListIterator) NotDone() bool
- func (iter AlertRuleTemplatesListIterator) Response() AlertRuleTemplatesList
- func (iter AlertRuleTemplatesListIterator) Value() BasicAlertRuleTemplate
- type AlertRuleTemplatesListPage
- func (page *AlertRuleTemplatesListPage) Next() error
- func (page *AlertRuleTemplatesListPage) NextWithContext(ctx context.Context) (err error)
- func (page AlertRuleTemplatesListPage) NotDone() bool
- func (page AlertRuleTemplatesListPage) Response() AlertRuleTemplatesList
- func (page AlertRuleTemplatesListPage) Values() []BasicAlertRuleTemplate
- type AlertRulesClient
- func (client AlertRulesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result AlertRuleModel, err error)
- func (client AlertRulesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client AlertRulesClient) CreateOrUpdateResponder(resp *http.Response) (result AlertRuleModel, err error)
- func (client AlertRulesClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)
- func (client AlertRulesClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)
- func (client AlertRulesClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client AlertRulesClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
- func (client AlertRulesClient) DeleteSender(req *http.Request) (*http.Response, error)
- func (client AlertRulesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result AlertRuleModel, err error)
- func (client AlertRulesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client AlertRulesClient) GetResponder(resp *http.Response) (result AlertRuleModel, err error)
- func (client AlertRulesClient) GetSender(req *http.Request) (*http.Response, error)
- func (client AlertRulesClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRulesListPage, err error)
- func (client AlertRulesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRulesListIterator, err error)
- func (client AlertRulesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
- func (client AlertRulesClient) ListResponder(resp *http.Response) (result AlertRulesList, err error)
- func (client AlertRulesClient) ListSender(req *http.Request) (*http.Response, error)
- type AlertRulesList
- type AlertRulesListIterator
- func (iter *AlertRulesListIterator) Next() error
- func (iter *AlertRulesListIterator) NextWithContext(ctx context.Context) (err error)
- func (iter AlertRulesListIterator) NotDone() bool
- func (iter AlertRulesListIterator) Response() AlertRulesList
- func (iter AlertRulesListIterator) Value() BasicAlertRule
- type AlertRulesListPage
- type AlertSeverity
- type AlertStatus
- type AlertsDataTypeOfDataConnector
- type Anomalies
- func (a Anomalies) AsAnomalies() (*Anomalies, bool)
- func (a Anomalies) AsBasicSettings() (BasicSettings, bool)
- func (a Anomalies) AsEntityAnalytics() (*EntityAnalytics, bool)
- func (a Anomalies) AsEyesOn() (*EyesOn, bool)
- func (a Anomalies) AsSettings() (*Settings, bool)
- func (a Anomalies) AsUeba() (*Ueba, bool)
- func (a Anomalies) MarshalJSON() ([]byte, error)
- func (a *Anomalies) UnmarshalJSON(body []byte) error
- type AnomaliesSettingsProperties
- type AntispamMailDirection
- type AttackTactic
- type AutomationRule
- type AutomationRuleAction
- func (ara AutomationRuleAction) AsAutomationRuleAction() (*AutomationRuleAction, bool)
- func (ara AutomationRuleAction) AsAutomationRuleModifyPropertiesAction() (*AutomationRuleModifyPropertiesAction, bool)
- func (ara AutomationRuleAction) AsAutomationRuleRunPlaybookAction() (*AutomationRuleRunPlaybookAction, bool)
- func (ara AutomationRuleAction) AsBasicAutomationRuleAction() (BasicAutomationRuleAction, bool)
- func (ara AutomationRuleAction) MarshalJSON() ([]byte, error)
- type AutomationRuleCondition
- func (arc AutomationRuleCondition) AsAutomationRuleCondition() (*AutomationRuleCondition, bool)
- func (arc AutomationRuleCondition) AsAutomationRulePropertyValuesCondition() (*AutomationRulePropertyValuesCondition, bool)
- func (arc AutomationRuleCondition) AsBasicAutomationRuleCondition() (BasicAutomationRuleCondition, bool)
- func (arc AutomationRuleCondition) MarshalJSON() ([]byte, error)
- type AutomationRuleModifyPropertiesAction
- func (armpa AutomationRuleModifyPropertiesAction) AsAutomationRuleAction() (*AutomationRuleAction, bool)
- func (armpa AutomationRuleModifyPropertiesAction) AsAutomationRuleModifyPropertiesAction() (*AutomationRuleModifyPropertiesAction, bool)
- func (armpa AutomationRuleModifyPropertiesAction) AsAutomationRuleRunPlaybookAction() (*AutomationRuleRunPlaybookAction, bool)
- func (armpa AutomationRuleModifyPropertiesAction) AsBasicAutomationRuleAction() (BasicAutomationRuleAction, bool)
- func (armpa AutomationRuleModifyPropertiesAction) MarshalJSON() ([]byte, error)
- type AutomationRuleModifyPropertiesActionActionConfiguration
- type AutomationRuleProperties
- type AutomationRulePropertyConditionSupportedOperator
- type AutomationRulePropertyConditionSupportedProperty
- type AutomationRulePropertyValuesCondition
- func (arpvc AutomationRulePropertyValuesCondition) AsAutomationRuleCondition() (*AutomationRuleCondition, bool)
- func (arpvc AutomationRulePropertyValuesCondition) AsAutomationRulePropertyValuesCondition() (*AutomationRulePropertyValuesCondition, bool)
- func (arpvc AutomationRulePropertyValuesCondition) AsBasicAutomationRuleCondition() (BasicAutomationRuleCondition, bool)
- func (arpvc AutomationRulePropertyValuesCondition) MarshalJSON() ([]byte, error)
- type AutomationRulePropertyValuesConditionConditionProperties
- type AutomationRuleRunPlaybookAction
- func (arrpa AutomationRuleRunPlaybookAction) AsAutomationRuleAction() (*AutomationRuleAction, bool)
- func (arrpa AutomationRuleRunPlaybookAction) AsAutomationRuleModifyPropertiesAction() (*AutomationRuleModifyPropertiesAction, bool)
- func (arrpa AutomationRuleRunPlaybookAction) AsAutomationRuleRunPlaybookAction() (*AutomationRuleRunPlaybookAction, bool)
- func (arrpa AutomationRuleRunPlaybookAction) AsBasicAutomationRuleAction() (BasicAutomationRuleAction, bool)
- func (arrpa AutomationRuleRunPlaybookAction) MarshalJSON() ([]byte, error)
- type AutomationRuleRunPlaybookActionActionConfiguration
- type AutomationRuleTriggeringLogic
- type AutomationRulesClient
- func (client AutomationRulesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result AutomationRule, err error)
- func (client AutomationRulesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client AutomationRulesClient) CreateOrUpdateResponder(resp *http.Response) (result AutomationRule, err error)
- func (client AutomationRulesClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)
- func (client AutomationRulesClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)
- func (client AutomationRulesClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client AutomationRulesClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
- func (client AutomationRulesClient) DeleteSender(req *http.Request) (*http.Response, error)
- func (client AutomationRulesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result AutomationRule, err error)
- func (client AutomationRulesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client AutomationRulesClient) GetResponder(resp *http.Response) (result AutomationRule, err error)
- func (client AutomationRulesClient) GetSender(req *http.Request) (*http.Response, error)
- func (client AutomationRulesClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result AutomationRulesListPage, err error)
- func (client AutomationRulesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result AutomationRulesListIterator, err error)
- func (client AutomationRulesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
- func (client AutomationRulesClient) ListResponder(resp *http.Response) (result AutomationRulesList, err error)
- func (client AutomationRulesClient) ListSender(req *http.Request) (*http.Response, error)
- type AutomationRulesList
- type AutomationRulesListIterator
- func (iter *AutomationRulesListIterator) Next() error
- func (iter *AutomationRulesListIterator) NextWithContext(ctx context.Context) (err error)
- func (iter AutomationRulesListIterator) NotDone() bool
- func (iter AutomationRulesListIterator) Response() AutomationRulesList
- func (iter AutomationRulesListIterator) Value() AutomationRule
- type AutomationRulesListPage
- func (page *AutomationRulesListPage) Next() error
- func (page *AutomationRulesListPage) NextWithContext(ctx context.Context) (err error)
- func (page AutomationRulesListPage) NotDone() bool
- func (page AutomationRulesListPage) Response() AutomationRulesList
- func (page AutomationRulesListPage) Values() []AutomationRule
- type Availability
- type AwsCloudTrailCheckRequirements
- func (actcr AwsCloudTrailCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
- func (actcr AwsCloudTrailCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
- func (actcr AwsCloudTrailCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
- func (actcr AwsCloudTrailCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
- func (actcr AwsCloudTrailCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
- func (actcr AwsCloudTrailCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
- func (actcr AwsCloudTrailCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
- func (actcr AwsCloudTrailCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
- func (actcr AwsCloudTrailCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
- func (actcr AwsCloudTrailCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
- func (actcr AwsCloudTrailCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
- func (actcr AwsCloudTrailCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
- func (actcr AwsCloudTrailCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
- func (actcr AwsCloudTrailCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
- func (actcr AwsCloudTrailCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
- func (actcr AwsCloudTrailCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
- func (actcr AwsCloudTrailCheckRequirements) MarshalJSON() ([]byte, error)
- type AwsCloudTrailDataConnector
- func (actdc AwsCloudTrailDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
- func (actdc AwsCloudTrailDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
- func (actdc AwsCloudTrailDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
- func (actdc AwsCloudTrailDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
- func (actdc AwsCloudTrailDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
- func (actdc AwsCloudTrailDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
- func (actdc AwsCloudTrailDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
- func (actdc AwsCloudTrailDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
- func (actdc AwsCloudTrailDataConnector) AsDataConnector() (*DataConnector, bool)
- func (actdc AwsCloudTrailDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
- func (actdc AwsCloudTrailDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
- func (actdc AwsCloudTrailDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
- func (actdc AwsCloudTrailDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
- func (actdc AwsCloudTrailDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
- func (actdc AwsCloudTrailDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
- func (actdc AwsCloudTrailDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
- func (actdc AwsCloudTrailDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
- func (actdc AwsCloudTrailDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
- func (actdc AwsCloudTrailDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
- func (actdc AwsCloudTrailDataConnector) MarshalJSON() ([]byte, error)
- func (actdc *AwsCloudTrailDataConnector) UnmarshalJSON(body []byte) error
- type AwsCloudTrailDataConnectorDataTypes
- type AwsCloudTrailDataConnectorDataTypesLogs
- type AwsCloudTrailDataConnectorProperties
- type AwsS3CheckRequirements
- func (ascr AwsS3CheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
- func (ascr AwsS3CheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
- func (ascr AwsS3CheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
- func (ascr AwsS3CheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
- func (ascr AwsS3CheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
- func (ascr AwsS3CheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
- func (ascr AwsS3CheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
- func (ascr AwsS3CheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
- func (ascr AwsS3CheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
- func (ascr AwsS3CheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
- func (ascr AwsS3CheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
- func (ascr AwsS3CheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
- func (ascr AwsS3CheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
- func (ascr AwsS3CheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
- func (ascr AwsS3CheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
- func (ascr AwsS3CheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
- func (ascr AwsS3CheckRequirements) MarshalJSON() ([]byte, error)
- type AwsS3DataConnector
- func (asdc AwsS3DataConnector) AsAADDataConnector() (*AADDataConnector, bool)
- func (asdc AwsS3DataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
- func (asdc AwsS3DataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
- func (asdc AwsS3DataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
- func (asdc AwsS3DataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
- func (asdc AwsS3DataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
- func (asdc AwsS3DataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
- func (asdc AwsS3DataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
- func (asdc AwsS3DataConnector) AsDataConnector() (*DataConnector, bool)
- func (asdc AwsS3DataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
- func (asdc AwsS3DataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
- func (asdc AwsS3DataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
- func (asdc AwsS3DataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
- func (asdc AwsS3DataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
- func (asdc AwsS3DataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
- func (asdc AwsS3DataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
- func (asdc AwsS3DataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
- func (asdc AwsS3DataConnector) AsTIDataConnector() (*TIDataConnector, bool)
- func (asdc AwsS3DataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
- func (asdc AwsS3DataConnector) MarshalJSON() ([]byte, error)
- func (asdc *AwsS3DataConnector) UnmarshalJSON(body []byte) error
- type AwsS3DataConnectorDataTypes
- type AwsS3DataConnectorDataTypesLogs
- type AwsS3DataConnectorProperties
- type AzureEntityResource
- type AzureResourceEntity
- func (are AzureResourceEntity) AsAccountEntity() (*AccountEntity, bool)
- func (are AzureResourceEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
- func (are AzureResourceEntity) AsBasicEntity() (BasicEntity, bool)
- func (are AzureResourceEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
- func (are AzureResourceEntity) AsDNSEntity() (*DNSEntity, bool)
- func (are AzureResourceEntity) AsEntity() (*Entity, bool)
- func (are AzureResourceEntity) AsFileEntity() (*FileEntity, bool)
- func (are AzureResourceEntity) AsFileHashEntity() (*FileHashEntity, bool)
- func (are AzureResourceEntity) AsHostEntity() (*HostEntity, bool)
- func (are AzureResourceEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
- func (are AzureResourceEntity) AsIPEntity() (*IPEntity, bool)
- func (are AzureResourceEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
- func (are AzureResourceEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
- func (are AzureResourceEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
- func (are AzureResourceEntity) AsMailboxEntity() (*MailboxEntity, bool)
- func (are AzureResourceEntity) AsMalwareEntity() (*MalwareEntity, bool)
- func (are AzureResourceEntity) AsProcessEntity() (*ProcessEntity, bool)
- func (are AzureResourceEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
- func (are AzureResourceEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
- func (are AzureResourceEntity) AsSecurityAlert() (*SecurityAlert, bool)
- func (are AzureResourceEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
- func (are AzureResourceEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
- func (are AzureResourceEntity) AsURLEntity() (*URLEntity, bool)
- func (are AzureResourceEntity) MarshalJSON() ([]byte, error)
- func (are *AzureResourceEntity) UnmarshalJSON(body []byte) error
- type AzureResourceEntityProperties
- type BaseClient
- type BasicAlertRule
- type BasicAlertRuleTemplate
- type BasicAutomationRuleAction
- type BasicAutomationRuleCondition
- type BasicCustomEntityQuery
- type BasicDataConnector
- type BasicDataConnectorsCheckRequirements
- type BasicEntity
- type BasicEntityQuery
- type BasicEntityQueryItem
- type BasicEntityQueryTemplate
- type BasicEntityTimelineItem
- type BasicSettings
- type BasicThreatIntelligenceInformation
- type Bookmark
- type BookmarkClient
- func (client BookmarkClient) Expand(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result BookmarkExpandResponse, err error)
- func (client BookmarkClient) ExpandPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client BookmarkClient) ExpandResponder(resp *http.Response) (result BookmarkExpandResponse, err error)
- func (client BookmarkClient) ExpandSender(req *http.Request) (*http.Response, error)
- type BookmarkExpandParameters
- type BookmarkExpandResponse
- type BookmarkExpandResponseValue
- type BookmarkList
- type BookmarkListIterator
- type BookmarkListPage
- type BookmarkProperties
- type BookmarkRelationsClient
- func (client BookmarkRelationsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Relation, err error)
- func (client BookmarkRelationsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client BookmarkRelationsClient) CreateOrUpdateResponder(resp *http.Response) (result Relation, err error)
- func (client BookmarkRelationsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)
- func (client BookmarkRelationsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)
- func (client BookmarkRelationsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client BookmarkRelationsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
- func (client BookmarkRelationsClient) DeleteSender(req *http.Request) (*http.Response, error)
- func (client BookmarkRelationsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Relation, err error)
- func (client BookmarkRelationsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client BookmarkRelationsClient) GetResponder(resp *http.Response) (result Relation, err error)
- func (client BookmarkRelationsClient) GetSender(req *http.Request) (*http.Response, error)
- func (client BookmarkRelationsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result RelationListPage, err error)
- func (client BookmarkRelationsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result RelationListIterator, err error)
- func (client BookmarkRelationsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client BookmarkRelationsClient) ListResponder(resp *http.Response) (result RelationList, err error)
- func (client BookmarkRelationsClient) ListSender(req *http.Request) (*http.Response, error)
- type BookmarkTimelineItem
- func (bti BookmarkTimelineItem) AsActivityTimelineItem() (*ActivityTimelineItem, bool)
- func (bti BookmarkTimelineItem) AsBasicEntityTimelineItem() (BasicEntityTimelineItem, bool)
- func (bti BookmarkTimelineItem) AsBookmarkTimelineItem() (*BookmarkTimelineItem, bool)
- func (bti BookmarkTimelineItem) AsEntityTimelineItem() (*EntityTimelineItem, bool)
- func (bti BookmarkTimelineItem) AsSecurityAlertTimelineItem() (*SecurityAlertTimelineItem, bool)
- func (bti BookmarkTimelineItem) MarshalJSON() ([]byte, error)
- type BookmarksClient
- func (client BookmarksClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Bookmark, err error)
- func (client BookmarksClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client BookmarksClient) CreateOrUpdateResponder(resp *http.Response) (result Bookmark, err error)
- func (client BookmarksClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)
- func (client BookmarksClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)
- func (client BookmarksClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client BookmarksClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
- func (client BookmarksClient) DeleteSender(req *http.Request) (*http.Response, error)
- func (client BookmarksClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Bookmark, err error)
- func (client BookmarksClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client BookmarksClient) GetResponder(resp *http.Response) (result Bookmark, err error)
- func (client BookmarksClient) GetSender(req *http.Request) (*http.Response, error)
- func (client BookmarksClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result BookmarkListPage, err error)
- func (client BookmarksClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result BookmarkListIterator, err error)
- func (client BookmarksClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
- func (client BookmarksClient) ListResponder(resp *http.Response) (result BookmarkList, err error)
- func (client BookmarksClient) ListSender(req *http.Request) (*http.Response, error)
- type ClientInfo
- type CloudApplicationEntity
- func (cae CloudApplicationEntity) AsAccountEntity() (*AccountEntity, bool)
- func (cae CloudApplicationEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
- func (cae CloudApplicationEntity) AsBasicEntity() (BasicEntity, bool)
- func (cae CloudApplicationEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
- func (cae CloudApplicationEntity) AsDNSEntity() (*DNSEntity, bool)
- func (cae CloudApplicationEntity) AsEntity() (*Entity, bool)
- func (cae CloudApplicationEntity) AsFileEntity() (*FileEntity, bool)
- func (cae CloudApplicationEntity) AsFileHashEntity() (*FileHashEntity, bool)
- func (cae CloudApplicationEntity) AsHostEntity() (*HostEntity, bool)
- func (cae CloudApplicationEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
- func (cae CloudApplicationEntity) AsIPEntity() (*IPEntity, bool)
- func (cae CloudApplicationEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
- func (cae CloudApplicationEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
- func (cae CloudApplicationEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
- func (cae CloudApplicationEntity) AsMailboxEntity() (*MailboxEntity, bool)
- func (cae CloudApplicationEntity) AsMalwareEntity() (*MalwareEntity, bool)
- func (cae CloudApplicationEntity) AsProcessEntity() (*ProcessEntity, bool)
- func (cae CloudApplicationEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
- func (cae CloudApplicationEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
- func (cae CloudApplicationEntity) AsSecurityAlert() (*SecurityAlert, bool)
- func (cae CloudApplicationEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
- func (cae CloudApplicationEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
- func (cae CloudApplicationEntity) AsURLEntity() (*URLEntity, bool)
- func (cae CloudApplicationEntity) MarshalJSON() ([]byte, error)
- func (cae *CloudApplicationEntity) UnmarshalJSON(body []byte) error
- type CloudApplicationEntityProperties
- type CloudError
- type CloudErrorBody
- type CodelessAPIPollingDataConnector
- func (capdc CodelessAPIPollingDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
- func (capdc CodelessAPIPollingDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
- func (capdc CodelessAPIPollingDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
- func (capdc CodelessAPIPollingDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
- func (capdc CodelessAPIPollingDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
- func (capdc CodelessAPIPollingDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
- func (capdc CodelessAPIPollingDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
- func (capdc CodelessAPIPollingDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
- func (capdc CodelessAPIPollingDataConnector) AsDataConnector() (*DataConnector, bool)
- func (capdc CodelessAPIPollingDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
- func (capdc CodelessAPIPollingDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
- func (capdc CodelessAPIPollingDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
- func (capdc CodelessAPIPollingDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
- func (capdc CodelessAPIPollingDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
- func (capdc CodelessAPIPollingDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
- func (capdc CodelessAPIPollingDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
- func (capdc CodelessAPIPollingDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
- func (capdc CodelessAPIPollingDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
- func (capdc CodelessAPIPollingDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
- func (capdc CodelessAPIPollingDataConnector) MarshalJSON() ([]byte, error)
- func (capdc *CodelessAPIPollingDataConnector) UnmarshalJSON(body []byte) error
- type CodelessConnectorPollingAuthProperties
- type CodelessConnectorPollingConfigProperties
- type CodelessConnectorPollingPagingProperties
- type CodelessConnectorPollingRequestProperties
- type CodelessConnectorPollingResponseProperties
- type CodelessParameters
- type CodelessUIConnectorConfigProperties
- type CodelessUIConnectorConfigPropertiesConnectivityCriteriaItem
- type CodelessUIConnectorConfigPropertiesDataTypesItem
- type CodelessUIConnectorConfigPropertiesGraphQueriesItem
- type CodelessUIConnectorConfigPropertiesInstructionStepsItem
- type CodelessUIConnectorConfigPropertiesSampleQueriesItem
- type CodelessUIDataConnector
- func (cudc CodelessUIDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
- func (cudc CodelessUIDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
- func (cudc CodelessUIDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
- func (cudc CodelessUIDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
- func (cudc CodelessUIDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
- func (cudc CodelessUIDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
- func (cudc CodelessUIDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
- func (cudc CodelessUIDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
- func (cudc CodelessUIDataConnector) AsDataConnector() (*DataConnector, bool)
- func (cudc CodelessUIDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
- func (cudc CodelessUIDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
- func (cudc CodelessUIDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
- func (cudc CodelessUIDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
- func (cudc CodelessUIDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
- func (cudc CodelessUIDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
- func (cudc CodelessUIDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
- func (cudc CodelessUIDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
- func (cudc CodelessUIDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
- func (cudc CodelessUIDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
- func (cudc CodelessUIDataConnector) MarshalJSON() ([]byte, error)
- func (cudc *CodelessUIDataConnector) UnmarshalJSON(body []byte) error
- type ConditionType
- type ConfidenceLevel
- type ConfidenceScoreStatus
- type ConnectAuthKind
- type ConnectedEntity
- type ConnectivityCriteria
- type ConnectivityType
- type ConnectorInstructionModelBase
- type ContentPathMap
- type ContentType
- type CreatedByType
- type CustomEntityQuery
- func (ceq CustomEntityQuery) AsActivityCustomEntityQuery() (*ActivityCustomEntityQuery, bool)
- func (ceq CustomEntityQuery) AsBasicCustomEntityQuery() (BasicCustomEntityQuery, bool)
- func (ceq CustomEntityQuery) AsCustomEntityQuery() (*CustomEntityQuery, bool)
- func (ceq CustomEntityQuery) MarshalJSON() ([]byte, error)
- type CustomEntityQueryKind
- type Customs
- type CustomsPermission
- type DNSEntity
- func (de DNSEntity) AsAccountEntity() (*AccountEntity, bool)
- func (de DNSEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
- func (de DNSEntity) AsBasicEntity() (BasicEntity, bool)
- func (de DNSEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
- func (de DNSEntity) AsDNSEntity() (*DNSEntity, bool)
- func (de DNSEntity) AsEntity() (*Entity, bool)
- func (de DNSEntity) AsFileEntity() (*FileEntity, bool)
- func (de DNSEntity) AsFileHashEntity() (*FileHashEntity, bool)
- func (de DNSEntity) AsHostEntity() (*HostEntity, bool)
- func (de DNSEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
- func (de DNSEntity) AsIPEntity() (*IPEntity, bool)
- func (de DNSEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
- func (de DNSEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
- func (de DNSEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
- func (de DNSEntity) AsMailboxEntity() (*MailboxEntity, bool)
- func (de DNSEntity) AsMalwareEntity() (*MalwareEntity, bool)
- func (de DNSEntity) AsProcessEntity() (*ProcessEntity, bool)
- func (de DNSEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
- func (de DNSEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
- func (de DNSEntity) AsSecurityAlert() (*SecurityAlert, bool)
- func (de DNSEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
- func (de DNSEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
- func (de DNSEntity) AsURLEntity() (*URLEntity, bool)
- func (de DNSEntity) MarshalJSON() ([]byte, error)
- func (de *DNSEntity) UnmarshalJSON(body []byte) error
- type DNSEntityProperties
- type DataConnector
- func (dc DataConnector) AsAADDataConnector() (*AADDataConnector, bool)
- func (dc DataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
- func (dc DataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
- func (dc DataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
- func (dc DataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
- func (dc DataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
- func (dc DataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
- func (dc DataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
- func (dc DataConnector) AsDataConnector() (*DataConnector, bool)
- func (dc DataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
- func (dc DataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
- func (dc DataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
- func (dc DataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
- func (dc DataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
- func (dc DataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
- func (dc DataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
- func (dc DataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
- func (dc DataConnector) AsTIDataConnector() (*TIDataConnector, bool)
- func (dc DataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
- func (dc DataConnector) MarshalJSON() ([]byte, error)
- type DataConnectorAuthorizationState
- type DataConnectorConnectBody
- type DataConnectorDataTypeCommon
- type DataConnectorKind
- type DataConnectorLicenseState
- type DataConnectorList
- type DataConnectorListIterator
- func (iter *DataConnectorListIterator) Next() error
- func (iter *DataConnectorListIterator) NextWithContext(ctx context.Context) (err error)
- func (iter DataConnectorListIterator) NotDone() bool
- func (iter DataConnectorListIterator) Response() DataConnectorList
- func (iter DataConnectorListIterator) Value() BasicDataConnector
- type DataConnectorListPage
- func (page *DataConnectorListPage) Next() error
- func (page *DataConnectorListPage) NextWithContext(ctx context.Context) (err error)
- func (page DataConnectorListPage) NotDone() bool
- func (page DataConnectorListPage) Response() DataConnectorList
- func (page DataConnectorListPage) Values() []BasicDataConnector
- type DataConnectorModel
- type DataConnectorRequirementsState
- type DataConnectorTenantID
- type DataConnectorWithAlertsProperties
- type DataConnectorsCheckRequirements
- func (dccr DataConnectorsCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
- func (dccr DataConnectorsCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
- func (dccr DataConnectorsCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
- func (dccr DataConnectorsCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
- func (dccr DataConnectorsCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
- func (dccr DataConnectorsCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
- func (dccr DataConnectorsCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
- func (dccr DataConnectorsCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
- func (dccr DataConnectorsCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
- func (dccr DataConnectorsCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
- func (dccr DataConnectorsCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
- func (dccr DataConnectorsCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
- func (dccr DataConnectorsCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
- func (dccr DataConnectorsCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
- func (dccr DataConnectorsCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
- func (dccr DataConnectorsCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
- func (dccr DataConnectorsCheckRequirements) MarshalJSON() ([]byte, error)
- type DataConnectorsCheckRequirementsClient
- func (client DataConnectorsCheckRequirementsClient) Post(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result DataConnectorRequirementsState, err error)
- func (client DataConnectorsCheckRequirementsClient) PostPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client DataConnectorsCheckRequirementsClient) PostResponder(resp *http.Response) (result DataConnectorRequirementsState, err error)
- func (client DataConnectorsCheckRequirementsClient) PostSender(req *http.Request) (*http.Response, error)
- type DataConnectorsClient
- func (client DataConnectorsClient) Connect(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)
- func (client DataConnectorsClient) ConnectPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client DataConnectorsClient) ConnectResponder(resp *http.Response) (result autorest.Response, err error)
- func (client DataConnectorsClient) ConnectSender(req *http.Request) (*http.Response, error)
- func (client DataConnectorsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result DataConnectorModel, err error)
- func (client DataConnectorsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client DataConnectorsClient) CreateOrUpdateResponder(resp *http.Response) (result DataConnectorModel, err error)
- func (client DataConnectorsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)
- func (client DataConnectorsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)
- func (client DataConnectorsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client DataConnectorsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
- func (client DataConnectorsClient) DeleteSender(req *http.Request) (*http.Response, error)
- func (client DataConnectorsClient) Disconnect(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)
- func (client DataConnectorsClient) DisconnectPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client DataConnectorsClient) DisconnectResponder(resp *http.Response) (result autorest.Response, err error)
- func (client DataConnectorsClient) DisconnectSender(req *http.Request) (*http.Response, error)
- func (client DataConnectorsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result DataConnectorModel, err error)
- func (client DataConnectorsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client DataConnectorsClient) GetResponder(resp *http.Response) (result DataConnectorModel, err error)
- func (client DataConnectorsClient) GetSender(req *http.Request) (*http.Response, error)
- func (client DataConnectorsClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result DataConnectorListPage, err error)
- func (client DataConnectorsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result DataConnectorListIterator, err error)
- func (client DataConnectorsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
- func (client DataConnectorsClient) ListResponder(resp *http.Response) (result DataConnectorList, err error)
- func (client DataConnectorsClient) ListSender(req *http.Request) (*http.Response, error)
- type DataTypeDefinitions
- type DataTypeState
- type DeliveryAction
- type DeliveryLocation
- type DomainWhoisClient
- func (client DomainWhoisClient) Get(ctx context.Context, resourceGroupName string, domain string) (result EnrichmentDomainWhois, err error)
- func (client DomainWhoisClient) GetPreparer(ctx context.Context, resourceGroupName string, domain string) (*http.Request, error)
- func (client DomainWhoisClient) GetResponder(resp *http.Response) (result EnrichmentDomainWhois, err error)
- func (client DomainWhoisClient) GetSender(req *http.Request) (*http.Response, error)
- type Dynamics365CheckRequirements
- func (d3cr Dynamics365CheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
- func (d3cr Dynamics365CheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
- func (d3cr Dynamics365CheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
- func (d3cr Dynamics365CheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
- func (d3cr Dynamics365CheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
- func (d3cr Dynamics365CheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
- func (d3cr Dynamics365CheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
- func (d3cr Dynamics365CheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
- func (d3cr Dynamics365CheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
- func (d3cr Dynamics365CheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
- func (d3cr Dynamics365CheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
- func (d3cr Dynamics365CheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
- func (d3cr Dynamics365CheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
- func (d3cr Dynamics365CheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
- func (d3cr Dynamics365CheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
- func (d3cr Dynamics365CheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
- func (d3cr Dynamics365CheckRequirements) MarshalJSON() ([]byte, error)
- func (d3cr *Dynamics365CheckRequirements) UnmarshalJSON(body []byte) error
- type Dynamics365CheckRequirementsProperties
- type Dynamics365DataConnector
- func (d3dc Dynamics365DataConnector) AsAADDataConnector() (*AADDataConnector, bool)
- func (d3dc Dynamics365DataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
- func (d3dc Dynamics365DataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
- func (d3dc Dynamics365DataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
- func (d3dc Dynamics365DataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
- func (d3dc Dynamics365DataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
- func (d3dc Dynamics365DataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
- func (d3dc Dynamics365DataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
- func (d3dc Dynamics365DataConnector) AsDataConnector() (*DataConnector, bool)
- func (d3dc Dynamics365DataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
- func (d3dc Dynamics365DataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
- func (d3dc Dynamics365DataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
- func (d3dc Dynamics365DataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
- func (d3dc Dynamics365DataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
- func (d3dc Dynamics365DataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
- func (d3dc Dynamics365DataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
- func (d3dc Dynamics365DataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
- func (d3dc Dynamics365DataConnector) AsTIDataConnector() (*TIDataConnector, bool)
- func (d3dc Dynamics365DataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
- func (d3dc Dynamics365DataConnector) MarshalJSON() ([]byte, error)
- func (d3dc *Dynamics365DataConnector) UnmarshalJSON(body []byte) error
- type Dynamics365DataConnectorDataTypes
- type Dynamics365DataConnectorDataTypesDynamics365CdsActivities
- type Dynamics365DataConnectorProperties
- type ElevationToken
- type EnrichmentDomainWhois
- type EnrichmentDomainWhoisContact
- type EnrichmentDomainWhoisContacts
- type EnrichmentDomainWhoisDetails
- type EnrichmentDomainWhoisRegistrarDetails
- type EnrichmentIPGeodata
- type EntitiesClient
- func (client EntitiesClient) Expand(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result EntityExpandResponse, err error)
- func (client EntitiesClient) ExpandPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client EntitiesClient) ExpandResponder(resp *http.Response) (result EntityExpandResponse, err error)
- func (client EntitiesClient) ExpandSender(req *http.Request) (*http.Response, error)
- func (client EntitiesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result EntityModel, err error)
- func (client EntitiesClient) GetInsights(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result EntityGetInsightsResponse, err error)
- func (client EntitiesClient) GetInsightsPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client EntitiesClient) GetInsightsResponder(resp *http.Response) (result EntityGetInsightsResponse, err error)
- func (client EntitiesClient) GetInsightsSender(req *http.Request) (*http.Response, error)
- func (client EntitiesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client EntitiesClient) GetResponder(resp *http.Response) (result EntityModel, err error)
- func (client EntitiesClient) GetSender(req *http.Request) (*http.Response, error)
- func (client EntitiesClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result EntityListPage, err error)
- func (client EntitiesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result EntityListIterator, err error)
- func (client EntitiesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
- func (client EntitiesClient) ListResponder(resp *http.Response) (result EntityList, err error)
- func (client EntitiesClient) ListSender(req *http.Request) (*http.Response, error)
- func (client EntitiesClient) Queries(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result GetQueriesResponse, err error)
- func (client EntitiesClient) QueriesPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client EntitiesClient) QueriesResponder(resp *http.Response) (result GetQueriesResponse, err error)
- func (client EntitiesClient) QueriesSender(req *http.Request) (*http.Response, error)
- type EntitiesGetTimelineClient
- func (client EntitiesGetTimelineClient) List(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result EntityTimelineResponse, err error)
- func (client EntitiesGetTimelineClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client EntitiesGetTimelineClient) ListResponder(resp *http.Response) (result EntityTimelineResponse, err error)
- func (client EntitiesGetTimelineClient) ListSender(req *http.Request) (*http.Response, error)
- type EntitiesRelationsClient
- func (client EntitiesRelationsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result RelationListPage, err error)
- func (client EntitiesRelationsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result RelationListIterator, err error)
- func (client EntitiesRelationsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client EntitiesRelationsClient) ListResponder(resp *http.Response) (result RelationList, err error)
- func (client EntitiesRelationsClient) ListSender(req *http.Request) (*http.Response, error)
- type Entity
- func (e Entity) AsAccountEntity() (*AccountEntity, bool)
- func (e Entity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
- func (e Entity) AsBasicEntity() (BasicEntity, bool)
- func (e Entity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
- func (e Entity) AsDNSEntity() (*DNSEntity, bool)
- func (e Entity) AsEntity() (*Entity, bool)
- func (e Entity) AsFileEntity() (*FileEntity, bool)
- func (e Entity) AsFileHashEntity() (*FileHashEntity, bool)
- func (e Entity) AsHostEntity() (*HostEntity, bool)
- func (e Entity) AsHuntingBookmark() (*HuntingBookmark, bool)
- func (e Entity) AsIPEntity() (*IPEntity, bool)
- func (e Entity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
- func (e Entity) AsMailClusterEntity() (*MailClusterEntity, bool)
- func (e Entity) AsMailMessageEntity() (*MailMessageEntity, bool)
- func (e Entity) AsMailboxEntity() (*MailboxEntity, bool)
- func (e Entity) AsMalwareEntity() (*MalwareEntity, bool)
- func (e Entity) AsProcessEntity() (*ProcessEntity, bool)
- func (e Entity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
- func (e Entity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
- func (e Entity) AsSecurityAlert() (*SecurityAlert, bool)
- func (e Entity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
- func (e Entity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
- func (e Entity) AsURLEntity() (*URLEntity, bool)
- func (e Entity) MarshalJSON() ([]byte, error)
- type EntityAnalytics
- func (ea EntityAnalytics) AsAnomalies() (*Anomalies, bool)
- func (ea EntityAnalytics) AsBasicSettings() (BasicSettings, bool)
- func (ea EntityAnalytics) AsEntityAnalytics() (*EntityAnalytics, bool)
- func (ea EntityAnalytics) AsEyesOn() (*EyesOn, bool)
- func (ea EntityAnalytics) AsSettings() (*Settings, bool)
- func (ea EntityAnalytics) AsUeba() (*Ueba, bool)
- func (ea EntityAnalytics) MarshalJSON() ([]byte, error)
- func (ea *EntityAnalytics) UnmarshalJSON(body []byte) error
- type EntityAnalyticsProperties
- type EntityCommonProperties
- type EntityEdges
- type EntityExpandParameters
- type EntityExpandResponse
- type EntityExpandResponseValue
- type EntityGetInsightsParameters
- type EntityGetInsightsResponse
- type EntityInsightItem
- type EntityInsightItemQueryTimeInterval
- type EntityKind
- type EntityList
- type EntityListIterator
- type EntityListPage
- type EntityMapping
- type EntityMappingType
- type EntityModel
- type EntityQueriesClient
- func (client EntityQueriesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result EntityQueryModel, err error)
- func (client EntityQueriesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client EntityQueriesClient) CreateOrUpdateResponder(resp *http.Response) (result EntityQueryModel, err error)
- func (client EntityQueriesClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)
- func (client EntityQueriesClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)
- func (client EntityQueriesClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client EntityQueriesClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
- func (client EntityQueriesClient) DeleteSender(req *http.Request) (*http.Response, error)
- func (client EntityQueriesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result EntityQueryModel, err error)
- func (client EntityQueriesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client EntityQueriesClient) GetResponder(resp *http.Response) (result EntityQueryModel, err error)
- func (client EntityQueriesClient) GetSender(req *http.Request) (*http.Response, error)
- func (client EntityQueriesClient) List(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result EntityQueryListPage, err error)
- func (client EntityQueriesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result EntityQueryListIterator, err error)
- func (client EntityQueriesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client EntityQueriesClient) ListResponder(resp *http.Response) (result EntityQueryList, err error)
- func (client EntityQueriesClient) ListSender(req *http.Request) (*http.Response, error)
- type EntityQuery
- func (eq EntityQuery) AsActivityEntityQuery() (*ActivityEntityQuery, bool)
- func (eq EntityQuery) AsBasicEntityQuery() (BasicEntityQuery, bool)
- func (eq EntityQuery) AsEntityQuery() (*EntityQuery, bool)
- func (eq EntityQuery) AsExpansionEntityQuery() (*ExpansionEntityQuery, bool)
- func (eq EntityQuery) MarshalJSON() ([]byte, error)
- type EntityQueryItem
- type EntityQueryItemProperties
- type EntityQueryItemPropertiesDataTypesItem
- type EntityQueryKind
- type EntityQueryList
- type EntityQueryListIterator
- func (iter *EntityQueryListIterator) Next() error
- func (iter *EntityQueryListIterator) NextWithContext(ctx context.Context) (err error)
- func (iter EntityQueryListIterator) NotDone() bool
- func (iter EntityQueryListIterator) Response() EntityQueryList
- func (iter EntityQueryListIterator) Value() BasicEntityQuery
- type EntityQueryListPage
- type EntityQueryModel
- type EntityQueryTemplate
- func (eqt EntityQueryTemplate) AsActivityEntityQueryTemplate() (*ActivityEntityQueryTemplate, bool)
- func (eqt EntityQueryTemplate) AsBasicEntityQueryTemplate() (BasicEntityQueryTemplate, bool)
- func (eqt EntityQueryTemplate) AsEntityQueryTemplate() (*EntityQueryTemplate, bool)
- func (eqt EntityQueryTemplate) MarshalJSON() ([]byte, error)
- type EntityQueryTemplateKind
- type EntityQueryTemplateList
- type EntityQueryTemplateListIterator
- func (iter *EntityQueryTemplateListIterator) Next() error
- func (iter *EntityQueryTemplateListIterator) NextWithContext(ctx context.Context) (err error)
- func (iter EntityQueryTemplateListIterator) NotDone() bool
- func (iter EntityQueryTemplateListIterator) Response() EntityQueryTemplateList
- func (iter EntityQueryTemplateListIterator) Value() BasicEntityQueryTemplate
- type EntityQueryTemplateListPage
- func (page *EntityQueryTemplateListPage) Next() error
- func (page *EntityQueryTemplateListPage) NextWithContext(ctx context.Context) (err error)
- func (page EntityQueryTemplateListPage) NotDone() bool
- func (page EntityQueryTemplateListPage) Response() EntityQueryTemplateList
- func (page EntityQueryTemplateListPage) Values() []BasicEntityQueryTemplate
- type EntityQueryTemplateModel
- type EntityQueryTemplatesClient
- func (client EntityQueryTemplatesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result EntityQueryTemplateModel, err error)
- func (client EntityQueryTemplatesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client EntityQueryTemplatesClient) GetResponder(resp *http.Response) (result EntityQueryTemplateModel, err error)
- func (client EntityQueryTemplatesClient) GetSender(req *http.Request) (*http.Response, error)
- func (client EntityQueryTemplatesClient) List(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result EntityQueryTemplateListPage, err error)
- func (client EntityQueryTemplatesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result EntityQueryTemplateListIterator, err error)
- func (client EntityQueryTemplatesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client EntityQueryTemplatesClient) ListResponder(resp *http.Response) (result EntityQueryTemplateList, err error)
- func (client EntityQueryTemplatesClient) ListSender(req *http.Request) (*http.Response, error)
- type EntityRelationsClient
- func (client EntityRelationsClient) GetRelation(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Relation, err error)
- func (client EntityRelationsClient) GetRelationPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client EntityRelationsClient) GetRelationResponder(resp *http.Response) (result Relation, err error)
- func (client EntityRelationsClient) GetRelationSender(req *http.Request) (*http.Response, error)
- type EntityTimelineItem
- func (eti EntityTimelineItem) AsActivityTimelineItem() (*ActivityTimelineItem, bool)
- func (eti EntityTimelineItem) AsBasicEntityTimelineItem() (BasicEntityTimelineItem, bool)
- func (eti EntityTimelineItem) AsBookmarkTimelineItem() (*BookmarkTimelineItem, bool)
- func (eti EntityTimelineItem) AsEntityTimelineItem() (*EntityTimelineItem, bool)
- func (eti EntityTimelineItem) AsSecurityAlertTimelineItem() (*SecurityAlertTimelineItem, bool)
- func (eti EntityTimelineItem) MarshalJSON() ([]byte, error)
- type EntityTimelineKind
- type EntityTimelineParameters
- type EntityTimelineResponse
- type EntityType
- type ErrorAdditionalInfo
- type ErrorDetail
- type ErrorResponse
- type EventGroupingAggregationKind
- type EventGroupingSettings
- type ExpansionEntityQueriesProperties
- type ExpansionEntityQuery
- func (eeq ExpansionEntityQuery) AsActivityEntityQuery() (*ActivityEntityQuery, bool)
- func (eeq ExpansionEntityQuery) AsBasicEntityQuery() (BasicEntityQuery, bool)
- func (eeq ExpansionEntityQuery) AsEntityQuery() (*EntityQuery, bool)
- func (eeq ExpansionEntityQuery) AsExpansionEntityQuery() (*ExpansionEntityQuery, bool)
- func (eeq ExpansionEntityQuery) MarshalJSON() ([]byte, error)
- func (eeq *ExpansionEntityQuery) UnmarshalJSON(body []byte) error
- type ExpansionResultAggregation
- type ExpansionResultsMetadata
- type EyesOn
- func (eo EyesOn) AsAnomalies() (*Anomalies, bool)
- func (eo EyesOn) AsBasicSettings() (BasicSettings, bool)
- func (eo EyesOn) AsEntityAnalytics() (*EntityAnalytics, bool)
- func (eo EyesOn) AsEyesOn() (*EyesOn, bool)
- func (eo EyesOn) AsSettings() (*Settings, bool)
- func (eo EyesOn) AsUeba() (*Ueba, bool)
- func (eo EyesOn) MarshalJSON() ([]byte, error)
- func (eo *EyesOn) UnmarshalJSON(body []byte) error
- type EyesOnSettingsProperties
- type FieldMapping
- type FileEntity
- func (fe FileEntity) AsAccountEntity() (*AccountEntity, bool)
- func (fe FileEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
- func (fe FileEntity) AsBasicEntity() (BasicEntity, bool)
- func (fe FileEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
- func (fe FileEntity) AsDNSEntity() (*DNSEntity, bool)
- func (fe FileEntity) AsEntity() (*Entity, bool)
- func (fe FileEntity) AsFileEntity() (*FileEntity, bool)
- func (fe FileEntity) AsFileHashEntity() (*FileHashEntity, bool)
- func (fe FileEntity) AsHostEntity() (*HostEntity, bool)
- func (fe FileEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
- func (fe FileEntity) AsIPEntity() (*IPEntity, bool)
- func (fe FileEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
- func (fe FileEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
- func (fe FileEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
- func (fe FileEntity) AsMailboxEntity() (*MailboxEntity, bool)
- func (fe FileEntity) AsMalwareEntity() (*MalwareEntity, bool)
- func (fe FileEntity) AsProcessEntity() (*ProcessEntity, bool)
- func (fe FileEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
- func (fe FileEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
- func (fe FileEntity) AsSecurityAlert() (*SecurityAlert, bool)
- func (fe FileEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
- func (fe FileEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
- func (fe FileEntity) AsURLEntity() (*URLEntity, bool)
- func (fe FileEntity) MarshalJSON() ([]byte, error)
- func (fe *FileEntity) UnmarshalJSON(body []byte) error
- type FileEntityProperties
- type FileHashAlgorithm
- type FileHashEntity
- func (fhe FileHashEntity) AsAccountEntity() (*AccountEntity, bool)
- func (fhe FileHashEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
- func (fhe FileHashEntity) AsBasicEntity() (BasicEntity, bool)
- func (fhe FileHashEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
- func (fhe FileHashEntity) AsDNSEntity() (*DNSEntity, bool)
- func (fhe FileHashEntity) AsEntity() (*Entity, bool)
- func (fhe FileHashEntity) AsFileEntity() (*FileEntity, bool)
- func (fhe FileHashEntity) AsFileHashEntity() (*FileHashEntity, bool)
- func (fhe FileHashEntity) AsHostEntity() (*HostEntity, bool)
- func (fhe FileHashEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
- func (fhe FileHashEntity) AsIPEntity() (*IPEntity, bool)
- func (fhe FileHashEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
- func (fhe FileHashEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
- func (fhe FileHashEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
- func (fhe FileHashEntity) AsMailboxEntity() (*MailboxEntity, bool)
- func (fhe FileHashEntity) AsMalwareEntity() (*MalwareEntity, bool)
- func (fhe FileHashEntity) AsProcessEntity() (*ProcessEntity, bool)
- func (fhe FileHashEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
- func (fhe FileHashEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
- func (fhe FileHashEntity) AsSecurityAlert() (*SecurityAlert, bool)
- func (fhe FileHashEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
- func (fhe FileHashEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
- func (fhe FileHashEntity) AsURLEntity() (*URLEntity, bool)
- func (fhe FileHashEntity) MarshalJSON() ([]byte, error)
- func (fhe *FileHashEntity) UnmarshalJSON(body []byte) error
- type FileHashEntityProperties
- type FusionAlertRule
- func (far FusionAlertRule) AsAlertRule() (*AlertRule, bool)
- func (far FusionAlertRule) AsBasicAlertRule() (BasicAlertRule, bool)
- func (far FusionAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)
- func (far FusionAlertRule) AsMLBehaviorAnalyticsAlertRule() (*MLBehaviorAnalyticsAlertRule, bool)
- func (far FusionAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)
- func (far FusionAlertRule) AsNrtAlertRule() (*NrtAlertRule, bool)
- func (far FusionAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)
- func (far FusionAlertRule) AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool)
- func (far FusionAlertRule) MarshalJSON() ([]byte, error)
- func (far *FusionAlertRule) UnmarshalJSON(body []byte) error
- type FusionAlertRuleProperties
- type FusionAlertRuleTemplate
- func (fart FusionAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)
- func (fart FusionAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)
- func (fart FusionAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)
- func (fart FusionAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate() (*MLBehaviorAnalyticsAlertRuleTemplate, bool)
- func (fart FusionAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)
- func (fart FusionAlertRuleTemplate) AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool)
- func (fart FusionAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)
- func (fart FusionAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool)
- func (fart FusionAlertRuleTemplate) MarshalJSON() ([]byte, error)
- func (fart *FusionAlertRuleTemplate) UnmarshalJSON(body []byte) error
- type FusionAlertRuleTemplateProperties
- type GeoLocation
- type GetInsightsError
- type GetInsightsResultsMetadata
- type GetQueriesResponse
- type GraphQueries
- type GroupingConfiguration
- type HostEntity
- func (he HostEntity) AsAccountEntity() (*AccountEntity, bool)
- func (he HostEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
- func (he HostEntity) AsBasicEntity() (BasicEntity, bool)
- func (he HostEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
- func (he HostEntity) AsDNSEntity() (*DNSEntity, bool)
- func (he HostEntity) AsEntity() (*Entity, bool)
- func (he HostEntity) AsFileEntity() (*FileEntity, bool)
- func (he HostEntity) AsFileHashEntity() (*FileHashEntity, bool)
- func (he HostEntity) AsHostEntity() (*HostEntity, bool)
- func (he HostEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
- func (he HostEntity) AsIPEntity() (*IPEntity, bool)
- func (he HostEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
- func (he HostEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
- func (he HostEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
- func (he HostEntity) AsMailboxEntity() (*MailboxEntity, bool)
- func (he HostEntity) AsMalwareEntity() (*MalwareEntity, bool)
- func (he HostEntity) AsProcessEntity() (*ProcessEntity, bool)
- func (he HostEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
- func (he HostEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
- func (he HostEntity) AsSecurityAlert() (*SecurityAlert, bool)
- func (he HostEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
- func (he HostEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
- func (he HostEntity) AsURLEntity() (*URLEntity, bool)
- func (he HostEntity) MarshalJSON() ([]byte, error)
- func (he *HostEntity) UnmarshalJSON(body []byte) error
- type HostEntityProperties
- type HuntingBookmark
- func (hb HuntingBookmark) AsAccountEntity() (*AccountEntity, bool)
- func (hb HuntingBookmark) AsAzureResourceEntity() (*AzureResourceEntity, bool)
- func (hb HuntingBookmark) AsBasicEntity() (BasicEntity, bool)
- func (hb HuntingBookmark) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
- func (hb HuntingBookmark) AsDNSEntity() (*DNSEntity, bool)
- func (hb HuntingBookmark) AsEntity() (*Entity, bool)
- func (hb HuntingBookmark) AsFileEntity() (*FileEntity, bool)
- func (hb HuntingBookmark) AsFileHashEntity() (*FileHashEntity, bool)
- func (hb HuntingBookmark) AsHostEntity() (*HostEntity, bool)
- func (hb HuntingBookmark) AsHuntingBookmark() (*HuntingBookmark, bool)
- func (hb HuntingBookmark) AsIPEntity() (*IPEntity, bool)
- func (hb HuntingBookmark) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
- func (hb HuntingBookmark) AsMailClusterEntity() (*MailClusterEntity, bool)
- func (hb HuntingBookmark) AsMailMessageEntity() (*MailMessageEntity, bool)
- func (hb HuntingBookmark) AsMailboxEntity() (*MailboxEntity, bool)
- func (hb HuntingBookmark) AsMalwareEntity() (*MalwareEntity, bool)
- func (hb HuntingBookmark) AsProcessEntity() (*ProcessEntity, bool)
- func (hb HuntingBookmark) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
- func (hb HuntingBookmark) AsRegistryValueEntity() (*RegistryValueEntity, bool)
- func (hb HuntingBookmark) AsSecurityAlert() (*SecurityAlert, bool)
- func (hb HuntingBookmark) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
- func (hb HuntingBookmark) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
- func (hb HuntingBookmark) AsURLEntity() (*URLEntity, bool)
- func (hb HuntingBookmark) MarshalJSON() ([]byte, error)
- func (hb *HuntingBookmark) UnmarshalJSON(body []byte) error
- type HuntingBookmarkProperties
- type IPEntity
- func (ie IPEntity) AsAccountEntity() (*AccountEntity, bool)
- func (ie IPEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
- func (ie IPEntity) AsBasicEntity() (BasicEntity, bool)
- func (ie IPEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
- func (ie IPEntity) AsDNSEntity() (*DNSEntity, bool)
- func (ie IPEntity) AsEntity() (*Entity, bool)
- func (ie IPEntity) AsFileEntity() (*FileEntity, bool)
- func (ie IPEntity) AsFileHashEntity() (*FileHashEntity, bool)
- func (ie IPEntity) AsHostEntity() (*HostEntity, bool)
- func (ie IPEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
- func (ie IPEntity) AsIPEntity() (*IPEntity, bool)
- func (ie IPEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
- func (ie IPEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
- func (ie IPEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
- func (ie IPEntity) AsMailboxEntity() (*MailboxEntity, bool)
- func (ie IPEntity) AsMalwareEntity() (*MalwareEntity, bool)
- func (ie IPEntity) AsProcessEntity() (*ProcessEntity, bool)
- func (ie IPEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
- func (ie IPEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
- func (ie IPEntity) AsSecurityAlert() (*SecurityAlert, bool)
- func (ie IPEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
- func (ie IPEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
- func (ie IPEntity) AsURLEntity() (*URLEntity, bool)
- func (ie IPEntity) MarshalJSON() ([]byte, error)
- func (ie *IPEntity) UnmarshalJSON(body []byte) error
- type IPEntityProperties
- type IPGeodataClient
- func (client IPGeodataClient) Get(ctx context.Context, resourceGroupName string, IPAddress string) (result EnrichmentIPGeodata, err error)
- func (client IPGeodataClient) GetPreparer(ctx context.Context, resourceGroupName string, IPAddress string) (*http.Request, error)
- func (client IPGeodataClient) GetResponder(resp *http.Response) (result EnrichmentIPGeodata, err error)
- func (client IPGeodataClient) GetSender(req *http.Request) (*http.Response, error)
- type Incident
- type IncidentAdditionalData
- type IncidentAlertList
- type IncidentBookmarkList
- type IncidentClassification
- type IncidentClassificationReason
- type IncidentComment
- type IncidentCommentList
- type IncidentCommentListIterator
- func (iter *IncidentCommentListIterator) Next() error
- func (iter *IncidentCommentListIterator) NextWithContext(ctx context.Context) (err error)
- func (iter IncidentCommentListIterator) NotDone() bool
- func (iter IncidentCommentListIterator) Response() IncidentCommentList
- func (iter IncidentCommentListIterator) Value() IncidentComment
- type IncidentCommentListPage
- func (page *IncidentCommentListPage) Next() error
- func (page *IncidentCommentListPage) NextWithContext(ctx context.Context) (err error)
- func (page IncidentCommentListPage) NotDone() bool
- func (page IncidentCommentListPage) Response() IncidentCommentList
- func (page IncidentCommentListPage) Values() []IncidentComment
- type IncidentCommentProperties
- type IncidentCommentsClient
- func (client IncidentCommentsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentComment, err error)
- func (client IncidentCommentsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client IncidentCommentsClient) CreateOrUpdateResponder(resp *http.Response) (result IncidentComment, err error)
- func (client IncidentCommentsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)
- func (client IncidentCommentsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)
- func (client IncidentCommentsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client IncidentCommentsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
- func (client IncidentCommentsClient) DeleteSender(req *http.Request) (*http.Response, error)
- func (client IncidentCommentsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentComment, err error)
- func (client IncidentCommentsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client IncidentCommentsClient) GetResponder(resp *http.Response) (result IncidentComment, err error)
- func (client IncidentCommentsClient) GetSender(req *http.Request) (*http.Response, error)
- func (client IncidentCommentsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentCommentListPage, err error)
- func (client IncidentCommentsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentCommentListIterator, err error)
- func (client IncidentCommentsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client IncidentCommentsClient) ListResponder(resp *http.Response) (result IncidentCommentList, err error)
- func (client IncidentCommentsClient) ListSender(req *http.Request) (*http.Response, error)
- type IncidentConfiguration
- type IncidentEntitiesResponse
- type IncidentEntitiesResultsMetadata
- type IncidentInfo
- type IncidentLabel
- type IncidentLabelType
- type IncidentList
- type IncidentListIterator
- type IncidentListPage
- type IncidentOwnerInfo
- type IncidentProperties
- type IncidentRelationsClient
- func (client IncidentRelationsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Relation, err error)
- func (client IncidentRelationsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client IncidentRelationsClient) CreateOrUpdateResponder(resp *http.Response) (result Relation, err error)
- func (client IncidentRelationsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)
- func (client IncidentRelationsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)
- func (client IncidentRelationsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client IncidentRelationsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
- func (client IncidentRelationsClient) DeleteSender(req *http.Request) (*http.Response, error)
- func (client IncidentRelationsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Relation, err error)
- func (client IncidentRelationsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client IncidentRelationsClient) GetResponder(resp *http.Response) (result Relation, err error)
- func (client IncidentRelationsClient) GetSender(req *http.Request) (*http.Response, error)
- func (client IncidentRelationsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result RelationListPage, err error)
- func (client IncidentRelationsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result RelationListIterator, err error)
- func (client IncidentRelationsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client IncidentRelationsClient) ListResponder(resp *http.Response) (result RelationList, err error)
- func (client IncidentRelationsClient) ListSender(req *http.Request) (*http.Response, error)
- type IncidentSeverity
- type IncidentStatus
- type IncidentsClient
- func (client IncidentsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Incident, err error)
- func (client IncidentsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client IncidentsClient) CreateOrUpdateResponder(resp *http.Response) (result Incident, err error)
- func (client IncidentsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)
- func (client IncidentsClient) CreateTeam(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result TeamInformation, err error)
- func (client IncidentsClient) CreateTeamPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client IncidentsClient) CreateTeamResponder(resp *http.Response) (result TeamInformation, err error)
- func (client IncidentsClient) CreateTeamSender(req *http.Request) (*http.Response, error)
- func (client IncidentsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)
- func (client IncidentsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client IncidentsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
- func (client IncidentsClient) DeleteSender(req *http.Request) (*http.Response, error)
- func (client IncidentsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Incident, err error)
- func (client IncidentsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client IncidentsClient) GetResponder(resp *http.Response) (result Incident, err error)
- func (client IncidentsClient) GetSender(req *http.Request) (*http.Response, error)
- func (client IncidentsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentListPage, err error)
- func (client IncidentsClient) ListAlerts(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentAlertList, err error)
- func (client IncidentsClient) ListAlertsPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client IncidentsClient) ListAlertsResponder(resp *http.Response) (result IncidentAlertList, err error)
- func (client IncidentsClient) ListAlertsSender(req *http.Request) (*http.Response, error)
- func (client IncidentsClient) ListBookmarks(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentBookmarkList, err error)
- func (client IncidentsClient) ListBookmarksPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client IncidentsClient) ListBookmarksResponder(resp *http.Response) (result IncidentBookmarkList, err error)
- func (client IncidentsClient) ListBookmarksSender(req *http.Request) (*http.Response, error)
- func (client IncidentsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentListIterator, err error)
- func (client IncidentsClient) ListEntities(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentEntitiesResponse, err error)
- func (client IncidentsClient) ListEntitiesPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client IncidentsClient) ListEntitiesResponder(resp *http.Response) (result IncidentEntitiesResponse, err error)
- func (client IncidentsClient) ListEntitiesSender(req *http.Request) (*http.Response, error)
- func (client IncidentsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client IncidentsClient) ListResponder(resp *http.Response) (result IncidentList, err error)
- func (client IncidentsClient) ListSender(req *http.Request) (*http.Response, error)
- type InsightQueryItem
- type InsightQueryItemProperties
- type InsightQueryItemPropertiesAdditionalQuery
- type InsightQueryItemPropertiesDefaultTimeRange
- type InsightQueryItemPropertiesReferenceTimeRange
- type InsightQueryItemPropertiesTableQuery
- type InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem
- type InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem
- type InsightQueryItemPropertiesTableQueryQueriesDefinitionsItemLinkColumnsDefinitionsItem
- type InsightsTableResult
- type InsightsTableResultColumnsItem
- type InstructionSteps
- type InstructionStepsInstructionsItem
- type IoTDeviceEntity
- func (itde IoTDeviceEntity) AsAccountEntity() (*AccountEntity, bool)
- func (itde IoTDeviceEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
- func (itde IoTDeviceEntity) AsBasicEntity() (BasicEntity, bool)
- func (itde IoTDeviceEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
- func (itde IoTDeviceEntity) AsDNSEntity() (*DNSEntity, bool)
- func (itde IoTDeviceEntity) AsEntity() (*Entity, bool)
- func (itde IoTDeviceEntity) AsFileEntity() (*FileEntity, bool)
- func (itde IoTDeviceEntity) AsFileHashEntity() (*FileHashEntity, bool)
- func (itde IoTDeviceEntity) AsHostEntity() (*HostEntity, bool)
- func (itde IoTDeviceEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
- func (itde IoTDeviceEntity) AsIPEntity() (*IPEntity, bool)
- func (itde IoTDeviceEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
- func (itde IoTDeviceEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
- func (itde IoTDeviceEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
- func (itde IoTDeviceEntity) AsMailboxEntity() (*MailboxEntity, bool)
- func (itde IoTDeviceEntity) AsMalwareEntity() (*MalwareEntity, bool)
- func (itde IoTDeviceEntity) AsProcessEntity() (*ProcessEntity, bool)
- func (itde IoTDeviceEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
- func (itde IoTDeviceEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
- func (itde IoTDeviceEntity) AsSecurityAlert() (*SecurityAlert, bool)
- func (itde IoTDeviceEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
- func (itde IoTDeviceEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
- func (itde IoTDeviceEntity) AsURLEntity() (*URLEntity, bool)
- func (itde IoTDeviceEntity) MarshalJSON() ([]byte, error)
- func (itde *IoTDeviceEntity) UnmarshalJSON(body []byte) error
- type IoTDeviceEntityProperties
- type KillChainIntent
- type Kind
- type KindBasicAlertRule
- type KindBasicAlertRuleTemplate
- type KindBasicCustomEntityQuery
- type KindBasicDataConnector
- type KindBasicDataConnectorsCheckRequirements
- type KindBasicEntity
- type KindBasicEntityQuery
- type KindBasicEntityQueryItem
- type KindBasicEntityQueryTemplate
- type KindBasicEntityTimelineItem
- type KindBasicSettings
- type KindBasicThreatIntelligenceInformation
- type LastDataReceivedDataType
- type MCASCheckRequirements
- func (mcr MCASCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
- func (mcr MCASCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
- func (mcr MCASCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
- func (mcr MCASCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
- func (mcr MCASCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
- func (mcr MCASCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
- func (mcr MCASCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
- func (mcr MCASCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
- func (mcr MCASCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
- func (mcr MCASCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
- func (mcr MCASCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
- func (mcr MCASCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
- func (mcr MCASCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
- func (mcr MCASCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
- func (mcr MCASCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
- func (mcr MCASCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
- func (mcr MCASCheckRequirements) MarshalJSON() ([]byte, error)
- func (mcr *MCASCheckRequirements) UnmarshalJSON(body []byte) error
- type MCASCheckRequirementsProperties
- type MCASDataConnector
- func (mdc MCASDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
- func (mdc MCASDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
- func (mdc MCASDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
- func (mdc MCASDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
- func (mdc MCASDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
- func (mdc MCASDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
- func (mdc MCASDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
- func (mdc MCASDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
- func (mdc MCASDataConnector) AsDataConnector() (*DataConnector, bool)
- func (mdc MCASDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
- func (mdc MCASDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
- func (mdc MCASDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
- func (mdc MCASDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
- func (mdc MCASDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
- func (mdc MCASDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
- func (mdc MCASDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
- func (mdc MCASDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
- func (mdc MCASDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
- func (mdc MCASDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
- func (mdc MCASDataConnector) MarshalJSON() ([]byte, error)
- func (mdc *MCASDataConnector) UnmarshalJSON(body []byte) error
- type MCASDataConnectorDataTypes
- type MCASDataConnectorProperties
- type MDATPCheckRequirements
- func (mcr MDATPCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
- func (mcr MDATPCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
- func (mcr MDATPCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
- func (mcr MDATPCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
- func (mcr MDATPCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
- func (mcr MDATPCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
- func (mcr MDATPCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
- func (mcr MDATPCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
- func (mcr MDATPCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
- func (mcr MDATPCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
- func (mcr MDATPCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
- func (mcr MDATPCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
- func (mcr MDATPCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
- func (mcr MDATPCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
- func (mcr MDATPCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
- func (mcr MDATPCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
- func (mcr MDATPCheckRequirements) MarshalJSON() ([]byte, error)
- func (mcr *MDATPCheckRequirements) UnmarshalJSON(body []byte) error
- type MDATPCheckRequirementsProperties
- type MDATPDataConnector
- func (mdc MDATPDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
- func (mdc MDATPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
- func (mdc MDATPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
- func (mdc MDATPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
- func (mdc MDATPDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
- func (mdc MDATPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
- func (mdc MDATPDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
- func (mdc MDATPDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
- func (mdc MDATPDataConnector) AsDataConnector() (*DataConnector, bool)
- func (mdc MDATPDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
- func (mdc MDATPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
- func (mdc MDATPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
- func (mdc MDATPDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
- func (mdc MDATPDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
- func (mdc MDATPDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
- func (mdc MDATPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
- func (mdc MDATPDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
- func (mdc MDATPDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
- func (mdc MDATPDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
- func (mdc MDATPDataConnector) MarshalJSON() ([]byte, error)
- func (mdc *MDATPDataConnector) UnmarshalJSON(body []byte) error
- type MDATPDataConnectorProperties
- type MLBehaviorAnalyticsAlertRule
- func (mbaar MLBehaviorAnalyticsAlertRule) AsAlertRule() (*AlertRule, bool)
- func (mbaar MLBehaviorAnalyticsAlertRule) AsBasicAlertRule() (BasicAlertRule, bool)
- func (mbaar MLBehaviorAnalyticsAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)
- func (mbaar MLBehaviorAnalyticsAlertRule) AsMLBehaviorAnalyticsAlertRule() (*MLBehaviorAnalyticsAlertRule, bool)
- func (mbaar MLBehaviorAnalyticsAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)
- func (mbaar MLBehaviorAnalyticsAlertRule) AsNrtAlertRule() (*NrtAlertRule, bool)
- func (mbaar MLBehaviorAnalyticsAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)
- func (mbaar MLBehaviorAnalyticsAlertRule) AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool)
- func (mbaar MLBehaviorAnalyticsAlertRule) MarshalJSON() ([]byte, error)
- func (mbaar *MLBehaviorAnalyticsAlertRule) UnmarshalJSON(body []byte) error
- type MLBehaviorAnalyticsAlertRuleProperties
- type MLBehaviorAnalyticsAlertRuleTemplate
- func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)
- func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)
- func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)
- func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate() (*MLBehaviorAnalyticsAlertRuleTemplate, bool)
- func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)
- func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool)
- func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)
- func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool)
- func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) MarshalJSON() ([]byte, error)
- func (mbaart *MLBehaviorAnalyticsAlertRuleTemplate) UnmarshalJSON(body []byte) error
- type MLBehaviorAnalyticsAlertRuleTemplateProperties
- type MSTICheckRequirements
- func (mcr MSTICheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
- func (mcr MSTICheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
- func (mcr MSTICheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
- func (mcr MSTICheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
- func (mcr MSTICheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
- func (mcr MSTICheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
- func (mcr MSTICheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
- func (mcr MSTICheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
- func (mcr MSTICheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
- func (mcr MSTICheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
- func (mcr MSTICheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
- func (mcr MSTICheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
- func (mcr MSTICheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
- func (mcr MSTICheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
- func (mcr MSTICheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
- func (mcr MSTICheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
- func (mcr MSTICheckRequirements) MarshalJSON() ([]byte, error)
- func (mcr *MSTICheckRequirements) UnmarshalJSON(body []byte) error
- type MSTICheckRequirementsProperties
- type MSTIDataConnector
- func (mdc MSTIDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
- func (mdc MSTIDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
- func (mdc MSTIDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
- func (mdc MSTIDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
- func (mdc MSTIDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
- func (mdc MSTIDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
- func (mdc MSTIDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
- func (mdc MSTIDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
- func (mdc MSTIDataConnector) AsDataConnector() (*DataConnector, bool)
- func (mdc MSTIDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
- func (mdc MSTIDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
- func (mdc MSTIDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
- func (mdc MSTIDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
- func (mdc MSTIDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
- func (mdc MSTIDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
- func (mdc MSTIDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
- func (mdc MSTIDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
- func (mdc MSTIDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
- func (mdc MSTIDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
- func (mdc MSTIDataConnector) MarshalJSON() ([]byte, error)
- func (mdc *MSTIDataConnector) UnmarshalJSON(body []byte) error
- type MSTIDataConnectorDataTypes
- type MSTIDataConnectorDataTypesBingSafetyPhishingURL
- type MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed
- type MSTIDataConnectorProperties
- type MTPCheckRequirementsProperties
- type MTPDataConnector
- func (mdc MTPDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
- func (mdc MTPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
- func (mdc MTPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
- func (mdc MTPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
- func (mdc MTPDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
- func (mdc MTPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
- func (mdc MTPDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
- func (mdc MTPDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
- func (mdc MTPDataConnector) AsDataConnector() (*DataConnector, bool)
- func (mdc MTPDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
- func (mdc MTPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
- func (mdc MTPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
- func (mdc MTPDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
- func (mdc MTPDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
- func (mdc MTPDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
- func (mdc MTPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
- func (mdc MTPDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
- func (mdc MTPDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
- func (mdc MTPDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
- func (mdc MTPDataConnector) MarshalJSON() ([]byte, error)
- func (mdc *MTPDataConnector) UnmarshalJSON(body []byte) error
- type MTPDataConnectorDataTypes
- type MTPDataConnectorDataTypesIncidents
- type MTPDataConnectorProperties
- type MailClusterEntity
- func (mce MailClusterEntity) AsAccountEntity() (*AccountEntity, bool)
- func (mce MailClusterEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
- func (mce MailClusterEntity) AsBasicEntity() (BasicEntity, bool)
- func (mce MailClusterEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
- func (mce MailClusterEntity) AsDNSEntity() (*DNSEntity, bool)
- func (mce MailClusterEntity) AsEntity() (*Entity, bool)
- func (mce MailClusterEntity) AsFileEntity() (*FileEntity, bool)
- func (mce MailClusterEntity) AsFileHashEntity() (*FileHashEntity, bool)
- func (mce MailClusterEntity) AsHostEntity() (*HostEntity, bool)
- func (mce MailClusterEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
- func (mce MailClusterEntity) AsIPEntity() (*IPEntity, bool)
- func (mce MailClusterEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
- func (mce MailClusterEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
- func (mce MailClusterEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
- func (mce MailClusterEntity) AsMailboxEntity() (*MailboxEntity, bool)
- func (mce MailClusterEntity) AsMalwareEntity() (*MalwareEntity, bool)
- func (mce MailClusterEntity) AsProcessEntity() (*ProcessEntity, bool)
- func (mce MailClusterEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
- func (mce MailClusterEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
- func (mce MailClusterEntity) AsSecurityAlert() (*SecurityAlert, bool)
- func (mce MailClusterEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
- func (mce MailClusterEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
- func (mce MailClusterEntity) AsURLEntity() (*URLEntity, bool)
- func (mce MailClusterEntity) MarshalJSON() ([]byte, error)
- func (mce *MailClusterEntity) UnmarshalJSON(body []byte) error
- type MailClusterEntityProperties
- type MailMessageEntity
- func (mme MailMessageEntity) AsAccountEntity() (*AccountEntity, bool)
- func (mme MailMessageEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
- func (mme MailMessageEntity) AsBasicEntity() (BasicEntity, bool)
- func (mme MailMessageEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
- func (mme MailMessageEntity) AsDNSEntity() (*DNSEntity, bool)
- func (mme MailMessageEntity) AsEntity() (*Entity, bool)
- func (mme MailMessageEntity) AsFileEntity() (*FileEntity, bool)
- func (mme MailMessageEntity) AsFileHashEntity() (*FileHashEntity, bool)
- func (mme MailMessageEntity) AsHostEntity() (*HostEntity, bool)
- func (mme MailMessageEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
- func (mme MailMessageEntity) AsIPEntity() (*IPEntity, bool)
- func (mme MailMessageEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
- func (mme MailMessageEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
- func (mme MailMessageEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
- func (mme MailMessageEntity) AsMailboxEntity() (*MailboxEntity, bool)
- func (mme MailMessageEntity) AsMalwareEntity() (*MalwareEntity, bool)
- func (mme MailMessageEntity) AsProcessEntity() (*ProcessEntity, bool)
- func (mme MailMessageEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
- func (mme MailMessageEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
- func (mme MailMessageEntity) AsSecurityAlert() (*SecurityAlert, bool)
- func (mme MailMessageEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
- func (mme MailMessageEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
- func (mme MailMessageEntity) AsURLEntity() (*URLEntity, bool)
- func (mme MailMessageEntity) MarshalJSON() ([]byte, error)
- func (mme *MailMessageEntity) UnmarshalJSON(body []byte) error
- type MailMessageEntityProperties
- type MailboxEntity
- func (me MailboxEntity) AsAccountEntity() (*AccountEntity, bool)
- func (me MailboxEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
- func (me MailboxEntity) AsBasicEntity() (BasicEntity, bool)
- func (me MailboxEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
- func (me MailboxEntity) AsDNSEntity() (*DNSEntity, bool)
- func (me MailboxEntity) AsEntity() (*Entity, bool)
- func (me MailboxEntity) AsFileEntity() (*FileEntity, bool)
- func (me MailboxEntity) AsFileHashEntity() (*FileHashEntity, bool)
- func (me MailboxEntity) AsHostEntity() (*HostEntity, bool)
- func (me MailboxEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
- func (me MailboxEntity) AsIPEntity() (*IPEntity, bool)
- func (me MailboxEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
- func (me MailboxEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
- func (me MailboxEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
- func (me MailboxEntity) AsMailboxEntity() (*MailboxEntity, bool)
- func (me MailboxEntity) AsMalwareEntity() (*MalwareEntity, bool)
- func (me MailboxEntity) AsProcessEntity() (*ProcessEntity, bool)
- func (me MailboxEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
- func (me MailboxEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
- func (me MailboxEntity) AsSecurityAlert() (*SecurityAlert, bool)
- func (me MailboxEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
- func (me MailboxEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
- func (me MailboxEntity) AsURLEntity() (*URLEntity, bool)
- func (me MailboxEntity) MarshalJSON() ([]byte, error)
- func (me *MailboxEntity) UnmarshalJSON(body []byte) error
- type MailboxEntityProperties
- type MalwareEntity
- func (me MalwareEntity) AsAccountEntity() (*AccountEntity, bool)
- func (me MalwareEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
- func (me MalwareEntity) AsBasicEntity() (BasicEntity, bool)
- func (me MalwareEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
- func (me MalwareEntity) AsDNSEntity() (*DNSEntity, bool)
- func (me MalwareEntity) AsEntity() (*Entity, bool)
- func (me MalwareEntity) AsFileEntity() (*FileEntity, bool)
- func (me MalwareEntity) AsFileHashEntity() (*FileHashEntity, bool)
- func (me MalwareEntity) AsHostEntity() (*HostEntity, bool)
- func (me MalwareEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
- func (me MalwareEntity) AsIPEntity() (*IPEntity, bool)
- func (me MalwareEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
- func (me MalwareEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
- func (me MalwareEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
- func (me MalwareEntity) AsMailboxEntity() (*MailboxEntity, bool)
- func (me MalwareEntity) AsMalwareEntity() (*MalwareEntity, bool)
- func (me MalwareEntity) AsProcessEntity() (*ProcessEntity, bool)
- func (me MalwareEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
- func (me MalwareEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
- func (me MalwareEntity) AsSecurityAlert() (*SecurityAlert, bool)
- func (me MalwareEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
- func (me MalwareEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
- func (me MalwareEntity) AsURLEntity() (*URLEntity, bool)
- func (me MalwareEntity) MarshalJSON() ([]byte, error)
- func (me *MalwareEntity) UnmarshalJSON(body []byte) error
- type MalwareEntityProperties
- type MatchingMethod
- type MetadataAuthor
- type MetadataCategories
- type MetadataClient
- func (client MetadataClient) Create(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result MetadataModel, err error)
- func (client MetadataClient) CreatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client MetadataClient) CreateResponder(resp *http.Response) (result MetadataModel, err error)
- func (client MetadataClient) CreateSender(req *http.Request) (*http.Response, error)
- func (client MetadataClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)
- func (client MetadataClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client MetadataClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
- func (client MetadataClient) DeleteSender(req *http.Request) (*http.Response, error)
- func (client MetadataClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result MetadataModel, err error)
- func (client MetadataClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client MetadataClient) GetResponder(resp *http.Response) (result MetadataModel, err error)
- func (client MetadataClient) GetSender(req *http.Request) (*http.Response, error)
- func (client MetadataClient) List(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result MetadataListPage, err error)
- func (client MetadataClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result MetadataListIterator, err error)
- func (client MetadataClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client MetadataClient) ListResponder(resp *http.Response) (result MetadataList, err error)
- func (client MetadataClient) ListSender(req *http.Request) (*http.Response, error)
- func (client MetadataClient) Update(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result MetadataModel, err error)
- func (client MetadataClient) UpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client MetadataClient) UpdateResponder(resp *http.Response) (result MetadataModel, err error)
- func (client MetadataClient) UpdateSender(req *http.Request) (*http.Response, error)
- type MetadataDependencies
- type MetadataList
- type MetadataListIterator
- type MetadataListPage
- type MetadataModel
- type MetadataPatch
- type MetadataProperties
- type MetadataPropertiesPatch
- type MetadataSource
- type MetadataSupport
- type MicrosoftSecurityIncidentCreationAlertRule
- func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsAlertRule() (*AlertRule, bool)
- func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsBasicAlertRule() (BasicAlertRule, bool)
- func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)
- func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsMLBehaviorAnalyticsAlertRule() (*MLBehaviorAnalyticsAlertRule, bool)
- func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)
- func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsNrtAlertRule() (*NrtAlertRule, bool)
- func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)
- func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool)
- func (msicar MicrosoftSecurityIncidentCreationAlertRule) MarshalJSON() ([]byte, error)
- func (msicar *MicrosoftSecurityIncidentCreationAlertRule) UnmarshalJSON(body []byte) error
- type MicrosoftSecurityIncidentCreationAlertRuleCommonProperties
- type MicrosoftSecurityIncidentCreationAlertRuleProperties
- type MicrosoftSecurityIncidentCreationAlertRuleTemplate
- func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)
- func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)
- func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)
- func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate() (*MLBehaviorAnalyticsAlertRuleTemplate, bool)
- func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)
- func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool)
- func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)
- func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool)
- func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) MarshalJSON() ([]byte, error)
- func (msicart *MicrosoftSecurityIncidentCreationAlertRuleTemplate) UnmarshalJSON(body []byte) error
- type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties
- type MicrosoftSecurityProductName
- type MtpCheckRequirements
- func (mcr MtpCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
- func (mcr MtpCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
- func (mcr MtpCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
- func (mcr MtpCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
- func (mcr MtpCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
- func (mcr MtpCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
- func (mcr MtpCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
- func (mcr MtpCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
- func (mcr MtpCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
- func (mcr MtpCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
- func (mcr MtpCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
- func (mcr MtpCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
- func (mcr MtpCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
- func (mcr MtpCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
- func (mcr MtpCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
- func (mcr MtpCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
- func (mcr MtpCheckRequirements) MarshalJSON() ([]byte, error)
- func (mcr *MtpCheckRequirements) UnmarshalJSON(body []byte) error
- type NrtAlertRule
- func (nar NrtAlertRule) AsAlertRule() (*AlertRule, bool)
- func (nar NrtAlertRule) AsBasicAlertRule() (BasicAlertRule, bool)
- func (nar NrtAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)
- func (nar NrtAlertRule) AsMLBehaviorAnalyticsAlertRule() (*MLBehaviorAnalyticsAlertRule, bool)
- func (nar NrtAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)
- func (nar NrtAlertRule) AsNrtAlertRule() (*NrtAlertRule, bool)
- func (nar NrtAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)
- func (nar NrtAlertRule) AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool)
- func (nar NrtAlertRule) MarshalJSON() ([]byte, error)
- func (nar *NrtAlertRule) UnmarshalJSON(body []byte) error
- type NrtAlertRuleProperties
- type NrtAlertRuleTemplate
- func (nart NrtAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)
- func (nart NrtAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)
- func (nart NrtAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)
- func (nart NrtAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate() (*MLBehaviorAnalyticsAlertRuleTemplate, bool)
- func (nart NrtAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)
- func (nart NrtAlertRuleTemplate) AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool)
- func (nart NrtAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)
- func (nart NrtAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool)
- func (nart NrtAlertRuleTemplate) MarshalJSON() ([]byte, error)
- func (nart *NrtAlertRuleTemplate) UnmarshalJSON(body []byte) error
- type NrtAlertRuleTemplateProperties
- type OSFamily
- type OfficeATPCheckRequirements
- func (oacr OfficeATPCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
- func (oacr OfficeATPCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
- func (oacr OfficeATPCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
- func (oacr OfficeATPCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
- func (oacr OfficeATPCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
- func (oacr OfficeATPCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
- func (oacr OfficeATPCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
- func (oacr OfficeATPCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
- func (oacr OfficeATPCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
- func (oacr OfficeATPCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
- func (oacr OfficeATPCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
- func (oacr OfficeATPCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
- func (oacr OfficeATPCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
- func (oacr OfficeATPCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
- func (oacr OfficeATPCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
- func (oacr OfficeATPCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
- func (oacr OfficeATPCheckRequirements) MarshalJSON() ([]byte, error)
- func (oacr *OfficeATPCheckRequirements) UnmarshalJSON(body []byte) error
- type OfficeATPCheckRequirementsProperties
- type OfficeATPDataConnector
- func (oadc OfficeATPDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
- func (oadc OfficeATPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
- func (oadc OfficeATPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
- func (oadc OfficeATPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
- func (oadc OfficeATPDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
- func (oadc OfficeATPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
- func (oadc OfficeATPDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
- func (oadc OfficeATPDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
- func (oadc OfficeATPDataConnector) AsDataConnector() (*DataConnector, bool)
- func (oadc OfficeATPDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
- func (oadc OfficeATPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
- func (oadc OfficeATPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
- func (oadc OfficeATPDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
- func (oadc OfficeATPDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
- func (oadc OfficeATPDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
- func (oadc OfficeATPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
- func (oadc OfficeATPDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
- func (oadc OfficeATPDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
- func (oadc OfficeATPDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
- func (oadc OfficeATPDataConnector) MarshalJSON() ([]byte, error)
- func (oadc *OfficeATPDataConnector) UnmarshalJSON(body []byte) error
- type OfficeATPDataConnectorProperties
- type OfficeConsent
- type OfficeConsentList
- type OfficeConsentListIterator
- func (iter *OfficeConsentListIterator) Next() error
- func (iter *OfficeConsentListIterator) NextWithContext(ctx context.Context) (err error)
- func (iter OfficeConsentListIterator) NotDone() bool
- func (iter OfficeConsentListIterator) Response() OfficeConsentList
- func (iter OfficeConsentListIterator) Value() OfficeConsent
- type OfficeConsentListPage
- func (page *OfficeConsentListPage) Next() error
- func (page *OfficeConsentListPage) NextWithContext(ctx context.Context) (err error)
- func (page OfficeConsentListPage) NotDone() bool
- func (page OfficeConsentListPage) Response() OfficeConsentList
- func (page OfficeConsentListPage) Values() []OfficeConsent
- type OfficeConsentProperties
- type OfficeConsentsClient
- func (client OfficeConsentsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)
- func (client OfficeConsentsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client OfficeConsentsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
- func (client OfficeConsentsClient) DeleteSender(req *http.Request) (*http.Response, error)
- func (client OfficeConsentsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result OfficeConsent, err error)
- func (client OfficeConsentsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client OfficeConsentsClient) GetResponder(resp *http.Response) (result OfficeConsent, err error)
- func (client OfficeConsentsClient) GetSender(req *http.Request) (*http.Response, error)
- func (client OfficeConsentsClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result OfficeConsentListPage, err error)
- func (client OfficeConsentsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result OfficeConsentListIterator, err error)
- func (client OfficeConsentsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
- func (client OfficeConsentsClient) ListResponder(resp *http.Response) (result OfficeConsentList, err error)
- func (client OfficeConsentsClient) ListSender(req *http.Request) (*http.Response, error)
- type OfficeDataConnector
- func (odc OfficeDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
- func (odc OfficeDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
- func (odc OfficeDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
- func (odc OfficeDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
- func (odc OfficeDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
- func (odc OfficeDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
- func (odc OfficeDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
- func (odc OfficeDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
- func (odc OfficeDataConnector) AsDataConnector() (*DataConnector, bool)
- func (odc OfficeDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
- func (odc OfficeDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
- func (odc OfficeDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
- func (odc OfficeDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
- func (odc OfficeDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
- func (odc OfficeDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
- func (odc OfficeDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
- func (odc OfficeDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
- func (odc OfficeDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
- func (odc OfficeDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
- func (odc OfficeDataConnector) MarshalJSON() ([]byte, error)
- func (odc *OfficeDataConnector) UnmarshalJSON(body []byte) error
- type OfficeDataConnectorDataTypes
- type OfficeDataConnectorDataTypesExchange
- type OfficeDataConnectorDataTypesSharePoint
- type OfficeDataConnectorDataTypesTeams
- type OfficeDataConnectorProperties
- type OfficeIRMCheckRequirements
- func (oicr OfficeIRMCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
- func (oicr OfficeIRMCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
- func (oicr OfficeIRMCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
- func (oicr OfficeIRMCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
- func (oicr OfficeIRMCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
- func (oicr OfficeIRMCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
- func (oicr OfficeIRMCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
- func (oicr OfficeIRMCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
- func (oicr OfficeIRMCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
- func (oicr OfficeIRMCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
- func (oicr OfficeIRMCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
- func (oicr OfficeIRMCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
- func (oicr OfficeIRMCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
- func (oicr OfficeIRMCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
- func (oicr OfficeIRMCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
- func (oicr OfficeIRMCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
- func (oicr OfficeIRMCheckRequirements) MarshalJSON() ([]byte, error)
- func (oicr *OfficeIRMCheckRequirements) UnmarshalJSON(body []byte) error
- type OfficeIRMCheckRequirementsProperties
- type OfficeIRMDataConnector
- func (oidc OfficeIRMDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
- func (oidc OfficeIRMDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
- func (oidc OfficeIRMDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
- func (oidc OfficeIRMDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
- func (oidc OfficeIRMDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
- func (oidc OfficeIRMDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
- func (oidc OfficeIRMDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
- func (oidc OfficeIRMDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
- func (oidc OfficeIRMDataConnector) AsDataConnector() (*DataConnector, bool)
- func (oidc OfficeIRMDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
- func (oidc OfficeIRMDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
- func (oidc OfficeIRMDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
- func (oidc OfficeIRMDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
- func (oidc OfficeIRMDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
- func (oidc OfficeIRMDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
- func (oidc OfficeIRMDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
- func (oidc OfficeIRMDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
- func (oidc OfficeIRMDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
- func (oidc OfficeIRMDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
- func (oidc OfficeIRMDataConnector) MarshalJSON() ([]byte, error)
- func (oidc *OfficeIRMDataConnector) UnmarshalJSON(body []byte) error
- type OfficeIRMDataConnectorProperties
- type Operation
- type OperationDisplay
- type OperationsClient
- func (client OperationsClient) List(ctx context.Context) (result OperationsListPage, err error)
- func (client OperationsClient) ListComplete(ctx context.Context) (result OperationsListIterator, err error)
- func (client OperationsClient) ListPreparer(ctx context.Context) (*http.Request, error)
- func (client OperationsClient) ListResponder(resp *http.Response) (result OperationsList, err error)
- func (client OperationsClient) ListSender(req *http.Request) (*http.Response, error)
- type OperationsList
- type OperationsListIterator
- type OperationsListPage
- type Operator
- type OutputType
- type OwnerType
- type PermissionProviderScope
- type Permissions
- type PermissionsCustomsItem
- type PermissionsResourceProviderItem
- type PollingFrequency
- type ProcessEntity
- func (peVar ProcessEntity) AsAccountEntity() (*AccountEntity, bool)
- func (peVar ProcessEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
- func (peVar ProcessEntity) AsBasicEntity() (BasicEntity, bool)
- func (peVar ProcessEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
- func (peVar ProcessEntity) AsDNSEntity() (*DNSEntity, bool)
- func (peVar ProcessEntity) AsEntity() (*Entity, bool)
- func (peVar ProcessEntity) AsFileEntity() (*FileEntity, bool)
- func (peVar ProcessEntity) AsFileHashEntity() (*FileHashEntity, bool)
- func (peVar ProcessEntity) AsHostEntity() (*HostEntity, bool)
- func (peVar ProcessEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
- func (peVar ProcessEntity) AsIPEntity() (*IPEntity, bool)
- func (peVar ProcessEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
- func (peVar ProcessEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
- func (peVar ProcessEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
- func (peVar ProcessEntity) AsMailboxEntity() (*MailboxEntity, bool)
- func (peVar ProcessEntity) AsMalwareEntity() (*MalwareEntity, bool)
- func (peVar ProcessEntity) AsProcessEntity() (*ProcessEntity, bool)
- func (peVar ProcessEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
- func (peVar ProcessEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
- func (peVar ProcessEntity) AsSecurityAlert() (*SecurityAlert, bool)
- func (peVar ProcessEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
- func (peVar ProcessEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
- func (peVar ProcessEntity) AsURLEntity() (*URLEntity, bool)
- func (peVar ProcessEntity) MarshalJSON() ([]byte, error)
- func (peVar *ProcessEntity) UnmarshalJSON(body []byte) error
- type ProcessEntityProperties
- type ProductSettingsClient
- func (client ProductSettingsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)
- func (client ProductSettingsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client ProductSettingsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
- func (client ProductSettingsClient) DeleteSender(req *http.Request) (*http.Response, error)
- func (client ProductSettingsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result SettingsModel, err error)
- func (client ProductSettingsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client ProductSettingsClient) GetResponder(resp *http.Response) (result SettingsModel, err error)
- func (client ProductSettingsClient) GetSender(req *http.Request) (*http.Response, error)
- func (client ProductSettingsClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result SettingList, err error)
- func (client ProductSettingsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
- func (client ProductSettingsClient) ListResponder(resp *http.Response) (result SettingList, err error)
- func (client ProductSettingsClient) ListSender(req *http.Request) (*http.Response, error)
- func (client ProductSettingsClient) Update(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result SettingsModel, err error)
- func (client ProductSettingsClient) UpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client ProductSettingsClient) UpdateResponder(resp *http.Response) (result SettingsModel, err error)
- func (client ProductSettingsClient) UpdateSender(req *http.Request) (*http.Response, error)
- type ProviderName
- type ProxyResource
- type QueryBasedAlertRuleProperties
- type QueryBasedAlertRuleTemplateProperties
- type RegistryHive
- type RegistryKeyEntity
- func (rke RegistryKeyEntity) AsAccountEntity() (*AccountEntity, bool)
- func (rke RegistryKeyEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
- func (rke RegistryKeyEntity) AsBasicEntity() (BasicEntity, bool)
- func (rke RegistryKeyEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
- func (rke RegistryKeyEntity) AsDNSEntity() (*DNSEntity, bool)
- func (rke RegistryKeyEntity) AsEntity() (*Entity, bool)
- func (rke RegistryKeyEntity) AsFileEntity() (*FileEntity, bool)
- func (rke RegistryKeyEntity) AsFileHashEntity() (*FileHashEntity, bool)
- func (rke RegistryKeyEntity) AsHostEntity() (*HostEntity, bool)
- func (rke RegistryKeyEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
- func (rke RegistryKeyEntity) AsIPEntity() (*IPEntity, bool)
- func (rke RegistryKeyEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
- func (rke RegistryKeyEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
- func (rke RegistryKeyEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
- func (rke RegistryKeyEntity) AsMailboxEntity() (*MailboxEntity, bool)
- func (rke RegistryKeyEntity) AsMalwareEntity() (*MalwareEntity, bool)
- func (rke RegistryKeyEntity) AsProcessEntity() (*ProcessEntity, bool)
- func (rke RegistryKeyEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
- func (rke RegistryKeyEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
- func (rke RegistryKeyEntity) AsSecurityAlert() (*SecurityAlert, bool)
- func (rke RegistryKeyEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
- func (rke RegistryKeyEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
- func (rke RegistryKeyEntity) AsURLEntity() (*URLEntity, bool)
- func (rke RegistryKeyEntity) MarshalJSON() ([]byte, error)
- func (rke *RegistryKeyEntity) UnmarshalJSON(body []byte) error
- type RegistryKeyEntityProperties
- type RegistryValueEntity
- func (rve RegistryValueEntity) AsAccountEntity() (*AccountEntity, bool)
- func (rve RegistryValueEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
- func (rve RegistryValueEntity) AsBasicEntity() (BasicEntity, bool)
- func (rve RegistryValueEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
- func (rve RegistryValueEntity) AsDNSEntity() (*DNSEntity, bool)
- func (rve RegistryValueEntity) AsEntity() (*Entity, bool)
- func (rve RegistryValueEntity) AsFileEntity() (*FileEntity, bool)
- func (rve RegistryValueEntity) AsFileHashEntity() (*FileHashEntity, bool)
- func (rve RegistryValueEntity) AsHostEntity() (*HostEntity, bool)
- func (rve RegistryValueEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
- func (rve RegistryValueEntity) AsIPEntity() (*IPEntity, bool)
- func (rve RegistryValueEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
- func (rve RegistryValueEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
- func (rve RegistryValueEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
- func (rve RegistryValueEntity) AsMailboxEntity() (*MailboxEntity, bool)
- func (rve RegistryValueEntity) AsMalwareEntity() (*MalwareEntity, bool)
- func (rve RegistryValueEntity) AsProcessEntity() (*ProcessEntity, bool)
- func (rve RegistryValueEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
- func (rve RegistryValueEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
- func (rve RegistryValueEntity) AsSecurityAlert() (*SecurityAlert, bool)
- func (rve RegistryValueEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
- func (rve RegistryValueEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
- func (rve RegistryValueEntity) AsURLEntity() (*URLEntity, bool)
- func (rve RegistryValueEntity) MarshalJSON() ([]byte, error)
- func (rve *RegistryValueEntity) UnmarshalJSON(body []byte) error
- type RegistryValueEntityProperties
- type RegistryValueKind
- type Relation
- type RelationList
- type RelationListIterator
- type RelationListPage
- type RelationProperties
- type Repo
- type RepoList
- type RepoListIterator
- type RepoListPage
- type RepoType
- type Repository
- type RequiredPermissions
- type Resource
- type ResourceProvider
- type ResourceWithEtag
- type SampleQueries
- type ScheduledAlertRule
- func (sar ScheduledAlertRule) AsAlertRule() (*AlertRule, bool)
- func (sar ScheduledAlertRule) AsBasicAlertRule() (BasicAlertRule, bool)
- func (sar ScheduledAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)
- func (sar ScheduledAlertRule) AsMLBehaviorAnalyticsAlertRule() (*MLBehaviorAnalyticsAlertRule, bool)
- func (sar ScheduledAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)
- func (sar ScheduledAlertRule) AsNrtAlertRule() (*NrtAlertRule, bool)
- func (sar ScheduledAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)
- func (sar ScheduledAlertRule) AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool)
- func (sar ScheduledAlertRule) MarshalJSON() ([]byte, error)
- func (sar *ScheduledAlertRule) UnmarshalJSON(body []byte) error
- type ScheduledAlertRuleCommonProperties
- type ScheduledAlertRuleProperties
- type ScheduledAlertRuleTemplate
- func (sart ScheduledAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)
- func (sart ScheduledAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)
- func (sart ScheduledAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)
- func (sart ScheduledAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate() (*MLBehaviorAnalyticsAlertRuleTemplate, bool)
- func (sart ScheduledAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)
- func (sart ScheduledAlertRuleTemplate) AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool)
- func (sart ScheduledAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)
- func (sart ScheduledAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool)
- func (sart ScheduledAlertRuleTemplate) MarshalJSON() ([]byte, error)
- func (sart *ScheduledAlertRuleTemplate) UnmarshalJSON(body []byte) error
- type ScheduledAlertRuleTemplateProperties
- type SecurityAlert
- func (sa SecurityAlert) AsAccountEntity() (*AccountEntity, bool)
- func (sa SecurityAlert) AsAzureResourceEntity() (*AzureResourceEntity, bool)
- func (sa SecurityAlert) AsBasicEntity() (BasicEntity, bool)
- func (sa SecurityAlert) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
- func (sa SecurityAlert) AsDNSEntity() (*DNSEntity, bool)
- func (sa SecurityAlert) AsEntity() (*Entity, bool)
- func (sa SecurityAlert) AsFileEntity() (*FileEntity, bool)
- func (sa SecurityAlert) AsFileHashEntity() (*FileHashEntity, bool)
- func (sa SecurityAlert) AsHostEntity() (*HostEntity, bool)
- func (sa SecurityAlert) AsHuntingBookmark() (*HuntingBookmark, bool)
- func (sa SecurityAlert) AsIPEntity() (*IPEntity, bool)
- func (sa SecurityAlert) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
- func (sa SecurityAlert) AsMailClusterEntity() (*MailClusterEntity, bool)
- func (sa SecurityAlert) AsMailMessageEntity() (*MailMessageEntity, bool)
- func (sa SecurityAlert) AsMailboxEntity() (*MailboxEntity, bool)
- func (sa SecurityAlert) AsMalwareEntity() (*MalwareEntity, bool)
- func (sa SecurityAlert) AsProcessEntity() (*ProcessEntity, bool)
- func (sa SecurityAlert) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
- func (sa SecurityAlert) AsRegistryValueEntity() (*RegistryValueEntity, bool)
- func (sa SecurityAlert) AsSecurityAlert() (*SecurityAlert, bool)
- func (sa SecurityAlert) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
- func (sa SecurityAlert) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
- func (sa SecurityAlert) AsURLEntity() (*URLEntity, bool)
- func (sa SecurityAlert) MarshalJSON() ([]byte, error)
- func (sa *SecurityAlert) UnmarshalJSON(body []byte) error
- type SecurityAlertProperties
- type SecurityAlertPropertiesConfidenceReasonsItem
- type SecurityAlertTimelineItem
- func (sati SecurityAlertTimelineItem) AsActivityTimelineItem() (*ActivityTimelineItem, bool)
- func (sati SecurityAlertTimelineItem) AsBasicEntityTimelineItem() (BasicEntityTimelineItem, bool)
- func (sati SecurityAlertTimelineItem) AsBookmarkTimelineItem() (*BookmarkTimelineItem, bool)
- func (sati SecurityAlertTimelineItem) AsEntityTimelineItem() (*EntityTimelineItem, bool)
- func (sati SecurityAlertTimelineItem) AsSecurityAlertTimelineItem() (*SecurityAlertTimelineItem, bool)
- func (sati SecurityAlertTimelineItem) MarshalJSON() ([]byte, error)
- type SecurityGroupEntity
- func (sge SecurityGroupEntity) AsAccountEntity() (*AccountEntity, bool)
- func (sge SecurityGroupEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
- func (sge SecurityGroupEntity) AsBasicEntity() (BasicEntity, bool)
- func (sge SecurityGroupEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
- func (sge SecurityGroupEntity) AsDNSEntity() (*DNSEntity, bool)
- func (sge SecurityGroupEntity) AsEntity() (*Entity, bool)
- func (sge SecurityGroupEntity) AsFileEntity() (*FileEntity, bool)
- func (sge SecurityGroupEntity) AsFileHashEntity() (*FileHashEntity, bool)
- func (sge SecurityGroupEntity) AsHostEntity() (*HostEntity, bool)
- func (sge SecurityGroupEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
- func (sge SecurityGroupEntity) AsIPEntity() (*IPEntity, bool)
- func (sge SecurityGroupEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
- func (sge SecurityGroupEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
- func (sge SecurityGroupEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
- func (sge SecurityGroupEntity) AsMailboxEntity() (*MailboxEntity, bool)
- func (sge SecurityGroupEntity) AsMalwareEntity() (*MalwareEntity, bool)
- func (sge SecurityGroupEntity) AsProcessEntity() (*ProcessEntity, bool)
- func (sge SecurityGroupEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
- func (sge SecurityGroupEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
- func (sge SecurityGroupEntity) AsSecurityAlert() (*SecurityAlert, bool)
- func (sge SecurityGroupEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
- func (sge SecurityGroupEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
- func (sge SecurityGroupEntity) AsURLEntity() (*URLEntity, bool)
- func (sge SecurityGroupEntity) MarshalJSON() ([]byte, error)
- func (sge *SecurityGroupEntity) UnmarshalJSON(body []byte) error
- type SecurityGroupEntityProperties
- type SentinelOnboardingState
- type SentinelOnboardingStateProperties
- type SentinelOnboardingStatesClient
- func (client SentinelOnboardingStatesClient) Create(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result SentinelOnboardingState, err error)
- func (client SentinelOnboardingStatesClient) CreatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client SentinelOnboardingStatesClient) CreateResponder(resp *http.Response) (result SentinelOnboardingState, err error)
- func (client SentinelOnboardingStatesClient) CreateSender(req *http.Request) (*http.Response, error)
- func (client SentinelOnboardingStatesClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)
- func (client SentinelOnboardingStatesClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client SentinelOnboardingStatesClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
- func (client SentinelOnboardingStatesClient) DeleteSender(req *http.Request) (*http.Response, error)
- func (client SentinelOnboardingStatesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result SentinelOnboardingState, err error)
- func (client SentinelOnboardingStatesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client SentinelOnboardingStatesClient) GetResponder(resp *http.Response) (result SentinelOnboardingState, err error)
- func (client SentinelOnboardingStatesClient) GetSender(req *http.Request) (*http.Response, error)
- func (client SentinelOnboardingStatesClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result SentinelOnboardingStatesList, err error)
- func (client SentinelOnboardingStatesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
- func (client SentinelOnboardingStatesClient) ListResponder(resp *http.Response) (result SentinelOnboardingStatesList, err error)
- func (client SentinelOnboardingStatesClient) ListSender(req *http.Request) (*http.Response, error)
- type SentinelOnboardingStatesList
- type SettingList
- type SettingType
- type Settings
- func (s Settings) AsAnomalies() (*Anomalies, bool)
- func (s Settings) AsBasicSettings() (BasicSettings, bool)
- func (s Settings) AsEntityAnalytics() (*EntityAnalytics, bool)
- func (s Settings) AsEyesOn() (*EyesOn, bool)
- func (s Settings) AsSettings() (*Settings, bool)
- func (s Settings) AsUeba() (*Ueba, bool)
- func (s Settings) MarshalJSON() ([]byte, error)
- type SettingsModel
- type Sku
- type SkuKind
- type Source
- type SourceControl
- type SourceControlClient
- func (client SourceControlClient) ListRepositories(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result RepoListPage, err error)
- func (client SourceControlClient) ListRepositoriesComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result RepoListIterator, err error)
- func (client SourceControlClient) ListRepositoriesPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client SourceControlClient) ListRepositoriesResponder(resp *http.Response) (result RepoList, err error)
- func (client SourceControlClient) ListRepositoriesSender(req *http.Request) (*http.Response, error)
- type SourceControlList
- type SourceControlListIterator
- func (iter *SourceControlListIterator) Next() error
- func (iter *SourceControlListIterator) NextWithContext(ctx context.Context) (err error)
- func (iter SourceControlListIterator) NotDone() bool
- func (iter SourceControlListIterator) Response() SourceControlList
- func (iter SourceControlListIterator) Value() SourceControl
- type SourceControlListPage
- func (page *SourceControlListPage) Next() error
- func (page *SourceControlListPage) NextWithContext(ctx context.Context) (err error)
- func (page SourceControlListPage) NotDone() bool
- func (page SourceControlListPage) Response() SourceControlList
- func (page SourceControlListPage) Values() []SourceControl
- type SourceControlProperties
- type SourceControlsClient
- func (client SourceControlsClient) Create(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result SourceControl, err error)
- func (client SourceControlsClient) CreatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client SourceControlsClient) CreateResponder(resp *http.Response) (result SourceControl, err error)
- func (client SourceControlsClient) CreateSender(req *http.Request) (*http.Response, error)
- func (client SourceControlsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)
- func (client SourceControlsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client SourceControlsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
- func (client SourceControlsClient) DeleteSender(req *http.Request) (*http.Response, error)
- func (client SourceControlsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result SourceControl, err error)
- func (client SourceControlsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client SourceControlsClient) GetResponder(resp *http.Response) (result SourceControl, err error)
- func (client SourceControlsClient) GetSender(req *http.Request) (*http.Response, error)
- func (client SourceControlsClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result SourceControlListPage, err error)
- func (client SourceControlsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result SourceControlListIterator, err error)
- func (client SourceControlsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
- func (client SourceControlsClient) ListResponder(resp *http.Response) (result SourceControlList, err error)
- func (client SourceControlsClient) ListSender(req *http.Request) (*http.Response, error)
- type SourceKind
- type SubmissionMailEntity
- func (sme SubmissionMailEntity) AsAccountEntity() (*AccountEntity, bool)
- func (sme SubmissionMailEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
- func (sme SubmissionMailEntity) AsBasicEntity() (BasicEntity, bool)
- func (sme SubmissionMailEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
- func (sme SubmissionMailEntity) AsDNSEntity() (*DNSEntity, bool)
- func (sme SubmissionMailEntity) AsEntity() (*Entity, bool)
- func (sme SubmissionMailEntity) AsFileEntity() (*FileEntity, bool)
- func (sme SubmissionMailEntity) AsFileHashEntity() (*FileHashEntity, bool)
- func (sme SubmissionMailEntity) AsHostEntity() (*HostEntity, bool)
- func (sme SubmissionMailEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
- func (sme SubmissionMailEntity) AsIPEntity() (*IPEntity, bool)
- func (sme SubmissionMailEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
- func (sme SubmissionMailEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
- func (sme SubmissionMailEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
- func (sme SubmissionMailEntity) AsMailboxEntity() (*MailboxEntity, bool)
- func (sme SubmissionMailEntity) AsMalwareEntity() (*MalwareEntity, bool)
- func (sme SubmissionMailEntity) AsProcessEntity() (*ProcessEntity, bool)
- func (sme SubmissionMailEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
- func (sme SubmissionMailEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
- func (sme SubmissionMailEntity) AsSecurityAlert() (*SecurityAlert, bool)
- func (sme SubmissionMailEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
- func (sme SubmissionMailEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
- func (sme SubmissionMailEntity) AsURLEntity() (*URLEntity, bool)
- func (sme SubmissionMailEntity) MarshalJSON() ([]byte, error)
- func (sme *SubmissionMailEntity) UnmarshalJSON(body []byte) error
- type SubmissionMailEntityProperties
- type SupportTier
- type SystemData
- type TICheckRequirements
- func (tcr TICheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
- func (tcr TICheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
- func (tcr TICheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
- func (tcr TICheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
- func (tcr TICheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
- func (tcr TICheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
- func (tcr TICheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
- func (tcr TICheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
- func (tcr TICheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
- func (tcr TICheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
- func (tcr TICheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
- func (tcr TICheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
- func (tcr TICheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
- func (tcr TICheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
- func (tcr TICheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
- func (tcr TICheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
- func (tcr TICheckRequirements) MarshalJSON() ([]byte, error)
- func (tcr *TICheckRequirements) UnmarshalJSON(body []byte) error
- type TICheckRequirementsProperties
- type TIDataConnector
- func (tdc TIDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
- func (tdc TIDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
- func (tdc TIDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
- func (tdc TIDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
- func (tdc TIDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
- func (tdc TIDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
- func (tdc TIDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
- func (tdc TIDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
- func (tdc TIDataConnector) AsDataConnector() (*DataConnector, bool)
- func (tdc TIDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
- func (tdc TIDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
- func (tdc TIDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
- func (tdc TIDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
- func (tdc TIDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
- func (tdc TIDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
- func (tdc TIDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
- func (tdc TIDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
- func (tdc TIDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
- func (tdc TIDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
- func (tdc TIDataConnector) MarshalJSON() ([]byte, error)
- func (tdc *TIDataConnector) UnmarshalJSON(body []byte) error
- type TIDataConnectorDataTypes
- type TIDataConnectorDataTypesIndicators
- type TIDataConnectorProperties
- type TeamInformation
- type TeamProperties
- type TemplateStatus
- type ThreatIntelligence
- type ThreatIntelligenceAlertRule
- func (tiar ThreatIntelligenceAlertRule) AsAlertRule() (*AlertRule, bool)
- func (tiar ThreatIntelligenceAlertRule) AsBasicAlertRule() (BasicAlertRule, bool)
- func (tiar ThreatIntelligenceAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)
- func (tiar ThreatIntelligenceAlertRule) AsMLBehaviorAnalyticsAlertRule() (*MLBehaviorAnalyticsAlertRule, bool)
- func (tiar ThreatIntelligenceAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)
- func (tiar ThreatIntelligenceAlertRule) AsNrtAlertRule() (*NrtAlertRule, bool)
- func (tiar ThreatIntelligenceAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)
- func (tiar ThreatIntelligenceAlertRule) AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool)
- func (tiar ThreatIntelligenceAlertRule) MarshalJSON() ([]byte, error)
- func (tiar *ThreatIntelligenceAlertRule) UnmarshalJSON(body []byte) error
- type ThreatIntelligenceAlertRuleProperties
- type ThreatIntelligenceAlertRuleTemplate
- func (tiart ThreatIntelligenceAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)
- func (tiart ThreatIntelligenceAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)
- func (tiart ThreatIntelligenceAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)
- func (tiart ThreatIntelligenceAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate() (*MLBehaviorAnalyticsAlertRuleTemplate, bool)
- func (tiart ThreatIntelligenceAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)
- func (tiart ThreatIntelligenceAlertRuleTemplate) AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool)
- func (tiart ThreatIntelligenceAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)
- func (tiart ThreatIntelligenceAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool)
- func (tiart ThreatIntelligenceAlertRuleTemplate) MarshalJSON() ([]byte, error)
- func (tiart *ThreatIntelligenceAlertRuleTemplate) UnmarshalJSON(body []byte) error
- type ThreatIntelligenceAlertRuleTemplateProperties
- type ThreatIntelligenceAppendTags
- type ThreatIntelligenceExternalReference
- type ThreatIntelligenceFilteringCriteria
- type ThreatIntelligenceGranularMarkingModel
- type ThreatIntelligenceIndicatorClient
- func (client ThreatIntelligenceIndicatorClient) AppendTags(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)
- func (client ThreatIntelligenceIndicatorClient) AppendTagsPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client ThreatIntelligenceIndicatorClient) AppendTagsResponder(resp *http.Response) (result autorest.Response, err error)
- func (client ThreatIntelligenceIndicatorClient) AppendTagsSender(req *http.Request) (*http.Response, error)
- func (client ThreatIntelligenceIndicatorClient) Create(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ThreatIntelligenceInformationModel, err error)
- func (client ThreatIntelligenceIndicatorClient) CreateIndicator(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ThreatIntelligenceInformationModel, err error)
- func (client ThreatIntelligenceIndicatorClient) CreateIndicatorPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client ThreatIntelligenceIndicatorClient) CreateIndicatorResponder(resp *http.Response) (result ThreatIntelligenceInformationModel, err error)
- func (client ThreatIntelligenceIndicatorClient) CreateIndicatorSender(req *http.Request) (*http.Response, error)
- func (client ThreatIntelligenceIndicatorClient) CreatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client ThreatIntelligenceIndicatorClient) CreateResponder(resp *http.Response) (result ThreatIntelligenceInformationModel, err error)
- func (client ThreatIntelligenceIndicatorClient) CreateSender(req *http.Request) (*http.Response, error)
- func (client ThreatIntelligenceIndicatorClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)
- func (client ThreatIntelligenceIndicatorClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client ThreatIntelligenceIndicatorClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
- func (client ThreatIntelligenceIndicatorClient) DeleteSender(req *http.Request) (*http.Response, error)
- func (client ThreatIntelligenceIndicatorClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ThreatIntelligenceInformationModel, err error)
- func (client ThreatIntelligenceIndicatorClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client ThreatIntelligenceIndicatorClient) GetResponder(resp *http.Response) (result ThreatIntelligenceInformationModel, err error)
- func (client ThreatIntelligenceIndicatorClient) GetSender(req *http.Request) (*http.Response, error)
- func (client ThreatIntelligenceIndicatorClient) QueryIndicators(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ThreatIntelligenceInformationListPage, err error)
- func (client ThreatIntelligenceIndicatorClient) QueryIndicatorsComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ThreatIntelligenceInformationListIterator, err error)
- func (client ThreatIntelligenceIndicatorClient) QueryIndicatorsPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client ThreatIntelligenceIndicatorClient) QueryIndicatorsResponder(resp *http.Response) (result ThreatIntelligenceInformationList, err error)
- func (client ThreatIntelligenceIndicatorClient) QueryIndicatorsSender(req *http.Request) (*http.Response, error)
- func (client ThreatIntelligenceIndicatorClient) ReplaceTags(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ThreatIntelligenceInformationModel, err error)
- func (client ThreatIntelligenceIndicatorClient) ReplaceTagsPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client ThreatIntelligenceIndicatorClient) ReplaceTagsResponder(resp *http.Response) (result ThreatIntelligenceInformationModel, err error)
- func (client ThreatIntelligenceIndicatorClient) ReplaceTagsSender(req *http.Request) (*http.Response, error)
- type ThreatIntelligenceIndicatorMetricsClient
- func (client ThreatIntelligenceIndicatorMetricsClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result ThreatIntelligenceMetricsList, err error)
- func (client ThreatIntelligenceIndicatorMetricsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
- func (client ThreatIntelligenceIndicatorMetricsClient) ListResponder(resp *http.Response) (result ThreatIntelligenceMetricsList, err error)
- func (client ThreatIntelligenceIndicatorMetricsClient) ListSender(req *http.Request) (*http.Response, error)
- type ThreatIntelligenceIndicatorModel
- func (tiim ThreatIntelligenceIndicatorModel) AsBasicThreatIntelligenceInformation() (BasicThreatIntelligenceInformation, bool)
- func (tiim ThreatIntelligenceIndicatorModel) AsThreatIntelligenceIndicatorModel() (*ThreatIntelligenceIndicatorModel, bool)
- func (tiim ThreatIntelligenceIndicatorModel) AsThreatIntelligenceInformation() (*ThreatIntelligenceInformation, bool)
- func (tiim ThreatIntelligenceIndicatorModel) MarshalJSON() ([]byte, error)
- func (tiim *ThreatIntelligenceIndicatorModel) UnmarshalJSON(body []byte) error
- type ThreatIntelligenceIndicatorModelForRequestBody
- type ThreatIntelligenceIndicatorProperties
- type ThreatIntelligenceIndicatorsClient
- func (client ThreatIntelligenceIndicatorsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ThreatIntelligenceInformationListPage, err error)
- func (client ThreatIntelligenceIndicatorsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ThreatIntelligenceInformationListIterator, err error)
- func (client ThreatIntelligenceIndicatorsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client ThreatIntelligenceIndicatorsClient) ListResponder(resp *http.Response) (result ThreatIntelligenceInformationList, err error)
- func (client ThreatIntelligenceIndicatorsClient) ListSender(req *http.Request) (*http.Response, error)
- type ThreatIntelligenceInformation
- func (tii ThreatIntelligenceInformation) AsBasicThreatIntelligenceInformation() (BasicThreatIntelligenceInformation, bool)
- func (tii ThreatIntelligenceInformation) AsThreatIntelligenceIndicatorModel() (*ThreatIntelligenceIndicatorModel, bool)
- func (tii ThreatIntelligenceInformation) AsThreatIntelligenceInformation() (*ThreatIntelligenceInformation, bool)
- func (tii ThreatIntelligenceInformation) MarshalJSON() ([]byte, error)
- type ThreatIntelligenceInformationList
- type ThreatIntelligenceInformationListIterator
- func (iter *ThreatIntelligenceInformationListIterator) Next() error
- func (iter *ThreatIntelligenceInformationListIterator) NextWithContext(ctx context.Context) (err error)
- func (iter ThreatIntelligenceInformationListIterator) NotDone() bool
- func (iter ThreatIntelligenceInformationListIterator) Response() ThreatIntelligenceInformationList
- func (iter ThreatIntelligenceInformationListIterator) Value() BasicThreatIntelligenceInformation
- type ThreatIntelligenceInformationListPage
- func (page *ThreatIntelligenceInformationListPage) Next() error
- func (page *ThreatIntelligenceInformationListPage) NextWithContext(ctx context.Context) (err error)
- func (page ThreatIntelligenceInformationListPage) NotDone() bool
- func (page ThreatIntelligenceInformationListPage) Response() ThreatIntelligenceInformationList
- func (page ThreatIntelligenceInformationListPage) Values() []BasicThreatIntelligenceInformation
- type ThreatIntelligenceInformationModel
- type ThreatIntelligenceKillChainPhase
- type ThreatIntelligenceMetric
- type ThreatIntelligenceMetricEntity
- type ThreatIntelligenceMetrics
- type ThreatIntelligenceMetricsList
- type ThreatIntelligenceParsedPattern
- type ThreatIntelligenceParsedPatternTypeValue
- type ThreatIntelligenceResourceKind
- type ThreatIntelligenceResourceKindEnum
- type ThreatIntelligenceSortingCriteria
- type ThreatIntelligenceSortingCriteriaEnum
- type TiTaxiiCheckRequirements
- func (ttcr TiTaxiiCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
- func (ttcr TiTaxiiCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
- func (ttcr TiTaxiiCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
- func (ttcr TiTaxiiCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
- func (ttcr TiTaxiiCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
- func (ttcr TiTaxiiCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
- func (ttcr TiTaxiiCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
- func (ttcr TiTaxiiCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
- func (ttcr TiTaxiiCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
- func (ttcr TiTaxiiCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
- func (ttcr TiTaxiiCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
- func (ttcr TiTaxiiCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
- func (ttcr TiTaxiiCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
- func (ttcr TiTaxiiCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
- func (ttcr TiTaxiiCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
- func (ttcr TiTaxiiCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
- func (ttcr TiTaxiiCheckRequirements) MarshalJSON() ([]byte, error)
- func (ttcr *TiTaxiiCheckRequirements) UnmarshalJSON(body []byte) error
- type TiTaxiiCheckRequirementsProperties
- type TiTaxiiDataConnector
- func (ttdc TiTaxiiDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
- func (ttdc TiTaxiiDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
- func (ttdc TiTaxiiDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
- func (ttdc TiTaxiiDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
- func (ttdc TiTaxiiDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
- func (ttdc TiTaxiiDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
- func (ttdc TiTaxiiDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
- func (ttdc TiTaxiiDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
- func (ttdc TiTaxiiDataConnector) AsDataConnector() (*DataConnector, bool)
- func (ttdc TiTaxiiDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
- func (ttdc TiTaxiiDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
- func (ttdc TiTaxiiDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
- func (ttdc TiTaxiiDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
- func (ttdc TiTaxiiDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
- func (ttdc TiTaxiiDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
- func (ttdc TiTaxiiDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
- func (ttdc TiTaxiiDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
- func (ttdc TiTaxiiDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
- func (ttdc TiTaxiiDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
- func (ttdc TiTaxiiDataConnector) MarshalJSON() ([]byte, error)
- func (ttdc *TiTaxiiDataConnector) UnmarshalJSON(body []byte) error
- type TiTaxiiDataConnectorDataTypes
- type TiTaxiiDataConnectorDataTypesTaxiiClient
- type TiTaxiiDataConnectorProperties
- type TimelineAggregation
- type TimelineError
- type TimelineResultsMetadata
- type TrackedResource
- type TriggerOperator
- type URLEntity
- func (ue URLEntity) AsAccountEntity() (*AccountEntity, bool)
- func (ue URLEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
- func (ue URLEntity) AsBasicEntity() (BasicEntity, bool)
- func (ue URLEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
- func (ue URLEntity) AsDNSEntity() (*DNSEntity, bool)
- func (ue URLEntity) AsEntity() (*Entity, bool)
- func (ue URLEntity) AsFileEntity() (*FileEntity, bool)
- func (ue URLEntity) AsFileHashEntity() (*FileHashEntity, bool)
- func (ue URLEntity) AsHostEntity() (*HostEntity, bool)
- func (ue URLEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
- func (ue URLEntity) AsIPEntity() (*IPEntity, bool)
- func (ue URLEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
- func (ue URLEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
- func (ue URLEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
- func (ue URLEntity) AsMailboxEntity() (*MailboxEntity, bool)
- func (ue URLEntity) AsMalwareEntity() (*MalwareEntity, bool)
- func (ue URLEntity) AsProcessEntity() (*ProcessEntity, bool)
- func (ue URLEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
- func (ue URLEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
- func (ue URLEntity) AsSecurityAlert() (*SecurityAlert, bool)
- func (ue URLEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
- func (ue URLEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
- func (ue URLEntity) AsURLEntity() (*URLEntity, bool)
- func (ue URLEntity) MarshalJSON() ([]byte, error)
- func (ue *URLEntity) UnmarshalJSON(body []byte) error
- type URLEntityProperties
- type Ueba
- func (u Ueba) AsAnomalies() (*Anomalies, bool)
- func (u Ueba) AsBasicSettings() (BasicSettings, bool)
- func (u Ueba) AsEntityAnalytics() (*EntityAnalytics, bool)
- func (u Ueba) AsEyesOn() (*EyesOn, bool)
- func (u Ueba) AsSettings() (*Settings, bool)
- func (u Ueba) AsUeba() (*Ueba, bool)
- func (u Ueba) MarshalJSON() ([]byte, error)
- func (u *Ueba) UnmarshalJSON(body []byte) error
- type UebaDataSources
- type UebaProperties
- type UserInfo
- type Watchlist
- type WatchlistItem
- type WatchlistItemList
- type WatchlistItemListIterator
- func (iter *WatchlistItemListIterator) Next() error
- func (iter *WatchlistItemListIterator) NextWithContext(ctx context.Context) (err error)
- func (iter WatchlistItemListIterator) NotDone() bool
- func (iter WatchlistItemListIterator) Response() WatchlistItemList
- func (iter WatchlistItemListIterator) Value() WatchlistItem
- type WatchlistItemListPage
- func (page *WatchlistItemListPage) Next() error
- func (page *WatchlistItemListPage) NextWithContext(ctx context.Context) (err error)
- func (page WatchlistItemListPage) NotDone() bool
- func (page WatchlistItemListPage) Response() WatchlistItemList
- func (page WatchlistItemListPage) Values() []WatchlistItem
- type WatchlistItemProperties
- type WatchlistItemsClient
- func (client WatchlistItemsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result WatchlistItem, err error)
- func (client WatchlistItemsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client WatchlistItemsClient) CreateOrUpdateResponder(resp *http.Response) (result WatchlistItem, err error)
- func (client WatchlistItemsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)
- func (client WatchlistItemsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)
- func (client WatchlistItemsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client WatchlistItemsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
- func (client WatchlistItemsClient) DeleteSender(req *http.Request) (*http.Response, error)
- func (client WatchlistItemsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result WatchlistItem, err error)
- func (client WatchlistItemsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client WatchlistItemsClient) GetResponder(resp *http.Response) (result WatchlistItem, err error)
- func (client WatchlistItemsClient) GetSender(req *http.Request) (*http.Response, error)
- func (client WatchlistItemsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result WatchlistItemListPage, err error)
- func (client WatchlistItemsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result WatchlistItemListIterator, err error)
- func (client WatchlistItemsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client WatchlistItemsClient) ListResponder(resp *http.Response) (result WatchlistItemList, err error)
- func (client WatchlistItemsClient) ListSender(req *http.Request) (*http.Response, error)
- type WatchlistList
- type WatchlistListIterator
- type WatchlistListPage
- type WatchlistProperties
- type WatchlistsClient
- func (client WatchlistsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Watchlist, err error)
- func (client WatchlistsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client WatchlistsClient) CreateOrUpdateResponder(resp *http.Response) (result Watchlist, err error)
- func (client WatchlistsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)
- func (client WatchlistsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)
- func (client WatchlistsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client WatchlistsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
- func (client WatchlistsClient) DeleteSender(req *http.Request) (*http.Response, error)
- func (client WatchlistsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Watchlist, err error)
- func (client WatchlistsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client WatchlistsClient) GetResponder(resp *http.Response) (result Watchlist, err error)
- func (client WatchlistsClient) GetSender(req *http.Request) (*http.Response, error)
- func (client WatchlistsClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result WatchlistListPage, err error)
- func (client WatchlistsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result WatchlistListIterator, err error)
- func (client WatchlistsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
- func (client WatchlistsClient) ListResponder(resp *http.Response) (result WatchlistList, err error)
- func (client WatchlistsClient) ListSender(req *http.Request) (*http.Response, error)
Constants ¶
const (
// DefaultBaseURI is the default URI used for the service Securityinsight
DefaultBaseURI = "https://management.azure.com"
)
Variables ¶
This section is empty.
Functions ¶
func UserAgent ¶
func UserAgent() string
UserAgent returns the UserAgent string to use when sending http.Requests.
func Version ¶
func Version() string
Version returns the semantic version (see http://semver.org) of the client.
Types ¶
type AADCheckRequirements ¶
type AADCheckRequirements struct { // AADCheckRequirementsProperties - AAD (Azure Active Directory) requirements check properties. *AADCheckRequirementsProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` }
AADCheckRequirements represents AAD (Azure Active Directory) requirements check request.
func (AADCheckRequirements) AsAADCheckRequirements ¶
func (acr AADCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AADCheckRequirements.
func (AADCheckRequirements) AsAATPCheckRequirements ¶
func (acr AADCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AADCheckRequirements.
func (AADCheckRequirements) AsASCCheckRequirements ¶
func (acr AADCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AADCheckRequirements.
func (AADCheckRequirements) AsAwsCloudTrailCheckRequirements ¶
func (acr AADCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AADCheckRequirements.
func (AADCheckRequirements) AsAwsS3CheckRequirements ¶
func (acr AADCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AADCheckRequirements.
func (AADCheckRequirements) AsBasicDataConnectorsCheckRequirements ¶
func (acr AADCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AADCheckRequirements.
func (AADCheckRequirements) AsDataConnectorsCheckRequirements ¶
func (acr AADCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AADCheckRequirements.
func (AADCheckRequirements) AsDynamics365CheckRequirements ¶
func (acr AADCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AADCheckRequirements.
func (AADCheckRequirements) AsMCASCheckRequirements ¶
func (acr AADCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AADCheckRequirements.
func (AADCheckRequirements) AsMDATPCheckRequirements ¶
func (acr AADCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AADCheckRequirements.
func (AADCheckRequirements) AsMSTICheckRequirements ¶
func (acr AADCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AADCheckRequirements.
func (AADCheckRequirements) AsMtpCheckRequirements ¶
func (acr AADCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AADCheckRequirements.
func (AADCheckRequirements) AsOfficeATPCheckRequirements ¶
func (acr AADCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AADCheckRequirements.
func (AADCheckRequirements) AsOfficeIRMCheckRequirements ¶
func (acr AADCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AADCheckRequirements.
func (AADCheckRequirements) AsTICheckRequirements ¶
func (acr AADCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AADCheckRequirements.
func (AADCheckRequirements) AsTiTaxiiCheckRequirements ¶
func (acr AADCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AADCheckRequirements.
func (AADCheckRequirements) MarshalJSON ¶
func (acr AADCheckRequirements) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AADCheckRequirements.
func (*AADCheckRequirements) UnmarshalJSON ¶
func (acr *AADCheckRequirements) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for AADCheckRequirements struct.
type AADCheckRequirementsProperties ¶
type AADCheckRequirementsProperties struct { // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` }
AADCheckRequirementsProperties AAD (Azure Active Directory) requirements check properties.
type AADDataConnector ¶
type AADDataConnector struct { // AADDataConnectorProperties - AAD (Azure Active Directory) data connector properties. *AADDataConnectorProperties `json:"properties,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' Kind KindBasicDataConnector `json:"kind,omitempty"` }
AADDataConnector represents AAD (Azure Active Directory) data connector.
func (AADDataConnector) AsAADDataConnector ¶
func (adc AADDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
AsAADDataConnector is the BasicDataConnector implementation for AADDataConnector.
func (AADDataConnector) AsAATPDataConnector ¶
func (adc AADDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
AsAATPDataConnector is the BasicDataConnector implementation for AADDataConnector.
func (AADDataConnector) AsASCDataConnector ¶
func (adc AADDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
AsASCDataConnector is the BasicDataConnector implementation for AADDataConnector.
func (AADDataConnector) AsAwsCloudTrailDataConnector ¶
func (adc AADDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for AADDataConnector.
func (AADDataConnector) AsAwsS3DataConnector ¶
func (adc AADDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
AsAwsS3DataConnector is the BasicDataConnector implementation for AADDataConnector.
func (AADDataConnector) AsBasicDataConnector ¶
func (adc AADDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
AsBasicDataConnector is the BasicDataConnector implementation for AADDataConnector.
func (AADDataConnector) AsCodelessAPIPollingDataConnector ¶
func (adc AADDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for AADDataConnector.
func (AADDataConnector) AsCodelessUIDataConnector ¶
func (adc AADDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
AsCodelessUIDataConnector is the BasicDataConnector implementation for AADDataConnector.
func (AADDataConnector) AsDataConnector ¶
func (adc AADDataConnector) AsDataConnector() (*DataConnector, bool)
AsDataConnector is the BasicDataConnector implementation for AADDataConnector.
func (AADDataConnector) AsDynamics365DataConnector ¶
func (adc AADDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
AsDynamics365DataConnector is the BasicDataConnector implementation for AADDataConnector.
func (AADDataConnector) AsMCASDataConnector ¶
func (adc AADDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
AsMCASDataConnector is the BasicDataConnector implementation for AADDataConnector.
func (AADDataConnector) AsMDATPDataConnector ¶
func (adc AADDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
AsMDATPDataConnector is the BasicDataConnector implementation for AADDataConnector.
func (AADDataConnector) AsMSTIDataConnector ¶
func (adc AADDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
AsMSTIDataConnector is the BasicDataConnector implementation for AADDataConnector.
func (AADDataConnector) AsMTPDataConnector ¶
func (adc AADDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
AsMTPDataConnector is the BasicDataConnector implementation for AADDataConnector.
func (AADDataConnector) AsOfficeATPDataConnector ¶
func (adc AADDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
AsOfficeATPDataConnector is the BasicDataConnector implementation for AADDataConnector.
func (AADDataConnector) AsOfficeDataConnector ¶
func (adc AADDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
AsOfficeDataConnector is the BasicDataConnector implementation for AADDataConnector.
func (AADDataConnector) AsOfficeIRMDataConnector ¶
func (adc AADDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
AsOfficeIRMDataConnector is the BasicDataConnector implementation for AADDataConnector.
func (AADDataConnector) AsTIDataConnector ¶
func (adc AADDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
AsTIDataConnector is the BasicDataConnector implementation for AADDataConnector.
func (AADDataConnector) AsTiTaxiiDataConnector ¶
func (adc AADDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
AsTiTaxiiDataConnector is the BasicDataConnector implementation for AADDataConnector.
func (AADDataConnector) MarshalJSON ¶
func (adc AADDataConnector) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AADDataConnector.
func (*AADDataConnector) UnmarshalJSON ¶
func (adc *AADDataConnector) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for AADDataConnector struct.
type AADDataConnectorProperties ¶
type AADDataConnectorProperties struct { // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` // DataTypes - The available data types for the connector. DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"` }
AADDataConnectorProperties AAD (Azure Active Directory) data connector properties.
type AATPCheckRequirements ¶
type AATPCheckRequirements struct { // AATPCheckRequirementsProperties - AATP (Azure Advanced Threat Protection) requirements check properties. *AATPCheckRequirementsProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` }
AATPCheckRequirements represents AATP (Azure Advanced Threat Protection) requirements check request.
func (AATPCheckRequirements) AsAADCheckRequirements ¶
func (acr AATPCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AATPCheckRequirements.
func (AATPCheckRequirements) AsAATPCheckRequirements ¶
func (acr AATPCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AATPCheckRequirements.
func (AATPCheckRequirements) AsASCCheckRequirements ¶
func (acr AATPCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AATPCheckRequirements.
func (AATPCheckRequirements) AsAwsCloudTrailCheckRequirements ¶
func (acr AATPCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AATPCheckRequirements.
func (AATPCheckRequirements) AsAwsS3CheckRequirements ¶
func (acr AATPCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AATPCheckRequirements.
func (AATPCheckRequirements) AsBasicDataConnectorsCheckRequirements ¶
func (acr AATPCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AATPCheckRequirements.
func (AATPCheckRequirements) AsDataConnectorsCheckRequirements ¶
func (acr AATPCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AATPCheckRequirements.
func (AATPCheckRequirements) AsDynamics365CheckRequirements ¶
func (acr AATPCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AATPCheckRequirements.
func (AATPCheckRequirements) AsMCASCheckRequirements ¶
func (acr AATPCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AATPCheckRequirements.
func (AATPCheckRequirements) AsMDATPCheckRequirements ¶
func (acr AATPCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AATPCheckRequirements.
func (AATPCheckRequirements) AsMSTICheckRequirements ¶
func (acr AATPCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AATPCheckRequirements.
func (AATPCheckRequirements) AsMtpCheckRequirements ¶
func (acr AATPCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AATPCheckRequirements.
func (AATPCheckRequirements) AsOfficeATPCheckRequirements ¶
func (acr AATPCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AATPCheckRequirements.
func (AATPCheckRequirements) AsOfficeIRMCheckRequirements ¶
func (acr AATPCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AATPCheckRequirements.
func (AATPCheckRequirements) AsTICheckRequirements ¶
func (acr AATPCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AATPCheckRequirements.
func (AATPCheckRequirements) AsTiTaxiiCheckRequirements ¶
func (acr AATPCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AATPCheckRequirements.
func (AATPCheckRequirements) MarshalJSON ¶
func (acr AATPCheckRequirements) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AATPCheckRequirements.
func (*AATPCheckRequirements) UnmarshalJSON ¶
func (acr *AATPCheckRequirements) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for AATPCheckRequirements struct.
type AATPCheckRequirementsProperties ¶
type AATPCheckRequirementsProperties struct { // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` }
AATPCheckRequirementsProperties AATP (Azure Advanced Threat Protection) requirements check properties.
type AATPDataConnector ¶
type AATPDataConnector struct { // AATPDataConnectorProperties - AATP (Azure Advanced Threat Protection) data connector properties. *AATPDataConnectorProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' Kind KindBasicDataConnector `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
AATPDataConnector represents AATP (Azure Advanced Threat Protection) data connector.
func (AATPDataConnector) AsAADDataConnector ¶
func (adc AATPDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
AsAADDataConnector is the BasicDataConnector implementation for AATPDataConnector.
func (AATPDataConnector) AsAATPDataConnector ¶
func (adc AATPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
AsAATPDataConnector is the BasicDataConnector implementation for AATPDataConnector.
func (AATPDataConnector) AsASCDataConnector ¶
func (adc AATPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
AsASCDataConnector is the BasicDataConnector implementation for AATPDataConnector.
func (AATPDataConnector) AsAwsCloudTrailDataConnector ¶
func (adc AATPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for AATPDataConnector.
func (AATPDataConnector) AsAwsS3DataConnector ¶
func (adc AATPDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
AsAwsS3DataConnector is the BasicDataConnector implementation for AATPDataConnector.
func (AATPDataConnector) AsBasicDataConnector ¶
func (adc AATPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
AsBasicDataConnector is the BasicDataConnector implementation for AATPDataConnector.
func (AATPDataConnector) AsCodelessAPIPollingDataConnector ¶
func (adc AATPDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for AATPDataConnector.
func (AATPDataConnector) AsCodelessUIDataConnector ¶
func (adc AATPDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
AsCodelessUIDataConnector is the BasicDataConnector implementation for AATPDataConnector.
func (AATPDataConnector) AsDataConnector ¶
func (adc AATPDataConnector) AsDataConnector() (*DataConnector, bool)
AsDataConnector is the BasicDataConnector implementation for AATPDataConnector.
func (AATPDataConnector) AsDynamics365DataConnector ¶
func (adc AATPDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
AsDynamics365DataConnector is the BasicDataConnector implementation for AATPDataConnector.
func (AATPDataConnector) AsMCASDataConnector ¶
func (adc AATPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
AsMCASDataConnector is the BasicDataConnector implementation for AATPDataConnector.
func (AATPDataConnector) AsMDATPDataConnector ¶
func (adc AATPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
AsMDATPDataConnector is the BasicDataConnector implementation for AATPDataConnector.
func (AATPDataConnector) AsMSTIDataConnector ¶
func (adc AATPDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
AsMSTIDataConnector is the BasicDataConnector implementation for AATPDataConnector.
func (AATPDataConnector) AsMTPDataConnector ¶
func (adc AATPDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
AsMTPDataConnector is the BasicDataConnector implementation for AATPDataConnector.
func (AATPDataConnector) AsOfficeATPDataConnector ¶
func (adc AATPDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
AsOfficeATPDataConnector is the BasicDataConnector implementation for AATPDataConnector.
func (AATPDataConnector) AsOfficeDataConnector ¶
func (adc AATPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
AsOfficeDataConnector is the BasicDataConnector implementation for AATPDataConnector.
func (AATPDataConnector) AsOfficeIRMDataConnector ¶
func (adc AATPDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
AsOfficeIRMDataConnector is the BasicDataConnector implementation for AATPDataConnector.
func (AATPDataConnector) AsTIDataConnector ¶
func (adc AATPDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
AsTIDataConnector is the BasicDataConnector implementation for AATPDataConnector.
func (AATPDataConnector) AsTiTaxiiDataConnector ¶
func (adc AATPDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
AsTiTaxiiDataConnector is the BasicDataConnector implementation for AATPDataConnector.
func (AATPDataConnector) MarshalJSON ¶
func (adc AATPDataConnector) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AATPDataConnector.
func (*AATPDataConnector) UnmarshalJSON ¶
func (adc *AATPDataConnector) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for AATPDataConnector struct.
type AATPDataConnectorProperties ¶
type AATPDataConnectorProperties struct { // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` // DataTypes - The available data types for the connector. DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"` }
AATPDataConnectorProperties AATP (Azure Advanced Threat Protection) data connector properties.
type APIPollingParameters ¶
type APIPollingParameters struct { // ConnectorUIConfig - Config to describe the instructions blade ConnectorUIConfig *CodelessUIConnectorConfigProperties `json:"connectorUiConfig,omitempty"` // PollingConfig - Config to describe the polling instructions PollingConfig *CodelessConnectorPollingConfigProperties `json:"pollingConfig,omitempty"` }
APIPollingParameters represents Codeless API Polling data connector
type ASCCheckRequirements ¶
type ASCCheckRequirements struct { // ASCCheckRequirementsProperties - ASC (Azure Security Center) requirements check properties. *ASCCheckRequirementsProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` }
ASCCheckRequirements represents ASC (Azure Security Center) requirements check request.
func (ASCCheckRequirements) AsAADCheckRequirements ¶
func (acr ASCCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for ASCCheckRequirements.
func (ASCCheckRequirements) AsAATPCheckRequirements ¶
func (acr ASCCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for ASCCheckRequirements.
func (ASCCheckRequirements) AsASCCheckRequirements ¶
func (acr ASCCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for ASCCheckRequirements.
func (ASCCheckRequirements) AsAwsCloudTrailCheckRequirements ¶
func (acr ASCCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for ASCCheckRequirements.
func (ASCCheckRequirements) AsAwsS3CheckRequirements ¶
func (acr ASCCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for ASCCheckRequirements.
func (ASCCheckRequirements) AsBasicDataConnectorsCheckRequirements ¶
func (acr ASCCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for ASCCheckRequirements.
func (ASCCheckRequirements) AsDataConnectorsCheckRequirements ¶
func (acr ASCCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for ASCCheckRequirements.
func (ASCCheckRequirements) AsDynamics365CheckRequirements ¶
func (acr ASCCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for ASCCheckRequirements.
func (ASCCheckRequirements) AsMCASCheckRequirements ¶
func (acr ASCCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for ASCCheckRequirements.
func (ASCCheckRequirements) AsMDATPCheckRequirements ¶
func (acr ASCCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for ASCCheckRequirements.
func (ASCCheckRequirements) AsMSTICheckRequirements ¶
func (acr ASCCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for ASCCheckRequirements.
func (ASCCheckRequirements) AsMtpCheckRequirements ¶
func (acr ASCCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for ASCCheckRequirements.
func (ASCCheckRequirements) AsOfficeATPCheckRequirements ¶
func (acr ASCCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for ASCCheckRequirements.
func (ASCCheckRequirements) AsOfficeIRMCheckRequirements ¶
func (acr ASCCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for ASCCheckRequirements.
func (ASCCheckRequirements) AsTICheckRequirements ¶
func (acr ASCCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for ASCCheckRequirements.
func (ASCCheckRequirements) AsTiTaxiiCheckRequirements ¶
func (acr ASCCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for ASCCheckRequirements.
func (ASCCheckRequirements) MarshalJSON ¶
func (acr ASCCheckRequirements) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ASCCheckRequirements.
func (*ASCCheckRequirements) UnmarshalJSON ¶
func (acr *ASCCheckRequirements) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for ASCCheckRequirements struct.
type ASCCheckRequirementsProperties ¶
type ASCCheckRequirementsProperties struct { // SubscriptionID - The subscription id to connect to, and get the data from. SubscriptionID *string `json:"subscriptionId,omitempty"` }
ASCCheckRequirementsProperties ASC (Azure Security Center) requirements check properties.
type ASCDataConnector ¶
type ASCDataConnector struct { // ASCDataConnectorProperties - ASC (Azure Security Center) data connector properties. *ASCDataConnectorProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' Kind KindBasicDataConnector `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
ASCDataConnector represents ASC (Azure Security Center) data connector.
func (ASCDataConnector) AsAADDataConnector ¶
func (adc ASCDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
AsAADDataConnector is the BasicDataConnector implementation for ASCDataConnector.
func (ASCDataConnector) AsAATPDataConnector ¶
func (adc ASCDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
AsAATPDataConnector is the BasicDataConnector implementation for ASCDataConnector.
func (ASCDataConnector) AsASCDataConnector ¶
func (adc ASCDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
AsASCDataConnector is the BasicDataConnector implementation for ASCDataConnector.
func (ASCDataConnector) AsAwsCloudTrailDataConnector ¶
func (adc ASCDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for ASCDataConnector.
func (ASCDataConnector) AsAwsS3DataConnector ¶
func (adc ASCDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
AsAwsS3DataConnector is the BasicDataConnector implementation for ASCDataConnector.
func (ASCDataConnector) AsBasicDataConnector ¶
func (adc ASCDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
AsBasicDataConnector is the BasicDataConnector implementation for ASCDataConnector.
func (ASCDataConnector) AsCodelessAPIPollingDataConnector ¶
func (adc ASCDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for ASCDataConnector.
func (ASCDataConnector) AsCodelessUIDataConnector ¶
func (adc ASCDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
AsCodelessUIDataConnector is the BasicDataConnector implementation for ASCDataConnector.
func (ASCDataConnector) AsDataConnector ¶
func (adc ASCDataConnector) AsDataConnector() (*DataConnector, bool)
AsDataConnector is the BasicDataConnector implementation for ASCDataConnector.
func (ASCDataConnector) AsDynamics365DataConnector ¶
func (adc ASCDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
AsDynamics365DataConnector is the BasicDataConnector implementation for ASCDataConnector.
func (ASCDataConnector) AsMCASDataConnector ¶
func (adc ASCDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
AsMCASDataConnector is the BasicDataConnector implementation for ASCDataConnector.
func (ASCDataConnector) AsMDATPDataConnector ¶
func (adc ASCDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
AsMDATPDataConnector is the BasicDataConnector implementation for ASCDataConnector.
func (ASCDataConnector) AsMSTIDataConnector ¶
func (adc ASCDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
AsMSTIDataConnector is the BasicDataConnector implementation for ASCDataConnector.
func (ASCDataConnector) AsMTPDataConnector ¶
func (adc ASCDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
AsMTPDataConnector is the BasicDataConnector implementation for ASCDataConnector.
func (ASCDataConnector) AsOfficeATPDataConnector ¶
func (adc ASCDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
AsOfficeATPDataConnector is the BasicDataConnector implementation for ASCDataConnector.
func (ASCDataConnector) AsOfficeDataConnector ¶
func (adc ASCDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
AsOfficeDataConnector is the BasicDataConnector implementation for ASCDataConnector.
func (ASCDataConnector) AsOfficeIRMDataConnector ¶
func (adc ASCDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
AsOfficeIRMDataConnector is the BasicDataConnector implementation for ASCDataConnector.
func (ASCDataConnector) AsTIDataConnector ¶
func (adc ASCDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
AsTIDataConnector is the BasicDataConnector implementation for ASCDataConnector.
func (ASCDataConnector) AsTiTaxiiDataConnector ¶
func (adc ASCDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
AsTiTaxiiDataConnector is the BasicDataConnector implementation for ASCDataConnector.
func (ASCDataConnector) MarshalJSON ¶
func (adc ASCDataConnector) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ASCDataConnector.
func (*ASCDataConnector) UnmarshalJSON ¶
func (adc *ASCDataConnector) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for ASCDataConnector struct.
type ASCDataConnectorProperties ¶
type ASCDataConnectorProperties struct { // SubscriptionID - The subscription id to connect to, and get the data from. SubscriptionID *string `json:"subscriptionId,omitempty"` // DataTypes - The available data types for the connector. DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"` }
ASCDataConnectorProperties ASC (Azure Security Center) data connector properties.
type AccountEntity ¶
type AccountEntity struct { // AccountEntityProperties - Account entity properties *AccountEntityProperties `json:"properties,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' Kind KindBasicEntity `json:"kind,omitempty"` }
AccountEntity represents an account entity.
func (AccountEntity) AsAccountEntity ¶
func (ae AccountEntity) AsAccountEntity() (*AccountEntity, bool)
AsAccountEntity is the BasicEntity implementation for AccountEntity.
func (AccountEntity) AsAzureResourceEntity ¶
func (ae AccountEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
AsAzureResourceEntity is the BasicEntity implementation for AccountEntity.
func (AccountEntity) AsBasicEntity ¶
func (ae AccountEntity) AsBasicEntity() (BasicEntity, bool)
AsBasicEntity is the BasicEntity implementation for AccountEntity.
func (AccountEntity) AsCloudApplicationEntity ¶
func (ae AccountEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
AsCloudApplicationEntity is the BasicEntity implementation for AccountEntity.
func (AccountEntity) AsDNSEntity ¶
func (ae AccountEntity) AsDNSEntity() (*DNSEntity, bool)
AsDNSEntity is the BasicEntity implementation for AccountEntity.
func (AccountEntity) AsEntity ¶
func (ae AccountEntity) AsEntity() (*Entity, bool)
AsEntity is the BasicEntity implementation for AccountEntity.
func (AccountEntity) AsFileEntity ¶
func (ae AccountEntity) AsFileEntity() (*FileEntity, bool)
AsFileEntity is the BasicEntity implementation for AccountEntity.
func (AccountEntity) AsFileHashEntity ¶
func (ae AccountEntity) AsFileHashEntity() (*FileHashEntity, bool)
AsFileHashEntity is the BasicEntity implementation for AccountEntity.
func (AccountEntity) AsHostEntity ¶
func (ae AccountEntity) AsHostEntity() (*HostEntity, bool)
AsHostEntity is the BasicEntity implementation for AccountEntity.
func (AccountEntity) AsHuntingBookmark ¶
func (ae AccountEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
AsHuntingBookmark is the BasicEntity implementation for AccountEntity.
func (AccountEntity) AsIPEntity ¶
func (ae AccountEntity) AsIPEntity() (*IPEntity, bool)
AsIPEntity is the BasicEntity implementation for AccountEntity.
func (AccountEntity) AsIoTDeviceEntity ¶
func (ae AccountEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
AsIoTDeviceEntity is the BasicEntity implementation for AccountEntity.
func (AccountEntity) AsMailClusterEntity ¶
func (ae AccountEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
AsMailClusterEntity is the BasicEntity implementation for AccountEntity.
func (AccountEntity) AsMailMessageEntity ¶
func (ae AccountEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
AsMailMessageEntity is the BasicEntity implementation for AccountEntity.
func (AccountEntity) AsMailboxEntity ¶
func (ae AccountEntity) AsMailboxEntity() (*MailboxEntity, bool)
AsMailboxEntity is the BasicEntity implementation for AccountEntity.
func (AccountEntity) AsMalwareEntity ¶
func (ae AccountEntity) AsMalwareEntity() (*MalwareEntity, bool)
AsMalwareEntity is the BasicEntity implementation for AccountEntity.
func (AccountEntity) AsProcessEntity ¶
func (ae AccountEntity) AsProcessEntity() (*ProcessEntity, bool)
AsProcessEntity is the BasicEntity implementation for AccountEntity.
func (AccountEntity) AsRegistryKeyEntity ¶
func (ae AccountEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
AsRegistryKeyEntity is the BasicEntity implementation for AccountEntity.
func (AccountEntity) AsRegistryValueEntity ¶
func (ae AccountEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
AsRegistryValueEntity is the BasicEntity implementation for AccountEntity.
func (AccountEntity) AsSecurityAlert ¶
func (ae AccountEntity) AsSecurityAlert() (*SecurityAlert, bool)
AsSecurityAlert is the BasicEntity implementation for AccountEntity.
func (AccountEntity) AsSecurityGroupEntity ¶
func (ae AccountEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
AsSecurityGroupEntity is the BasicEntity implementation for AccountEntity.
func (AccountEntity) AsSubmissionMailEntity ¶
func (ae AccountEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
AsSubmissionMailEntity is the BasicEntity implementation for AccountEntity.
func (AccountEntity) AsURLEntity ¶
func (ae AccountEntity) AsURLEntity() (*URLEntity, bool)
AsURLEntity is the BasicEntity implementation for AccountEntity.
func (AccountEntity) MarshalJSON ¶
func (ae AccountEntity) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AccountEntity.
func (*AccountEntity) UnmarshalJSON ¶
func (ae *AccountEntity) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for AccountEntity struct.
type AccountEntityProperties ¶
type AccountEntityProperties struct { // AadTenantID - READ-ONLY; The Azure Active Directory tenant id. AadTenantID *string `json:"aadTenantId,omitempty"` // AadUserID - READ-ONLY; The Azure Active Directory user id. AadUserID *string `json:"aadUserId,omitempty"` // AccountName - READ-ONLY; The name of the account. This field should hold only the name without any domain added to it, i.e. administrator. AccountName *string `json:"accountName,omitempty"` // DisplayName - READ-ONLY; The display name of the account. DisplayName *string `json:"displayName,omitempty"` // HostEntityID - READ-ONLY; The Host entity id that contains the account in case it is a local account (not domain joined) HostEntityID *string `json:"hostEntityId,omitempty"` // IsDomainJoined - READ-ONLY; Determines whether this is a domain account. IsDomainJoined *bool `json:"isDomainJoined,omitempty"` // NtDomain - READ-ONLY; The NetBIOS domain name as it appears in the alert format domain/username. Examples: NT AUTHORITY. NtDomain *string `json:"ntDomain,omitempty"` // ObjectGUID - READ-ONLY; The objectGUID attribute is a single-value attribute that is the unique identifier for the object, assigned by active directory. ObjectGUID *uuid.UUID `json:"objectGuid,omitempty"` // Puid - READ-ONLY; The Azure Active Directory Passport User ID. Puid *string `json:"puid,omitempty"` // Sid - READ-ONLY; The account security identifier, e.g. S-1-5-18. Sid *string `json:"sid,omitempty"` // UpnSuffix - READ-ONLY; The user principal name suffix for the account, in some cases it is also the domain name. Examples: contoso.com. UpnSuffix *string `json:"upnSuffix,omitempty"` // DNSDomain - READ-ONLY; The fully qualified domain DNS name. DNSDomain *string `json:"dnsDomain,omitempty"` // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]interface{} `json:"additionalData"` // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. FriendlyName *string `json:"friendlyName,omitempty"` }
AccountEntityProperties account entity property bag.
func (AccountEntityProperties) MarshalJSON ¶
func (aep AccountEntityProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AccountEntityProperties.
type ActionPropertiesBase ¶
type ActionPropertiesBase struct { // LogicAppResourceID - Logic App Resource Id, /subscriptions/{my-subscription}/resourceGroups/{my-resource-group}/providers/Microsoft.Logic/workflows/{my-workflow-id}. LogicAppResourceID *string `json:"logicAppResourceId,omitempty"` }
ActionPropertiesBase action property bag base.
type ActionRequest ¶
type ActionRequest struct { // ActionRequestProperties - Action properties for put request *ActionRequestProperties `json:"properties,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
ActionRequest action for alert rule.
func (ActionRequest) MarshalJSON ¶
func (ar ActionRequest) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ActionRequest.
func (*ActionRequest) UnmarshalJSON ¶
func (ar *ActionRequest) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for ActionRequest struct.
type ActionRequestProperties ¶
type ActionRequestProperties struct { // TriggerURI - Logic App Callback URL for this specific workflow. TriggerURI *string `json:"triggerUri,omitempty"` // LogicAppResourceID - Logic App Resource Id, /subscriptions/{my-subscription}/resourceGroups/{my-resource-group}/providers/Microsoft.Logic/workflows/{my-workflow-id}. LogicAppResourceID *string `json:"logicAppResourceId,omitempty"` }
ActionRequestProperties action property bag.
type ActionResponse ¶
type ActionResponse struct { autorest.Response `json:"-"` // ActionResponseProperties - Action properties for get request *ActionResponseProperties `json:"properties,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
ActionResponse action for alert rule.
func (ActionResponse) MarshalJSON ¶
func (ar ActionResponse) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ActionResponse.
func (*ActionResponse) UnmarshalJSON ¶
func (ar *ActionResponse) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for ActionResponse struct.
type ActionResponseProperties ¶
type ActionResponseProperties struct { // WorkflowID - The name of the logic app's workflow. WorkflowID *string `json:"workflowId,omitempty"` // LogicAppResourceID - Logic App Resource Id, /subscriptions/{my-subscription}/resourceGroups/{my-resource-group}/providers/Microsoft.Logic/workflows/{my-workflow-id}. LogicAppResourceID *string `json:"logicAppResourceId,omitempty"` }
ActionResponseProperties action property bag.
type ActionType ¶
type ActionType string
ActionType enumerates the values for action type.
const ( // ActionTypeAutomationRuleAction ... ActionTypeAutomationRuleAction ActionType = "AutomationRuleAction" // ActionTypeModifyProperties ... ActionTypeModifyProperties ActionType = "ModifyProperties" // ActionTypeRunPlaybook ... ActionTypeRunPlaybook ActionType = "RunPlaybook" )
func PossibleActionTypeValues ¶
func PossibleActionTypeValues() []ActionType
PossibleActionTypeValues returns an array of possible values for the ActionType const type.
type ActionsClient ¶
type ActionsClient struct {
BaseClient
}
ActionsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewActionsClient ¶
func NewActionsClient(subscriptionID string) ActionsClient
NewActionsClient creates an instance of the ActionsClient client.
func NewActionsClientWithBaseURI ¶
func NewActionsClientWithBaseURI(baseURI string, subscriptionID string) ActionsClient
NewActionsClientWithBaseURI creates an instance of the ActionsClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (ActionsClient) CreateOrUpdate ¶
func (client ActionsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string, action ActionRequest) (result ActionResponse, err error)
CreateOrUpdate creates or updates the action of alert rule. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. ruleID - alert rule ID actionID - action ID action - the action
func (ActionsClient) CreateOrUpdatePreparer ¶
func (client ActionsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string, action ActionRequest) (*http.Request, error)
CreateOrUpdatePreparer prepares the CreateOrUpdate request.
func (ActionsClient) CreateOrUpdateResponder ¶
func (client ActionsClient) CreateOrUpdateResponder(resp *http.Response) (result ActionResponse, err error)
CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always closes the http.Response Body.
func (ActionsClient) CreateOrUpdateSender ¶
CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the http.Response Body if it receives an error.
func (ActionsClient) Delete ¶
func (client ActionsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string) (result autorest.Response, err error)
Delete delete the action of alert rule. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. ruleID - alert rule ID actionID - action ID
func (ActionsClient) DeletePreparer ¶
func (client ActionsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string) (*http.Request, error)
DeletePreparer prepares the Delete request.
func (ActionsClient) DeleteResponder ¶
func (client ActionsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
DeleteResponder handles the response to the Delete request. The method always closes the http.Response Body.
func (ActionsClient) DeleteSender ¶
DeleteSender sends the Delete request. The method will close the http.Response Body if it receives an error.
func (ActionsClient) Get ¶
func (client ActionsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string) (result ActionResponse, err error)
Get gets the action of alert rule. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. ruleID - alert rule ID actionID - action ID
func (ActionsClient) GetPreparer ¶
func (client ActionsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string) (*http.Request, error)
GetPreparer prepares the Get request.
func (ActionsClient) GetResponder ¶
func (client ActionsClient) GetResponder(resp *http.Response) (result ActionResponse, err error)
GetResponder handles the response to the Get request. The method always closes the http.Response Body.
func (ActionsClient) GetSender ¶
GetSender sends the Get request. The method will close the http.Response Body if it receives an error.
func (ActionsClient) ListByAlertRule ¶
func (client ActionsClient) ListByAlertRule(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (result ActionsListPage, err error)
ListByAlertRule gets all actions of alert rule. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. ruleID - alert rule ID
func (ActionsClient) ListByAlertRuleComplete ¶
func (client ActionsClient) ListByAlertRuleComplete(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (result ActionsListIterator, err error)
ListByAlertRuleComplete enumerates all values, automatically crossing page boundaries as required.
func (ActionsClient) ListByAlertRulePreparer ¶
func (client ActionsClient) ListByAlertRulePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (*http.Request, error)
ListByAlertRulePreparer prepares the ListByAlertRule request.
func (ActionsClient) ListByAlertRuleResponder ¶
func (client ActionsClient) ListByAlertRuleResponder(resp *http.Response) (result ActionsList, err error)
ListByAlertRuleResponder handles the response to the ListByAlertRule request. The method always closes the http.Response Body.
func (ActionsClient) ListByAlertRuleSender ¶
ListByAlertRuleSender sends the ListByAlertRule request. The method will close the http.Response Body if it receives an error.
type ActionsList ¶
type ActionsList struct { autorest.Response `json:"-"` // NextLink - READ-ONLY; URL to fetch the next set of actions. NextLink *string `json:"nextLink,omitempty"` // Value - Array of actions. Value *[]ActionResponse `json:"value,omitempty"` }
ActionsList list all the actions.
func (ActionsList) IsEmpty ¶
func (al ActionsList) IsEmpty() bool
IsEmpty returns true if the ListResult contains no values.
func (ActionsList) MarshalJSON ¶
func (al ActionsList) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ActionsList.
type ActionsListIterator ¶
type ActionsListIterator struct {
// contains filtered or unexported fields
}
ActionsListIterator provides access to a complete listing of ActionResponse values.
func NewActionsListIterator ¶
func NewActionsListIterator(page ActionsListPage) ActionsListIterator
Creates a new instance of the ActionsListIterator type.
func (*ActionsListIterator) Next ¶
func (iter *ActionsListIterator) Next() error
Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*ActionsListIterator) NextWithContext ¶
func (iter *ActionsListIterator) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.
func (ActionsListIterator) NotDone ¶
func (iter ActionsListIterator) NotDone() bool
NotDone returns true if the enumeration should be started or is not yet complete.
func (ActionsListIterator) Response ¶
func (iter ActionsListIterator) Response() ActionsList
Response returns the raw server response from the last page request.
func (ActionsListIterator) Value ¶
func (iter ActionsListIterator) Value() ActionResponse
Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.
type ActionsListPage ¶
type ActionsListPage struct {
// contains filtered or unexported fields
}
ActionsListPage contains a page of ActionResponse values.
func NewActionsListPage ¶
func NewActionsListPage(cur ActionsList, getNextPage func(context.Context, ActionsList) (ActionsList, error)) ActionsListPage
Creates a new instance of the ActionsListPage type.
func (*ActionsListPage) Next ¶
func (page *ActionsListPage) Next() error
Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*ActionsListPage) NextWithContext ¶
func (page *ActionsListPage) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.
func (ActionsListPage) NotDone ¶
func (page ActionsListPage) NotDone() bool
NotDone returns true if the page enumeration should be started or is not yet complete.
func (ActionsListPage) Response ¶
func (page ActionsListPage) Response() ActionsList
Response returns the raw server response from the last page request.
func (ActionsListPage) Values ¶
func (page ActionsListPage) Values() []ActionResponse
Values returns the slice of values for the current page or nil if there are no values.
type ActivityCustomEntityQuery ¶
type ActivityCustomEntityQuery struct { // ActivityEntityQueriesProperties - Activity entity query properties *ActivityEntityQueriesProperties `json:"properties,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` // Kind - Possible values include: 'KindBasicCustomEntityQueryKindCustomEntityQuery', 'KindBasicCustomEntityQueryKindActivity' Kind KindBasicCustomEntityQuery `json:"kind,omitempty"` }
ActivityCustomEntityQuery represents Activity entity query.
func (ActivityCustomEntityQuery) AsActivityCustomEntityQuery ¶
func (aceq ActivityCustomEntityQuery) AsActivityCustomEntityQuery() (*ActivityCustomEntityQuery, bool)
AsActivityCustomEntityQuery is the BasicCustomEntityQuery implementation for ActivityCustomEntityQuery.
func (ActivityCustomEntityQuery) AsBasicCustomEntityQuery ¶
func (aceq ActivityCustomEntityQuery) AsBasicCustomEntityQuery() (BasicCustomEntityQuery, bool)
AsBasicCustomEntityQuery is the BasicCustomEntityQuery implementation for ActivityCustomEntityQuery.
func (ActivityCustomEntityQuery) AsCustomEntityQuery ¶
func (aceq ActivityCustomEntityQuery) AsCustomEntityQuery() (*CustomEntityQuery, bool)
AsCustomEntityQuery is the BasicCustomEntityQuery implementation for ActivityCustomEntityQuery.
func (ActivityCustomEntityQuery) MarshalJSON ¶
func (aceq ActivityCustomEntityQuery) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ActivityCustomEntityQuery.
func (*ActivityCustomEntityQuery) UnmarshalJSON ¶
func (aceq *ActivityCustomEntityQuery) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for ActivityCustomEntityQuery struct.
type ActivityEntityQueriesProperties ¶
type ActivityEntityQueriesProperties struct { // Title - The entity query title Title *string `json:"title,omitempty"` // Content - The entity query content to display in timeline Content *string `json:"content,omitempty"` // Description - The entity query description Description *string `json:"description,omitempty"` // QueryDefinitions - The Activity query definitions QueryDefinitions *ActivityEntityQueriesPropertiesQueryDefinitions `json:"queryDefinitions,omitempty"` // InputEntityType - The type of the query's source entity. Possible values include: 'EntityTypeAccount', 'EntityTypeHost', 'EntityTypeFile', 'EntityTypeAzureResource', 'EntityTypeCloudApplication', 'EntityTypeDNS', 'EntityTypeFileHash', 'EntityTypeIP', 'EntityTypeMalware', 'EntityTypeProcess', 'EntityTypeRegistryKey', 'EntityTypeRegistryValue', 'EntityTypeSecurityGroup', 'EntityTypeURL', 'EntityTypeIoTDevice', 'EntityTypeSecurityAlert', 'EntityTypeHuntingBookmark', 'EntityTypeMailCluster', 'EntityTypeMailMessage', 'EntityTypeMailbox', 'EntityTypeSubmissionMail' InputEntityType EntityType `json:"inputEntityType,omitempty"` // RequiredInputFieldsSets - List of the fields of the source entity that are required to run the query RequiredInputFieldsSets *[][]string `json:"requiredInputFieldsSets,omitempty"` // EntitiesFilter - The query applied only to entities matching to all filters EntitiesFilter map[string][]string `json:"entitiesFilter"` // TemplateName - The template id this activity was created from TemplateName *string `json:"templateName,omitempty"` // Enabled - Determines whether this activity is enabled or disabled. Enabled *bool `json:"enabled,omitempty"` // CreatedTimeUtc - READ-ONLY; The time the activity was created CreatedTimeUtc *date.Time `json:"createdTimeUtc,omitempty"` // LastModifiedTimeUtc - READ-ONLY; The last time the activity was updated LastModifiedTimeUtc *date.Time `json:"lastModifiedTimeUtc,omitempty"` }
ActivityEntityQueriesProperties describes activity entity query properties
func (ActivityEntityQueriesProperties) MarshalJSON ¶
func (aeqp ActivityEntityQueriesProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ActivityEntityQueriesProperties.
type ActivityEntityQueriesPropertiesQueryDefinitions ¶
type ActivityEntityQueriesPropertiesQueryDefinitions struct { // Query - The Activity query to run on a given entity Query *string `json:"query,omitempty"` }
ActivityEntityQueriesPropertiesQueryDefinitions the Activity query definitions
type ActivityEntityQuery ¶
type ActivityEntityQuery struct { // ActivityEntityQueriesProperties - Activity entity query properties *ActivityEntityQueriesProperties `json:"properties,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` // Kind - Possible values include: 'KindBasicEntityQueryKindEntityQuery', 'KindBasicEntityQueryKindExpansion', 'KindBasicEntityQueryKindActivity' Kind KindBasicEntityQuery `json:"kind,omitempty"` }
ActivityEntityQuery represents Activity entity query.
func (ActivityEntityQuery) AsActivityEntityQuery ¶
func (aeq ActivityEntityQuery) AsActivityEntityQuery() (*ActivityEntityQuery, bool)
AsActivityEntityQuery is the BasicEntityQuery implementation for ActivityEntityQuery.
func (ActivityEntityQuery) AsBasicEntityQuery ¶
func (aeq ActivityEntityQuery) AsBasicEntityQuery() (BasicEntityQuery, bool)
AsBasicEntityQuery is the BasicEntityQuery implementation for ActivityEntityQuery.
func (ActivityEntityQuery) AsEntityQuery ¶
func (aeq ActivityEntityQuery) AsEntityQuery() (*EntityQuery, bool)
AsEntityQuery is the BasicEntityQuery implementation for ActivityEntityQuery.
func (ActivityEntityQuery) AsExpansionEntityQuery ¶
func (aeq ActivityEntityQuery) AsExpansionEntityQuery() (*ExpansionEntityQuery, bool)
AsExpansionEntityQuery is the BasicEntityQuery implementation for ActivityEntityQuery.
func (ActivityEntityQuery) MarshalJSON ¶
func (aeq ActivityEntityQuery) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ActivityEntityQuery.
func (*ActivityEntityQuery) UnmarshalJSON ¶
func (aeq *ActivityEntityQuery) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for ActivityEntityQuery struct.
type ActivityEntityQueryTemplate ¶
type ActivityEntityQueryTemplate struct { // ActivityEntityQueryTemplateProperties - Activity entity query properties *ActivityEntityQueryTemplateProperties `json:"properties,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` // Kind - Possible values include: 'KindBasicEntityQueryTemplateKindEntityQueryTemplate', 'KindBasicEntityQueryTemplateKindActivity' Kind KindBasicEntityQueryTemplate `json:"kind,omitempty"` }
ActivityEntityQueryTemplate represents Activity entity query.
func (ActivityEntityQueryTemplate) AsActivityEntityQueryTemplate ¶
func (aeqt ActivityEntityQueryTemplate) AsActivityEntityQueryTemplate() (*ActivityEntityQueryTemplate, bool)
AsActivityEntityQueryTemplate is the BasicEntityQueryTemplate implementation for ActivityEntityQueryTemplate.
func (ActivityEntityQueryTemplate) AsBasicEntityQueryTemplate ¶
func (aeqt ActivityEntityQueryTemplate) AsBasicEntityQueryTemplate() (BasicEntityQueryTemplate, bool)
AsBasicEntityQueryTemplate is the BasicEntityQueryTemplate implementation for ActivityEntityQueryTemplate.
func (ActivityEntityQueryTemplate) AsEntityQueryTemplate ¶
func (aeqt ActivityEntityQueryTemplate) AsEntityQueryTemplate() (*EntityQueryTemplate, bool)
AsEntityQueryTemplate is the BasicEntityQueryTemplate implementation for ActivityEntityQueryTemplate.
func (ActivityEntityQueryTemplate) MarshalJSON ¶
func (aeqt ActivityEntityQueryTemplate) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ActivityEntityQueryTemplate.
func (*ActivityEntityQueryTemplate) UnmarshalJSON ¶
func (aeqt *ActivityEntityQueryTemplate) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for ActivityEntityQueryTemplate struct.
type ActivityEntityQueryTemplateProperties ¶
type ActivityEntityQueryTemplateProperties struct { // Title - The entity query title Title *string `json:"title,omitempty"` // Content - The entity query content to display in timeline Content *string `json:"content,omitempty"` // Description - The entity query description Description *string `json:"description,omitempty"` // QueryDefinitions - The Activity query definitions QueryDefinitions *ActivityEntityQueryTemplatePropertiesQueryDefinitions `json:"queryDefinitions,omitempty"` // DataTypes - List of required data types for the given entity query template DataTypes *[]DataTypeDefinitions `json:"dataTypes,omitempty"` // InputEntityType - The type of the query's source entity. Possible values include: 'EntityTypeAccount', 'EntityTypeHost', 'EntityTypeFile', 'EntityTypeAzureResource', 'EntityTypeCloudApplication', 'EntityTypeDNS', 'EntityTypeFileHash', 'EntityTypeIP', 'EntityTypeMalware', 'EntityTypeProcess', 'EntityTypeRegistryKey', 'EntityTypeRegistryValue', 'EntityTypeSecurityGroup', 'EntityTypeURL', 'EntityTypeIoTDevice', 'EntityTypeSecurityAlert', 'EntityTypeHuntingBookmark', 'EntityTypeMailCluster', 'EntityTypeMailMessage', 'EntityTypeMailbox', 'EntityTypeSubmissionMail' InputEntityType EntityType `json:"inputEntityType,omitempty"` // RequiredInputFieldsSets - List of the fields of the source entity that are required to run the query RequiredInputFieldsSets *[][]string `json:"requiredInputFieldsSets,omitempty"` // EntitiesFilter - The query applied only to entities matching to all filters EntitiesFilter map[string][]string `json:"entitiesFilter"` }
ActivityEntityQueryTemplateProperties describes activity entity query properties
func (ActivityEntityQueryTemplateProperties) MarshalJSON ¶
func (aeqtp ActivityEntityQueryTemplateProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ActivityEntityQueryTemplateProperties.
type ActivityEntityQueryTemplatePropertiesQueryDefinitions ¶
type ActivityEntityQueryTemplatePropertiesQueryDefinitions struct { // Query - The Activity query to run on a given entity Query *string `json:"query,omitempty"` // SummarizeBy - The dimensions we want to summarize the timeline results on, this is comma separated list SummarizeBy *string `json:"summarizeBy,omitempty"` }
ActivityEntityQueryTemplatePropertiesQueryDefinitions the Activity query definitions
type ActivityTimelineItem ¶
type ActivityTimelineItem struct { // QueryID - The activity query id. QueryID *string `json:"queryId,omitempty"` // BucketStartTimeUTC - The grouping bucket start time. BucketStartTimeUTC *date.Time `json:"bucketStartTimeUTC,omitempty"` // BucketEndTimeUTC - The grouping bucket end time. BucketEndTimeUTC *date.Time `json:"bucketEndTimeUTC,omitempty"` // FirstActivityTimeUTC - The time of the first activity in the grouping bucket. FirstActivityTimeUTC *date.Time `json:"firstActivityTimeUTC,omitempty"` // LastActivityTimeUTC - The time of the last activity in the grouping bucket. LastActivityTimeUTC *date.Time `json:"lastActivityTimeUTC,omitempty"` // Content - The activity timeline content. Content *string `json:"content,omitempty"` // Title - The activity timeline title. Title *string `json:"title,omitempty"` // Kind - Possible values include: 'KindBasicEntityTimelineItemKindEntityTimelineItem', 'KindBasicEntityTimelineItemKindActivity', 'KindBasicEntityTimelineItemKindBookmark', 'KindBasicEntityTimelineItemKindSecurityAlert' Kind KindBasicEntityTimelineItem `json:"kind,omitempty"` }
ActivityTimelineItem represents Activity timeline item.
func (ActivityTimelineItem) AsActivityTimelineItem ¶
func (ati ActivityTimelineItem) AsActivityTimelineItem() (*ActivityTimelineItem, bool)
AsActivityTimelineItem is the BasicEntityTimelineItem implementation for ActivityTimelineItem.
func (ActivityTimelineItem) AsBasicEntityTimelineItem ¶
func (ati ActivityTimelineItem) AsBasicEntityTimelineItem() (BasicEntityTimelineItem, bool)
AsBasicEntityTimelineItem is the BasicEntityTimelineItem implementation for ActivityTimelineItem.
func (ActivityTimelineItem) AsBookmarkTimelineItem ¶
func (ati ActivityTimelineItem) AsBookmarkTimelineItem() (*BookmarkTimelineItem, bool)
AsBookmarkTimelineItem is the BasicEntityTimelineItem implementation for ActivityTimelineItem.
func (ActivityTimelineItem) AsEntityTimelineItem ¶
func (ati ActivityTimelineItem) AsEntityTimelineItem() (*EntityTimelineItem, bool)
AsEntityTimelineItem is the BasicEntityTimelineItem implementation for ActivityTimelineItem.
func (ActivityTimelineItem) AsSecurityAlertTimelineItem ¶
func (ati ActivityTimelineItem) AsSecurityAlertTimelineItem() (*SecurityAlertTimelineItem, bool)
AsSecurityAlertTimelineItem is the BasicEntityTimelineItem implementation for ActivityTimelineItem.
func (ActivityTimelineItem) MarshalJSON ¶
func (ati ActivityTimelineItem) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ActivityTimelineItem.
type AlertDetail ¶
type AlertDetail string
AlertDetail enumerates the values for alert detail.
const ( // AlertDetailDisplayName Alert display name AlertDetailDisplayName AlertDetail = "DisplayName" // AlertDetailSeverity Alert severity AlertDetailSeverity AlertDetail = "Severity" )
func PossibleAlertDetailValues ¶
func PossibleAlertDetailValues() []AlertDetail
PossibleAlertDetailValues returns an array of possible values for the AlertDetail const type.
type AlertDetailsOverride ¶
type AlertDetailsOverride struct { // AlertDisplayNameFormat - the format containing columns name(s) to override the alert name AlertDisplayNameFormat *string `json:"alertDisplayNameFormat,omitempty"` // AlertDescriptionFormat - the format containing columns name(s) to override the alert description AlertDescriptionFormat *string `json:"alertDescriptionFormat,omitempty"` // AlertTacticsColumnName - the column name to take the alert tactics from AlertTacticsColumnName *string `json:"alertTacticsColumnName,omitempty"` // AlertSeverityColumnName - the column name to take the alert severity from AlertSeverityColumnName *string `json:"alertSeverityColumnName,omitempty"` }
AlertDetailsOverride settings for how to dynamically override alert static details
type AlertRule ¶
type AlertRule struct { autorest.Response `json:"-"` // Kind - Possible values include: 'KindBasicAlertRuleKindAlertRule', 'KindBasicAlertRuleKindMLBehaviorAnalytics', 'KindBasicAlertRuleKindFusion', 'KindBasicAlertRuleKindThreatIntelligence', 'KindBasicAlertRuleKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleKindScheduled', 'KindBasicAlertRuleKindNRT' Kind KindBasicAlertRule `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
AlertRule alert rule.
func (AlertRule) AsAlertRule ¶
AsAlertRule is the BasicAlertRule implementation for AlertRule.
func (AlertRule) AsBasicAlertRule ¶
func (ar AlertRule) AsBasicAlertRule() (BasicAlertRule, bool)
AsBasicAlertRule is the BasicAlertRule implementation for AlertRule.
func (AlertRule) AsFusionAlertRule ¶
func (ar AlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)
AsFusionAlertRule is the BasicAlertRule implementation for AlertRule.
func (AlertRule) AsMLBehaviorAnalyticsAlertRule ¶
func (ar AlertRule) AsMLBehaviorAnalyticsAlertRule() (*MLBehaviorAnalyticsAlertRule, bool)
AsMLBehaviorAnalyticsAlertRule is the BasicAlertRule implementation for AlertRule.
func (AlertRule) AsMicrosoftSecurityIncidentCreationAlertRule ¶
func (ar AlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)
AsMicrosoftSecurityIncidentCreationAlertRule is the BasicAlertRule implementation for AlertRule.
func (AlertRule) AsNrtAlertRule ¶
func (ar AlertRule) AsNrtAlertRule() (*NrtAlertRule, bool)
AsNrtAlertRule is the BasicAlertRule implementation for AlertRule.
func (AlertRule) AsScheduledAlertRule ¶
func (ar AlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)
AsScheduledAlertRule is the BasicAlertRule implementation for AlertRule.
func (AlertRule) AsThreatIntelligenceAlertRule ¶
func (ar AlertRule) AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool)
AsThreatIntelligenceAlertRule is the BasicAlertRule implementation for AlertRule.
func (AlertRule) MarshalJSON ¶
MarshalJSON is the custom marshaler for AlertRule.
type AlertRuleKind ¶
type AlertRuleKind string
AlertRuleKind enumerates the values for alert rule kind.
const ( // AlertRuleKindFusion ... AlertRuleKindFusion AlertRuleKind = "Fusion" // AlertRuleKindMicrosoftSecurityIncidentCreation ... AlertRuleKindMicrosoftSecurityIncidentCreation AlertRuleKind = "MicrosoftSecurityIncidentCreation" // AlertRuleKindMLBehaviorAnalytics ... AlertRuleKindMLBehaviorAnalytics AlertRuleKind = "MLBehaviorAnalytics" // AlertRuleKindNRT ... AlertRuleKindNRT AlertRuleKind = "NRT" // AlertRuleKindScheduled ... AlertRuleKindScheduled AlertRuleKind = "Scheduled" // AlertRuleKindThreatIntelligence ... AlertRuleKindThreatIntelligence AlertRuleKind = "ThreatIntelligence" )
func PossibleAlertRuleKindValues ¶
func PossibleAlertRuleKindValues() []AlertRuleKind
PossibleAlertRuleKindValues returns an array of possible values for the AlertRuleKind const type.
type AlertRuleModel ¶
type AlertRuleModel struct { autorest.Response `json:"-"` Value BasicAlertRule `json:"value,omitempty"` }
AlertRuleModel ...
func (*AlertRuleModel) UnmarshalJSON ¶
func (arm *AlertRuleModel) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for AlertRuleModel struct.
type AlertRuleTemplate ¶
type AlertRuleTemplate struct { autorest.Response `json:"-"` // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindMLBehaviorAnalytics', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindThreatIntelligence', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled', 'KindBasicAlertRuleTemplateKindNRT' Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
AlertRuleTemplate alert rule template.
func (AlertRuleTemplate) AsAlertRuleTemplate ¶
func (art AlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)
AsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for AlertRuleTemplate.
func (AlertRuleTemplate) AsBasicAlertRuleTemplate ¶
func (art AlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)
AsBasicAlertRuleTemplate is the BasicAlertRuleTemplate implementation for AlertRuleTemplate.
func (AlertRuleTemplate) AsFusionAlertRuleTemplate ¶
func (art AlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)
AsFusionAlertRuleTemplate is the BasicAlertRuleTemplate implementation for AlertRuleTemplate.
func (AlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate ¶
func (art AlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate() (*MLBehaviorAnalyticsAlertRuleTemplate, bool)
AsMLBehaviorAnalyticsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for AlertRuleTemplate.
func (AlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate ¶
func (art AlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)
AsMicrosoftSecurityIncidentCreationAlertRuleTemplate is the BasicAlertRuleTemplate implementation for AlertRuleTemplate.
func (AlertRuleTemplate) AsNrtAlertRuleTemplate ¶
func (art AlertRuleTemplate) AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool)
AsNrtAlertRuleTemplate is the BasicAlertRuleTemplate implementation for AlertRuleTemplate.
func (AlertRuleTemplate) AsScheduledAlertRuleTemplate ¶
func (art AlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)
AsScheduledAlertRuleTemplate is the BasicAlertRuleTemplate implementation for AlertRuleTemplate.
func (AlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate ¶
func (art AlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool)
AsThreatIntelligenceAlertRuleTemplate is the BasicAlertRuleTemplate implementation for AlertRuleTemplate.
func (AlertRuleTemplate) MarshalJSON ¶
func (art AlertRuleTemplate) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AlertRuleTemplate.
type AlertRuleTemplateDataSource ¶
type AlertRuleTemplateDataSource struct { // ConnectorID - The connector id that provides the following data types ConnectorID *string `json:"connectorId,omitempty"` // DataTypes - The data types used by the alert rule template DataTypes *[]string `json:"dataTypes,omitempty"` }
AlertRuleTemplateDataSource alert rule template data sources
type AlertRuleTemplateModel ¶
type AlertRuleTemplateModel struct { autorest.Response `json:"-"` Value BasicAlertRuleTemplate `json:"value,omitempty"` }
AlertRuleTemplateModel ...
func (*AlertRuleTemplateModel) UnmarshalJSON ¶
func (artm *AlertRuleTemplateModel) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for AlertRuleTemplateModel struct.
type AlertRuleTemplatePropertiesBase ¶
type AlertRuleTemplatePropertiesBase struct { // AlertRulesCreatedByTemplateCount - the number of alert rules that were created by this template AlertRulesCreatedByTemplateCount *int32 `json:"alertRulesCreatedByTemplateCount,omitempty"` // LastUpdatedDateUTC - READ-ONLY; The last time that this alert rule template has been updated. LastUpdatedDateUTC *date.Time `json:"lastUpdatedDateUTC,omitempty"` // CreatedDateUTC - READ-ONLY; The time that this alert rule template has been added. CreatedDateUTC *date.Time `json:"createdDateUTC,omitempty"` // Description - The description of the alert rule template. Description *string `json:"description,omitempty"` // DisplayName - The display name for alert rule template. DisplayName *string `json:"displayName,omitempty"` // RequiredDataConnectors - The required data sources for this template RequiredDataConnectors *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"` // Status - The alert rule template status. Possible values include: 'TemplateStatusInstalled', 'TemplateStatusAvailable', 'TemplateStatusNotAvailable' Status TemplateStatus `json:"status,omitempty"` }
AlertRuleTemplatePropertiesBase base alert rule template property bag.
func (AlertRuleTemplatePropertiesBase) MarshalJSON ¶
func (artpb AlertRuleTemplatePropertiesBase) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AlertRuleTemplatePropertiesBase.
type AlertRuleTemplatesClient ¶
type AlertRuleTemplatesClient struct {
BaseClient
}
AlertRuleTemplatesClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewAlertRuleTemplatesClient ¶
func NewAlertRuleTemplatesClient(subscriptionID string) AlertRuleTemplatesClient
NewAlertRuleTemplatesClient creates an instance of the AlertRuleTemplatesClient client.
func NewAlertRuleTemplatesClientWithBaseURI ¶
func NewAlertRuleTemplatesClientWithBaseURI(baseURI string, subscriptionID string) AlertRuleTemplatesClient
NewAlertRuleTemplatesClientWithBaseURI creates an instance of the AlertRuleTemplatesClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (AlertRuleTemplatesClient) Get ¶
func (client AlertRuleTemplatesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, alertRuleTemplateID string) (result AlertRuleTemplateModel, err error)
Get gets the alert rule template. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. alertRuleTemplateID - alert rule template ID
func (AlertRuleTemplatesClient) GetPreparer ¶
func (client AlertRuleTemplatesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, alertRuleTemplateID string) (*http.Request, error)
GetPreparer prepares the Get request.
func (AlertRuleTemplatesClient) GetResponder ¶
func (client AlertRuleTemplatesClient) GetResponder(resp *http.Response) (result AlertRuleTemplateModel, err error)
GetResponder handles the response to the Get request. The method always closes the http.Response Body.
func (AlertRuleTemplatesClient) GetSender ¶
GetSender sends the Get request. The method will close the http.Response Body if it receives an error.
func (AlertRuleTemplatesClient) List ¶
func (client AlertRuleTemplatesClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRuleTemplatesListPage, err error)
List gets all alert rule templates. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace.
func (AlertRuleTemplatesClient) ListComplete ¶
func (client AlertRuleTemplatesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRuleTemplatesListIterator, err error)
ListComplete enumerates all values, automatically crossing page boundaries as required.
func (AlertRuleTemplatesClient) ListPreparer ¶
func (client AlertRuleTemplatesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
ListPreparer prepares the List request.
func (AlertRuleTemplatesClient) ListResponder ¶
func (client AlertRuleTemplatesClient) ListResponder(resp *http.Response) (result AlertRuleTemplatesList, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (AlertRuleTemplatesClient) ListSender ¶
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
type AlertRuleTemplatesList ¶
type AlertRuleTemplatesList struct { autorest.Response `json:"-"` // NextLink - READ-ONLY; URL to fetch the next set of alert rule templates. NextLink *string `json:"nextLink,omitempty"` // Value - Array of alert rule templates. Value *[]BasicAlertRuleTemplate `json:"value,omitempty"` }
AlertRuleTemplatesList list all the alert rule templates.
func (AlertRuleTemplatesList) IsEmpty ¶
func (artl AlertRuleTemplatesList) IsEmpty() bool
IsEmpty returns true if the ListResult contains no values.
func (AlertRuleTemplatesList) MarshalJSON ¶
func (artl AlertRuleTemplatesList) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AlertRuleTemplatesList.
func (*AlertRuleTemplatesList) UnmarshalJSON ¶
func (artl *AlertRuleTemplatesList) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for AlertRuleTemplatesList struct.
type AlertRuleTemplatesListIterator ¶
type AlertRuleTemplatesListIterator struct {
// contains filtered or unexported fields
}
AlertRuleTemplatesListIterator provides access to a complete listing of AlertRuleTemplate values.
func NewAlertRuleTemplatesListIterator ¶
func NewAlertRuleTemplatesListIterator(page AlertRuleTemplatesListPage) AlertRuleTemplatesListIterator
Creates a new instance of the AlertRuleTemplatesListIterator type.
func (*AlertRuleTemplatesListIterator) Next ¶
func (iter *AlertRuleTemplatesListIterator) Next() error
Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*AlertRuleTemplatesListIterator) NextWithContext ¶
func (iter *AlertRuleTemplatesListIterator) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.
func (AlertRuleTemplatesListIterator) NotDone ¶
func (iter AlertRuleTemplatesListIterator) NotDone() bool
NotDone returns true if the enumeration should be started or is not yet complete.
func (AlertRuleTemplatesListIterator) Response ¶
func (iter AlertRuleTemplatesListIterator) Response() AlertRuleTemplatesList
Response returns the raw server response from the last page request.
func (AlertRuleTemplatesListIterator) Value ¶
func (iter AlertRuleTemplatesListIterator) Value() BasicAlertRuleTemplate
Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.
type AlertRuleTemplatesListPage ¶
type AlertRuleTemplatesListPage struct {
// contains filtered or unexported fields
}
AlertRuleTemplatesListPage contains a page of BasicAlertRuleTemplate values.
func NewAlertRuleTemplatesListPage ¶
func NewAlertRuleTemplatesListPage(cur AlertRuleTemplatesList, getNextPage func(context.Context, AlertRuleTemplatesList) (AlertRuleTemplatesList, error)) AlertRuleTemplatesListPage
Creates a new instance of the AlertRuleTemplatesListPage type.
func (*AlertRuleTemplatesListPage) Next ¶
func (page *AlertRuleTemplatesListPage) Next() error
Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*AlertRuleTemplatesListPage) NextWithContext ¶
func (page *AlertRuleTemplatesListPage) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.
func (AlertRuleTemplatesListPage) NotDone ¶
func (page AlertRuleTemplatesListPage) NotDone() bool
NotDone returns true if the page enumeration should be started or is not yet complete.
func (AlertRuleTemplatesListPage) Response ¶
func (page AlertRuleTemplatesListPage) Response() AlertRuleTemplatesList
Response returns the raw server response from the last page request.
func (AlertRuleTemplatesListPage) Values ¶
func (page AlertRuleTemplatesListPage) Values() []BasicAlertRuleTemplate
Values returns the slice of values for the current page or nil if there are no values.
type AlertRulesClient ¶
type AlertRulesClient struct {
BaseClient
}
AlertRulesClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewAlertRulesClient ¶
func NewAlertRulesClient(subscriptionID string) AlertRulesClient
NewAlertRulesClient creates an instance of the AlertRulesClient client.
func NewAlertRulesClientWithBaseURI ¶
func NewAlertRulesClientWithBaseURI(baseURI string, subscriptionID string) AlertRulesClient
NewAlertRulesClientWithBaseURI creates an instance of the AlertRulesClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (AlertRulesClient) CreateOrUpdate ¶
func (client AlertRulesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, alertRule BasicAlertRule) (result AlertRuleModel, err error)
CreateOrUpdate creates or updates the alert rule. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. ruleID - alert rule ID alertRule - the alert rule
func (AlertRulesClient) CreateOrUpdatePreparer ¶
func (client AlertRulesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, alertRule BasicAlertRule) (*http.Request, error)
CreateOrUpdatePreparer prepares the CreateOrUpdate request.
func (AlertRulesClient) CreateOrUpdateResponder ¶
func (client AlertRulesClient) CreateOrUpdateResponder(resp *http.Response) (result AlertRuleModel, err error)
CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always closes the http.Response Body.
func (AlertRulesClient) CreateOrUpdateSender ¶
CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the http.Response Body if it receives an error.
func (AlertRulesClient) Delete ¶
func (client AlertRulesClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (result autorest.Response, err error)
Delete delete the alert rule. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. ruleID - alert rule ID
func (AlertRulesClient) DeletePreparer ¶
func (client AlertRulesClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (*http.Request, error)
DeletePreparer prepares the Delete request.
func (AlertRulesClient) DeleteResponder ¶
func (client AlertRulesClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
DeleteResponder handles the response to the Delete request. The method always closes the http.Response Body.
func (AlertRulesClient) DeleteSender ¶
DeleteSender sends the Delete request. The method will close the http.Response Body if it receives an error.
func (AlertRulesClient) Get ¶
func (client AlertRulesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (result AlertRuleModel, err error)
Get gets the alert rule. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. ruleID - alert rule ID
func (AlertRulesClient) GetPreparer ¶
func (client AlertRulesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (*http.Request, error)
GetPreparer prepares the Get request.
func (AlertRulesClient) GetResponder ¶
func (client AlertRulesClient) GetResponder(resp *http.Response) (result AlertRuleModel, err error)
GetResponder handles the response to the Get request. The method always closes the http.Response Body.
func (AlertRulesClient) GetSender ¶
GetSender sends the Get request. The method will close the http.Response Body if it receives an error.
func (AlertRulesClient) List ¶
func (client AlertRulesClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRulesListPage, err error)
List gets all alert rules. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace.
func (AlertRulesClient) ListComplete ¶
func (client AlertRulesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRulesListIterator, err error)
ListComplete enumerates all values, automatically crossing page boundaries as required.
func (AlertRulesClient) ListPreparer ¶
func (client AlertRulesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
ListPreparer prepares the List request.
func (AlertRulesClient) ListResponder ¶
func (client AlertRulesClient) ListResponder(resp *http.Response) (result AlertRulesList, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (AlertRulesClient) ListSender ¶
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
type AlertRulesList ¶
type AlertRulesList struct { autorest.Response `json:"-"` // NextLink - READ-ONLY; URL to fetch the next set of alert rules. NextLink *string `json:"nextLink,omitempty"` // Value - Array of alert rules. Value *[]BasicAlertRule `json:"value,omitempty"` }
AlertRulesList list all the alert rules.
func (AlertRulesList) IsEmpty ¶
func (arl AlertRulesList) IsEmpty() bool
IsEmpty returns true if the ListResult contains no values.
func (AlertRulesList) MarshalJSON ¶
func (arl AlertRulesList) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AlertRulesList.
func (*AlertRulesList) UnmarshalJSON ¶
func (arl *AlertRulesList) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for AlertRulesList struct.
type AlertRulesListIterator ¶
type AlertRulesListIterator struct {
// contains filtered or unexported fields
}
AlertRulesListIterator provides access to a complete listing of AlertRule values.
func NewAlertRulesListIterator ¶
func NewAlertRulesListIterator(page AlertRulesListPage) AlertRulesListIterator
Creates a new instance of the AlertRulesListIterator type.
func (*AlertRulesListIterator) Next ¶
func (iter *AlertRulesListIterator) Next() error
Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*AlertRulesListIterator) NextWithContext ¶
func (iter *AlertRulesListIterator) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.
func (AlertRulesListIterator) NotDone ¶
func (iter AlertRulesListIterator) NotDone() bool
NotDone returns true if the enumeration should be started or is not yet complete.
func (AlertRulesListIterator) Response ¶
func (iter AlertRulesListIterator) Response() AlertRulesList
Response returns the raw server response from the last page request.
func (AlertRulesListIterator) Value ¶
func (iter AlertRulesListIterator) Value() BasicAlertRule
Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.
type AlertRulesListPage ¶
type AlertRulesListPage struct {
// contains filtered or unexported fields
}
AlertRulesListPage contains a page of BasicAlertRule values.
func NewAlertRulesListPage ¶
func NewAlertRulesListPage(cur AlertRulesList, getNextPage func(context.Context, AlertRulesList) (AlertRulesList, error)) AlertRulesListPage
Creates a new instance of the AlertRulesListPage type.
func (*AlertRulesListPage) Next ¶
func (page *AlertRulesListPage) Next() error
Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*AlertRulesListPage) NextWithContext ¶
func (page *AlertRulesListPage) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.
func (AlertRulesListPage) NotDone ¶
func (page AlertRulesListPage) NotDone() bool
NotDone returns true if the page enumeration should be started or is not yet complete.
func (AlertRulesListPage) Response ¶
func (page AlertRulesListPage) Response() AlertRulesList
Response returns the raw server response from the last page request.
func (AlertRulesListPage) Values ¶
func (page AlertRulesListPage) Values() []BasicAlertRule
Values returns the slice of values for the current page or nil if there are no values.
type AlertSeverity ¶
type AlertSeverity string
AlertSeverity enumerates the values for alert severity.
const ( // AlertSeverityHigh High severity AlertSeverityHigh AlertSeverity = "High" // AlertSeverityInformational Informational severity AlertSeverityInformational AlertSeverity = "Informational" // AlertSeverityLow Low severity AlertSeverityLow AlertSeverity = "Low" // AlertSeverityMedium Medium severity AlertSeverityMedium AlertSeverity = "Medium" )
func PossibleAlertSeverityValues ¶
func PossibleAlertSeverityValues() []AlertSeverity
PossibleAlertSeverityValues returns an array of possible values for the AlertSeverity const type.
type AlertStatus ¶
type AlertStatus string
AlertStatus enumerates the values for alert status.
const ( // AlertStatusDismissed Alert dismissed as false positive AlertStatusDismissed AlertStatus = "Dismissed" // AlertStatusInProgress Alert is being handled AlertStatusInProgress AlertStatus = "InProgress" // AlertStatusNew New alert AlertStatusNew AlertStatus = "New" // AlertStatusResolved Alert closed after handling AlertStatusResolved AlertStatus = "Resolved" // AlertStatusUnknown Unknown value AlertStatusUnknown AlertStatus = "Unknown" )
func PossibleAlertStatusValues ¶
func PossibleAlertStatusValues() []AlertStatus
PossibleAlertStatusValues returns an array of possible values for the AlertStatus const type.
type AlertsDataTypeOfDataConnector ¶
type AlertsDataTypeOfDataConnector struct { // Alerts - Alerts data type connection. Alerts *DataConnectorDataTypeCommon `json:"alerts,omitempty"` }
AlertsDataTypeOfDataConnector alerts data type for data connectors.
type Anomalies ¶
type Anomalies struct { // AnomaliesSettingsProperties - Anomalies properties *AnomaliesSettingsProperties `json:"properties,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` // Kind - Possible values include: 'KindBasicSettingsKindSettings', 'KindBasicSettingsKindAnomalies', 'KindBasicSettingsKindEyesOn', 'KindBasicSettingsKindEntityAnalytics', 'KindBasicSettingsKindUeba' Kind KindBasicSettings `json:"kind,omitempty"` }
Anomalies settings with single toggle.
func (Anomalies) AsAnomalies ¶
AsAnomalies is the BasicSettings implementation for Anomalies.
func (Anomalies) AsBasicSettings ¶
func (a Anomalies) AsBasicSettings() (BasicSettings, bool)
AsBasicSettings is the BasicSettings implementation for Anomalies.
func (Anomalies) AsEntityAnalytics ¶
func (a Anomalies) AsEntityAnalytics() (*EntityAnalytics, bool)
AsEntityAnalytics is the BasicSettings implementation for Anomalies.
func (Anomalies) AsSettings ¶
AsSettings is the BasicSettings implementation for Anomalies.
func (Anomalies) MarshalJSON ¶
MarshalJSON is the custom marshaler for Anomalies.
func (*Anomalies) UnmarshalJSON ¶
UnmarshalJSON is the custom unmarshaler for Anomalies struct.
type AnomaliesSettingsProperties ¶
type AnomaliesSettingsProperties struct { // IsEnabled - READ-ONLY; Determines whether the setting is enable or disabled. IsEnabled *bool `json:"isEnabled,omitempty"` }
AnomaliesSettingsProperties anomalies property bag.
func (AnomaliesSettingsProperties) MarshalJSON ¶
func (asp AnomaliesSettingsProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AnomaliesSettingsProperties.
type AntispamMailDirection ¶
type AntispamMailDirection string
AntispamMailDirection enumerates the values for antispam mail direction.
const ( // AntispamMailDirectionInbound Inbound AntispamMailDirectionInbound AntispamMailDirection = "Inbound" // AntispamMailDirectionIntraorg Intraorg AntispamMailDirectionIntraorg AntispamMailDirection = "Intraorg" // AntispamMailDirectionOutbound Outbound AntispamMailDirectionOutbound AntispamMailDirection = "Outbound" // AntispamMailDirectionUnknown Unknown AntispamMailDirectionUnknown AntispamMailDirection = "Unknown" )
func PossibleAntispamMailDirectionValues ¶
func PossibleAntispamMailDirectionValues() []AntispamMailDirection
PossibleAntispamMailDirectionValues returns an array of possible values for the AntispamMailDirection const type.
type AttackTactic ¶
type AttackTactic string
AttackTactic enumerates the values for attack tactic.
const ( // AttackTacticCollection ... AttackTacticCollection AttackTactic = "Collection" // AttackTacticCommandAndControl ... AttackTacticCommandAndControl AttackTactic = "CommandAndControl" // AttackTacticCredentialAccess ... AttackTacticCredentialAccess AttackTactic = "CredentialAccess" // AttackTacticDefenseEvasion ... AttackTacticDefenseEvasion AttackTactic = "DefenseEvasion" // AttackTacticDiscovery ... AttackTacticDiscovery AttackTactic = "Discovery" // AttackTacticExecution ... AttackTacticExecution AttackTactic = "Execution" // AttackTacticExfiltration ... AttackTacticExfiltration AttackTactic = "Exfiltration" // AttackTacticImpact ... AttackTacticImpact AttackTactic = "Impact" // AttackTacticInitialAccess ... AttackTacticInitialAccess AttackTactic = "InitialAccess" // AttackTacticLateralMovement ... AttackTacticLateralMovement AttackTactic = "LateralMovement" // AttackTacticPersistence ... AttackTacticPersistence AttackTactic = "Persistence" // AttackTacticPreAttack ... AttackTacticPreAttack AttackTactic = "PreAttack" // AttackTacticPrivilegeEscalation ... AttackTacticPrivilegeEscalation AttackTactic = "PrivilegeEscalation" )
func PossibleAttackTacticValues ¶
func PossibleAttackTacticValues() []AttackTactic
PossibleAttackTacticValues returns an array of possible values for the AttackTactic const type.
type AutomationRule ¶
type AutomationRule struct { autorest.Response `json:"-"` // AutomationRuleProperties - Automation rule properties *AutomationRuleProperties `json:"properties,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
AutomationRule represents an automation rule.
func (AutomationRule) MarshalJSON ¶
func (ar AutomationRule) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AutomationRule.
func (*AutomationRule) UnmarshalJSON ¶
func (ar *AutomationRule) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for AutomationRule struct.
type AutomationRuleAction ¶
type AutomationRuleAction struct { // Order - The order of execution of the automation rule action Order *int32 `json:"order,omitempty"` // ActionType - Possible values include: 'ActionTypeAutomationRuleAction', 'ActionTypeRunPlaybook', 'ActionTypeModifyProperties' ActionType ActionType `json:"actionType,omitempty"` }
AutomationRuleAction describes an automation rule action
func (AutomationRuleAction) AsAutomationRuleAction ¶
func (ara AutomationRuleAction) AsAutomationRuleAction() (*AutomationRuleAction, bool)
AsAutomationRuleAction is the BasicAutomationRuleAction implementation for AutomationRuleAction.
func (AutomationRuleAction) AsAutomationRuleModifyPropertiesAction ¶
func (ara AutomationRuleAction) AsAutomationRuleModifyPropertiesAction() (*AutomationRuleModifyPropertiesAction, bool)
AsAutomationRuleModifyPropertiesAction is the BasicAutomationRuleAction implementation for AutomationRuleAction.
func (AutomationRuleAction) AsAutomationRuleRunPlaybookAction ¶
func (ara AutomationRuleAction) AsAutomationRuleRunPlaybookAction() (*AutomationRuleRunPlaybookAction, bool)
AsAutomationRuleRunPlaybookAction is the BasicAutomationRuleAction implementation for AutomationRuleAction.
func (AutomationRuleAction) AsBasicAutomationRuleAction ¶
func (ara AutomationRuleAction) AsBasicAutomationRuleAction() (BasicAutomationRuleAction, bool)
AsBasicAutomationRuleAction is the BasicAutomationRuleAction implementation for AutomationRuleAction.
func (AutomationRuleAction) MarshalJSON ¶
func (ara AutomationRuleAction) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AutomationRuleAction.
type AutomationRuleCondition ¶
type AutomationRuleCondition struct { // ConditionType - Possible values include: 'ConditionTypeAutomationRuleCondition', 'ConditionTypeProperty' ConditionType ConditionType `json:"conditionType,omitempty"` }
AutomationRuleCondition describes an automation rule condition
func (AutomationRuleCondition) AsAutomationRuleCondition ¶
func (arc AutomationRuleCondition) AsAutomationRuleCondition() (*AutomationRuleCondition, bool)
AsAutomationRuleCondition is the BasicAutomationRuleCondition implementation for AutomationRuleCondition.
func (AutomationRuleCondition) AsAutomationRulePropertyValuesCondition ¶
func (arc AutomationRuleCondition) AsAutomationRulePropertyValuesCondition() (*AutomationRulePropertyValuesCondition, bool)
AsAutomationRulePropertyValuesCondition is the BasicAutomationRuleCondition implementation for AutomationRuleCondition.
func (AutomationRuleCondition) AsBasicAutomationRuleCondition ¶
func (arc AutomationRuleCondition) AsBasicAutomationRuleCondition() (BasicAutomationRuleCondition, bool)
AsBasicAutomationRuleCondition is the BasicAutomationRuleCondition implementation for AutomationRuleCondition.
func (AutomationRuleCondition) MarshalJSON ¶
func (arc AutomationRuleCondition) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AutomationRuleCondition.
type AutomationRuleModifyPropertiesAction ¶
type AutomationRuleModifyPropertiesAction struct { // ActionConfiguration - The configuration of the modify properties automation rule action ActionConfiguration *AutomationRuleModifyPropertiesActionActionConfiguration `json:"actionConfiguration,omitempty"` // Order - The order of execution of the automation rule action Order *int32 `json:"order,omitempty"` // ActionType - Possible values include: 'ActionTypeAutomationRuleAction', 'ActionTypeRunPlaybook', 'ActionTypeModifyProperties' ActionType ActionType `json:"actionType,omitempty"` }
AutomationRuleModifyPropertiesAction describes an automation rule action to modify an object's properties
func (AutomationRuleModifyPropertiesAction) AsAutomationRuleAction ¶
func (armpa AutomationRuleModifyPropertiesAction) AsAutomationRuleAction() (*AutomationRuleAction, bool)
AsAutomationRuleAction is the BasicAutomationRuleAction implementation for AutomationRuleModifyPropertiesAction.
func (AutomationRuleModifyPropertiesAction) AsAutomationRuleModifyPropertiesAction ¶
func (armpa AutomationRuleModifyPropertiesAction) AsAutomationRuleModifyPropertiesAction() (*AutomationRuleModifyPropertiesAction, bool)
AsAutomationRuleModifyPropertiesAction is the BasicAutomationRuleAction implementation for AutomationRuleModifyPropertiesAction.
func (AutomationRuleModifyPropertiesAction) AsAutomationRuleRunPlaybookAction ¶
func (armpa AutomationRuleModifyPropertiesAction) AsAutomationRuleRunPlaybookAction() (*AutomationRuleRunPlaybookAction, bool)
AsAutomationRuleRunPlaybookAction is the BasicAutomationRuleAction implementation for AutomationRuleModifyPropertiesAction.
func (AutomationRuleModifyPropertiesAction) AsBasicAutomationRuleAction ¶
func (armpa AutomationRuleModifyPropertiesAction) AsBasicAutomationRuleAction() (BasicAutomationRuleAction, bool)
AsBasicAutomationRuleAction is the BasicAutomationRuleAction implementation for AutomationRuleModifyPropertiesAction.
func (AutomationRuleModifyPropertiesAction) MarshalJSON ¶
func (armpa AutomationRuleModifyPropertiesAction) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AutomationRuleModifyPropertiesAction.
type AutomationRuleModifyPropertiesActionActionConfiguration ¶
type AutomationRuleModifyPropertiesActionActionConfiguration struct { // Classification - The reason the incident was closed. Possible values include: 'IncidentClassificationUndetermined', 'IncidentClassificationTruePositive', 'IncidentClassificationBenignPositive', 'IncidentClassificationFalsePositive' Classification IncidentClassification `json:"classification,omitempty"` // ClassificationComment - Describes the reason the incident was closed ClassificationComment *string `json:"classificationComment,omitempty"` // ClassificationReason - The classification reason the incident was closed with. Possible values include: 'IncidentClassificationReasonSuspiciousActivity', 'IncidentClassificationReasonSuspiciousButExpected', 'IncidentClassificationReasonIncorrectAlertLogic', 'IncidentClassificationReasonInaccurateData' ClassificationReason IncidentClassificationReason `json:"classificationReason,omitempty"` // Labels - List of labels to add to the incident Labels *[]IncidentLabel `json:"labels,omitempty"` // Owner - Describes a user that the incident is assigned to Owner *IncidentOwnerInfo `json:"owner,omitempty"` // Severity - The severity of the incident. Possible values include: 'IncidentSeverityHigh', 'IncidentSeverityMedium', 'IncidentSeverityLow', 'IncidentSeverityInformational' Severity IncidentSeverity `json:"severity,omitempty"` // Status - The status of the incident. Possible values include: 'IncidentStatusNew', 'IncidentStatusActive', 'IncidentStatusClosed' Status IncidentStatus `json:"status,omitempty"` }
AutomationRuleModifyPropertiesActionActionConfiguration the configuration of the modify properties automation rule action
type AutomationRuleProperties ¶
type AutomationRuleProperties struct { // DisplayName - The display name of the automation rule DisplayName *string `json:"displayName,omitempty"` // Order - The order of execution of the automation rule Order *int32 `json:"order,omitempty"` // TriggeringLogic - The triggering logic of the automation rule TriggeringLogic *AutomationRuleTriggeringLogic `json:"triggeringLogic,omitempty"` // Actions - The actions to execute when the automation rule is triggered Actions *[]BasicAutomationRuleAction `json:"actions,omitempty"` // CreatedTimeUtc - READ-ONLY; The time the automation rule was created CreatedTimeUtc *date.Time `json:"createdTimeUtc,omitempty"` // LastModifiedTimeUtc - READ-ONLY; The last time the automation rule was updated LastModifiedTimeUtc *date.Time `json:"lastModifiedTimeUtc,omitempty"` // CreatedBy - READ-ONLY; Describes the client that created the automation rule CreatedBy *ClientInfo `json:"createdBy,omitempty"` // LastModifiedBy - READ-ONLY; Describes the client that last updated the automation rule LastModifiedBy *ClientInfo `json:"lastModifiedBy,omitempty"` }
AutomationRuleProperties describes automation rule properties
func (AutomationRuleProperties) MarshalJSON ¶
func (arp AutomationRuleProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AutomationRuleProperties.
func (*AutomationRuleProperties) UnmarshalJSON ¶
func (arp *AutomationRuleProperties) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for AutomationRuleProperties struct.
type AutomationRulePropertyConditionSupportedOperator ¶
type AutomationRulePropertyConditionSupportedOperator string
AutomationRulePropertyConditionSupportedOperator enumerates the values for automation rule property condition supported operator.
const ( // AutomationRulePropertyConditionSupportedOperatorContains Evaluates if the property contains at least one // of the condition values AutomationRulePropertyConditionSupportedOperatorContains AutomationRulePropertyConditionSupportedOperator = "Contains" // AutomationRulePropertyConditionSupportedOperatorEndsWith Evaluates if the property ends with any of the // condition values AutomationRulePropertyConditionSupportedOperatorEndsWith AutomationRulePropertyConditionSupportedOperator = "EndsWith" // AutomationRulePropertyConditionSupportedOperatorEquals Evaluates if the property equals at least one of // the condition values AutomationRulePropertyConditionSupportedOperatorEquals AutomationRulePropertyConditionSupportedOperator = "Equals" // AutomationRulePropertyConditionSupportedOperatorNotContains Evaluates if the property does not contain // any of the condition values AutomationRulePropertyConditionSupportedOperatorNotContains AutomationRulePropertyConditionSupportedOperator = "NotContains" // AutomationRulePropertyConditionSupportedOperatorNotEndsWith Evaluates if the property does not end with // any of the condition values AutomationRulePropertyConditionSupportedOperatorNotEndsWith AutomationRulePropertyConditionSupportedOperator = "NotEndsWith" // AutomationRulePropertyConditionSupportedOperatorNotEquals Evaluates if the property does not equal any // of the condition values AutomationRulePropertyConditionSupportedOperatorNotEquals AutomationRulePropertyConditionSupportedOperator = "NotEquals" // AutomationRulePropertyConditionSupportedOperatorNotStartsWith Evaluates if the property does not start // with any of the condition values AutomationRulePropertyConditionSupportedOperatorNotStartsWith AutomationRulePropertyConditionSupportedOperator = "NotStartsWith" // AutomationRulePropertyConditionSupportedOperatorStartsWith Evaluates if the property starts with any of // the condition values AutomationRulePropertyConditionSupportedOperatorStartsWith AutomationRulePropertyConditionSupportedOperator = "StartsWith" )
func PossibleAutomationRulePropertyConditionSupportedOperatorValues ¶
func PossibleAutomationRulePropertyConditionSupportedOperatorValues() []AutomationRulePropertyConditionSupportedOperator
PossibleAutomationRulePropertyConditionSupportedOperatorValues returns an array of possible values for the AutomationRulePropertyConditionSupportedOperator const type.
type AutomationRulePropertyConditionSupportedProperty ¶
type AutomationRulePropertyConditionSupportedProperty string
AutomationRulePropertyConditionSupportedProperty enumerates the values for automation rule property condition supported property.
const ( // AutomationRulePropertyConditionSupportedPropertyAccountAadTenantID The account Azure Active Directory // tenant id AutomationRulePropertyConditionSupportedPropertyAccountAadTenantID AutomationRulePropertyConditionSupportedProperty = "AccountAadTenantId" // AutomationRulePropertyConditionSupportedPropertyAccountAadUserID The account Azure Active Directory user // id. AutomationRulePropertyConditionSupportedPropertyAccountAadUserID AutomationRulePropertyConditionSupportedProperty = "AccountAadUserId" // AutomationRulePropertyConditionSupportedPropertyAccountName The account name AutomationRulePropertyConditionSupportedPropertyAccountName AutomationRulePropertyConditionSupportedProperty = "AccountName" // AutomationRulePropertyConditionSupportedPropertyAccountNTDomain The account NetBIOS domain name AutomationRulePropertyConditionSupportedPropertyAccountNTDomain AutomationRulePropertyConditionSupportedProperty = "AccountNTDomain" // AutomationRulePropertyConditionSupportedPropertyAccountObjectGUID The account unique identifier AutomationRulePropertyConditionSupportedPropertyAccountObjectGUID AutomationRulePropertyConditionSupportedProperty = "AccountObjectGuid" // AutomationRulePropertyConditionSupportedPropertyAccountPUID The account Azure Active Directory Passport // User ID AutomationRulePropertyConditionSupportedPropertyAccountPUID AutomationRulePropertyConditionSupportedProperty = "AccountPUID" // AutomationRulePropertyConditionSupportedPropertyAccountSid The account security identifier AutomationRulePropertyConditionSupportedPropertyAccountSid AutomationRulePropertyConditionSupportedProperty = "AccountSid" // AutomationRulePropertyConditionSupportedPropertyAccountUPNSuffix The account user principal name suffix AutomationRulePropertyConditionSupportedPropertyAccountUPNSuffix AutomationRulePropertyConditionSupportedProperty = "AccountUPNSuffix" // AutomationRulePropertyConditionSupportedPropertyAzureResourceResourceID The Azure resource id AutomationRulePropertyConditionSupportedPropertyAzureResourceResourceID AutomationRulePropertyConditionSupportedProperty = "AzureResourceResourceId" // AutomationRulePropertyConditionSupportedPropertyAzureResourceSubscriptionID The Azure resource // subscription id AutomationRulePropertyConditionSupportedPropertyAzureResourceSubscriptionID AutomationRulePropertyConditionSupportedProperty = "AzureResourceSubscriptionId" // AutomationRulePropertyConditionSupportedPropertyCloudApplicationAppID The cloud application identifier AutomationRulePropertyConditionSupportedPropertyCloudApplicationAppID AutomationRulePropertyConditionSupportedProperty = "CloudApplicationAppId" // AutomationRulePropertyConditionSupportedPropertyCloudApplicationAppName The cloud application name AutomationRulePropertyConditionSupportedPropertyCloudApplicationAppName AutomationRulePropertyConditionSupportedProperty = "CloudApplicationAppName" // AutomationRulePropertyConditionSupportedPropertyDNSDomainName The dns record domain name AutomationRulePropertyConditionSupportedPropertyDNSDomainName AutomationRulePropertyConditionSupportedProperty = "DNSDomainName" // AutomationRulePropertyConditionSupportedPropertyFileDirectory The file directory full path AutomationRulePropertyConditionSupportedPropertyFileDirectory AutomationRulePropertyConditionSupportedProperty = "FileDirectory" // AutomationRulePropertyConditionSupportedPropertyFileHashValue The file hash value AutomationRulePropertyConditionSupportedPropertyFileHashValue AutomationRulePropertyConditionSupportedProperty = "FileHashValue" // AutomationRulePropertyConditionSupportedPropertyFileName The file name without path AutomationRulePropertyConditionSupportedPropertyFileName AutomationRulePropertyConditionSupportedProperty = "FileName" // AutomationRulePropertyConditionSupportedPropertyHostAzureID The host Azure resource id AutomationRulePropertyConditionSupportedPropertyHostAzureID AutomationRulePropertyConditionSupportedProperty = "HostAzureID" // AutomationRulePropertyConditionSupportedPropertyHostName The host name without domain AutomationRulePropertyConditionSupportedPropertyHostName AutomationRulePropertyConditionSupportedProperty = "HostName" // AutomationRulePropertyConditionSupportedPropertyHostNetBiosName The host NetBIOS name AutomationRulePropertyConditionSupportedPropertyHostNetBiosName AutomationRulePropertyConditionSupportedProperty = "HostNetBiosName" // AutomationRulePropertyConditionSupportedPropertyHostNTDomain The host NT domain AutomationRulePropertyConditionSupportedPropertyHostNTDomain AutomationRulePropertyConditionSupportedProperty = "HostNTDomain" // AutomationRulePropertyConditionSupportedPropertyHostOSVersion The host operating system AutomationRulePropertyConditionSupportedPropertyHostOSVersion AutomationRulePropertyConditionSupportedProperty = "HostOSVersion" // AutomationRulePropertyConditionSupportedPropertyIncidentDescription The description of the incident AutomationRulePropertyConditionSupportedPropertyIncidentDescription AutomationRulePropertyConditionSupportedProperty = "IncidentDescription" // AutomationRulePropertyConditionSupportedPropertyIncidentProviderName The provider name of the incident AutomationRulePropertyConditionSupportedPropertyIncidentProviderName AutomationRulePropertyConditionSupportedProperty = "IncidentProviderName" // AutomationRulePropertyConditionSupportedPropertyIncidentRelatedAnalyticRuleIds The related Analytic rule // ids of the incident AutomationRulePropertyConditionSupportedPropertyIncidentRelatedAnalyticRuleIds AutomationRulePropertyConditionSupportedProperty = "IncidentRelatedAnalyticRuleIds" // AutomationRulePropertyConditionSupportedPropertyIncidentSeverity The severity of the incident AutomationRulePropertyConditionSupportedPropertyIncidentSeverity AutomationRulePropertyConditionSupportedProperty = "IncidentSeverity" // AutomationRulePropertyConditionSupportedPropertyIncidentStatus The status of the incident AutomationRulePropertyConditionSupportedPropertyIncidentStatus AutomationRulePropertyConditionSupportedProperty = "IncidentStatus" // AutomationRulePropertyConditionSupportedPropertyIncidentTactics The tactics of the incident AutomationRulePropertyConditionSupportedPropertyIncidentTactics AutomationRulePropertyConditionSupportedProperty = "IncidentTactics" // AutomationRulePropertyConditionSupportedPropertyIncidentTitle The title of the incident AutomationRulePropertyConditionSupportedPropertyIncidentTitle AutomationRulePropertyConditionSupportedProperty = "IncidentTitle" // AutomationRulePropertyConditionSupportedPropertyIoTDeviceID The IoT device id AutomationRulePropertyConditionSupportedPropertyIoTDeviceID AutomationRulePropertyConditionSupportedProperty = "IoTDeviceId" // AutomationRulePropertyConditionSupportedPropertyIoTDeviceModel The IoT device model AutomationRulePropertyConditionSupportedPropertyIoTDeviceModel AutomationRulePropertyConditionSupportedProperty = "IoTDeviceModel" // AutomationRulePropertyConditionSupportedPropertyIoTDeviceName The IoT device name AutomationRulePropertyConditionSupportedPropertyIoTDeviceName AutomationRulePropertyConditionSupportedProperty = "IoTDeviceName" // AutomationRulePropertyConditionSupportedPropertyIoTDeviceOperatingSystem The IoT device operating system AutomationRulePropertyConditionSupportedPropertyIoTDeviceOperatingSystem AutomationRulePropertyConditionSupportedProperty = "IoTDeviceOperatingSystem" // AutomationRulePropertyConditionSupportedPropertyIoTDeviceType The IoT device type AutomationRulePropertyConditionSupportedPropertyIoTDeviceType AutomationRulePropertyConditionSupportedProperty = "IoTDeviceType" // AutomationRulePropertyConditionSupportedPropertyIoTDeviceVendor The IoT device vendor AutomationRulePropertyConditionSupportedPropertyIoTDeviceVendor AutomationRulePropertyConditionSupportedProperty = "IoTDeviceVendor" // AutomationRulePropertyConditionSupportedPropertyIPAddress The IP address AutomationRulePropertyConditionSupportedPropertyIPAddress AutomationRulePropertyConditionSupportedProperty = "IPAddress" // AutomationRulePropertyConditionSupportedPropertyMailboxDisplayName The mailbox display name AutomationRulePropertyConditionSupportedPropertyMailboxDisplayName AutomationRulePropertyConditionSupportedProperty = "MailboxDisplayName" // AutomationRulePropertyConditionSupportedPropertyMailboxPrimaryAddress The mailbox primary address AutomationRulePropertyConditionSupportedPropertyMailboxPrimaryAddress AutomationRulePropertyConditionSupportedProperty = "MailboxPrimaryAddress" // AutomationRulePropertyConditionSupportedPropertyMailboxUPN The mailbox user principal name AutomationRulePropertyConditionSupportedPropertyMailboxUPN AutomationRulePropertyConditionSupportedProperty = "MailboxUPN" // AutomationRulePropertyConditionSupportedPropertyMailMessageDeliveryAction The mail message delivery // action AutomationRulePropertyConditionSupportedPropertyMailMessageDeliveryAction AutomationRulePropertyConditionSupportedProperty = "MailMessageDeliveryAction" // AutomationRulePropertyConditionSupportedPropertyMailMessageDeliveryLocation The mail message delivery // location AutomationRulePropertyConditionSupportedPropertyMailMessageDeliveryLocation AutomationRulePropertyConditionSupportedProperty = "MailMessageDeliveryLocation" // AutomationRulePropertyConditionSupportedPropertyMailMessageP1Sender The mail message P1 sender AutomationRulePropertyConditionSupportedPropertyMailMessageP1Sender AutomationRulePropertyConditionSupportedProperty = "MailMessageP1Sender" // AutomationRulePropertyConditionSupportedPropertyMailMessageP2Sender The mail message P2 sender AutomationRulePropertyConditionSupportedPropertyMailMessageP2Sender AutomationRulePropertyConditionSupportedProperty = "MailMessageP2Sender" // AutomationRulePropertyConditionSupportedPropertyMailMessageRecipient The mail message recipient AutomationRulePropertyConditionSupportedPropertyMailMessageRecipient AutomationRulePropertyConditionSupportedProperty = "MailMessageRecipient" // AutomationRulePropertyConditionSupportedPropertyMailMessageSenderIP The mail message sender IP address AutomationRulePropertyConditionSupportedPropertyMailMessageSenderIP AutomationRulePropertyConditionSupportedProperty = "MailMessageSenderIP" // AutomationRulePropertyConditionSupportedPropertyMailMessageSubject The mail message subject AutomationRulePropertyConditionSupportedPropertyMailMessageSubject AutomationRulePropertyConditionSupportedProperty = "MailMessageSubject" // AutomationRulePropertyConditionSupportedPropertyMalwareCategory The malware category AutomationRulePropertyConditionSupportedPropertyMalwareCategory AutomationRulePropertyConditionSupportedProperty = "MalwareCategory" // AutomationRulePropertyConditionSupportedPropertyMalwareName The malware name AutomationRulePropertyConditionSupportedPropertyMalwareName AutomationRulePropertyConditionSupportedProperty = "MalwareName" // AutomationRulePropertyConditionSupportedPropertyProcessCommandLine The process execution command line AutomationRulePropertyConditionSupportedPropertyProcessCommandLine AutomationRulePropertyConditionSupportedProperty = "ProcessCommandLine" // AutomationRulePropertyConditionSupportedPropertyProcessID The process id AutomationRulePropertyConditionSupportedPropertyProcessID AutomationRulePropertyConditionSupportedProperty = "ProcessId" // AutomationRulePropertyConditionSupportedPropertyRegistryKey The registry key path AutomationRulePropertyConditionSupportedPropertyRegistryKey AutomationRulePropertyConditionSupportedProperty = "RegistryKey" // AutomationRulePropertyConditionSupportedPropertyRegistryValueData The registry key value in string // formatted representation AutomationRulePropertyConditionSupportedPropertyRegistryValueData AutomationRulePropertyConditionSupportedProperty = "RegistryValueData" // AutomationRulePropertyConditionSupportedPropertyURL The url AutomationRulePropertyConditionSupportedPropertyURL AutomationRulePropertyConditionSupportedProperty = "Url" )
func PossibleAutomationRulePropertyConditionSupportedPropertyValues ¶
func PossibleAutomationRulePropertyConditionSupportedPropertyValues() []AutomationRulePropertyConditionSupportedProperty
PossibleAutomationRulePropertyConditionSupportedPropertyValues returns an array of possible values for the AutomationRulePropertyConditionSupportedProperty const type.
type AutomationRulePropertyValuesCondition ¶
type AutomationRulePropertyValuesCondition struct { // ConditionProperties - The configuration of the automation rule condition ConditionProperties *AutomationRulePropertyValuesConditionConditionProperties `json:"conditionProperties,omitempty"` // ConditionType - Possible values include: 'ConditionTypeAutomationRuleCondition', 'ConditionTypeProperty' ConditionType ConditionType `json:"conditionType,omitempty"` }
AutomationRulePropertyValuesCondition describes an automation rule condition that evaluates a property's value
func (AutomationRulePropertyValuesCondition) AsAutomationRuleCondition ¶
func (arpvc AutomationRulePropertyValuesCondition) AsAutomationRuleCondition() (*AutomationRuleCondition, bool)
AsAutomationRuleCondition is the BasicAutomationRuleCondition implementation for AutomationRulePropertyValuesCondition.
func (AutomationRulePropertyValuesCondition) AsAutomationRulePropertyValuesCondition ¶
func (arpvc AutomationRulePropertyValuesCondition) AsAutomationRulePropertyValuesCondition() (*AutomationRulePropertyValuesCondition, bool)
AsAutomationRulePropertyValuesCondition is the BasicAutomationRuleCondition implementation for AutomationRulePropertyValuesCondition.
func (AutomationRulePropertyValuesCondition) AsBasicAutomationRuleCondition ¶
func (arpvc AutomationRulePropertyValuesCondition) AsBasicAutomationRuleCondition() (BasicAutomationRuleCondition, bool)
AsBasicAutomationRuleCondition is the BasicAutomationRuleCondition implementation for AutomationRulePropertyValuesCondition.
func (AutomationRulePropertyValuesCondition) MarshalJSON ¶
func (arpvc AutomationRulePropertyValuesCondition) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AutomationRulePropertyValuesCondition.
type AutomationRulePropertyValuesConditionConditionProperties ¶
type AutomationRulePropertyValuesConditionConditionProperties struct { // PropertyName - The property to evaluate. Possible values include: 'AutomationRulePropertyConditionSupportedPropertyIncidentTitle', 'AutomationRulePropertyConditionSupportedPropertyIncidentDescription', 'AutomationRulePropertyConditionSupportedPropertyIncidentSeverity', 'AutomationRulePropertyConditionSupportedPropertyIncidentStatus', 'AutomationRulePropertyConditionSupportedPropertyIncidentTactics', 'AutomationRulePropertyConditionSupportedPropertyIncidentRelatedAnalyticRuleIds', 'AutomationRulePropertyConditionSupportedPropertyIncidentProviderName', 'AutomationRulePropertyConditionSupportedPropertyAccountAadTenantID', 'AutomationRulePropertyConditionSupportedPropertyAccountAadUserID', 'AutomationRulePropertyConditionSupportedPropertyAccountName', 'AutomationRulePropertyConditionSupportedPropertyAccountNTDomain', 'AutomationRulePropertyConditionSupportedPropertyAccountPUID', 'AutomationRulePropertyConditionSupportedPropertyAccountSid', 'AutomationRulePropertyConditionSupportedPropertyAccountObjectGUID', 'AutomationRulePropertyConditionSupportedPropertyAccountUPNSuffix', 'AutomationRulePropertyConditionSupportedPropertyAzureResourceResourceID', 'AutomationRulePropertyConditionSupportedPropertyAzureResourceSubscriptionID', 'AutomationRulePropertyConditionSupportedPropertyCloudApplicationAppID', 'AutomationRulePropertyConditionSupportedPropertyCloudApplicationAppName', 'AutomationRulePropertyConditionSupportedPropertyDNSDomainName', 'AutomationRulePropertyConditionSupportedPropertyFileDirectory', 'AutomationRulePropertyConditionSupportedPropertyFileName', 'AutomationRulePropertyConditionSupportedPropertyFileHashValue', 'AutomationRulePropertyConditionSupportedPropertyHostAzureID', 'AutomationRulePropertyConditionSupportedPropertyHostName', 'AutomationRulePropertyConditionSupportedPropertyHostNetBiosName', 'AutomationRulePropertyConditionSupportedPropertyHostNTDomain', 'AutomationRulePropertyConditionSupportedPropertyHostOSVersion', 'AutomationRulePropertyConditionSupportedPropertyIoTDeviceID', 'AutomationRulePropertyConditionSupportedPropertyIoTDeviceName', 'AutomationRulePropertyConditionSupportedPropertyIoTDeviceType', 'AutomationRulePropertyConditionSupportedPropertyIoTDeviceVendor', 'AutomationRulePropertyConditionSupportedPropertyIoTDeviceModel', 'AutomationRulePropertyConditionSupportedPropertyIoTDeviceOperatingSystem', 'AutomationRulePropertyConditionSupportedPropertyIPAddress', 'AutomationRulePropertyConditionSupportedPropertyMailboxDisplayName', 'AutomationRulePropertyConditionSupportedPropertyMailboxPrimaryAddress', 'AutomationRulePropertyConditionSupportedPropertyMailboxUPN', 'AutomationRulePropertyConditionSupportedPropertyMailMessageDeliveryAction', 'AutomationRulePropertyConditionSupportedPropertyMailMessageDeliveryLocation', 'AutomationRulePropertyConditionSupportedPropertyMailMessageRecipient', 'AutomationRulePropertyConditionSupportedPropertyMailMessageSenderIP', 'AutomationRulePropertyConditionSupportedPropertyMailMessageSubject', 'AutomationRulePropertyConditionSupportedPropertyMailMessageP1Sender', 'AutomationRulePropertyConditionSupportedPropertyMailMessageP2Sender', 'AutomationRulePropertyConditionSupportedPropertyMalwareCategory', 'AutomationRulePropertyConditionSupportedPropertyMalwareName', 'AutomationRulePropertyConditionSupportedPropertyProcessCommandLine', 'AutomationRulePropertyConditionSupportedPropertyProcessID', 'AutomationRulePropertyConditionSupportedPropertyRegistryKey', 'AutomationRulePropertyConditionSupportedPropertyRegistryValueData', 'AutomationRulePropertyConditionSupportedPropertyURL' PropertyName AutomationRulePropertyConditionSupportedProperty `json:"propertyName,omitempty"` // Operator - The operator to use for evaluation the condition. Possible values include: 'AutomationRulePropertyConditionSupportedOperatorEquals', 'AutomationRulePropertyConditionSupportedOperatorNotEquals', 'AutomationRulePropertyConditionSupportedOperatorContains', 'AutomationRulePropertyConditionSupportedOperatorNotContains', 'AutomationRulePropertyConditionSupportedOperatorStartsWith', 'AutomationRulePropertyConditionSupportedOperatorNotStartsWith', 'AutomationRulePropertyConditionSupportedOperatorEndsWith', 'AutomationRulePropertyConditionSupportedOperatorNotEndsWith' Operator AutomationRulePropertyConditionSupportedOperator `json:"operator,omitempty"` // PropertyValues - The values to use for evaluating the condition PropertyValues *[]string `json:"propertyValues,omitempty"` }
AutomationRulePropertyValuesConditionConditionProperties the configuration of the automation rule condition
type AutomationRuleRunPlaybookAction ¶
type AutomationRuleRunPlaybookAction struct { // ActionConfiguration - The configuration of the run playbook automation rule action ActionConfiguration *AutomationRuleRunPlaybookActionActionConfiguration `json:"actionConfiguration,omitempty"` // Order - The order of execution of the automation rule action Order *int32 `json:"order,omitempty"` // ActionType - Possible values include: 'ActionTypeAutomationRuleAction', 'ActionTypeRunPlaybook', 'ActionTypeModifyProperties' ActionType ActionType `json:"actionType,omitempty"` }
AutomationRuleRunPlaybookAction describes an automation rule action to run a playbook
func (AutomationRuleRunPlaybookAction) AsAutomationRuleAction ¶
func (arrpa AutomationRuleRunPlaybookAction) AsAutomationRuleAction() (*AutomationRuleAction, bool)
AsAutomationRuleAction is the BasicAutomationRuleAction implementation for AutomationRuleRunPlaybookAction.
func (AutomationRuleRunPlaybookAction) AsAutomationRuleModifyPropertiesAction ¶
func (arrpa AutomationRuleRunPlaybookAction) AsAutomationRuleModifyPropertiesAction() (*AutomationRuleModifyPropertiesAction, bool)
AsAutomationRuleModifyPropertiesAction is the BasicAutomationRuleAction implementation for AutomationRuleRunPlaybookAction.
func (AutomationRuleRunPlaybookAction) AsAutomationRuleRunPlaybookAction ¶
func (arrpa AutomationRuleRunPlaybookAction) AsAutomationRuleRunPlaybookAction() (*AutomationRuleRunPlaybookAction, bool)
AsAutomationRuleRunPlaybookAction is the BasicAutomationRuleAction implementation for AutomationRuleRunPlaybookAction.
func (AutomationRuleRunPlaybookAction) AsBasicAutomationRuleAction ¶
func (arrpa AutomationRuleRunPlaybookAction) AsBasicAutomationRuleAction() (BasicAutomationRuleAction, bool)
AsBasicAutomationRuleAction is the BasicAutomationRuleAction implementation for AutomationRuleRunPlaybookAction.
func (AutomationRuleRunPlaybookAction) MarshalJSON ¶
func (arrpa AutomationRuleRunPlaybookAction) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AutomationRuleRunPlaybookAction.
type AutomationRuleRunPlaybookActionActionConfiguration ¶
type AutomationRuleRunPlaybookActionActionConfiguration struct { // LogicAppResourceID - The resource id of the playbook resource LogicAppResourceID *string `json:"logicAppResourceId,omitempty"` // TenantID - The tenant id of the playbook resource TenantID *string `json:"tenantId,omitempty"` }
AutomationRuleRunPlaybookActionActionConfiguration the configuration of the run playbook automation rule action
type AutomationRuleTriggeringLogic ¶
type AutomationRuleTriggeringLogic struct { // IsEnabled - Determines whether the automation rule is enabled or disabled. IsEnabled *bool `json:"isEnabled,omitempty"` // ExpirationTimeUtc - Determines when the automation rule should automatically expire and be disabled. ExpirationTimeUtc *date.Time `json:"expirationTimeUtc,omitempty"` // TriggersOn - The type of object the automation rule triggers on TriggersOn *string `json:"triggersOn,omitempty"` // TriggersWhen - The type of event the automation rule triggers on TriggersWhen *string `json:"triggersWhen,omitempty"` // Conditions - The conditions to evaluate to determine if the automation rule should be triggered on a given object Conditions *[]BasicAutomationRuleCondition `json:"conditions,omitempty"` }
AutomationRuleTriggeringLogic describes automation rule triggering logic
func (*AutomationRuleTriggeringLogic) UnmarshalJSON ¶
func (artl *AutomationRuleTriggeringLogic) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for AutomationRuleTriggeringLogic struct.
type AutomationRulesClient ¶
type AutomationRulesClient struct {
BaseClient
}
AutomationRulesClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewAutomationRulesClient ¶
func NewAutomationRulesClient(subscriptionID string) AutomationRulesClient
NewAutomationRulesClient creates an instance of the AutomationRulesClient client.
func NewAutomationRulesClientWithBaseURI ¶
func NewAutomationRulesClientWithBaseURI(baseURI string, subscriptionID string) AutomationRulesClient
NewAutomationRulesClientWithBaseURI creates an instance of the AutomationRulesClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (AutomationRulesClient) CreateOrUpdate ¶
func (client AutomationRulesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, automationRuleID string, automationRule AutomationRule) (result AutomationRule, err error)
CreateOrUpdate creates or updates the automation rule. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. automationRuleID - automation rule ID automationRule - the automation rule
func (AutomationRulesClient) CreateOrUpdatePreparer ¶
func (client AutomationRulesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, automationRuleID string, automationRule AutomationRule) (*http.Request, error)
CreateOrUpdatePreparer prepares the CreateOrUpdate request.
func (AutomationRulesClient) CreateOrUpdateResponder ¶
func (client AutomationRulesClient) CreateOrUpdateResponder(resp *http.Response) (result AutomationRule, err error)
CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always closes the http.Response Body.
func (AutomationRulesClient) CreateOrUpdateSender ¶
CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the http.Response Body if it receives an error.
func (AutomationRulesClient) Delete ¶
func (client AutomationRulesClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, automationRuleID string) (result autorest.Response, err error)
Delete delete the automation rule. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. automationRuleID - automation rule ID
func (AutomationRulesClient) DeletePreparer ¶
func (client AutomationRulesClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, automationRuleID string) (*http.Request, error)
DeletePreparer prepares the Delete request.
func (AutomationRulesClient) DeleteResponder ¶
func (client AutomationRulesClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
DeleteResponder handles the response to the Delete request. The method always closes the http.Response Body.
func (AutomationRulesClient) DeleteSender ¶
DeleteSender sends the Delete request. The method will close the http.Response Body if it receives an error.
func (AutomationRulesClient) Get ¶
func (client AutomationRulesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, automationRuleID string) (result AutomationRule, err error)
Get gets the automation rule. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. automationRuleID - automation rule ID
func (AutomationRulesClient) GetPreparer ¶
func (client AutomationRulesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, automationRuleID string) (*http.Request, error)
GetPreparer prepares the Get request.
func (AutomationRulesClient) GetResponder ¶
func (client AutomationRulesClient) GetResponder(resp *http.Response) (result AutomationRule, err error)
GetResponder handles the response to the Get request. The method always closes the http.Response Body.
func (AutomationRulesClient) GetSender ¶
GetSender sends the Get request. The method will close the http.Response Body if it receives an error.
func (AutomationRulesClient) List ¶
func (client AutomationRulesClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result AutomationRulesListPage, err error)
List gets all automation rules. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace.
func (AutomationRulesClient) ListComplete ¶
func (client AutomationRulesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result AutomationRulesListIterator, err error)
ListComplete enumerates all values, automatically crossing page boundaries as required.
func (AutomationRulesClient) ListPreparer ¶
func (client AutomationRulesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
ListPreparer prepares the List request.
func (AutomationRulesClient) ListResponder ¶
func (client AutomationRulesClient) ListResponder(resp *http.Response) (result AutomationRulesList, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (AutomationRulesClient) ListSender ¶
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
type AutomationRulesList ¶
type AutomationRulesList struct { autorest.Response `json:"-"` // NextLink - READ-ONLY; URL to fetch the next set of automation rules. NextLink *string `json:"nextLink,omitempty"` // Value - Array of automation rules. Value *[]AutomationRule `json:"value,omitempty"` }
AutomationRulesList list all the automation rules.
func (AutomationRulesList) IsEmpty ¶
func (arl AutomationRulesList) IsEmpty() bool
IsEmpty returns true if the ListResult contains no values.
func (AutomationRulesList) MarshalJSON ¶
func (arl AutomationRulesList) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AutomationRulesList.
type AutomationRulesListIterator ¶
type AutomationRulesListIterator struct {
// contains filtered or unexported fields
}
AutomationRulesListIterator provides access to a complete listing of AutomationRule values.
func NewAutomationRulesListIterator ¶
func NewAutomationRulesListIterator(page AutomationRulesListPage) AutomationRulesListIterator
Creates a new instance of the AutomationRulesListIterator type.
func (*AutomationRulesListIterator) Next ¶
func (iter *AutomationRulesListIterator) Next() error
Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*AutomationRulesListIterator) NextWithContext ¶
func (iter *AutomationRulesListIterator) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.
func (AutomationRulesListIterator) NotDone ¶
func (iter AutomationRulesListIterator) NotDone() bool
NotDone returns true if the enumeration should be started or is not yet complete.
func (AutomationRulesListIterator) Response ¶
func (iter AutomationRulesListIterator) Response() AutomationRulesList
Response returns the raw server response from the last page request.
func (AutomationRulesListIterator) Value ¶
func (iter AutomationRulesListIterator) Value() AutomationRule
Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.
type AutomationRulesListPage ¶
type AutomationRulesListPage struct {
// contains filtered or unexported fields
}
AutomationRulesListPage contains a page of AutomationRule values.
func NewAutomationRulesListPage ¶
func NewAutomationRulesListPage(cur AutomationRulesList, getNextPage func(context.Context, AutomationRulesList) (AutomationRulesList, error)) AutomationRulesListPage
Creates a new instance of the AutomationRulesListPage type.
func (*AutomationRulesListPage) Next ¶
func (page *AutomationRulesListPage) Next() error
Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*AutomationRulesListPage) NextWithContext ¶
func (page *AutomationRulesListPage) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.
func (AutomationRulesListPage) NotDone ¶
func (page AutomationRulesListPage) NotDone() bool
NotDone returns true if the page enumeration should be started or is not yet complete.
func (AutomationRulesListPage) Response ¶
func (page AutomationRulesListPage) Response() AutomationRulesList
Response returns the raw server response from the last page request.
func (AutomationRulesListPage) Values ¶
func (page AutomationRulesListPage) Values() []AutomationRule
Values returns the slice of values for the current page or nil if there are no values.
type Availability ¶
type Availability struct { // Status - The connector Availability Status Status *int32 `json:"status,omitempty"` // IsPreview - Set connector as preview IsPreview *bool `json:"isPreview,omitempty"` }
Availability connector Availability Status
type AwsCloudTrailCheckRequirements ¶
type AwsCloudTrailCheckRequirements struct { // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` }
AwsCloudTrailCheckRequirements amazon Web Services CloudTrail requirements check request.
func (AwsCloudTrailCheckRequirements) AsAADCheckRequirements ¶
func (actcr AwsCloudTrailCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsCloudTrailCheckRequirements.
func (AwsCloudTrailCheckRequirements) AsAATPCheckRequirements ¶
func (actcr AwsCloudTrailCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsCloudTrailCheckRequirements.
func (AwsCloudTrailCheckRequirements) AsASCCheckRequirements ¶
func (actcr AwsCloudTrailCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsCloudTrailCheckRequirements.
func (AwsCloudTrailCheckRequirements) AsAwsCloudTrailCheckRequirements ¶
func (actcr AwsCloudTrailCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsCloudTrailCheckRequirements.
func (AwsCloudTrailCheckRequirements) AsAwsS3CheckRequirements ¶
func (actcr AwsCloudTrailCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsCloudTrailCheckRequirements.
func (AwsCloudTrailCheckRequirements) AsBasicDataConnectorsCheckRequirements ¶
func (actcr AwsCloudTrailCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsCloudTrailCheckRequirements.
func (AwsCloudTrailCheckRequirements) AsDataConnectorsCheckRequirements ¶
func (actcr AwsCloudTrailCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsCloudTrailCheckRequirements.
func (AwsCloudTrailCheckRequirements) AsDynamics365CheckRequirements ¶
func (actcr AwsCloudTrailCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsCloudTrailCheckRequirements.
func (AwsCloudTrailCheckRequirements) AsMCASCheckRequirements ¶
func (actcr AwsCloudTrailCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsCloudTrailCheckRequirements.
func (AwsCloudTrailCheckRequirements) AsMDATPCheckRequirements ¶
func (actcr AwsCloudTrailCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsCloudTrailCheckRequirements.
func (AwsCloudTrailCheckRequirements) AsMSTICheckRequirements ¶
func (actcr AwsCloudTrailCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsCloudTrailCheckRequirements.
func (AwsCloudTrailCheckRequirements) AsMtpCheckRequirements ¶
func (actcr AwsCloudTrailCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsCloudTrailCheckRequirements.
func (AwsCloudTrailCheckRequirements) AsOfficeATPCheckRequirements ¶
func (actcr AwsCloudTrailCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsCloudTrailCheckRequirements.
func (AwsCloudTrailCheckRequirements) AsOfficeIRMCheckRequirements ¶
func (actcr AwsCloudTrailCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsCloudTrailCheckRequirements.
func (AwsCloudTrailCheckRequirements) AsTICheckRequirements ¶
func (actcr AwsCloudTrailCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsCloudTrailCheckRequirements.
func (AwsCloudTrailCheckRequirements) AsTiTaxiiCheckRequirements ¶
func (actcr AwsCloudTrailCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsCloudTrailCheckRequirements.
func (AwsCloudTrailCheckRequirements) MarshalJSON ¶
func (actcr AwsCloudTrailCheckRequirements) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AwsCloudTrailCheckRequirements.
type AwsCloudTrailDataConnector ¶
type AwsCloudTrailDataConnector struct { // AwsCloudTrailDataConnectorProperties - Amazon Web Services CloudTrail data connector properties. *AwsCloudTrailDataConnectorProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' Kind KindBasicDataConnector `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
AwsCloudTrailDataConnector represents Amazon Web Services CloudTrail data connector.
func (AwsCloudTrailDataConnector) AsAADDataConnector ¶
func (actdc AwsCloudTrailDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
AsAADDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.
func (AwsCloudTrailDataConnector) AsAATPDataConnector ¶
func (actdc AwsCloudTrailDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
AsAATPDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.
func (AwsCloudTrailDataConnector) AsASCDataConnector ¶
func (actdc AwsCloudTrailDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
AsASCDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.
func (AwsCloudTrailDataConnector) AsAwsCloudTrailDataConnector ¶
func (actdc AwsCloudTrailDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.
func (AwsCloudTrailDataConnector) AsAwsS3DataConnector ¶
func (actdc AwsCloudTrailDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
AsAwsS3DataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.
func (AwsCloudTrailDataConnector) AsBasicDataConnector ¶
func (actdc AwsCloudTrailDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
AsBasicDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.
func (AwsCloudTrailDataConnector) AsCodelessAPIPollingDataConnector ¶
func (actdc AwsCloudTrailDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.
func (AwsCloudTrailDataConnector) AsCodelessUIDataConnector ¶
func (actdc AwsCloudTrailDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
AsCodelessUIDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.
func (AwsCloudTrailDataConnector) AsDataConnector ¶
func (actdc AwsCloudTrailDataConnector) AsDataConnector() (*DataConnector, bool)
AsDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.
func (AwsCloudTrailDataConnector) AsDynamics365DataConnector ¶
func (actdc AwsCloudTrailDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
AsDynamics365DataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.
func (AwsCloudTrailDataConnector) AsMCASDataConnector ¶
func (actdc AwsCloudTrailDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
AsMCASDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.
func (AwsCloudTrailDataConnector) AsMDATPDataConnector ¶
func (actdc AwsCloudTrailDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
AsMDATPDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.
func (AwsCloudTrailDataConnector) AsMSTIDataConnector ¶
func (actdc AwsCloudTrailDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
AsMSTIDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.
func (AwsCloudTrailDataConnector) AsMTPDataConnector ¶
func (actdc AwsCloudTrailDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
AsMTPDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.
func (AwsCloudTrailDataConnector) AsOfficeATPDataConnector ¶
func (actdc AwsCloudTrailDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
AsOfficeATPDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.
func (AwsCloudTrailDataConnector) AsOfficeDataConnector ¶
func (actdc AwsCloudTrailDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
AsOfficeDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.
func (AwsCloudTrailDataConnector) AsOfficeIRMDataConnector ¶
func (actdc AwsCloudTrailDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
AsOfficeIRMDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.
func (AwsCloudTrailDataConnector) AsTIDataConnector ¶
func (actdc AwsCloudTrailDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
AsTIDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.
func (AwsCloudTrailDataConnector) AsTiTaxiiDataConnector ¶
func (actdc AwsCloudTrailDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
AsTiTaxiiDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.
func (AwsCloudTrailDataConnector) MarshalJSON ¶
func (actdc AwsCloudTrailDataConnector) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AwsCloudTrailDataConnector.
func (*AwsCloudTrailDataConnector) UnmarshalJSON ¶
func (actdc *AwsCloudTrailDataConnector) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for AwsCloudTrailDataConnector struct.
type AwsCloudTrailDataConnectorDataTypes ¶
type AwsCloudTrailDataConnectorDataTypes struct { // Logs - Logs data type. Logs *AwsCloudTrailDataConnectorDataTypesLogs `json:"logs,omitempty"` }
AwsCloudTrailDataConnectorDataTypes the available data types for Amazon Web Services CloudTrail data connector.
type AwsCloudTrailDataConnectorDataTypesLogs ¶
type AwsCloudTrailDataConnectorDataTypesLogs struct { // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' State DataTypeState `json:"state,omitempty"` }
AwsCloudTrailDataConnectorDataTypesLogs logs data type.
type AwsCloudTrailDataConnectorProperties ¶
type AwsCloudTrailDataConnectorProperties struct { // AwsRoleArn - The Aws Role Arn (with CloudTrailReadOnly policy) that is used to access the Aws account. AwsRoleArn *string `json:"awsRoleArn,omitempty"` // DataTypes - The available data types for the connector. DataTypes *AwsCloudTrailDataConnectorDataTypes `json:"dataTypes,omitempty"` }
AwsCloudTrailDataConnectorProperties amazon Web Services CloudTrail data connector properties.
type AwsS3CheckRequirements ¶
type AwsS3CheckRequirements struct { // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` }
AwsS3CheckRequirements amazon Web Services S3 requirements check request.
func (AwsS3CheckRequirements) AsAADCheckRequirements ¶
func (ascr AwsS3CheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements.
func (AwsS3CheckRequirements) AsAATPCheckRequirements ¶
func (ascr AwsS3CheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements.
func (AwsS3CheckRequirements) AsASCCheckRequirements ¶
func (ascr AwsS3CheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements.
func (AwsS3CheckRequirements) AsAwsCloudTrailCheckRequirements ¶
func (ascr AwsS3CheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements.
func (AwsS3CheckRequirements) AsAwsS3CheckRequirements ¶
func (ascr AwsS3CheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements.
func (AwsS3CheckRequirements) AsBasicDataConnectorsCheckRequirements ¶
func (ascr AwsS3CheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements.
func (AwsS3CheckRequirements) AsDataConnectorsCheckRequirements ¶
func (ascr AwsS3CheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements.
func (AwsS3CheckRequirements) AsDynamics365CheckRequirements ¶
func (ascr AwsS3CheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements.
func (AwsS3CheckRequirements) AsMCASCheckRequirements ¶
func (ascr AwsS3CheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements.
func (AwsS3CheckRequirements) AsMDATPCheckRequirements ¶
func (ascr AwsS3CheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements.
func (AwsS3CheckRequirements) AsMSTICheckRequirements ¶
func (ascr AwsS3CheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements.
func (AwsS3CheckRequirements) AsMtpCheckRequirements ¶
func (ascr AwsS3CheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements.
func (AwsS3CheckRequirements) AsOfficeATPCheckRequirements ¶
func (ascr AwsS3CheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements.
func (AwsS3CheckRequirements) AsOfficeIRMCheckRequirements ¶
func (ascr AwsS3CheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements.
func (AwsS3CheckRequirements) AsTICheckRequirements ¶
func (ascr AwsS3CheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements.
func (AwsS3CheckRequirements) AsTiTaxiiCheckRequirements ¶
func (ascr AwsS3CheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements.
func (AwsS3CheckRequirements) MarshalJSON ¶
func (ascr AwsS3CheckRequirements) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AwsS3CheckRequirements.
type AwsS3DataConnector ¶
type AwsS3DataConnector struct { // AwsS3DataConnectorProperties - Amazon Web Services S3 data connector properties. *AwsS3DataConnectorProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' Kind KindBasicDataConnector `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
AwsS3DataConnector represents Amazon Web Services S3 data connector.
func (AwsS3DataConnector) AsAADDataConnector ¶
func (asdc AwsS3DataConnector) AsAADDataConnector() (*AADDataConnector, bool)
AsAADDataConnector is the BasicDataConnector implementation for AwsS3DataConnector.
func (AwsS3DataConnector) AsAATPDataConnector ¶
func (asdc AwsS3DataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
AsAATPDataConnector is the BasicDataConnector implementation for AwsS3DataConnector.
func (AwsS3DataConnector) AsASCDataConnector ¶
func (asdc AwsS3DataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
AsASCDataConnector is the BasicDataConnector implementation for AwsS3DataConnector.
func (AwsS3DataConnector) AsAwsCloudTrailDataConnector ¶
func (asdc AwsS3DataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for AwsS3DataConnector.
func (AwsS3DataConnector) AsAwsS3DataConnector ¶
func (asdc AwsS3DataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
AsAwsS3DataConnector is the BasicDataConnector implementation for AwsS3DataConnector.
func (AwsS3DataConnector) AsBasicDataConnector ¶
func (asdc AwsS3DataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
AsBasicDataConnector is the BasicDataConnector implementation for AwsS3DataConnector.
func (AwsS3DataConnector) AsCodelessAPIPollingDataConnector ¶
func (asdc AwsS3DataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for AwsS3DataConnector.
func (AwsS3DataConnector) AsCodelessUIDataConnector ¶
func (asdc AwsS3DataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
AsCodelessUIDataConnector is the BasicDataConnector implementation for AwsS3DataConnector.
func (AwsS3DataConnector) AsDataConnector ¶
func (asdc AwsS3DataConnector) AsDataConnector() (*DataConnector, bool)
AsDataConnector is the BasicDataConnector implementation for AwsS3DataConnector.
func (AwsS3DataConnector) AsDynamics365DataConnector ¶
func (asdc AwsS3DataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
AsDynamics365DataConnector is the BasicDataConnector implementation for AwsS3DataConnector.
func (AwsS3DataConnector) AsMCASDataConnector ¶
func (asdc AwsS3DataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
AsMCASDataConnector is the BasicDataConnector implementation for AwsS3DataConnector.
func (AwsS3DataConnector) AsMDATPDataConnector ¶
func (asdc AwsS3DataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
AsMDATPDataConnector is the BasicDataConnector implementation for AwsS3DataConnector.
func (AwsS3DataConnector) AsMSTIDataConnector ¶
func (asdc AwsS3DataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
AsMSTIDataConnector is the BasicDataConnector implementation for AwsS3DataConnector.
func (AwsS3DataConnector) AsMTPDataConnector ¶
func (asdc AwsS3DataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
AsMTPDataConnector is the BasicDataConnector implementation for AwsS3DataConnector.
func (AwsS3DataConnector) AsOfficeATPDataConnector ¶
func (asdc AwsS3DataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
AsOfficeATPDataConnector is the BasicDataConnector implementation for AwsS3DataConnector.
func (AwsS3DataConnector) AsOfficeDataConnector ¶
func (asdc AwsS3DataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
AsOfficeDataConnector is the BasicDataConnector implementation for AwsS3DataConnector.
func (AwsS3DataConnector) AsOfficeIRMDataConnector ¶
func (asdc AwsS3DataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
AsOfficeIRMDataConnector is the BasicDataConnector implementation for AwsS3DataConnector.
func (AwsS3DataConnector) AsTIDataConnector ¶
func (asdc AwsS3DataConnector) AsTIDataConnector() (*TIDataConnector, bool)
AsTIDataConnector is the BasicDataConnector implementation for AwsS3DataConnector.
func (AwsS3DataConnector) AsTiTaxiiDataConnector ¶
func (asdc AwsS3DataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
AsTiTaxiiDataConnector is the BasicDataConnector implementation for AwsS3DataConnector.
func (AwsS3DataConnector) MarshalJSON ¶
func (asdc AwsS3DataConnector) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AwsS3DataConnector.
func (*AwsS3DataConnector) UnmarshalJSON ¶
func (asdc *AwsS3DataConnector) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for AwsS3DataConnector struct.
type AwsS3DataConnectorDataTypes ¶
type AwsS3DataConnectorDataTypes struct { // Logs - Logs data type. Logs *AwsS3DataConnectorDataTypesLogs `json:"logs,omitempty"` }
AwsS3DataConnectorDataTypes the available data types for Amazon Web Services S3 data connector.
type AwsS3DataConnectorDataTypesLogs ¶
type AwsS3DataConnectorDataTypesLogs struct { // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' State DataTypeState `json:"state,omitempty"` }
AwsS3DataConnectorDataTypesLogs logs data type.
type AwsS3DataConnectorProperties ¶
type AwsS3DataConnectorProperties struct { // DestinationTable - The logs destination table name in LogAnalytics. DestinationTable *string `json:"destinationTable,omitempty"` // SqsUrls - The AWS sqs urls for the connector. SqsUrls *[]string `json:"sqsUrls,omitempty"` // RoleArn - The Aws Role Arn that is used to access the Aws account. RoleArn *string `json:"roleArn,omitempty"` // DataTypes - The available data types for the connector. DataTypes *AwsS3DataConnectorDataTypes `json:"dataTypes,omitempty"` }
AwsS3DataConnectorProperties amazon Web Services S3 data connector properties.
type AzureEntityResource ¶
type AzureEntityResource struct { // Etag - READ-ONLY; Resource Etag. Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
AzureEntityResource the resource model definition for an Azure Resource Manager resource with an etag.
func (AzureEntityResource) MarshalJSON ¶
func (aer AzureEntityResource) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AzureEntityResource.
type AzureResourceEntity ¶
type AzureResourceEntity struct { // AzureResourceEntityProperties - AzureResource entity properties *AzureResourceEntityProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' Kind KindBasicEntity `json:"kind,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
AzureResourceEntity represents an azure resource entity.
func (AzureResourceEntity) AsAccountEntity ¶
func (are AzureResourceEntity) AsAccountEntity() (*AccountEntity, bool)
AsAccountEntity is the BasicEntity implementation for AzureResourceEntity.
func (AzureResourceEntity) AsAzureResourceEntity ¶
func (are AzureResourceEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
AsAzureResourceEntity is the BasicEntity implementation for AzureResourceEntity.
func (AzureResourceEntity) AsBasicEntity ¶
func (are AzureResourceEntity) AsBasicEntity() (BasicEntity, bool)
AsBasicEntity is the BasicEntity implementation for AzureResourceEntity.
func (AzureResourceEntity) AsCloudApplicationEntity ¶
func (are AzureResourceEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
AsCloudApplicationEntity is the BasicEntity implementation for AzureResourceEntity.
func (AzureResourceEntity) AsDNSEntity ¶
func (are AzureResourceEntity) AsDNSEntity() (*DNSEntity, bool)
AsDNSEntity is the BasicEntity implementation for AzureResourceEntity.
func (AzureResourceEntity) AsEntity ¶
func (are AzureResourceEntity) AsEntity() (*Entity, bool)
AsEntity is the BasicEntity implementation for AzureResourceEntity.
func (AzureResourceEntity) AsFileEntity ¶
func (are AzureResourceEntity) AsFileEntity() (*FileEntity, bool)
AsFileEntity is the BasicEntity implementation for AzureResourceEntity.
func (AzureResourceEntity) AsFileHashEntity ¶
func (are AzureResourceEntity) AsFileHashEntity() (*FileHashEntity, bool)
AsFileHashEntity is the BasicEntity implementation for AzureResourceEntity.
func (AzureResourceEntity) AsHostEntity ¶
func (are AzureResourceEntity) AsHostEntity() (*HostEntity, bool)
AsHostEntity is the BasicEntity implementation for AzureResourceEntity.
func (AzureResourceEntity) AsHuntingBookmark ¶
func (are AzureResourceEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
AsHuntingBookmark is the BasicEntity implementation for AzureResourceEntity.
func (AzureResourceEntity) AsIPEntity ¶
func (are AzureResourceEntity) AsIPEntity() (*IPEntity, bool)
AsIPEntity is the BasicEntity implementation for AzureResourceEntity.
func (AzureResourceEntity) AsIoTDeviceEntity ¶
func (are AzureResourceEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
AsIoTDeviceEntity is the BasicEntity implementation for AzureResourceEntity.
func (AzureResourceEntity) AsMailClusterEntity ¶
func (are AzureResourceEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
AsMailClusterEntity is the BasicEntity implementation for AzureResourceEntity.
func (AzureResourceEntity) AsMailMessageEntity ¶
func (are AzureResourceEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
AsMailMessageEntity is the BasicEntity implementation for AzureResourceEntity.
func (AzureResourceEntity) AsMailboxEntity ¶
func (are AzureResourceEntity) AsMailboxEntity() (*MailboxEntity, bool)
AsMailboxEntity is the BasicEntity implementation for AzureResourceEntity.
func (AzureResourceEntity) AsMalwareEntity ¶
func (are AzureResourceEntity) AsMalwareEntity() (*MalwareEntity, bool)
AsMalwareEntity is the BasicEntity implementation for AzureResourceEntity.
func (AzureResourceEntity) AsProcessEntity ¶
func (are AzureResourceEntity) AsProcessEntity() (*ProcessEntity, bool)
AsProcessEntity is the BasicEntity implementation for AzureResourceEntity.
func (AzureResourceEntity) AsRegistryKeyEntity ¶
func (are AzureResourceEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
AsRegistryKeyEntity is the BasicEntity implementation for AzureResourceEntity.
func (AzureResourceEntity) AsRegistryValueEntity ¶
func (are AzureResourceEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
AsRegistryValueEntity is the BasicEntity implementation for AzureResourceEntity.
func (AzureResourceEntity) AsSecurityAlert ¶
func (are AzureResourceEntity) AsSecurityAlert() (*SecurityAlert, bool)
AsSecurityAlert is the BasicEntity implementation for AzureResourceEntity.
func (AzureResourceEntity) AsSecurityGroupEntity ¶
func (are AzureResourceEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
AsSecurityGroupEntity is the BasicEntity implementation for AzureResourceEntity.
func (AzureResourceEntity) AsSubmissionMailEntity ¶
func (are AzureResourceEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
AsSubmissionMailEntity is the BasicEntity implementation for AzureResourceEntity.
func (AzureResourceEntity) AsURLEntity ¶
func (are AzureResourceEntity) AsURLEntity() (*URLEntity, bool)
AsURLEntity is the BasicEntity implementation for AzureResourceEntity.
func (AzureResourceEntity) MarshalJSON ¶
func (are AzureResourceEntity) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AzureResourceEntity.
func (*AzureResourceEntity) UnmarshalJSON ¶
func (are *AzureResourceEntity) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for AzureResourceEntity struct.
type AzureResourceEntityProperties ¶
type AzureResourceEntityProperties struct { // ResourceID - READ-ONLY; The azure resource id of the resource ResourceID *string `json:"resourceId,omitempty"` // SubscriptionID - READ-ONLY; The subscription id of the resource SubscriptionID *string `json:"subscriptionId,omitempty"` // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]interface{} `json:"additionalData"` // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. FriendlyName *string `json:"friendlyName,omitempty"` }
AzureResourceEntityProperties azureResource entity property bag.
func (AzureResourceEntityProperties) MarshalJSON ¶
func (arep AzureResourceEntityProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AzureResourceEntityProperties.
type BaseClient ¶
BaseClient is the base client for Securityinsight.
func New ¶
func New(subscriptionID string) BaseClient
New creates an instance of the BaseClient client.
func NewWithBaseURI ¶
func NewWithBaseURI(baseURI string, subscriptionID string) BaseClient
NewWithBaseURI creates an instance of the BaseClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
type BasicAlertRule ¶
type BasicAlertRule interface { AsMLBehaviorAnalyticsAlertRule() (*MLBehaviorAnalyticsAlertRule, bool) AsFusionAlertRule() (*FusionAlertRule, bool) AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool) AsScheduledAlertRule() (*ScheduledAlertRule, bool) AsNrtAlertRule() (*NrtAlertRule, bool) AsAlertRule() (*AlertRule, bool) }
BasicAlertRule alert rule.
type BasicAlertRuleTemplate ¶
type BasicAlertRuleTemplate interface { AsMLBehaviorAnalyticsAlertRuleTemplate() (*MLBehaviorAnalyticsAlertRuleTemplate, bool) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool) AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool) AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool) AsAlertRuleTemplate() (*AlertRuleTemplate, bool) }
BasicAlertRuleTemplate alert rule template.
type BasicAutomationRuleAction ¶
type BasicAutomationRuleAction interface { AsAutomationRuleRunPlaybookAction() (*AutomationRuleRunPlaybookAction, bool) AsAutomationRuleModifyPropertiesAction() (*AutomationRuleModifyPropertiesAction, bool) AsAutomationRuleAction() (*AutomationRuleAction, bool) }
BasicAutomationRuleAction describes an automation rule action
type BasicAutomationRuleCondition ¶
type BasicAutomationRuleCondition interface { AsAutomationRulePropertyValuesCondition() (*AutomationRulePropertyValuesCondition, bool) AsAutomationRuleCondition() (*AutomationRuleCondition, bool) }
BasicAutomationRuleCondition describes an automation rule condition
type BasicCustomEntityQuery ¶
type BasicCustomEntityQuery interface { AsActivityCustomEntityQuery() (*ActivityCustomEntityQuery, bool) AsCustomEntityQuery() (*CustomEntityQuery, bool) }
BasicCustomEntityQuery specific entity query that supports put requests.
type BasicDataConnector ¶
type BasicDataConnector interface { AsAADDataConnector() (*AADDataConnector, bool) AsMSTIDataConnector() (*MSTIDataConnector, bool) AsMTPDataConnector() (*MTPDataConnector, bool) AsAATPDataConnector() (*AATPDataConnector, bool) AsASCDataConnector() (*ASCDataConnector, bool) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) AsAwsS3DataConnector() (*AwsS3DataConnector, bool) AsMCASDataConnector() (*MCASDataConnector, bool) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool) AsMDATPDataConnector() (*MDATPDataConnector, bool) AsOfficeDataConnector() (*OfficeDataConnector, bool) AsTIDataConnector() (*TIDataConnector, bool) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool) AsDataConnector() (*DataConnector, bool) }
BasicDataConnector data connector
type BasicDataConnectorsCheckRequirements ¶
type BasicDataConnectorsCheckRequirements interface { AsAADCheckRequirements() (*AADCheckRequirements, bool) AsAATPCheckRequirements() (*AATPCheckRequirements, bool) AsASCCheckRequirements() (*ASCCheckRequirements, bool) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool) AsMCASCheckRequirements() (*MCASCheckRequirements, bool) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool) AsMSTICheckRequirements() (*MSTICheckRequirements, bool) AsMtpCheckRequirements() (*MtpCheckRequirements, bool) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool) AsTICheckRequirements() (*TICheckRequirements, bool) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool) }
BasicDataConnectorsCheckRequirements data connector requirements properties.
type BasicEntity ¶
type BasicEntity interface { AsURLEntity() (*URLEntity, bool) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) AsSecurityAlert() (*SecurityAlert, bool) AsRegistryValueEntity() (*RegistryValueEntity, bool) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) AsProcessEntity() (*ProcessEntity, bool) AsMalwareEntity() (*MalwareEntity, bool) AsMailMessageEntity() (*MailMessageEntity, bool) AsMailClusterEntity() (*MailClusterEntity, bool) AsMailboxEntity() (*MailboxEntity, bool) AsIPEntity() (*IPEntity, bool) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) AsHuntingBookmark() (*HuntingBookmark, bool) AsHostEntity() (*HostEntity, bool) AsFileHashEntity() (*FileHashEntity, bool) AsFileEntity() (*FileEntity, bool) AsDNSEntity() (*DNSEntity, bool) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) AsAzureResourceEntity() (*AzureResourceEntity, bool) AsAccountEntity() (*AccountEntity, bool) AsEntity() (*Entity, bool) }
BasicEntity specific entity.
type BasicEntityQuery ¶
type BasicEntityQuery interface { AsExpansionEntityQuery() (*ExpansionEntityQuery, bool) AsActivityEntityQuery() (*ActivityEntityQuery, bool) AsEntityQuery() (*EntityQuery, bool) }
BasicEntityQuery specific entity query.
type BasicEntityQueryItem ¶
type BasicEntityQueryItem interface { AsInsightQueryItem() (*InsightQueryItem, bool) AsEntityQueryItem() (*EntityQueryItem, bool) }
BasicEntityQueryItem an abstract Query item for entity
type BasicEntityQueryTemplate ¶
type BasicEntityQueryTemplate interface { AsActivityEntityQueryTemplate() (*ActivityEntityQueryTemplate, bool) AsEntityQueryTemplate() (*EntityQueryTemplate, bool) }
BasicEntityQueryTemplate specific entity query template.
type BasicEntityTimelineItem ¶
type BasicEntityTimelineItem interface { AsActivityTimelineItem() (*ActivityTimelineItem, bool) AsBookmarkTimelineItem() (*BookmarkTimelineItem, bool) AsSecurityAlertTimelineItem() (*SecurityAlertTimelineItem, bool) AsEntityTimelineItem() (*EntityTimelineItem, bool) }
BasicEntityTimelineItem entity timeline Item.
type BasicSettings ¶
type BasicSettings interface { AsAnomalies() (*Anomalies, bool) AsEyesOn() (*EyesOn, bool) AsEntityAnalytics() (*EntityAnalytics, bool) AsUeba() (*Ueba, bool) AsSettings() (*Settings, bool) }
BasicSettings the Setting.
type BasicThreatIntelligenceInformation ¶
type BasicThreatIntelligenceInformation interface { AsThreatIntelligenceIndicatorModel() (*ThreatIntelligenceIndicatorModel, bool) AsThreatIntelligenceInformation() (*ThreatIntelligenceInformation, bool) }
BasicThreatIntelligenceInformation threat intelligence information object.
type Bookmark ¶
type Bookmark struct { autorest.Response `json:"-"` // BookmarkProperties - Bookmark properties *BookmarkProperties `json:"properties,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
Bookmark represents a bookmark in Azure Security Insights.
func (Bookmark) MarshalJSON ¶
MarshalJSON is the custom marshaler for Bookmark.
func (*Bookmark) UnmarshalJSON ¶
UnmarshalJSON is the custom unmarshaler for Bookmark struct.
type BookmarkClient ¶
type BookmarkClient struct {
BaseClient
}
BookmarkClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewBookmarkClient ¶
func NewBookmarkClient(subscriptionID string) BookmarkClient
NewBookmarkClient creates an instance of the BookmarkClient client.
func NewBookmarkClientWithBaseURI ¶
func NewBookmarkClientWithBaseURI(baseURI string, subscriptionID string) BookmarkClient
NewBookmarkClientWithBaseURI creates an instance of the BookmarkClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (BookmarkClient) Expand ¶
func (client BookmarkClient) Expand(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, parameters BookmarkExpandParameters) (result BookmarkExpandResponse, err error)
Expand expand an bookmark Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. bookmarkID - bookmark ID parameters - the parameters required to execute an expand operation on the given bookmark.
func (BookmarkClient) ExpandPreparer ¶
func (client BookmarkClient) ExpandPreparer(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, parameters BookmarkExpandParameters) (*http.Request, error)
ExpandPreparer prepares the Expand request.
func (BookmarkClient) ExpandResponder ¶
func (client BookmarkClient) ExpandResponder(resp *http.Response) (result BookmarkExpandResponse, err error)
ExpandResponder handles the response to the Expand request. The method always closes the http.Response Body.
func (BookmarkClient) ExpandSender ¶
ExpandSender sends the Expand request. The method will close the http.Response Body if it receives an error.
type BookmarkExpandParameters ¶
type BookmarkExpandParameters struct { // EndTime - The end date filter, so the only expansion results returned are before this date. EndTime *date.Time `json:"endTime,omitempty"` // ExpansionID - The Id of the expansion to perform. ExpansionID *uuid.UUID `json:"expansionId,omitempty"` // StartTime - The start date filter, so the only expansion results returned are after this date. StartTime *date.Time `json:"startTime,omitempty"` }
BookmarkExpandParameters the parameters required to execute an expand operation on the given bookmark.
type BookmarkExpandResponse ¶
type BookmarkExpandResponse struct { autorest.Response `json:"-"` // MetaData - The metadata from the expansion operation results. MetaData *ExpansionResultsMetadata `json:"metaData,omitempty"` // Value - The expansion result values. Value *BookmarkExpandResponseValue `json:"value,omitempty"` }
BookmarkExpandResponse the entity expansion result operation response.
type BookmarkExpandResponseValue ¶
type BookmarkExpandResponseValue struct { // Entities - Array of the expansion result entities. Entities *[]BasicEntity `json:"entities,omitempty"` // Edges - Array of expansion result connected entities Edges *[]ConnectedEntity `json:"edges,omitempty"` }
BookmarkExpandResponseValue the expansion result values.
func (*BookmarkExpandResponseValue) UnmarshalJSON ¶
func (ber *BookmarkExpandResponseValue) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for BookmarkExpandResponseValue struct.
type BookmarkList ¶
type BookmarkList struct { autorest.Response `json:"-"` // NextLink - READ-ONLY; URL to fetch the next set of cases. NextLink *string `json:"nextLink,omitempty"` // Value - Array of bookmarks. Value *[]Bookmark `json:"value,omitempty"` }
BookmarkList list all the bookmarks.
func (BookmarkList) IsEmpty ¶
func (bl BookmarkList) IsEmpty() bool
IsEmpty returns true if the ListResult contains no values.
func (BookmarkList) MarshalJSON ¶
func (bl BookmarkList) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for BookmarkList.
type BookmarkListIterator ¶
type BookmarkListIterator struct {
// contains filtered or unexported fields
}
BookmarkListIterator provides access to a complete listing of Bookmark values.
func NewBookmarkListIterator ¶
func NewBookmarkListIterator(page BookmarkListPage) BookmarkListIterator
Creates a new instance of the BookmarkListIterator type.
func (*BookmarkListIterator) Next ¶
func (iter *BookmarkListIterator) Next() error
Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*BookmarkListIterator) NextWithContext ¶
func (iter *BookmarkListIterator) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.
func (BookmarkListIterator) NotDone ¶
func (iter BookmarkListIterator) NotDone() bool
NotDone returns true if the enumeration should be started or is not yet complete.
func (BookmarkListIterator) Response ¶
func (iter BookmarkListIterator) Response() BookmarkList
Response returns the raw server response from the last page request.
func (BookmarkListIterator) Value ¶
func (iter BookmarkListIterator) Value() Bookmark
Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.
type BookmarkListPage ¶
type BookmarkListPage struct {
// contains filtered or unexported fields
}
BookmarkListPage contains a page of Bookmark values.
func NewBookmarkListPage ¶
func NewBookmarkListPage(cur BookmarkList, getNextPage func(context.Context, BookmarkList) (BookmarkList, error)) BookmarkListPage
Creates a new instance of the BookmarkListPage type.
func (*BookmarkListPage) Next ¶
func (page *BookmarkListPage) Next() error
Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*BookmarkListPage) NextWithContext ¶
func (page *BookmarkListPage) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.
func (BookmarkListPage) NotDone ¶
func (page BookmarkListPage) NotDone() bool
NotDone returns true if the page enumeration should be started or is not yet complete.
func (BookmarkListPage) Response ¶
func (page BookmarkListPage) Response() BookmarkList
Response returns the raw server response from the last page request.
func (BookmarkListPage) Values ¶
func (page BookmarkListPage) Values() []Bookmark
Values returns the slice of values for the current page or nil if there are no values.
type BookmarkProperties ¶
type BookmarkProperties struct { // Created - The time the bookmark was created Created *date.Time `json:"created,omitempty"` // CreatedBy - Describes a user that created the bookmark CreatedBy *UserInfo `json:"createdBy,omitempty"` // DisplayName - The display name of the bookmark DisplayName *string `json:"displayName,omitempty"` // Labels - List of labels relevant to this bookmark Labels *[]string `json:"labels,omitempty"` // Notes - The notes of the bookmark Notes *string `json:"notes,omitempty"` // Query - The query of the bookmark. Query *string `json:"query,omitempty"` // QueryResult - The query result of the bookmark. QueryResult *string `json:"queryResult,omitempty"` // Updated - The last time the bookmark was updated Updated *date.Time `json:"updated,omitempty"` // UpdatedBy - Describes a user that updated the bookmark UpdatedBy *UserInfo `json:"updatedBy,omitempty"` // EventTime - The bookmark event time EventTime *date.Time `json:"eventTime,omitempty"` // QueryStartTime - The start time for the query QueryStartTime *date.Time `json:"queryStartTime,omitempty"` // QueryEndTime - The end time for the query QueryEndTime *date.Time `json:"queryEndTime,omitempty"` // IncidentInfo - Describes an incident that relates to bookmark IncidentInfo *IncidentInfo `json:"incidentInfo,omitempty"` }
BookmarkProperties describes bookmark properties
type BookmarkRelationsClient ¶
type BookmarkRelationsClient struct {
BaseClient
}
BookmarkRelationsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewBookmarkRelationsClient ¶
func NewBookmarkRelationsClient(subscriptionID string) BookmarkRelationsClient
NewBookmarkRelationsClient creates an instance of the BookmarkRelationsClient client.
func NewBookmarkRelationsClientWithBaseURI ¶
func NewBookmarkRelationsClientWithBaseURI(baseURI string, subscriptionID string) BookmarkRelationsClient
NewBookmarkRelationsClientWithBaseURI creates an instance of the BookmarkRelationsClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (BookmarkRelationsClient) CreateOrUpdate ¶
func (client BookmarkRelationsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, relationName string, relation Relation) (result Relation, err error)
CreateOrUpdate creates the bookmark relation. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. bookmarkID - bookmark ID relationName - relation Name relation - the relation model
func (BookmarkRelationsClient) CreateOrUpdatePreparer ¶
func (client BookmarkRelationsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, relationName string, relation Relation) (*http.Request, error)
CreateOrUpdatePreparer prepares the CreateOrUpdate request.
func (BookmarkRelationsClient) CreateOrUpdateResponder ¶
func (client BookmarkRelationsClient) CreateOrUpdateResponder(resp *http.Response) (result Relation, err error)
CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always closes the http.Response Body.
func (BookmarkRelationsClient) CreateOrUpdateSender ¶
func (client BookmarkRelationsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)
CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the http.Response Body if it receives an error.
func (BookmarkRelationsClient) Delete ¶
func (client BookmarkRelationsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, relationName string) (result autorest.Response, err error)
Delete delete the bookmark relation. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. bookmarkID - bookmark ID relationName - relation Name
func (BookmarkRelationsClient) DeletePreparer ¶
func (client BookmarkRelationsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, relationName string) (*http.Request, error)
DeletePreparer prepares the Delete request.
func (BookmarkRelationsClient) DeleteResponder ¶
func (client BookmarkRelationsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
DeleteResponder handles the response to the Delete request. The method always closes the http.Response Body.
func (BookmarkRelationsClient) DeleteSender ¶
DeleteSender sends the Delete request. The method will close the http.Response Body if it receives an error.
func (BookmarkRelationsClient) Get ¶
func (client BookmarkRelationsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, relationName string) (result Relation, err error)
Get gets a bookmark relation. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. bookmarkID - bookmark ID relationName - relation Name
func (BookmarkRelationsClient) GetPreparer ¶
func (client BookmarkRelationsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, relationName string) (*http.Request, error)
GetPreparer prepares the Get request.
func (BookmarkRelationsClient) GetResponder ¶
func (client BookmarkRelationsClient) GetResponder(resp *http.Response) (result Relation, err error)
GetResponder handles the response to the Get request. The method always closes the http.Response Body.
func (BookmarkRelationsClient) GetSender ¶
GetSender sends the Get request. The method will close the http.Response Body if it receives an error.
func (BookmarkRelationsClient) List ¶
func (client BookmarkRelationsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, filter string, orderby string, top *int32, skipToken string) (result RelationListPage, err error)
List gets all bookmark relations. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. bookmarkID - bookmark ID filter - filters the results, based on a Boolean condition. Optional. orderby - sorts the results. Optional. top - returns only the first n results. Optional. skipToken - skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional.
func (BookmarkRelationsClient) ListComplete ¶
func (client BookmarkRelationsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, filter string, orderby string, top *int32, skipToken string) (result RelationListIterator, err error)
ListComplete enumerates all values, automatically crossing page boundaries as required.
func (BookmarkRelationsClient) ListPreparer ¶
func (client BookmarkRelationsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error)
ListPreparer prepares the List request.
func (BookmarkRelationsClient) ListResponder ¶
func (client BookmarkRelationsClient) ListResponder(resp *http.Response) (result RelationList, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (BookmarkRelationsClient) ListSender ¶
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
type BookmarkTimelineItem ¶
type BookmarkTimelineItem struct { // AzureResourceID - The bookmark azure resource id. AzureResourceID *string `json:"azureResourceId,omitempty"` // DisplayName - The bookmark display name. DisplayName *string `json:"displayName,omitempty"` // Notes - The notes of the bookmark Notes *string `json:"notes,omitempty"` // EndTimeUtc - The bookmark end time. EndTimeUtc *date.Time `json:"endTimeUtc,omitempty"` // StartTimeUtc - The bookmark start time. StartTimeUtc *date.Time `json:"startTimeUtc,omitempty"` // EventTime - The bookmark event time. EventTime *date.Time `json:"eventTime,omitempty"` // CreatedBy - Describes a user that created the bookmark CreatedBy *UserInfo `json:"createdBy,omitempty"` // Labels - List of labels relevant to this bookmark Labels *[]string `json:"labels,omitempty"` // Kind - Possible values include: 'KindBasicEntityTimelineItemKindEntityTimelineItem', 'KindBasicEntityTimelineItemKindActivity', 'KindBasicEntityTimelineItemKindBookmark', 'KindBasicEntityTimelineItemKindSecurityAlert' Kind KindBasicEntityTimelineItem `json:"kind,omitempty"` }
BookmarkTimelineItem represents bookmark timeline item.
func (BookmarkTimelineItem) AsActivityTimelineItem ¶
func (bti BookmarkTimelineItem) AsActivityTimelineItem() (*ActivityTimelineItem, bool)
AsActivityTimelineItem is the BasicEntityTimelineItem implementation for BookmarkTimelineItem.
func (BookmarkTimelineItem) AsBasicEntityTimelineItem ¶
func (bti BookmarkTimelineItem) AsBasicEntityTimelineItem() (BasicEntityTimelineItem, bool)
AsBasicEntityTimelineItem is the BasicEntityTimelineItem implementation for BookmarkTimelineItem.
func (BookmarkTimelineItem) AsBookmarkTimelineItem ¶
func (bti BookmarkTimelineItem) AsBookmarkTimelineItem() (*BookmarkTimelineItem, bool)
AsBookmarkTimelineItem is the BasicEntityTimelineItem implementation for BookmarkTimelineItem.
func (BookmarkTimelineItem) AsEntityTimelineItem ¶
func (bti BookmarkTimelineItem) AsEntityTimelineItem() (*EntityTimelineItem, bool)
AsEntityTimelineItem is the BasicEntityTimelineItem implementation for BookmarkTimelineItem.
func (BookmarkTimelineItem) AsSecurityAlertTimelineItem ¶
func (bti BookmarkTimelineItem) AsSecurityAlertTimelineItem() (*SecurityAlertTimelineItem, bool)
AsSecurityAlertTimelineItem is the BasicEntityTimelineItem implementation for BookmarkTimelineItem.
func (BookmarkTimelineItem) MarshalJSON ¶
func (bti BookmarkTimelineItem) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for BookmarkTimelineItem.
type BookmarksClient ¶
type BookmarksClient struct {
BaseClient
}
BookmarksClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewBookmarksClient ¶
func NewBookmarksClient(subscriptionID string) BookmarksClient
NewBookmarksClient creates an instance of the BookmarksClient client.
func NewBookmarksClientWithBaseURI ¶
func NewBookmarksClientWithBaseURI(baseURI string, subscriptionID string) BookmarksClient
NewBookmarksClientWithBaseURI creates an instance of the BookmarksClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (BookmarksClient) CreateOrUpdate ¶
func (client BookmarksClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, bookmark Bookmark) (result Bookmark, err error)
CreateOrUpdate creates or updates the bookmark. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. bookmarkID - bookmark ID bookmark - the bookmark
func (BookmarksClient) CreateOrUpdatePreparer ¶
func (client BookmarksClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, bookmark Bookmark) (*http.Request, error)
CreateOrUpdatePreparer prepares the CreateOrUpdate request.
func (BookmarksClient) CreateOrUpdateResponder ¶
func (client BookmarksClient) CreateOrUpdateResponder(resp *http.Response) (result Bookmark, err error)
CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always closes the http.Response Body.
func (BookmarksClient) CreateOrUpdateSender ¶
CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the http.Response Body if it receives an error.
func (BookmarksClient) Delete ¶
func (client BookmarksClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string) (result autorest.Response, err error)
Delete delete the bookmark. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. bookmarkID - bookmark ID
func (BookmarksClient) DeletePreparer ¶
func (client BookmarksClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string) (*http.Request, error)
DeletePreparer prepares the Delete request.
func (BookmarksClient) DeleteResponder ¶
func (client BookmarksClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
DeleteResponder handles the response to the Delete request. The method always closes the http.Response Body.
func (BookmarksClient) DeleteSender ¶
DeleteSender sends the Delete request. The method will close the http.Response Body if it receives an error.
func (BookmarksClient) Get ¶
func (client BookmarksClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string) (result Bookmark, err error)
Get gets a bookmark. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. bookmarkID - bookmark ID
func (BookmarksClient) GetPreparer ¶
func (client BookmarksClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string) (*http.Request, error)
GetPreparer prepares the Get request.
func (BookmarksClient) GetResponder ¶
func (client BookmarksClient) GetResponder(resp *http.Response) (result Bookmark, err error)
GetResponder handles the response to the Get request. The method always closes the http.Response Body.
func (BookmarksClient) GetSender ¶
GetSender sends the Get request. The method will close the http.Response Body if it receives an error.
func (BookmarksClient) List ¶
func (client BookmarksClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result BookmarkListPage, err error)
List gets all bookmarks. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace.
func (BookmarksClient) ListComplete ¶
func (client BookmarksClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result BookmarkListIterator, err error)
ListComplete enumerates all values, automatically crossing page boundaries as required.
func (BookmarksClient) ListPreparer ¶
func (client BookmarksClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
ListPreparer prepares the List request.
func (BookmarksClient) ListResponder ¶
func (client BookmarksClient) ListResponder(resp *http.Response) (result BookmarkList, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (BookmarksClient) ListSender ¶
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
type ClientInfo ¶
type ClientInfo struct { // Email - The email of the client. Email *string `json:"email,omitempty"` // Name - The name of the client. Name *string `json:"name,omitempty"` // ObjectID - The object id of the client. ObjectID *uuid.UUID `json:"objectId,omitempty"` // UserPrincipalName - The user principal name of the client. UserPrincipalName *string `json:"userPrincipalName,omitempty"` }
ClientInfo information on the client (user or application) that made some action
type CloudApplicationEntity ¶
type CloudApplicationEntity struct { // CloudApplicationEntityProperties - CloudApplication entity properties *CloudApplicationEntityProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' Kind KindBasicEntity `json:"kind,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
CloudApplicationEntity represents a cloud application entity.
func (CloudApplicationEntity) AsAccountEntity ¶
func (cae CloudApplicationEntity) AsAccountEntity() (*AccountEntity, bool)
AsAccountEntity is the BasicEntity implementation for CloudApplicationEntity.
func (CloudApplicationEntity) AsAzureResourceEntity ¶
func (cae CloudApplicationEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
AsAzureResourceEntity is the BasicEntity implementation for CloudApplicationEntity.
func (CloudApplicationEntity) AsBasicEntity ¶
func (cae CloudApplicationEntity) AsBasicEntity() (BasicEntity, bool)
AsBasicEntity is the BasicEntity implementation for CloudApplicationEntity.
func (CloudApplicationEntity) AsCloudApplicationEntity ¶
func (cae CloudApplicationEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
AsCloudApplicationEntity is the BasicEntity implementation for CloudApplicationEntity.
func (CloudApplicationEntity) AsDNSEntity ¶
func (cae CloudApplicationEntity) AsDNSEntity() (*DNSEntity, bool)
AsDNSEntity is the BasicEntity implementation for CloudApplicationEntity.
func (CloudApplicationEntity) AsEntity ¶
func (cae CloudApplicationEntity) AsEntity() (*Entity, bool)
AsEntity is the BasicEntity implementation for CloudApplicationEntity.
func (CloudApplicationEntity) AsFileEntity ¶
func (cae CloudApplicationEntity) AsFileEntity() (*FileEntity, bool)
AsFileEntity is the BasicEntity implementation for CloudApplicationEntity.
func (CloudApplicationEntity) AsFileHashEntity ¶
func (cae CloudApplicationEntity) AsFileHashEntity() (*FileHashEntity, bool)
AsFileHashEntity is the BasicEntity implementation for CloudApplicationEntity.
func (CloudApplicationEntity) AsHostEntity ¶
func (cae CloudApplicationEntity) AsHostEntity() (*HostEntity, bool)
AsHostEntity is the BasicEntity implementation for CloudApplicationEntity.
func (CloudApplicationEntity) AsHuntingBookmark ¶
func (cae CloudApplicationEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
AsHuntingBookmark is the BasicEntity implementation for CloudApplicationEntity.
func (CloudApplicationEntity) AsIPEntity ¶
func (cae CloudApplicationEntity) AsIPEntity() (*IPEntity, bool)
AsIPEntity is the BasicEntity implementation for CloudApplicationEntity.
func (CloudApplicationEntity) AsIoTDeviceEntity ¶
func (cae CloudApplicationEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
AsIoTDeviceEntity is the BasicEntity implementation for CloudApplicationEntity.
func (CloudApplicationEntity) AsMailClusterEntity ¶
func (cae CloudApplicationEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
AsMailClusterEntity is the BasicEntity implementation for CloudApplicationEntity.
func (CloudApplicationEntity) AsMailMessageEntity ¶
func (cae CloudApplicationEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
AsMailMessageEntity is the BasicEntity implementation for CloudApplicationEntity.
func (CloudApplicationEntity) AsMailboxEntity ¶
func (cae CloudApplicationEntity) AsMailboxEntity() (*MailboxEntity, bool)
AsMailboxEntity is the BasicEntity implementation for CloudApplicationEntity.
func (CloudApplicationEntity) AsMalwareEntity ¶
func (cae CloudApplicationEntity) AsMalwareEntity() (*MalwareEntity, bool)
AsMalwareEntity is the BasicEntity implementation for CloudApplicationEntity.
func (CloudApplicationEntity) AsProcessEntity ¶
func (cae CloudApplicationEntity) AsProcessEntity() (*ProcessEntity, bool)
AsProcessEntity is the BasicEntity implementation for CloudApplicationEntity.
func (CloudApplicationEntity) AsRegistryKeyEntity ¶
func (cae CloudApplicationEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
AsRegistryKeyEntity is the BasicEntity implementation for CloudApplicationEntity.
func (CloudApplicationEntity) AsRegistryValueEntity ¶
func (cae CloudApplicationEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
AsRegistryValueEntity is the BasicEntity implementation for CloudApplicationEntity.
func (CloudApplicationEntity) AsSecurityAlert ¶
func (cae CloudApplicationEntity) AsSecurityAlert() (*SecurityAlert, bool)
AsSecurityAlert is the BasicEntity implementation for CloudApplicationEntity.
func (CloudApplicationEntity) AsSecurityGroupEntity ¶
func (cae CloudApplicationEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
AsSecurityGroupEntity is the BasicEntity implementation for CloudApplicationEntity.
func (CloudApplicationEntity) AsSubmissionMailEntity ¶
func (cae CloudApplicationEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
AsSubmissionMailEntity is the BasicEntity implementation for CloudApplicationEntity.
func (CloudApplicationEntity) AsURLEntity ¶
func (cae CloudApplicationEntity) AsURLEntity() (*URLEntity, bool)
AsURLEntity is the BasicEntity implementation for CloudApplicationEntity.
func (CloudApplicationEntity) MarshalJSON ¶
func (cae CloudApplicationEntity) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for CloudApplicationEntity.
func (*CloudApplicationEntity) UnmarshalJSON ¶
func (cae *CloudApplicationEntity) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for CloudApplicationEntity struct.
type CloudApplicationEntityProperties ¶
type CloudApplicationEntityProperties struct { // AppID - READ-ONLY; The technical identifier of the application. AppID *int32 `json:"appId,omitempty"` // AppName - READ-ONLY; The name of the related cloud application. AppName *string `json:"appName,omitempty"` // InstanceName - READ-ONLY; The user defined instance name of the cloud application. It is often used to distinguish between several applications of the same type that a customer has. InstanceName *string `json:"instanceName,omitempty"` // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]interface{} `json:"additionalData"` // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. FriendlyName *string `json:"friendlyName,omitempty"` }
CloudApplicationEntityProperties cloudApplication entity property bag.
func (CloudApplicationEntityProperties) MarshalJSON ¶
func (caep CloudApplicationEntityProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for CloudApplicationEntityProperties.
type CloudError ¶
type CloudError struct { // Error - Error data Error *CloudErrorBody `json:"error,omitempty"` }
CloudError error response structure.
type CloudErrorBody ¶
type CloudErrorBody struct { // Code - READ-ONLY; An identifier for the error. Codes are invariant and are intended to be consumed programmatically. Code *string `json:"code,omitempty"` // Message - READ-ONLY; A message describing the error, intended to be suitable for display in a user interface. Message *string `json:"message,omitempty"` }
CloudErrorBody error details.
func (CloudErrorBody) MarshalJSON ¶
func (ceb CloudErrorBody) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for CloudErrorBody.
type CodelessAPIPollingDataConnector ¶
type CodelessAPIPollingDataConnector struct { // APIPollingParameters - Codeless poling data connector properties *APIPollingParameters `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' Kind KindBasicDataConnector `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
CodelessAPIPollingDataConnector represents Codeless API Polling data connector.
func (CodelessAPIPollingDataConnector) AsAADDataConnector ¶
func (capdc CodelessAPIPollingDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
AsAADDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector.
func (CodelessAPIPollingDataConnector) AsAATPDataConnector ¶
func (capdc CodelessAPIPollingDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
AsAATPDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector.
func (CodelessAPIPollingDataConnector) AsASCDataConnector ¶
func (capdc CodelessAPIPollingDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
AsASCDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector.
func (CodelessAPIPollingDataConnector) AsAwsCloudTrailDataConnector ¶
func (capdc CodelessAPIPollingDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector.
func (CodelessAPIPollingDataConnector) AsAwsS3DataConnector ¶
func (capdc CodelessAPIPollingDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
AsAwsS3DataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector.
func (CodelessAPIPollingDataConnector) AsBasicDataConnector ¶
func (capdc CodelessAPIPollingDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
AsBasicDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector.
func (CodelessAPIPollingDataConnector) AsCodelessAPIPollingDataConnector ¶
func (capdc CodelessAPIPollingDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector.
func (CodelessAPIPollingDataConnector) AsCodelessUIDataConnector ¶
func (capdc CodelessAPIPollingDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
AsCodelessUIDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector.
func (CodelessAPIPollingDataConnector) AsDataConnector ¶
func (capdc CodelessAPIPollingDataConnector) AsDataConnector() (*DataConnector, bool)
AsDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector.
func (CodelessAPIPollingDataConnector) AsDynamics365DataConnector ¶
func (capdc CodelessAPIPollingDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
AsDynamics365DataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector.
func (CodelessAPIPollingDataConnector) AsMCASDataConnector ¶
func (capdc CodelessAPIPollingDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
AsMCASDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector.
func (CodelessAPIPollingDataConnector) AsMDATPDataConnector ¶
func (capdc CodelessAPIPollingDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
AsMDATPDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector.
func (CodelessAPIPollingDataConnector) AsMSTIDataConnector ¶
func (capdc CodelessAPIPollingDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
AsMSTIDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector.
func (CodelessAPIPollingDataConnector) AsMTPDataConnector ¶
func (capdc CodelessAPIPollingDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
AsMTPDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector.
func (CodelessAPIPollingDataConnector) AsOfficeATPDataConnector ¶
func (capdc CodelessAPIPollingDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
AsOfficeATPDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector.
func (CodelessAPIPollingDataConnector) AsOfficeDataConnector ¶
func (capdc CodelessAPIPollingDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
AsOfficeDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector.
func (CodelessAPIPollingDataConnector) AsOfficeIRMDataConnector ¶
func (capdc CodelessAPIPollingDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
AsOfficeIRMDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector.
func (CodelessAPIPollingDataConnector) AsTIDataConnector ¶
func (capdc CodelessAPIPollingDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
AsTIDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector.
func (CodelessAPIPollingDataConnector) AsTiTaxiiDataConnector ¶
func (capdc CodelessAPIPollingDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
AsTiTaxiiDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector.
func (CodelessAPIPollingDataConnector) MarshalJSON ¶
func (capdc CodelessAPIPollingDataConnector) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for CodelessAPIPollingDataConnector.
func (*CodelessAPIPollingDataConnector) UnmarshalJSON ¶
func (capdc *CodelessAPIPollingDataConnector) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for CodelessAPIPollingDataConnector struct.
type CodelessConnectorPollingAuthProperties ¶
type CodelessConnectorPollingAuthProperties struct { // AuthType - The authentication type AuthType *string `json:"authType,omitempty"` // APIKeyName - The header name which the token is sent with APIKeyName *string `json:"apiKeyName,omitempty"` // APIKeyIdentifier - A prefix send in the header before the actual token APIKeyIdentifier *string `json:"apiKeyIdentifier,omitempty"` // IsAPIKeyInPostPayload - Marks if the key should sent in header IsAPIKeyInPostPayload *string `json:"isApiKeyInPostPayload,omitempty"` // FlowName - Describes the flow name, for example 'AuthCode' for Oauth 2.0 FlowName *string `json:"flowName,omitempty"` // TokenEndpoint - The endpoint used to issue a token, used in Oauth 2.0 flow TokenEndpoint *string `json:"tokenEndpoint,omitempty"` // AuthorizationEndpoint - The endpoint used to authorize the user, used in Oauth 2.0 flow AuthorizationEndpoint *string `json:"authorizationEndpoint,omitempty"` // AuthorizationEndpointQueryParameters - The query parameters used in authorization request, used in Oauth 2.0 flow AuthorizationEndpointQueryParameters interface{} `json:"authorizationEndpointQueryParameters,omitempty"` // RedirectionEndpoint - The redirect endpoint where we will get the authorization code, used in Oauth 2.0 flow RedirectionEndpoint *string `json:"redirectionEndpoint,omitempty"` // TokenEndpointHeaders - The query headers used in token request, used in Oauth 2.0 flow TokenEndpointHeaders interface{} `json:"tokenEndpointHeaders,omitempty"` // TokenEndpointQueryParameters - The query parameters used in token request, used in Oauth 2.0 flow TokenEndpointQueryParameters interface{} `json:"tokenEndpointQueryParameters,omitempty"` // IsClientSecretInHeader - Marks if we should send the client secret in header or payload, used in Oauth 2.0 flow IsClientSecretInHeader *bool `json:"isClientSecretInHeader,omitempty"` // Scope - The OAuth token scope Scope *string `json:"scope,omitempty"` }
CodelessConnectorPollingAuthProperties describe the authentication properties needed to successfully authenticate with the server
type CodelessConnectorPollingConfigProperties ¶
type CodelessConnectorPollingConfigProperties struct { // IsActive - The poller active status IsActive *bool `json:"isActive,omitempty"` // Auth - Describe the authentication type of the poller Auth *CodelessConnectorPollingAuthProperties `json:"auth,omitempty"` // Request - Describe the poll request config parameters of the poller Request *CodelessConnectorPollingRequestProperties `json:"request,omitempty"` // Paging - Describe the poll request paging config of the poller Paging *CodelessConnectorPollingPagingProperties `json:"paging,omitempty"` // Response - Describe the response config parameters of the poller Response *CodelessConnectorPollingResponseProperties `json:"response,omitempty"` }
CodelessConnectorPollingConfigProperties config to describe the polling config for API poller connector
type CodelessConnectorPollingPagingProperties ¶
type CodelessConnectorPollingPagingProperties struct { // PagingType - Describes the type. could be 'None', 'PageToken', 'PageCount', 'TimeStamp' PagingType *string `json:"pagingType,omitempty"` // NextPageParaName - Defines the name of a next page attribute NextPageParaName *string `json:"nextPageParaName,omitempty"` // NextPageTokenJSONPath - Defines the path to a next page token JSON NextPageTokenJSONPath *string `json:"nextPageTokenJsonPath,omitempty"` // PageCountAttributePath - Defines the path to a page count attribute PageCountAttributePath *string `json:"pageCountAttributePath,omitempty"` // PageTotalCountAttributePath - Defines the path to a page total count attribute PageTotalCountAttributePath *string `json:"pageTotalCountAttributePath,omitempty"` // PageTimeStampAttributePath - Defines the path to a paging time stamp attribute PageTimeStampAttributePath *string `json:"pageTimeStampAttributePath,omitempty"` // SearchTheLatestTimeStampFromEventsList - Determines whether to search for the latest time stamp in the events list SearchTheLatestTimeStampFromEventsList *string `json:"searchTheLatestTimeStampFromEventsList,omitempty"` // PageSizeParaName - Defines the name of the page size parameter PageSizeParaName *string `json:"pageSizeParaName,omitempty"` // PageSize - Defines the paging size PageSize *int32 `json:"pageSize,omitempty"` }
CodelessConnectorPollingPagingProperties describe the properties needed to make a pagination call
type CodelessConnectorPollingRequestProperties ¶
type CodelessConnectorPollingRequestProperties struct { // APIEndpoint - Describe the endpoint we should pull the data from APIEndpoint *string `json:"apiEndpoint,omitempty"` // RateLimitQPS - Defines the rate limit QPS RateLimitQPS *int32 `json:"rateLimitQps,omitempty"` // QueryWindowInMin - The window interval we will use the pull the data QueryWindowInMin *int32 `json:"queryWindowInMin,omitempty"` // HTTPMethod - The http method type we will use in the poll request, GET or POST HTTPMethod *string `json:"httpMethod,omitempty"` // QueryTimeFormat - The time format will be used the query events in a specific window QueryTimeFormat *string `json:"queryTimeFormat,omitempty"` // RetryCount - Describe the amount of time we should try and poll the data in case of failure RetryCount *int32 `json:"retryCount,omitempty"` // TimeoutInSeconds - The number of seconds we will consider as a request timeout TimeoutInSeconds *int32 `json:"timeoutInSeconds,omitempty"` // Headers - Describe the headers sent in the poll request Headers interface{} `json:"headers,omitempty"` // QueryParameters - Describe the query parameters sent in the poll request QueryParameters interface{} `json:"queryParameters,omitempty"` // QueryParametersTemplate - For advanced scenarios for example user name/password embedded in nested JSON payload QueryParametersTemplate *string `json:"queryParametersTemplate,omitempty"` // StartTimeAttributeName - This will be used the query events from a start of the time window StartTimeAttributeName *string `json:"startTimeAttributeName,omitempty"` // EndTimeAttributeName - This will be used the query events from the end of the time window EndTimeAttributeName *string `json:"endTimeAttributeName,omitempty"` }
CodelessConnectorPollingRequestProperties describe the request properties needed to successfully pull from the server
type CodelessConnectorPollingResponseProperties ¶
type CodelessConnectorPollingResponseProperties struct { // EventsJSONPaths - Describes the path we should extract the data in the response EventsJSONPaths *[]string `json:"eventsJsonPaths,omitempty"` // SuccessStatusJSONPath - Describes the path we should extract the status code in the response SuccessStatusJSONPath *string `json:"successStatusJsonPath,omitempty"` // SuccessStatusValue - Describes the path we should extract the status value in the response SuccessStatusValue *string `json:"successStatusValue,omitempty"` // IsGzipCompressed - Describes if the data in the response is Gzip IsGzipCompressed *bool `json:"isGzipCompressed,omitempty"` }
CodelessConnectorPollingResponseProperties describes the response from the external server
type CodelessParameters ¶
type CodelessParameters struct { // ConnectorUIConfig - Config to describe the instructions blade ConnectorUIConfig *CodelessUIConnectorConfigProperties `json:"connectorUiConfig,omitempty"` }
CodelessParameters represents Codeless UI data connector
type CodelessUIConnectorConfigProperties ¶
type CodelessUIConnectorConfigProperties struct { // Title - Connector blade title Title *string `json:"title,omitempty"` // Publisher - Connector publisher name Publisher *string `json:"publisher,omitempty"` // DescriptionMarkdown - Connector description DescriptionMarkdown *string `json:"descriptionMarkdown,omitempty"` // CustomImage - An optional custom image to be used when displaying the connector within Azure Sentinel's connector's gallery CustomImage *string `json:"customImage,omitempty"` // GraphQueriesTableName - Name of the table the connector will insert the data to GraphQueriesTableName *string `json:"graphQueriesTableName,omitempty"` // GraphQueries - The graph query to show the current data status GraphQueries *[]CodelessUIConnectorConfigPropertiesGraphQueriesItem `json:"graphQueries,omitempty"` // SampleQueries - The sample queries for the connector SampleQueries *[]CodelessUIConnectorConfigPropertiesSampleQueriesItem `json:"sampleQueries,omitempty"` // DataTypes - Data types to check for last data received DataTypes *[]CodelessUIConnectorConfigPropertiesDataTypesItem `json:"dataTypes,omitempty"` // ConnectivityCriteria - Define the way the connector check connectivity ConnectivityCriteria *[]CodelessUIConnectorConfigPropertiesConnectivityCriteriaItem `json:"connectivityCriteria,omitempty"` // Availability - Connector Availability Status Availability *Availability `json:"availability,omitempty"` // Permissions - Permissions required for the connector Permissions *Permissions `json:"permissions,omitempty"` // InstructionSteps - Instruction steps to enable the connector InstructionSteps *[]CodelessUIConnectorConfigPropertiesInstructionStepsItem `json:"instructionSteps,omitempty"` }
CodelessUIConnectorConfigProperties config to describe the instructions blade
type CodelessUIConnectorConfigPropertiesConnectivityCriteriaItem ¶
type CodelessUIConnectorConfigPropertiesConnectivityCriteriaItem struct { // Type - type of connectivity. Possible values include: 'ConnectivityTypeIsConnectedQuery' Type ConnectivityType `json:"type,omitempty"` // Value - Queries for checking connectivity Value *[]string `json:"value,omitempty"` }
CodelessUIConnectorConfigPropertiesConnectivityCriteriaItem ...
type CodelessUIConnectorConfigPropertiesDataTypesItem ¶
type CodelessUIConnectorConfigPropertiesDataTypesItem struct { // Name - Name of the data type to show in the graph. can be use with {{graphQueriesTableName}} placeholder Name *string `json:"name,omitempty"` // LastDataReceivedQuery - Query for indicate last data received LastDataReceivedQuery *string `json:"lastDataReceivedQuery,omitempty"` }
CodelessUIConnectorConfigPropertiesDataTypesItem ...
type CodelessUIConnectorConfigPropertiesGraphQueriesItem ¶
type CodelessUIConnectorConfigPropertiesGraphQueriesItem struct { // MetricName - the metric that the query is checking MetricName *string `json:"metricName,omitempty"` // Legend - The legend for the graph Legend *string `json:"legend,omitempty"` // BaseQuery - The base query for the graph BaseQuery *string `json:"baseQuery,omitempty"` }
CodelessUIConnectorConfigPropertiesGraphQueriesItem ...
type CodelessUIConnectorConfigPropertiesInstructionStepsItem ¶
type CodelessUIConnectorConfigPropertiesInstructionStepsItem struct { // Title - Instruction step title Title *string `json:"title,omitempty"` // Description - Instruction step description Description *string `json:"description,omitempty"` // Instructions - Instruction step details Instructions *[]InstructionStepsInstructionsItem `json:"instructions,omitempty"` }
CodelessUIConnectorConfigPropertiesInstructionStepsItem ...
type CodelessUIConnectorConfigPropertiesSampleQueriesItem ¶
type CodelessUIConnectorConfigPropertiesSampleQueriesItem struct { // Description - The sample query description Description *string `json:"description,omitempty"` // Query - the sample query Query *string `json:"query,omitempty"` }
CodelessUIConnectorConfigPropertiesSampleQueriesItem ...
type CodelessUIDataConnector ¶
type CodelessUIDataConnector struct { // CodelessParameters - Codeless UI data connector properties *CodelessParameters `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' Kind KindBasicDataConnector `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
CodelessUIDataConnector represents Codeless UI data connector.
func (CodelessUIDataConnector) AsAADDataConnector ¶
func (cudc CodelessUIDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
AsAADDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector.
func (CodelessUIDataConnector) AsAATPDataConnector ¶
func (cudc CodelessUIDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
AsAATPDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector.
func (CodelessUIDataConnector) AsASCDataConnector ¶
func (cudc CodelessUIDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
AsASCDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector.
func (CodelessUIDataConnector) AsAwsCloudTrailDataConnector ¶
func (cudc CodelessUIDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector.
func (CodelessUIDataConnector) AsAwsS3DataConnector ¶
func (cudc CodelessUIDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
AsAwsS3DataConnector is the BasicDataConnector implementation for CodelessUIDataConnector.
func (CodelessUIDataConnector) AsBasicDataConnector ¶
func (cudc CodelessUIDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
AsBasicDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector.
func (CodelessUIDataConnector) AsCodelessAPIPollingDataConnector ¶
func (cudc CodelessUIDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector.
func (CodelessUIDataConnector) AsCodelessUIDataConnector ¶
func (cudc CodelessUIDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
AsCodelessUIDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector.
func (CodelessUIDataConnector) AsDataConnector ¶
func (cudc CodelessUIDataConnector) AsDataConnector() (*DataConnector, bool)
AsDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector.
func (CodelessUIDataConnector) AsDynamics365DataConnector ¶
func (cudc CodelessUIDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
AsDynamics365DataConnector is the BasicDataConnector implementation for CodelessUIDataConnector.
func (CodelessUIDataConnector) AsMCASDataConnector ¶
func (cudc CodelessUIDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
AsMCASDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector.
func (CodelessUIDataConnector) AsMDATPDataConnector ¶
func (cudc CodelessUIDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
AsMDATPDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector.
func (CodelessUIDataConnector) AsMSTIDataConnector ¶
func (cudc CodelessUIDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
AsMSTIDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector.
func (CodelessUIDataConnector) AsMTPDataConnector ¶
func (cudc CodelessUIDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
AsMTPDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector.
func (CodelessUIDataConnector) AsOfficeATPDataConnector ¶
func (cudc CodelessUIDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
AsOfficeATPDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector.
func (CodelessUIDataConnector) AsOfficeDataConnector ¶
func (cudc CodelessUIDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
AsOfficeDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector.
func (CodelessUIDataConnector) AsOfficeIRMDataConnector ¶
func (cudc CodelessUIDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
AsOfficeIRMDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector.
func (CodelessUIDataConnector) AsTIDataConnector ¶
func (cudc CodelessUIDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
AsTIDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector.
func (CodelessUIDataConnector) AsTiTaxiiDataConnector ¶
func (cudc CodelessUIDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
AsTiTaxiiDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector.
func (CodelessUIDataConnector) MarshalJSON ¶
func (cudc CodelessUIDataConnector) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for CodelessUIDataConnector.
func (*CodelessUIDataConnector) UnmarshalJSON ¶
func (cudc *CodelessUIDataConnector) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for CodelessUIDataConnector struct.
type ConditionType ¶
type ConditionType string
ConditionType enumerates the values for condition type.
const ( // ConditionTypeAutomationRuleCondition ... ConditionTypeAutomationRuleCondition ConditionType = "AutomationRuleCondition" // ConditionTypeProperty ... ConditionTypeProperty ConditionType = "Property" )
func PossibleConditionTypeValues ¶
func PossibleConditionTypeValues() []ConditionType
PossibleConditionTypeValues returns an array of possible values for the ConditionType const type.
type ConfidenceLevel ¶
type ConfidenceLevel string
ConfidenceLevel enumerates the values for confidence level.
const ( // ConfidenceLevelHigh High confidence that the alert is true positive malicious ConfidenceLevelHigh ConfidenceLevel = "High" // ConfidenceLevelLow Low confidence, meaning we have some doubts this is indeed malicious or part of an // attack ConfidenceLevelLow ConfidenceLevel = "Low" // ConfidenceLevelUnknown Unknown confidence, the is the default value ConfidenceLevelUnknown ConfidenceLevel = "Unknown" )
func PossibleConfidenceLevelValues ¶
func PossibleConfidenceLevelValues() []ConfidenceLevel
PossibleConfidenceLevelValues returns an array of possible values for the ConfidenceLevel const type.
type ConfidenceScoreStatus ¶
type ConfidenceScoreStatus string
ConfidenceScoreStatus enumerates the values for confidence score status.
const ( // ConfidenceScoreStatusFinal Final score was calculated and available ConfidenceScoreStatusFinal ConfidenceScoreStatus = "Final" // ConfidenceScoreStatusInProcess No score was set yet and calculation is in progress ConfidenceScoreStatusInProcess ConfidenceScoreStatus = "InProcess" // ConfidenceScoreStatusNotApplicable Score will not be calculated for this alert as it is not supported by // virtual analyst ConfidenceScoreStatusNotApplicable ConfidenceScoreStatus = "NotApplicable" // ConfidenceScoreStatusNotFinal Score is calculated and shown as part of the alert, but may be updated // again at a later time following the processing of additional data ConfidenceScoreStatusNotFinal ConfidenceScoreStatus = "NotFinal" )
func PossibleConfidenceScoreStatusValues ¶
func PossibleConfidenceScoreStatusValues() []ConfidenceScoreStatus
PossibleConfidenceScoreStatusValues returns an array of possible values for the ConfidenceScoreStatus const type.
type ConnectAuthKind ¶
type ConnectAuthKind string
ConnectAuthKind enumerates the values for connect auth kind.
const ( // ConnectAuthKindAPIKey ... ConnectAuthKindAPIKey ConnectAuthKind = "APIKey" // ConnectAuthKindBasic ... ConnectAuthKindBasic ConnectAuthKind = "Basic" // ConnectAuthKindOAuth2 ... ConnectAuthKindOAuth2 ConnectAuthKind = "OAuth2" )
func PossibleConnectAuthKindValues ¶
func PossibleConnectAuthKindValues() []ConnectAuthKind
PossibleConnectAuthKindValues returns an array of possible values for the ConnectAuthKind const type.
type ConnectedEntity ¶
type ConnectedEntity struct { // TargetEntityID - Entity Id of the connected entity TargetEntityID *string `json:"targetEntityId,omitempty"` // AdditionalData - key-value pairs for a connected entity mapping AdditionalData interface{} `json:"additionalData,omitempty"` }
ConnectedEntity expansion result connected entities
type ConnectivityCriteria ¶
type ConnectivityCriteria struct { // Type - type of connectivity. Possible values include: 'ConnectivityTypeIsConnectedQuery' Type ConnectivityType `json:"type,omitempty"` // Value - Queries for checking connectivity Value *[]string `json:"value,omitempty"` }
ConnectivityCriteria setting for the connector check connectivity
type ConnectivityType ¶
type ConnectivityType string
ConnectivityType enumerates the values for connectivity type.
const ( // ConnectivityTypeIsConnectedQuery ... ConnectivityTypeIsConnectedQuery ConnectivityType = "IsConnectedQuery" )
func PossibleConnectivityTypeValues ¶
func PossibleConnectivityTypeValues() []ConnectivityType
PossibleConnectivityTypeValues returns an array of possible values for the ConnectivityType const type.
type ConnectorInstructionModelBase ¶
type ConnectorInstructionModelBase struct { // Parameters - The parameters for the setting Parameters interface{} `json:"parameters,omitempty"` // Type - The kind of the setting. Possible values include: 'SettingTypeCopyableLabel', 'SettingTypeInstructionStepsGroup', 'SettingTypeInfoMessage' Type SettingType `json:"type,omitempty"` }
ConnectorInstructionModelBase instruction step details
type ContentPathMap ¶
type ContentPathMap struct { // ContentType - Content type. Possible values include: 'ContentTypeAnalyticRule', 'ContentTypeWorkbook' ContentType ContentType `json:"contentType,omitempty"` // Path - The path to the content. Path *string `json:"path,omitempty"` }
ContentPathMap the mapping of content type to a repo path.
type ContentType ¶
type ContentType string
ContentType enumerates the values for content type.
const ( // ContentTypeAnalyticRule ... ContentTypeAnalyticRule ContentType = "AnalyticRule" // ContentTypeWorkbook ... ContentTypeWorkbook ContentType = "Workbook" )
func PossibleContentTypeValues ¶
func PossibleContentTypeValues() []ContentType
PossibleContentTypeValues returns an array of possible values for the ContentType const type.
type CreatedByType ¶
type CreatedByType string
CreatedByType enumerates the values for created by type.
const ( // CreatedByTypeApplication ... CreatedByTypeApplication CreatedByType = "Application" // CreatedByTypeKey ... CreatedByTypeKey CreatedByType = "Key" // CreatedByTypeManagedIdentity ... CreatedByTypeManagedIdentity CreatedByType = "ManagedIdentity" // CreatedByTypeUser ... CreatedByTypeUser CreatedByType = "User" )
func PossibleCreatedByTypeValues ¶
func PossibleCreatedByTypeValues() []CreatedByType
PossibleCreatedByTypeValues returns an array of possible values for the CreatedByType const type.
type CustomEntityQuery ¶
type CustomEntityQuery struct { // Kind - Possible values include: 'KindBasicCustomEntityQueryKindCustomEntityQuery', 'KindBasicCustomEntityQueryKindActivity' Kind KindBasicCustomEntityQuery `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
CustomEntityQuery specific entity query that supports put requests.
func (CustomEntityQuery) AsActivityCustomEntityQuery ¶
func (ceq CustomEntityQuery) AsActivityCustomEntityQuery() (*ActivityCustomEntityQuery, bool)
AsActivityCustomEntityQuery is the BasicCustomEntityQuery implementation for CustomEntityQuery.
func (CustomEntityQuery) AsBasicCustomEntityQuery ¶
func (ceq CustomEntityQuery) AsBasicCustomEntityQuery() (BasicCustomEntityQuery, bool)
AsBasicCustomEntityQuery is the BasicCustomEntityQuery implementation for CustomEntityQuery.
func (CustomEntityQuery) AsCustomEntityQuery ¶
func (ceq CustomEntityQuery) AsCustomEntityQuery() (*CustomEntityQuery, bool)
AsCustomEntityQuery is the BasicCustomEntityQuery implementation for CustomEntityQuery.
func (CustomEntityQuery) MarshalJSON ¶
func (ceq CustomEntityQuery) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for CustomEntityQuery.
type CustomEntityQueryKind ¶
type CustomEntityQueryKind string
CustomEntityQueryKind enumerates the values for custom entity query kind.
const ( // CustomEntityQueryKindActivity ... CustomEntityQueryKindActivity CustomEntityQueryKind = "Activity" )
func PossibleCustomEntityQueryKindValues ¶
func PossibleCustomEntityQueryKindValues() []CustomEntityQueryKind
PossibleCustomEntityQueryKindValues returns an array of possible values for the CustomEntityQueryKind const type.
type Customs ¶
type Customs struct { // Name - Customs permissions name Name *string `json:"name,omitempty"` // Description - Customs permissions description Description *string `json:"description,omitempty"` }
Customs customs permissions required for the connector
type CustomsPermission ¶
type CustomsPermission struct { // Name - Customs permissions name Name *string `json:"name,omitempty"` // Description - Customs permissions description Description *string `json:"description,omitempty"` }
CustomsPermission customs permissions required for the connector
type DNSEntity ¶
type DNSEntity struct { // DNSEntityProperties - Dns entity properties *DNSEntityProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' Kind KindBasicEntity `json:"kind,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
DNSEntity represents a dns entity.
func (DNSEntity) AsAccountEntity ¶
func (de DNSEntity) AsAccountEntity() (*AccountEntity, bool)
AsAccountEntity is the BasicEntity implementation for DNSEntity.
func (DNSEntity) AsAzureResourceEntity ¶
func (de DNSEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
AsAzureResourceEntity is the BasicEntity implementation for DNSEntity.
func (DNSEntity) AsBasicEntity ¶
func (de DNSEntity) AsBasicEntity() (BasicEntity, bool)
AsBasicEntity is the BasicEntity implementation for DNSEntity.
func (DNSEntity) AsCloudApplicationEntity ¶
func (de DNSEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
AsCloudApplicationEntity is the BasicEntity implementation for DNSEntity.
func (DNSEntity) AsDNSEntity ¶
AsDNSEntity is the BasicEntity implementation for DNSEntity.
func (DNSEntity) AsFileEntity ¶
func (de DNSEntity) AsFileEntity() (*FileEntity, bool)
AsFileEntity is the BasicEntity implementation for DNSEntity.
func (DNSEntity) AsFileHashEntity ¶
func (de DNSEntity) AsFileHashEntity() (*FileHashEntity, bool)
AsFileHashEntity is the BasicEntity implementation for DNSEntity.
func (DNSEntity) AsHostEntity ¶
func (de DNSEntity) AsHostEntity() (*HostEntity, bool)
AsHostEntity is the BasicEntity implementation for DNSEntity.
func (DNSEntity) AsHuntingBookmark ¶
func (de DNSEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
AsHuntingBookmark is the BasicEntity implementation for DNSEntity.
func (DNSEntity) AsIPEntity ¶
AsIPEntity is the BasicEntity implementation for DNSEntity.
func (DNSEntity) AsIoTDeviceEntity ¶
func (de DNSEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
AsIoTDeviceEntity is the BasicEntity implementation for DNSEntity.
func (DNSEntity) AsMailClusterEntity ¶
func (de DNSEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
AsMailClusterEntity is the BasicEntity implementation for DNSEntity.
func (DNSEntity) AsMailMessageEntity ¶
func (de DNSEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
AsMailMessageEntity is the BasicEntity implementation for DNSEntity.
func (DNSEntity) AsMailboxEntity ¶
func (de DNSEntity) AsMailboxEntity() (*MailboxEntity, bool)
AsMailboxEntity is the BasicEntity implementation for DNSEntity.
func (DNSEntity) AsMalwareEntity ¶
func (de DNSEntity) AsMalwareEntity() (*MalwareEntity, bool)
AsMalwareEntity is the BasicEntity implementation for DNSEntity.
func (DNSEntity) AsProcessEntity ¶
func (de DNSEntity) AsProcessEntity() (*ProcessEntity, bool)
AsProcessEntity is the BasicEntity implementation for DNSEntity.
func (DNSEntity) AsRegistryKeyEntity ¶
func (de DNSEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
AsRegistryKeyEntity is the BasicEntity implementation for DNSEntity.
func (DNSEntity) AsRegistryValueEntity ¶
func (de DNSEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
AsRegistryValueEntity is the BasicEntity implementation for DNSEntity.
func (DNSEntity) AsSecurityAlert ¶
func (de DNSEntity) AsSecurityAlert() (*SecurityAlert, bool)
AsSecurityAlert is the BasicEntity implementation for DNSEntity.
func (DNSEntity) AsSecurityGroupEntity ¶
func (de DNSEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
AsSecurityGroupEntity is the BasicEntity implementation for DNSEntity.
func (DNSEntity) AsSubmissionMailEntity ¶
func (de DNSEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
AsSubmissionMailEntity is the BasicEntity implementation for DNSEntity.
func (DNSEntity) AsURLEntity ¶
AsURLEntity is the BasicEntity implementation for DNSEntity.
func (DNSEntity) MarshalJSON ¶
MarshalJSON is the custom marshaler for DNSEntity.
func (*DNSEntity) UnmarshalJSON ¶
UnmarshalJSON is the custom unmarshaler for DNSEntity struct.
type DNSEntityProperties ¶
type DNSEntityProperties struct { // DNSServerIPEntityID - READ-ONLY; An ip entity id for the dns server resolving the request DNSServerIPEntityID *string `json:"dnsServerIpEntityId,omitempty"` // DomainName - READ-ONLY; The name of the dns record associated with the alert DomainName *string `json:"domainName,omitempty"` // HostIPAddressEntityID - READ-ONLY; An ip entity id for the dns request client HostIPAddressEntityID *string `json:"hostIpAddressEntityId,omitempty"` // IPAddressEntityIds - READ-ONLY; Ip entity identifiers for the resolved ip address. IPAddressEntityIds *[]string `json:"ipAddressEntityIds,omitempty"` // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]interface{} `json:"additionalData"` // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. FriendlyName *string `json:"friendlyName,omitempty"` }
DNSEntityProperties dns entity property bag.
func (DNSEntityProperties) MarshalJSON ¶
func (dep DNSEntityProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for DNSEntityProperties.
type DataConnector ¶
type DataConnector struct { autorest.Response `json:"-"` // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' Kind KindBasicDataConnector `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
DataConnector data connector
func (DataConnector) AsAADDataConnector ¶
func (dc DataConnector) AsAADDataConnector() (*AADDataConnector, bool)
AsAADDataConnector is the BasicDataConnector implementation for DataConnector.
func (DataConnector) AsAATPDataConnector ¶
func (dc DataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
AsAATPDataConnector is the BasicDataConnector implementation for DataConnector.
func (DataConnector) AsASCDataConnector ¶
func (dc DataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
AsASCDataConnector is the BasicDataConnector implementation for DataConnector.
func (DataConnector) AsAwsCloudTrailDataConnector ¶
func (dc DataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for DataConnector.
func (DataConnector) AsAwsS3DataConnector ¶
func (dc DataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
AsAwsS3DataConnector is the BasicDataConnector implementation for DataConnector.
func (DataConnector) AsBasicDataConnector ¶
func (dc DataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
AsBasicDataConnector is the BasicDataConnector implementation for DataConnector.
func (DataConnector) AsCodelessAPIPollingDataConnector ¶
func (dc DataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for DataConnector.
func (DataConnector) AsCodelessUIDataConnector ¶
func (dc DataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
AsCodelessUIDataConnector is the BasicDataConnector implementation for DataConnector.
func (DataConnector) AsDataConnector ¶
func (dc DataConnector) AsDataConnector() (*DataConnector, bool)
AsDataConnector is the BasicDataConnector implementation for DataConnector.
func (DataConnector) AsDynamics365DataConnector ¶
func (dc DataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
AsDynamics365DataConnector is the BasicDataConnector implementation for DataConnector.
func (DataConnector) AsMCASDataConnector ¶
func (dc DataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
AsMCASDataConnector is the BasicDataConnector implementation for DataConnector.
func (DataConnector) AsMDATPDataConnector ¶
func (dc DataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
AsMDATPDataConnector is the BasicDataConnector implementation for DataConnector.
func (DataConnector) AsMSTIDataConnector ¶
func (dc DataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
AsMSTIDataConnector is the BasicDataConnector implementation for DataConnector.
func (DataConnector) AsMTPDataConnector ¶
func (dc DataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
AsMTPDataConnector is the BasicDataConnector implementation for DataConnector.
func (DataConnector) AsOfficeATPDataConnector ¶
func (dc DataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
AsOfficeATPDataConnector is the BasicDataConnector implementation for DataConnector.
func (DataConnector) AsOfficeDataConnector ¶
func (dc DataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
AsOfficeDataConnector is the BasicDataConnector implementation for DataConnector.
func (DataConnector) AsOfficeIRMDataConnector ¶
func (dc DataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
AsOfficeIRMDataConnector is the BasicDataConnector implementation for DataConnector.
func (DataConnector) AsTIDataConnector ¶
func (dc DataConnector) AsTIDataConnector() (*TIDataConnector, bool)
AsTIDataConnector is the BasicDataConnector implementation for DataConnector.
func (DataConnector) AsTiTaxiiDataConnector ¶
func (dc DataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
AsTiTaxiiDataConnector is the BasicDataConnector implementation for DataConnector.
func (DataConnector) MarshalJSON ¶
func (dc DataConnector) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for DataConnector.
type DataConnectorAuthorizationState ¶
type DataConnectorAuthorizationState string
DataConnectorAuthorizationState enumerates the values for data connector authorization state.
const ( // DataConnectorAuthorizationStateInvalid ... DataConnectorAuthorizationStateInvalid DataConnectorAuthorizationState = "Invalid" // DataConnectorAuthorizationStateValid ... DataConnectorAuthorizationStateValid DataConnectorAuthorizationState = "Valid" )
func PossibleDataConnectorAuthorizationStateValues ¶
func PossibleDataConnectorAuthorizationStateValues() []DataConnectorAuthorizationState
PossibleDataConnectorAuthorizationStateValues returns an array of possible values for the DataConnectorAuthorizationState const type.
type DataConnectorConnectBody ¶
type DataConnectorConnectBody struct { // Kind - The authentication kind used to poll the data. Possible values include: 'ConnectAuthKindBasic', 'ConnectAuthKindOAuth2', 'ConnectAuthKindAPIKey' Kind ConnectAuthKind `json:"kind,omitempty"` // APIKey - The API key of the audit server. APIKey *string `json:"apiKey,omitempty"` // ClientSecret - The client secret of the OAuth 2.0 application. ClientSecret *string `json:"clientSecret,omitempty"` // ClientID - The client id of the OAuth 2.0 application. ClientID *string `json:"clientId,omitempty"` // AuthorizationCode - The authorization code used in OAuth 2.0 code flow to issue a token. AuthorizationCode *string `json:"authorizationCode,omitempty"` // UserName - The user name in the audit log server. UserName *string `json:"userName,omitempty"` // Password - The user password in the audit log server. Password *string `json:"password,omitempty"` RequestConfigUserInputValues *[]interface{} `json:"requestConfigUserInputValues,omitempty"` }
DataConnectorConnectBody represents Codeless API Polling data connector.
type DataConnectorDataTypeCommon ¶
type DataConnectorDataTypeCommon struct { // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' State DataTypeState `json:"state,omitempty"` }
DataConnectorDataTypeCommon common field for data type in data connectors.
type DataConnectorKind ¶
type DataConnectorKind string
DataConnectorKind enumerates the values for data connector kind.
const ( // DataConnectorKindAmazonWebServicesCloudTrail ... DataConnectorKindAmazonWebServicesCloudTrail DataConnectorKind = "AmazonWebServicesCloudTrail" // DataConnectorKindAmazonWebServicesS3 ... DataConnectorKindAmazonWebServicesS3 DataConnectorKind = "AmazonWebServicesS3" // DataConnectorKindAPIPolling ... DataConnectorKindAPIPolling DataConnectorKind = "APIPolling" // DataConnectorKindAzureActiveDirectory ... DataConnectorKindAzureActiveDirectory DataConnectorKind = "AzureActiveDirectory" // DataConnectorKindAzureAdvancedThreatProtection ... DataConnectorKindAzureAdvancedThreatProtection DataConnectorKind = "AzureAdvancedThreatProtection" // DataConnectorKindAzureSecurityCenter ... DataConnectorKindAzureSecurityCenter DataConnectorKind = "AzureSecurityCenter" // DataConnectorKindDynamics365 ... DataConnectorKindDynamics365 DataConnectorKind = "Dynamics365" // DataConnectorKindGenericUI ... DataConnectorKindGenericUI DataConnectorKind = "GenericUI" // DataConnectorKindMicrosoftCloudAppSecurity ... DataConnectorKindMicrosoftCloudAppSecurity DataConnectorKind = "MicrosoftCloudAppSecurity" // DataConnectorKindMicrosoftDefenderAdvancedThreatProtection ... DataConnectorKindMicrosoftDefenderAdvancedThreatProtection DataConnectorKind = "MicrosoftDefenderAdvancedThreatProtection" // DataConnectorKindMicrosoftThreatIntelligence ... DataConnectorKindMicrosoftThreatIntelligence DataConnectorKind = "MicrosoftThreatIntelligence" // DataConnectorKindMicrosoftThreatProtection ... DataConnectorKindMicrosoftThreatProtection DataConnectorKind = "MicrosoftThreatProtection" // DataConnectorKindOffice365 ... DataConnectorKindOffice365 DataConnectorKind = "Office365" // DataConnectorKindOfficeATP ... DataConnectorKindOfficeATP DataConnectorKind = "OfficeATP" // DataConnectorKindOfficeIRM ... DataConnectorKindOfficeIRM DataConnectorKind = "OfficeIRM" // DataConnectorKindThreatIntelligence ... DataConnectorKindThreatIntelligence DataConnectorKind = "ThreatIntelligence" // DataConnectorKindThreatIntelligenceTaxii ... DataConnectorKindThreatIntelligenceTaxii DataConnectorKind = "ThreatIntelligenceTaxii" )
func PossibleDataConnectorKindValues ¶
func PossibleDataConnectorKindValues() []DataConnectorKind
PossibleDataConnectorKindValues returns an array of possible values for the DataConnectorKind const type.
type DataConnectorLicenseState ¶
type DataConnectorLicenseState string
DataConnectorLicenseState enumerates the values for data connector license state.
const ( // DataConnectorLicenseStateInvalid ... DataConnectorLicenseStateInvalid DataConnectorLicenseState = "Invalid" // DataConnectorLicenseStateUnknown ... DataConnectorLicenseStateUnknown DataConnectorLicenseState = "Unknown" // DataConnectorLicenseStateValid ... DataConnectorLicenseStateValid DataConnectorLicenseState = "Valid" )
func PossibleDataConnectorLicenseStateValues ¶
func PossibleDataConnectorLicenseStateValues() []DataConnectorLicenseState
PossibleDataConnectorLicenseStateValues returns an array of possible values for the DataConnectorLicenseState const type.
type DataConnectorList ¶
type DataConnectorList struct { autorest.Response `json:"-"` // NextLink - READ-ONLY; URL to fetch the next set of data connectors. NextLink *string `json:"nextLink,omitempty"` // Value - Array of data connectors. Value *[]BasicDataConnector `json:"value,omitempty"` }
DataConnectorList list all the data connectors.
func (DataConnectorList) IsEmpty ¶
func (dcl DataConnectorList) IsEmpty() bool
IsEmpty returns true if the ListResult contains no values.
func (DataConnectorList) MarshalJSON ¶
func (dcl DataConnectorList) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for DataConnectorList.
func (*DataConnectorList) UnmarshalJSON ¶
func (dcl *DataConnectorList) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for DataConnectorList struct.
type DataConnectorListIterator ¶
type DataConnectorListIterator struct {
// contains filtered or unexported fields
}
DataConnectorListIterator provides access to a complete listing of DataConnector values.
func NewDataConnectorListIterator ¶
func NewDataConnectorListIterator(page DataConnectorListPage) DataConnectorListIterator
Creates a new instance of the DataConnectorListIterator type.
func (*DataConnectorListIterator) Next ¶
func (iter *DataConnectorListIterator) Next() error
Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*DataConnectorListIterator) NextWithContext ¶
func (iter *DataConnectorListIterator) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.
func (DataConnectorListIterator) NotDone ¶
func (iter DataConnectorListIterator) NotDone() bool
NotDone returns true if the enumeration should be started or is not yet complete.
func (DataConnectorListIterator) Response ¶
func (iter DataConnectorListIterator) Response() DataConnectorList
Response returns the raw server response from the last page request.
func (DataConnectorListIterator) Value ¶
func (iter DataConnectorListIterator) Value() BasicDataConnector
Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.
type DataConnectorListPage ¶
type DataConnectorListPage struct {
// contains filtered or unexported fields
}
DataConnectorListPage contains a page of BasicDataConnector values.
func NewDataConnectorListPage ¶
func NewDataConnectorListPage(cur DataConnectorList, getNextPage func(context.Context, DataConnectorList) (DataConnectorList, error)) DataConnectorListPage
Creates a new instance of the DataConnectorListPage type.
func (*DataConnectorListPage) Next ¶
func (page *DataConnectorListPage) Next() error
Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*DataConnectorListPage) NextWithContext ¶
func (page *DataConnectorListPage) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.
func (DataConnectorListPage) NotDone ¶
func (page DataConnectorListPage) NotDone() bool
NotDone returns true if the page enumeration should be started or is not yet complete.
func (DataConnectorListPage) Response ¶
func (page DataConnectorListPage) Response() DataConnectorList
Response returns the raw server response from the last page request.
func (DataConnectorListPage) Values ¶
func (page DataConnectorListPage) Values() []BasicDataConnector
Values returns the slice of values for the current page or nil if there are no values.
type DataConnectorModel ¶
type DataConnectorModel struct { autorest.Response `json:"-"` Value BasicDataConnector `json:"value,omitempty"` }
DataConnectorModel ...
func (*DataConnectorModel) UnmarshalJSON ¶
func (dcm *DataConnectorModel) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for DataConnectorModel struct.
type DataConnectorRequirementsState ¶
type DataConnectorRequirementsState struct { autorest.Response `json:"-"` // AuthorizationState - Authorization state for this connector. Possible values include: 'DataConnectorAuthorizationStateValid', 'DataConnectorAuthorizationStateInvalid' AuthorizationState DataConnectorAuthorizationState `json:"authorizationState,omitempty"` // LicenseState - License state for this connector. Possible values include: 'DataConnectorLicenseStateValid', 'DataConnectorLicenseStateInvalid', 'DataConnectorLicenseStateUnknown' LicenseState DataConnectorLicenseState `json:"licenseState,omitempty"` }
DataConnectorRequirementsState data connector requirements status.
type DataConnectorTenantID ¶
type DataConnectorTenantID struct { // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` }
DataConnectorTenantID properties data connector on tenant level.
type DataConnectorWithAlertsProperties ¶
type DataConnectorWithAlertsProperties struct { // DataTypes - The available data types for the connector. DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"` }
DataConnectorWithAlertsProperties data connector properties.
type DataConnectorsCheckRequirements ¶
type DataConnectorsCheckRequirements struct { // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` }
DataConnectorsCheckRequirements data connector requirements properties.
func (DataConnectorsCheckRequirements) AsAADCheckRequirements ¶
func (dccr DataConnectorsCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements.
func (DataConnectorsCheckRequirements) AsAATPCheckRequirements ¶
func (dccr DataConnectorsCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements.
func (DataConnectorsCheckRequirements) AsASCCheckRequirements ¶
func (dccr DataConnectorsCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements.
func (DataConnectorsCheckRequirements) AsAwsCloudTrailCheckRequirements ¶
func (dccr DataConnectorsCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements.
func (DataConnectorsCheckRequirements) AsAwsS3CheckRequirements ¶
func (dccr DataConnectorsCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements.
func (DataConnectorsCheckRequirements) AsBasicDataConnectorsCheckRequirements ¶
func (dccr DataConnectorsCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements.
func (DataConnectorsCheckRequirements) AsDataConnectorsCheckRequirements ¶
func (dccr DataConnectorsCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements.
func (DataConnectorsCheckRequirements) AsDynamics365CheckRequirements ¶
func (dccr DataConnectorsCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements.
func (DataConnectorsCheckRequirements) AsMCASCheckRequirements ¶
func (dccr DataConnectorsCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements.
func (DataConnectorsCheckRequirements) AsMDATPCheckRequirements ¶
func (dccr DataConnectorsCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements.
func (DataConnectorsCheckRequirements) AsMSTICheckRequirements ¶
func (dccr DataConnectorsCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements.
func (DataConnectorsCheckRequirements) AsMtpCheckRequirements ¶
func (dccr DataConnectorsCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements.
func (DataConnectorsCheckRequirements) AsOfficeATPCheckRequirements ¶
func (dccr DataConnectorsCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements.
func (DataConnectorsCheckRequirements) AsOfficeIRMCheckRequirements ¶
func (dccr DataConnectorsCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements.
func (DataConnectorsCheckRequirements) AsTICheckRequirements ¶
func (dccr DataConnectorsCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements.
func (DataConnectorsCheckRequirements) AsTiTaxiiCheckRequirements ¶
func (dccr DataConnectorsCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements.
func (DataConnectorsCheckRequirements) MarshalJSON ¶
func (dccr DataConnectorsCheckRequirements) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for DataConnectorsCheckRequirements.
type DataConnectorsCheckRequirementsClient ¶
type DataConnectorsCheckRequirementsClient struct {
BaseClient
}
DataConnectorsCheckRequirementsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewDataConnectorsCheckRequirementsClient ¶
func NewDataConnectorsCheckRequirementsClient(subscriptionID string) DataConnectorsCheckRequirementsClient
NewDataConnectorsCheckRequirementsClient creates an instance of the DataConnectorsCheckRequirementsClient client.
func NewDataConnectorsCheckRequirementsClientWithBaseURI ¶
func NewDataConnectorsCheckRequirementsClientWithBaseURI(baseURI string, subscriptionID string) DataConnectorsCheckRequirementsClient
NewDataConnectorsCheckRequirementsClientWithBaseURI creates an instance of the DataConnectorsCheckRequirementsClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (DataConnectorsCheckRequirementsClient) Post ¶
func (client DataConnectorsCheckRequirementsClient) Post(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorsCheckRequirements BasicDataConnectorsCheckRequirements) (result DataConnectorRequirementsState, err error)
Post get requirements state for a data connector type. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. dataConnectorsCheckRequirements - the parameters for requirements check message
func (DataConnectorsCheckRequirementsClient) PostPreparer ¶
func (client DataConnectorsCheckRequirementsClient) PostPreparer(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorsCheckRequirements BasicDataConnectorsCheckRequirements) (*http.Request, error)
PostPreparer prepares the Post request.
func (DataConnectorsCheckRequirementsClient) PostResponder ¶
func (client DataConnectorsCheckRequirementsClient) PostResponder(resp *http.Response) (result DataConnectorRequirementsState, err error)
PostResponder handles the response to the Post request. The method always closes the http.Response Body.
func (DataConnectorsCheckRequirementsClient) PostSender ¶
func (client DataConnectorsCheckRequirementsClient) PostSender(req *http.Request) (*http.Response, error)
PostSender sends the Post request. The method will close the http.Response Body if it receives an error.
type DataConnectorsClient ¶
type DataConnectorsClient struct {
BaseClient
}
DataConnectorsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewDataConnectorsClient ¶
func NewDataConnectorsClient(subscriptionID string) DataConnectorsClient
NewDataConnectorsClient creates an instance of the DataConnectorsClient client.
func NewDataConnectorsClientWithBaseURI ¶
func NewDataConnectorsClientWithBaseURI(baseURI string, subscriptionID string) DataConnectorsClient
NewDataConnectorsClientWithBaseURI creates an instance of the DataConnectorsClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (DataConnectorsClient) Connect ¶
func (client DataConnectorsClient) Connect(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, connectBody DataConnectorConnectBody) (result autorest.Response, err error)
Connect connects a data connector. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. dataConnectorID - connector ID connectBody - the data connector
func (DataConnectorsClient) ConnectPreparer ¶
func (client DataConnectorsClient) ConnectPreparer(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, connectBody DataConnectorConnectBody) (*http.Request, error)
ConnectPreparer prepares the Connect request.
func (DataConnectorsClient) ConnectResponder ¶
func (client DataConnectorsClient) ConnectResponder(resp *http.Response) (result autorest.Response, err error)
ConnectResponder handles the response to the Connect request. The method always closes the http.Response Body.
func (DataConnectorsClient) ConnectSender ¶
ConnectSender sends the Connect request. The method will close the http.Response Body if it receives an error.
func (DataConnectorsClient) CreateOrUpdate ¶
func (client DataConnectorsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, dataConnector BasicDataConnector) (result DataConnectorModel, err error)
CreateOrUpdate creates or updates the data connector. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. dataConnectorID - connector ID dataConnector - the data connector
func (DataConnectorsClient) CreateOrUpdatePreparer ¶
func (client DataConnectorsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, dataConnector BasicDataConnector) (*http.Request, error)
CreateOrUpdatePreparer prepares the CreateOrUpdate request.
func (DataConnectorsClient) CreateOrUpdateResponder ¶
func (client DataConnectorsClient) CreateOrUpdateResponder(resp *http.Response) (result DataConnectorModel, err error)
CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always closes the http.Response Body.
func (DataConnectorsClient) CreateOrUpdateSender ¶
CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the http.Response Body if it receives an error.
func (DataConnectorsClient) Delete ¶
func (client DataConnectorsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string) (result autorest.Response, err error)
Delete delete the data connector. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. dataConnectorID - connector ID
func (DataConnectorsClient) DeletePreparer ¶
func (client DataConnectorsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string) (*http.Request, error)
DeletePreparer prepares the Delete request.
func (DataConnectorsClient) DeleteResponder ¶
func (client DataConnectorsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
DeleteResponder handles the response to the Delete request. The method always closes the http.Response Body.
func (DataConnectorsClient) DeleteSender ¶
DeleteSender sends the Delete request. The method will close the http.Response Body if it receives an error.
func (DataConnectorsClient) Disconnect ¶
func (client DataConnectorsClient) Disconnect(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string) (result autorest.Response, err error)
Disconnect disconnect a data connector. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. dataConnectorID - connector ID
func (DataConnectorsClient) DisconnectPreparer ¶
func (client DataConnectorsClient) DisconnectPreparer(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string) (*http.Request, error)
DisconnectPreparer prepares the Disconnect request.
func (DataConnectorsClient) DisconnectResponder ¶
func (client DataConnectorsClient) DisconnectResponder(resp *http.Response) (result autorest.Response, err error)
DisconnectResponder handles the response to the Disconnect request. The method always closes the http.Response Body.
func (DataConnectorsClient) DisconnectSender ¶
DisconnectSender sends the Disconnect request. The method will close the http.Response Body if it receives an error.
func (DataConnectorsClient) Get ¶
func (client DataConnectorsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string) (result DataConnectorModel, err error)
Get gets a data connector. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. dataConnectorID - connector ID
func (DataConnectorsClient) GetPreparer ¶
func (client DataConnectorsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string) (*http.Request, error)
GetPreparer prepares the Get request.
func (DataConnectorsClient) GetResponder ¶
func (client DataConnectorsClient) GetResponder(resp *http.Response) (result DataConnectorModel, err error)
GetResponder handles the response to the Get request. The method always closes the http.Response Body.
func (DataConnectorsClient) GetSender ¶
GetSender sends the Get request. The method will close the http.Response Body if it receives an error.
func (DataConnectorsClient) List ¶
func (client DataConnectorsClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result DataConnectorListPage, err error)
List gets all data connectors. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace.
func (DataConnectorsClient) ListComplete ¶
func (client DataConnectorsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result DataConnectorListIterator, err error)
ListComplete enumerates all values, automatically crossing page boundaries as required.
func (DataConnectorsClient) ListPreparer ¶
func (client DataConnectorsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
ListPreparer prepares the List request.
func (DataConnectorsClient) ListResponder ¶
func (client DataConnectorsClient) ListResponder(resp *http.Response) (result DataConnectorList, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (DataConnectorsClient) ListSender ¶
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
type DataTypeDefinitions ¶
type DataTypeDefinitions struct { // DataType - The data type name DataType *string `json:"dataType,omitempty"` }
DataTypeDefinitions the data type definition
type DataTypeState ¶
type DataTypeState string
DataTypeState enumerates the values for data type state.
const ( // DataTypeStateDisabled ... DataTypeStateDisabled DataTypeState = "Disabled" // DataTypeStateEnabled ... DataTypeStateEnabled DataTypeState = "Enabled" )
func PossibleDataTypeStateValues ¶
func PossibleDataTypeStateValues() []DataTypeState
PossibleDataTypeStateValues returns an array of possible values for the DataTypeState const type.
type DeliveryAction ¶
type DeliveryAction string
DeliveryAction enumerates the values for delivery action.
const ( // DeliveryActionBlocked Blocked DeliveryActionBlocked DeliveryAction = "Blocked" // DeliveryActionDelivered Delivered DeliveryActionDelivered DeliveryAction = "Delivered" // DeliveryActionDeliveredAsSpam DeliveredAsSpam DeliveryActionDeliveredAsSpam DeliveryAction = "DeliveredAsSpam" // DeliveryActionReplaced Replaced DeliveryActionReplaced DeliveryAction = "Replaced" // DeliveryActionUnknown Unknown DeliveryActionUnknown DeliveryAction = "Unknown" )
func PossibleDeliveryActionValues ¶
func PossibleDeliveryActionValues() []DeliveryAction
PossibleDeliveryActionValues returns an array of possible values for the DeliveryAction const type.
type DeliveryLocation ¶
type DeliveryLocation string
DeliveryLocation enumerates the values for delivery location.
const ( // DeliveryLocationDeletedFolder DeletedFolder DeliveryLocationDeletedFolder DeliveryLocation = "DeletedFolder" // DeliveryLocationDropped Dropped DeliveryLocationDropped DeliveryLocation = "Dropped" // DeliveryLocationExternal External DeliveryLocationExternal DeliveryLocation = "External" // DeliveryLocationFailed Failed DeliveryLocationFailed DeliveryLocation = "Failed" // DeliveryLocationForwarded Forwarded DeliveryLocationForwarded DeliveryLocation = "Forwarded" // DeliveryLocationInbox Inbox DeliveryLocationInbox DeliveryLocation = "Inbox" // DeliveryLocationJunkFolder JunkFolder DeliveryLocationJunkFolder DeliveryLocation = "JunkFolder" // DeliveryLocationQuarantine Quarantine DeliveryLocationQuarantine DeliveryLocation = "Quarantine" // DeliveryLocationUnknown Unknown DeliveryLocationUnknown DeliveryLocation = "Unknown" )
func PossibleDeliveryLocationValues ¶
func PossibleDeliveryLocationValues() []DeliveryLocation
PossibleDeliveryLocationValues returns an array of possible values for the DeliveryLocation const type.
type DomainWhoisClient ¶
type DomainWhoisClient struct {
BaseClient
}
DomainWhoisClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewDomainWhoisClient ¶
func NewDomainWhoisClient(subscriptionID string) DomainWhoisClient
NewDomainWhoisClient creates an instance of the DomainWhoisClient client.
func NewDomainWhoisClientWithBaseURI ¶
func NewDomainWhoisClientWithBaseURI(baseURI string, subscriptionID string) DomainWhoisClient
NewDomainWhoisClientWithBaseURI creates an instance of the DomainWhoisClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (DomainWhoisClient) Get ¶
func (client DomainWhoisClient) Get(ctx context.Context, resourceGroupName string, domain string) (result EnrichmentDomainWhois, err error)
Get get whois information for a single domain name Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. domain - domain name to be enriched
func (DomainWhoisClient) GetPreparer ¶
func (client DomainWhoisClient) GetPreparer(ctx context.Context, resourceGroupName string, domain string) (*http.Request, error)
GetPreparer prepares the Get request.
func (DomainWhoisClient) GetResponder ¶
func (client DomainWhoisClient) GetResponder(resp *http.Response) (result EnrichmentDomainWhois, err error)
GetResponder handles the response to the Get request. The method always closes the http.Response Body.
type Dynamics365CheckRequirements ¶
type Dynamics365CheckRequirements struct { // Dynamics365CheckRequirementsProperties - Dynamics365 requirements check properties. *Dynamics365CheckRequirementsProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` }
Dynamics365CheckRequirements represents Dynamics365 requirements check request.
func (Dynamics365CheckRequirements) AsAADCheckRequirements ¶
func (d3cr Dynamics365CheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements.
func (Dynamics365CheckRequirements) AsAATPCheckRequirements ¶
func (d3cr Dynamics365CheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements.
func (Dynamics365CheckRequirements) AsASCCheckRequirements ¶
func (d3cr Dynamics365CheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements.
func (Dynamics365CheckRequirements) AsAwsCloudTrailCheckRequirements ¶
func (d3cr Dynamics365CheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements.
func (Dynamics365CheckRequirements) AsAwsS3CheckRequirements ¶
func (d3cr Dynamics365CheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements.
func (Dynamics365CheckRequirements) AsBasicDataConnectorsCheckRequirements ¶
func (d3cr Dynamics365CheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements.
func (Dynamics365CheckRequirements) AsDataConnectorsCheckRequirements ¶
func (d3cr Dynamics365CheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements.
func (Dynamics365CheckRequirements) AsDynamics365CheckRequirements ¶
func (d3cr Dynamics365CheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements.
func (Dynamics365CheckRequirements) AsMCASCheckRequirements ¶
func (d3cr Dynamics365CheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements.
func (Dynamics365CheckRequirements) AsMDATPCheckRequirements ¶
func (d3cr Dynamics365CheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements.
func (Dynamics365CheckRequirements) AsMSTICheckRequirements ¶
func (d3cr Dynamics365CheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements.
func (Dynamics365CheckRequirements) AsMtpCheckRequirements ¶
func (d3cr Dynamics365CheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements.
func (Dynamics365CheckRequirements) AsOfficeATPCheckRequirements ¶
func (d3cr Dynamics365CheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements.
func (Dynamics365CheckRequirements) AsOfficeIRMCheckRequirements ¶
func (d3cr Dynamics365CheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements.
func (Dynamics365CheckRequirements) AsTICheckRequirements ¶
func (d3cr Dynamics365CheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements.
func (Dynamics365CheckRequirements) AsTiTaxiiCheckRequirements ¶
func (d3cr Dynamics365CheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements.
func (Dynamics365CheckRequirements) MarshalJSON ¶
func (d3cr Dynamics365CheckRequirements) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for Dynamics365CheckRequirements.
func (*Dynamics365CheckRequirements) UnmarshalJSON ¶
func (d3cr *Dynamics365CheckRequirements) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for Dynamics365CheckRequirements struct.
type Dynamics365CheckRequirementsProperties ¶
type Dynamics365CheckRequirementsProperties struct { // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` }
Dynamics365CheckRequirementsProperties dynamics365 requirements check properties.
type Dynamics365DataConnector ¶
type Dynamics365DataConnector struct { // Dynamics365DataConnectorProperties - Dynamics365 data connector properties. *Dynamics365DataConnectorProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' Kind KindBasicDataConnector `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
Dynamics365DataConnector represents Dynamics365 data connector.
func (Dynamics365DataConnector) AsAADDataConnector ¶
func (d3dc Dynamics365DataConnector) AsAADDataConnector() (*AADDataConnector, bool)
AsAADDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector.
func (Dynamics365DataConnector) AsAATPDataConnector ¶
func (d3dc Dynamics365DataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
AsAATPDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector.
func (Dynamics365DataConnector) AsASCDataConnector ¶
func (d3dc Dynamics365DataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
AsASCDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector.
func (Dynamics365DataConnector) AsAwsCloudTrailDataConnector ¶
func (d3dc Dynamics365DataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector.
func (Dynamics365DataConnector) AsAwsS3DataConnector ¶
func (d3dc Dynamics365DataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
AsAwsS3DataConnector is the BasicDataConnector implementation for Dynamics365DataConnector.
func (Dynamics365DataConnector) AsBasicDataConnector ¶
func (d3dc Dynamics365DataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
AsBasicDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector.
func (Dynamics365DataConnector) AsCodelessAPIPollingDataConnector ¶
func (d3dc Dynamics365DataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector.
func (Dynamics365DataConnector) AsCodelessUIDataConnector ¶
func (d3dc Dynamics365DataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
AsCodelessUIDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector.
func (Dynamics365DataConnector) AsDataConnector ¶
func (d3dc Dynamics365DataConnector) AsDataConnector() (*DataConnector, bool)
AsDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector.
func (Dynamics365DataConnector) AsDynamics365DataConnector ¶
func (d3dc Dynamics365DataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
AsDynamics365DataConnector is the BasicDataConnector implementation for Dynamics365DataConnector.
func (Dynamics365DataConnector) AsMCASDataConnector ¶
func (d3dc Dynamics365DataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
AsMCASDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector.
func (Dynamics365DataConnector) AsMDATPDataConnector ¶
func (d3dc Dynamics365DataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
AsMDATPDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector.
func (Dynamics365DataConnector) AsMSTIDataConnector ¶
func (d3dc Dynamics365DataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
AsMSTIDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector.
func (Dynamics365DataConnector) AsMTPDataConnector ¶
func (d3dc Dynamics365DataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
AsMTPDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector.
func (Dynamics365DataConnector) AsOfficeATPDataConnector ¶
func (d3dc Dynamics365DataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
AsOfficeATPDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector.
func (Dynamics365DataConnector) AsOfficeDataConnector ¶
func (d3dc Dynamics365DataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
AsOfficeDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector.
func (Dynamics365DataConnector) AsOfficeIRMDataConnector ¶
func (d3dc Dynamics365DataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
AsOfficeIRMDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector.
func (Dynamics365DataConnector) AsTIDataConnector ¶
func (d3dc Dynamics365DataConnector) AsTIDataConnector() (*TIDataConnector, bool)
AsTIDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector.
func (Dynamics365DataConnector) AsTiTaxiiDataConnector ¶
func (d3dc Dynamics365DataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
AsTiTaxiiDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector.
func (Dynamics365DataConnector) MarshalJSON ¶
func (d3dc Dynamics365DataConnector) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for Dynamics365DataConnector.
func (*Dynamics365DataConnector) UnmarshalJSON ¶
func (d3dc *Dynamics365DataConnector) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for Dynamics365DataConnector struct.
type Dynamics365DataConnectorDataTypes ¶
type Dynamics365DataConnectorDataTypes struct { // Dynamics365CdsActivities - Common Data Service data type connection. Dynamics365CdsActivities *Dynamics365DataConnectorDataTypesDynamics365CdsActivities `json:"dynamics365CdsActivities,omitempty"` }
Dynamics365DataConnectorDataTypes the available data types for Dynamics365 data connector.
type Dynamics365DataConnectorDataTypesDynamics365CdsActivities ¶
type Dynamics365DataConnectorDataTypesDynamics365CdsActivities struct { // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' State DataTypeState `json:"state,omitempty"` }
Dynamics365DataConnectorDataTypesDynamics365CdsActivities common Data Service data type connection.
type Dynamics365DataConnectorProperties ¶
type Dynamics365DataConnectorProperties struct { // DataTypes - The available data types for the connector. DataTypes *Dynamics365DataConnectorDataTypes `json:"dataTypes,omitempty"` // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` }
Dynamics365DataConnectorProperties dynamics365 data connector properties.
type ElevationToken ¶
type ElevationToken string
ElevationToken enumerates the values for elevation token.
const ( // ElevationTokenDefault Default elevation token ElevationTokenDefault ElevationToken = "Default" // ElevationTokenFull Full elevation token ElevationTokenFull ElevationToken = "Full" // ElevationTokenLimited Limited elevation token ElevationTokenLimited ElevationToken = "Limited" )
func PossibleElevationTokenValues ¶
func PossibleElevationTokenValues() []ElevationToken
PossibleElevationTokenValues returns an array of possible values for the ElevationToken const type.
type EnrichmentDomainWhois ¶
type EnrichmentDomainWhois struct { autorest.Response `json:"-"` // Domain - The domain for this whois record Domain *string `json:"domain,omitempty"` // Server - The hostname of this registrar's whois server Server *string `json:"server,omitempty"` // Created - The timestamp at which this record was created Created *date.Time `json:"created,omitempty"` // Updated - The timestamp at which this record was last updated Updated *date.Time `json:"updated,omitempty"` // Expires - The timestamp at which this record will expire Expires *date.Time `json:"expires,omitempty"` // ParsedWhois - The whois record for a given domain ParsedWhois *EnrichmentDomainWhoisDetails `json:"parsedWhois,omitempty"` }
EnrichmentDomainWhois whois information for a given domain and associated metadata
type EnrichmentDomainWhoisContact ¶
type EnrichmentDomainWhoisContact struct { // Name - The name of this contact Name *string `json:"name,omitempty"` // Org - The organization for this contact Org *string `json:"org,omitempty"` // Street - A list describing the street address for this contact Street *[]string `json:"street,omitempty"` // City - The city for this contact City *string `json:"city,omitempty"` // State - The state for this contact State *string `json:"state,omitempty"` // Postal - The postal code for this contact Postal *string `json:"postal,omitempty"` // Country - The country for this contact Country *string `json:"country,omitempty"` // Phone - The phone number for this contact Phone *string `json:"phone,omitempty"` // Fax - The fax number for this contact Fax *string `json:"fax,omitempty"` // Email - The email address for this contact Email *string `json:"email,omitempty"` }
EnrichmentDomainWhoisContact an individual contact associated with this domain
type EnrichmentDomainWhoisContacts ¶
type EnrichmentDomainWhoisContacts struct { // Admin - The admin contact for this whois record Admin *EnrichmentDomainWhoisContact `json:"admin,omitempty"` // Billing - The billing contact for this whois record Billing *EnrichmentDomainWhoisContact `json:"billing,omitempty"` // Registrant - The registrant contact for this whois record Registrant *EnrichmentDomainWhoisContact `json:"registrant,omitempty"` // Tech - The technical contact for this whois record Tech *EnrichmentDomainWhoisContact `json:"tech,omitempty"` }
EnrichmentDomainWhoisContacts the set of contacts associated with this domain
type EnrichmentDomainWhoisDetails ¶
type EnrichmentDomainWhoisDetails struct { // Registrar - The registrar associated with this domain Registrar *EnrichmentDomainWhoisRegistrarDetails `json:"registrar,omitempty"` // Contacts - The set of contacts associated with this domain Contacts *EnrichmentDomainWhoisContacts `json:"contacts,omitempty"` // NameServers - A list of name servers associated with this domain NameServers *[]string `json:"nameServers,omitempty"` // Statuses - The set of status flags for this whois record Statuses *[]string `json:"statuses,omitempty"` }
EnrichmentDomainWhoisDetails the whois record for a given domain
type EnrichmentDomainWhoisRegistrarDetails ¶
type EnrichmentDomainWhoisRegistrarDetails struct { // Name - The name of this registrar Name *string `json:"name,omitempty"` // AbuseContactEmail - This registrar's abuse contact email AbuseContactEmail *string `json:"abuseContactEmail,omitempty"` // AbuseContactPhone - This registrar's abuse contact phone number AbuseContactPhone *string `json:"abuseContactPhone,omitempty"` // IanaID - This registrar's Internet Assigned Numbers Authority id IanaID *string `json:"ianaId,omitempty"` // URL - This registrar's URL URL *string `json:"url,omitempty"` // WhoisServer - The hostname of this registrar's whois server WhoisServer *string `json:"whoisServer,omitempty"` }
EnrichmentDomainWhoisRegistrarDetails the registrar associated with this domain
type EnrichmentIPGeodata ¶
type EnrichmentIPGeodata struct { autorest.Response `json:"-"` // Asn - The autonomous system number associated with this IP address Asn *string `json:"asn,omitempty"` // Carrier - The name of the carrier for this IP address Carrier *string `json:"carrier,omitempty"` // City - The city this IP address is located in City *string `json:"city,omitempty"` // CityCf - A numeric rating of confidence that the value in the 'city' field is correct, on a scale of 0-100 CityCf *int32 `json:"cityCf,omitempty"` // Continent - The continent this IP address is located on Continent *string `json:"continent,omitempty"` // Country - The county this IP address is located in Country *string `json:"country,omitempty"` // CountryCf - A numeric rating of confidence that the value in the 'country' field is correct on a scale of 0-100 CountryCf *int32 `json:"countryCf,omitempty"` // IPAddr - The dotted-decimal or colon-separated string representation of the IP address IPAddr *string `json:"ipAddr,omitempty"` // IPRoutingType - A description of the connection type of this IP address IPRoutingType *string `json:"ipRoutingType,omitempty"` // Latitude - The latitude of this IP address Latitude *string `json:"latitude,omitempty"` // Longitude - The longitude of this IP address Longitude *string `json:"longitude,omitempty"` // Organization - The name of the organization for this IP address Organization *string `json:"organization,omitempty"` // OrganizationType - The type of the organization for this IP address OrganizationType *string `json:"organizationType,omitempty"` // Region - The geographic region this IP address is located in Region *string `json:"region,omitempty"` // State - The state this IP address is located in State *string `json:"state,omitempty"` // StateCf - A numeric rating of confidence that the value in the 'state' field is correct on a scale of 0-100 StateCf *int32 `json:"stateCf,omitempty"` // StateCode - The abbreviated name for the state this IP address is located in StateCode *string `json:"stateCode,omitempty"` }
EnrichmentIPGeodata geodata information for a given IP address
type EntitiesClient ¶
type EntitiesClient struct {
BaseClient
}
EntitiesClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewEntitiesClient ¶
func NewEntitiesClient(subscriptionID string) EntitiesClient
NewEntitiesClient creates an instance of the EntitiesClient client.
func NewEntitiesClientWithBaseURI ¶
func NewEntitiesClientWithBaseURI(baseURI string, subscriptionID string) EntitiesClient
NewEntitiesClientWithBaseURI creates an instance of the EntitiesClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (EntitiesClient) Expand ¶
func (client EntitiesClient) Expand(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, parameters EntityExpandParameters) (result EntityExpandResponse, err error)
Expand expands an entity. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. entityID - entity ID parameters - the parameters required to execute an expand operation on the given entity.
func (EntitiesClient) ExpandPreparer ¶
func (client EntitiesClient) ExpandPreparer(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, parameters EntityExpandParameters) (*http.Request, error)
ExpandPreparer prepares the Expand request.
func (EntitiesClient) ExpandResponder ¶
func (client EntitiesClient) ExpandResponder(resp *http.Response) (result EntityExpandResponse, err error)
ExpandResponder handles the response to the Expand request. The method always closes the http.Response Body.
func (EntitiesClient) ExpandSender ¶
ExpandSender sends the Expand request. The method will close the http.Response Body if it receives an error.
func (EntitiesClient) Get ¶
func (client EntitiesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, entityID string) (result EntityModel, err error)
Get gets an entity. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. entityID - entity ID
func (EntitiesClient) GetInsights ¶
func (client EntitiesClient) GetInsights(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, parameters EntityGetInsightsParameters) (result EntityGetInsightsResponse, err error)
GetInsights execute Insights for an entity. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. entityID - entity ID parameters - the parameters required to execute insights on the given entity.
func (EntitiesClient) GetInsightsPreparer ¶
func (client EntitiesClient) GetInsightsPreparer(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, parameters EntityGetInsightsParameters) (*http.Request, error)
GetInsightsPreparer prepares the GetInsights request.
func (EntitiesClient) GetInsightsResponder ¶
func (client EntitiesClient) GetInsightsResponder(resp *http.Response) (result EntityGetInsightsResponse, err error)
GetInsightsResponder handles the response to the GetInsights request. The method always closes the http.Response Body.
func (EntitiesClient) GetInsightsSender ¶
GetInsightsSender sends the GetInsights request. The method will close the http.Response Body if it receives an error.
func (EntitiesClient) GetPreparer ¶
func (client EntitiesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, entityID string) (*http.Request, error)
GetPreparer prepares the Get request.
func (EntitiesClient) GetResponder ¶
func (client EntitiesClient) GetResponder(resp *http.Response) (result EntityModel, err error)
GetResponder handles the response to the Get request. The method always closes the http.Response Body.
func (EntitiesClient) GetSender ¶
GetSender sends the Get request. The method will close the http.Response Body if it receives an error.
func (EntitiesClient) List ¶
func (client EntitiesClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result EntityListPage, err error)
List gets all entities. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace.
func (EntitiesClient) ListComplete ¶
func (client EntitiesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result EntityListIterator, err error)
ListComplete enumerates all values, automatically crossing page boundaries as required.
func (EntitiesClient) ListPreparer ¶
func (client EntitiesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
ListPreparer prepares the List request.
func (EntitiesClient) ListResponder ¶
func (client EntitiesClient) ListResponder(resp *http.Response) (result EntityList, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (EntitiesClient) ListSender ¶
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
func (EntitiesClient) Queries ¶
func (client EntitiesClient) Queries(ctx context.Context, resourceGroupName string, workspaceName string, entityID string) (result GetQueriesResponse, err error)
Queries get Insights and Activities for an entity. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. entityID - entity ID
func (EntitiesClient) QueriesPreparer ¶
func (client EntitiesClient) QueriesPreparer(ctx context.Context, resourceGroupName string, workspaceName string, entityID string) (*http.Request, error)
QueriesPreparer prepares the Queries request.
func (EntitiesClient) QueriesResponder ¶
func (client EntitiesClient) QueriesResponder(resp *http.Response) (result GetQueriesResponse, err error)
QueriesResponder handles the response to the Queries request. The method always closes the http.Response Body.
func (EntitiesClient) QueriesSender ¶
QueriesSender sends the Queries request. The method will close the http.Response Body if it receives an error.
type EntitiesGetTimelineClient ¶
type EntitiesGetTimelineClient struct {
BaseClient
}
EntitiesGetTimelineClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewEntitiesGetTimelineClient ¶
func NewEntitiesGetTimelineClient(subscriptionID string) EntitiesGetTimelineClient
NewEntitiesGetTimelineClient creates an instance of the EntitiesGetTimelineClient client.
func NewEntitiesGetTimelineClientWithBaseURI ¶
func NewEntitiesGetTimelineClientWithBaseURI(baseURI string, subscriptionID string) EntitiesGetTimelineClient
NewEntitiesGetTimelineClientWithBaseURI creates an instance of the EntitiesGetTimelineClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (EntitiesGetTimelineClient) List ¶
func (client EntitiesGetTimelineClient) List(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, parameters EntityTimelineParameters) (result EntityTimelineResponse, err error)
List timeline for an entity. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. entityID - entity ID parameters - the parameters required to execute an timeline operation on the given entity.
func (EntitiesGetTimelineClient) ListPreparer ¶
func (client EntitiesGetTimelineClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, parameters EntityTimelineParameters) (*http.Request, error)
ListPreparer prepares the List request.
func (EntitiesGetTimelineClient) ListResponder ¶
func (client EntitiesGetTimelineClient) ListResponder(resp *http.Response) (result EntityTimelineResponse, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (EntitiesGetTimelineClient) ListSender ¶
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
type EntitiesRelationsClient ¶
type EntitiesRelationsClient struct {
BaseClient
}
EntitiesRelationsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewEntitiesRelationsClient ¶
func NewEntitiesRelationsClient(subscriptionID string) EntitiesRelationsClient
NewEntitiesRelationsClient creates an instance of the EntitiesRelationsClient client.
func NewEntitiesRelationsClientWithBaseURI ¶
func NewEntitiesRelationsClientWithBaseURI(baseURI string, subscriptionID string) EntitiesRelationsClient
NewEntitiesRelationsClientWithBaseURI creates an instance of the EntitiesRelationsClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (EntitiesRelationsClient) List ¶
func (client EntitiesRelationsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, filter string, orderby string, top *int32, skipToken string) (result RelationListPage, err error)
List gets all relations of an entity. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. entityID - entity ID filter - filters the results, based on a Boolean condition. Optional. orderby - sorts the results. Optional. top - returns only the first n results. Optional. skipToken - skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional.
func (EntitiesRelationsClient) ListComplete ¶
func (client EntitiesRelationsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, filter string, orderby string, top *int32, skipToken string) (result RelationListIterator, err error)
ListComplete enumerates all values, automatically crossing page boundaries as required.
func (EntitiesRelationsClient) ListPreparer ¶
func (client EntitiesRelationsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error)
ListPreparer prepares the List request.
func (EntitiesRelationsClient) ListResponder ¶
func (client EntitiesRelationsClient) ListResponder(resp *http.Response) (result RelationList, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (EntitiesRelationsClient) ListSender ¶
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
type Entity ¶
type Entity struct { autorest.Response `json:"-"` // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' Kind KindBasicEntity `json:"kind,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
Entity specific entity.
func (Entity) AsAccountEntity ¶
func (e Entity) AsAccountEntity() (*AccountEntity, bool)
AsAccountEntity is the BasicEntity implementation for Entity.
func (Entity) AsAzureResourceEntity ¶
func (e Entity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
AsAzureResourceEntity is the BasicEntity implementation for Entity.
func (Entity) AsBasicEntity ¶
func (e Entity) AsBasicEntity() (BasicEntity, bool)
AsBasicEntity is the BasicEntity implementation for Entity.
func (Entity) AsCloudApplicationEntity ¶
func (e Entity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
AsCloudApplicationEntity is the BasicEntity implementation for Entity.
func (Entity) AsDNSEntity ¶
AsDNSEntity is the BasicEntity implementation for Entity.
func (Entity) AsFileEntity ¶
func (e Entity) AsFileEntity() (*FileEntity, bool)
AsFileEntity is the BasicEntity implementation for Entity.
func (Entity) AsFileHashEntity ¶
func (e Entity) AsFileHashEntity() (*FileHashEntity, bool)
AsFileHashEntity is the BasicEntity implementation for Entity.
func (Entity) AsHostEntity ¶
func (e Entity) AsHostEntity() (*HostEntity, bool)
AsHostEntity is the BasicEntity implementation for Entity.
func (Entity) AsHuntingBookmark ¶
func (e Entity) AsHuntingBookmark() (*HuntingBookmark, bool)
AsHuntingBookmark is the BasicEntity implementation for Entity.
func (Entity) AsIPEntity ¶
AsIPEntity is the BasicEntity implementation for Entity.
func (Entity) AsIoTDeviceEntity ¶
func (e Entity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
AsIoTDeviceEntity is the BasicEntity implementation for Entity.
func (Entity) AsMailClusterEntity ¶
func (e Entity) AsMailClusterEntity() (*MailClusterEntity, bool)
AsMailClusterEntity is the BasicEntity implementation for Entity.
func (Entity) AsMailMessageEntity ¶
func (e Entity) AsMailMessageEntity() (*MailMessageEntity, bool)
AsMailMessageEntity is the BasicEntity implementation for Entity.
func (Entity) AsMailboxEntity ¶
func (e Entity) AsMailboxEntity() (*MailboxEntity, bool)
AsMailboxEntity is the BasicEntity implementation for Entity.
func (Entity) AsMalwareEntity ¶
func (e Entity) AsMalwareEntity() (*MalwareEntity, bool)
AsMalwareEntity is the BasicEntity implementation for Entity.
func (Entity) AsProcessEntity ¶
func (e Entity) AsProcessEntity() (*ProcessEntity, bool)
AsProcessEntity is the BasicEntity implementation for Entity.
func (Entity) AsRegistryKeyEntity ¶
func (e Entity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
AsRegistryKeyEntity is the BasicEntity implementation for Entity.
func (Entity) AsRegistryValueEntity ¶
func (e Entity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
AsRegistryValueEntity is the BasicEntity implementation for Entity.
func (Entity) AsSecurityAlert ¶
func (e Entity) AsSecurityAlert() (*SecurityAlert, bool)
AsSecurityAlert is the BasicEntity implementation for Entity.
func (Entity) AsSecurityGroupEntity ¶
func (e Entity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
AsSecurityGroupEntity is the BasicEntity implementation for Entity.
func (Entity) AsSubmissionMailEntity ¶
func (e Entity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
AsSubmissionMailEntity is the BasicEntity implementation for Entity.
func (Entity) AsURLEntity ¶
AsURLEntity is the BasicEntity implementation for Entity.
func (Entity) MarshalJSON ¶
MarshalJSON is the custom marshaler for Entity.
type EntityAnalytics ¶
type EntityAnalytics struct { // EntityAnalyticsProperties - EntityAnalytics properties *EntityAnalyticsProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicSettingsKindSettings', 'KindBasicSettingsKindAnomalies', 'KindBasicSettingsKindEyesOn', 'KindBasicSettingsKindEntityAnalytics', 'KindBasicSettingsKindUeba' Kind KindBasicSettings `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
EntityAnalytics settings with single toggle.
func (EntityAnalytics) AsAnomalies ¶
func (ea EntityAnalytics) AsAnomalies() (*Anomalies, bool)
AsAnomalies is the BasicSettings implementation for EntityAnalytics.
func (EntityAnalytics) AsBasicSettings ¶
func (ea EntityAnalytics) AsBasicSettings() (BasicSettings, bool)
AsBasicSettings is the BasicSettings implementation for EntityAnalytics.
func (EntityAnalytics) AsEntityAnalytics ¶
func (ea EntityAnalytics) AsEntityAnalytics() (*EntityAnalytics, bool)
AsEntityAnalytics is the BasicSettings implementation for EntityAnalytics.
func (EntityAnalytics) AsEyesOn ¶
func (ea EntityAnalytics) AsEyesOn() (*EyesOn, bool)
AsEyesOn is the BasicSettings implementation for EntityAnalytics.
func (EntityAnalytics) AsSettings ¶
func (ea EntityAnalytics) AsSettings() (*Settings, bool)
AsSettings is the BasicSettings implementation for EntityAnalytics.
func (EntityAnalytics) AsUeba ¶
func (ea EntityAnalytics) AsUeba() (*Ueba, bool)
AsUeba is the BasicSettings implementation for EntityAnalytics.
func (EntityAnalytics) MarshalJSON ¶
func (ea EntityAnalytics) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for EntityAnalytics.
func (*EntityAnalytics) UnmarshalJSON ¶
func (ea *EntityAnalytics) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for EntityAnalytics struct.
type EntityAnalyticsProperties ¶
type EntityAnalyticsProperties struct { // IsEnabled - READ-ONLY; Determines whether the setting is enable or disabled. IsEnabled *bool `json:"isEnabled,omitempty"` }
EntityAnalyticsProperties entityAnalytics property bag.
func (EntityAnalyticsProperties) MarshalJSON ¶
func (eap EntityAnalyticsProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for EntityAnalyticsProperties.
type EntityCommonProperties ¶
type EntityCommonProperties struct { // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]interface{} `json:"additionalData"` // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. FriendlyName *string `json:"friendlyName,omitempty"` }
EntityCommonProperties entity common property bag.
func (EntityCommonProperties) MarshalJSON ¶
func (ecp EntityCommonProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for EntityCommonProperties.
type EntityEdges ¶
type EntityEdges struct { // TargetEntityID - The target entity Id. TargetEntityID *string `json:"targetEntityId,omitempty"` // AdditionalData - A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]interface{} `json:"additionalData"` }
EntityEdges the edge that connects the entity to the other entity.
func (EntityEdges) MarshalJSON ¶
func (ee EntityEdges) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for EntityEdges.
type EntityExpandParameters ¶
type EntityExpandParameters struct { // EndTime - The end date filter, so the only expansion results returned are before this date. EndTime *date.Time `json:"endTime,omitempty"` // ExpansionID - The Id of the expansion to perform. ExpansionID *uuid.UUID `json:"expansionId,omitempty"` // StartTime - The start date filter, so the only expansion results returned are after this date. StartTime *date.Time `json:"startTime,omitempty"` }
EntityExpandParameters the parameters required to execute an expand operation on the given entity.
type EntityExpandResponse ¶
type EntityExpandResponse struct { autorest.Response `json:"-"` // MetaData - The metadata from the expansion operation results. MetaData *ExpansionResultsMetadata `json:"metaData,omitempty"` // Value - The expansion result values. Value *EntityExpandResponseValue `json:"value,omitempty"` }
EntityExpandResponse the entity expansion result operation response.
type EntityExpandResponseValue ¶
type EntityExpandResponseValue struct { // Entities - Array of the expansion result entities. Entities *[]BasicEntity `json:"entities,omitempty"` // Edges - Array of edges that connects the entity to the list of entities. Edges *[]EntityEdges `json:"edges,omitempty"` }
EntityExpandResponseValue the expansion result values.
func (*EntityExpandResponseValue) UnmarshalJSON ¶
func (eer *EntityExpandResponseValue) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for EntityExpandResponseValue struct.
type EntityGetInsightsParameters ¶
type EntityGetInsightsParameters struct { // StartTime - The start timeline date, so the results returned are after this date. StartTime *date.Time `json:"startTime,omitempty"` // EndTime - The end timeline date, so the results returned are before this date. EndTime *date.Time `json:"endTime,omitempty"` // AddDefaultExtendedTimeRange - Indicates if query time range should be extended with default time range of the query. Default value is false AddDefaultExtendedTimeRange *bool `json:"addDefaultExtendedTimeRange,omitempty"` // InsightQueryIds - List of Insights Query Id. If empty, default value is all insights of this entity InsightQueryIds *[]uuid.UUID `json:"insightQueryIds,omitempty"` }
EntityGetInsightsParameters the parameters required to execute insights operation on the given entity.
type EntityGetInsightsResponse ¶
type EntityGetInsightsResponse struct { autorest.Response `json:"-"` // MetaData - The metadata from the get insights operation results. MetaData *GetInsightsResultsMetadata `json:"metaData,omitempty"` // Value - The insights result values. Value *[]EntityInsightItem `json:"value,omitempty"` }
EntityGetInsightsResponse the Get Insights result operation response.
type EntityInsightItem ¶
type EntityInsightItem struct { // QueryID - The query id of the insight QueryID *string `json:"queryId,omitempty"` // QueryTimeInterval - The Time interval that the query actually executed on. QueryTimeInterval *EntityInsightItemQueryTimeInterval `json:"queryTimeInterval,omitempty"` // TableQueryResults - Query results for table insights query. TableQueryResults *InsightsTableResult `json:"tableQueryResults,omitempty"` // ChartQueryResults - Query results for table insights query. ChartQueryResults *[]InsightsTableResult `json:"chartQueryResults,omitempty"` }
EntityInsightItem entity insight Item.
type EntityInsightItemQueryTimeInterval ¶
type EntityInsightItemQueryTimeInterval struct { // StartTime - Insight query start time StartTime *date.Time `json:"startTime,omitempty"` // EndTime - Insight query end time EndTime *date.Time `json:"endTime,omitempty"` }
EntityInsightItemQueryTimeInterval the Time interval that the query actually executed on.
type EntityKind ¶
type EntityKind string
EntityKind enumerates the values for entity kind.
const ( // EntityKindAccount Entity represents account in the system. EntityKindAccount EntityKind = "Account" // EntityKindAzureResource Entity represents azure resource in the system. EntityKindAzureResource EntityKind = "AzureResource" // EntityKindBookmark Entity represents bookmark in the system. EntityKindBookmark EntityKind = "Bookmark" // EntityKindCloudApplication Entity represents cloud application in the system. EntityKindCloudApplication EntityKind = "CloudApplication" // EntityKindDNSResolution Entity represents dns resolution in the system. EntityKindDNSResolution EntityKind = "DnsResolution" // EntityKindFile Entity represents file in the system. EntityKindFile EntityKind = "File" // EntityKindFileHash Entity represents file hash in the system. EntityKindFileHash EntityKind = "FileHash" // EntityKindHost Entity represents host in the system. EntityKindHost EntityKind = "Host" // EntityKindIoTDevice Entity represents IoT device in the system. EntityKindIoTDevice EntityKind = "IoTDevice" // EntityKindIP Entity represents ip in the system. EntityKindIP EntityKind = "Ip" // EntityKindMailbox Entity represents mailbox in the system. EntityKindMailbox EntityKind = "Mailbox" // EntityKindMailCluster Entity represents mail cluster in the system. EntityKindMailCluster EntityKind = "MailCluster" // EntityKindMailMessage Entity represents mail message in the system. EntityKindMailMessage EntityKind = "MailMessage" // EntityKindMalware Entity represents malware in the system. EntityKindMalware EntityKind = "Malware" // EntityKindProcess Entity represents process in the system. EntityKindProcess EntityKind = "Process" // EntityKindRegistryKey Entity represents registry key in the system. EntityKindRegistryKey EntityKind = "RegistryKey" // EntityKindRegistryValue Entity represents registry value in the system. EntityKindRegistryValue EntityKind = "RegistryValue" // EntityKindSecurityAlert Entity represents security alert in the system. EntityKindSecurityAlert EntityKind = "SecurityAlert" // EntityKindSecurityGroup Entity represents security group in the system. EntityKindSecurityGroup EntityKind = "SecurityGroup" // EntityKindSubmissionMail Entity represents submission mail in the system. EntityKindSubmissionMail EntityKind = "SubmissionMail" // EntityKindURL Entity represents url in the system. EntityKindURL EntityKind = "Url" )
func PossibleEntityKindValues ¶
func PossibleEntityKindValues() []EntityKind
PossibleEntityKindValues returns an array of possible values for the EntityKind const type.
type EntityList ¶
type EntityList struct { autorest.Response `json:"-"` // NextLink - READ-ONLY; URL to fetch the next set of entities. NextLink *string `json:"nextLink,omitempty"` // Value - Array of entities. Value *[]BasicEntity `json:"value,omitempty"` }
EntityList list of all the entities.
func (EntityList) IsEmpty ¶
func (el EntityList) IsEmpty() bool
IsEmpty returns true if the ListResult contains no values.
func (EntityList) MarshalJSON ¶
func (el EntityList) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for EntityList.
func (*EntityList) UnmarshalJSON ¶
func (el *EntityList) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for EntityList struct.
type EntityListIterator ¶
type EntityListIterator struct {
// contains filtered or unexported fields
}
EntityListIterator provides access to a complete listing of Entity values.
func NewEntityListIterator ¶
func NewEntityListIterator(page EntityListPage) EntityListIterator
Creates a new instance of the EntityListIterator type.
func (*EntityListIterator) Next ¶
func (iter *EntityListIterator) Next() error
Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*EntityListIterator) NextWithContext ¶
func (iter *EntityListIterator) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.
func (EntityListIterator) NotDone ¶
func (iter EntityListIterator) NotDone() bool
NotDone returns true if the enumeration should be started or is not yet complete.
func (EntityListIterator) Response ¶
func (iter EntityListIterator) Response() EntityList
Response returns the raw server response from the last page request.
func (EntityListIterator) Value ¶
func (iter EntityListIterator) Value() BasicEntity
Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.
type EntityListPage ¶
type EntityListPage struct {
// contains filtered or unexported fields
}
EntityListPage contains a page of BasicEntity values.
func NewEntityListPage ¶
func NewEntityListPage(cur EntityList, getNextPage func(context.Context, EntityList) (EntityList, error)) EntityListPage
Creates a new instance of the EntityListPage type.
func (*EntityListPage) Next ¶
func (page *EntityListPage) Next() error
Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*EntityListPage) NextWithContext ¶
func (page *EntityListPage) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.
func (EntityListPage) NotDone ¶
func (page EntityListPage) NotDone() bool
NotDone returns true if the page enumeration should be started or is not yet complete.
func (EntityListPage) Response ¶
func (page EntityListPage) Response() EntityList
Response returns the raw server response from the last page request.
func (EntityListPage) Values ¶
func (page EntityListPage) Values() []BasicEntity
Values returns the slice of values for the current page or nil if there are no values.
type EntityMapping ¶
type EntityMapping struct { // EntityType - Possible values include: 'EntityMappingTypeAccount', 'EntityMappingTypeHost', 'EntityMappingTypeIP', 'EntityMappingTypeMalware', 'EntityMappingTypeFile', 'EntityMappingTypeProcess', 'EntityMappingTypeCloudApplication', 'EntityMappingTypeDNS', 'EntityMappingTypeAzureResource', 'EntityMappingTypeFileHash', 'EntityMappingTypeRegistryKey', 'EntityMappingTypeRegistryValue', 'EntityMappingTypeSecurityGroup', 'EntityMappingTypeURL', 'EntityMappingTypeMailbox', 'EntityMappingTypeMailCluster', 'EntityMappingTypeMailMessage', 'EntityMappingTypeSubmissionMail' EntityType EntityMappingType `json:"entityType,omitempty"` // FieldMappings - array of field mappings for the given entity mapping FieldMappings *[]FieldMapping `json:"fieldMappings,omitempty"` }
EntityMapping single entity mapping for the alert rule
type EntityMappingType ¶
type EntityMappingType string
EntityMappingType enumerates the values for entity mapping type.
const ( // EntityMappingTypeAccount User account entity type EntityMappingTypeAccount EntityMappingType = "Account" // EntityMappingTypeAzureResource Azure resource entity type EntityMappingTypeAzureResource EntityMappingType = "AzureResource" // EntityMappingTypeCloudApplication Cloud app entity type EntityMappingTypeCloudApplication EntityMappingType = "CloudApplication" // EntityMappingTypeDNS DNS entity type EntityMappingTypeDNS EntityMappingType = "DNS" // EntityMappingTypeFile System file entity type EntityMappingTypeFile EntityMappingType = "File" // EntityMappingTypeFileHash File-hash entity type EntityMappingTypeFileHash EntityMappingType = "FileHash" // EntityMappingTypeHost Host entity type EntityMappingTypeHost EntityMappingType = "Host" // EntityMappingTypeIP IP address entity type EntityMappingTypeIP EntityMappingType = "IP" // EntityMappingTypeMailbox Mailbox entity type EntityMappingTypeMailbox EntityMappingType = "Mailbox" // EntityMappingTypeMailCluster Mail cluster entity type EntityMappingTypeMailCluster EntityMappingType = "MailCluster" // EntityMappingTypeMailMessage Mail message entity type EntityMappingTypeMailMessage EntityMappingType = "MailMessage" // EntityMappingTypeMalware Malware entity type EntityMappingTypeMalware EntityMappingType = "Malware" // EntityMappingTypeProcess Process entity type EntityMappingTypeProcess EntityMappingType = "Process" // EntityMappingTypeRegistryKey Registry key entity type EntityMappingTypeRegistryKey EntityMappingType = "RegistryKey" // EntityMappingTypeRegistryValue Registry value entity type EntityMappingTypeRegistryValue EntityMappingType = "RegistryValue" // EntityMappingTypeSecurityGroup Security group entity type EntityMappingTypeSecurityGroup EntityMappingType = "SecurityGroup" // EntityMappingTypeSubmissionMail Submission mail entity type EntityMappingTypeSubmissionMail EntityMappingType = "SubmissionMail" // EntityMappingTypeURL URL entity type EntityMappingTypeURL EntityMappingType = "URL" )
func PossibleEntityMappingTypeValues ¶
func PossibleEntityMappingTypeValues() []EntityMappingType
PossibleEntityMappingTypeValues returns an array of possible values for the EntityMappingType const type.
type EntityModel ¶
type EntityModel struct { autorest.Response `json:"-"` Value BasicEntity `json:"value,omitempty"` }
EntityModel ...
func (*EntityModel) UnmarshalJSON ¶
func (em *EntityModel) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for EntityModel struct.
type EntityQueriesClient ¶
type EntityQueriesClient struct {
BaseClient
}
EntityQueriesClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewEntityQueriesClient ¶
func NewEntityQueriesClient(subscriptionID string) EntityQueriesClient
NewEntityQueriesClient creates an instance of the EntityQueriesClient client.
func NewEntityQueriesClientWithBaseURI ¶
func NewEntityQueriesClientWithBaseURI(baseURI string, subscriptionID string) EntityQueriesClient
NewEntityQueriesClientWithBaseURI creates an instance of the EntityQueriesClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (EntityQueriesClient) CreateOrUpdate ¶
func (client EntityQueriesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryID string, entityQuery BasicCustomEntityQuery) (result EntityQueryModel, err error)
CreateOrUpdate creates or updates the entity query. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. entityQueryID - entity query ID entityQuery - the entity query we want to create or update
func (EntityQueriesClient) CreateOrUpdatePreparer ¶
func (client EntityQueriesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryID string, entityQuery BasicCustomEntityQuery) (*http.Request, error)
CreateOrUpdatePreparer prepares the CreateOrUpdate request.
func (EntityQueriesClient) CreateOrUpdateResponder ¶
func (client EntityQueriesClient) CreateOrUpdateResponder(resp *http.Response) (result EntityQueryModel, err error)
CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always closes the http.Response Body.
func (EntityQueriesClient) CreateOrUpdateSender ¶
CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the http.Response Body if it receives an error.
func (EntityQueriesClient) Delete ¶
func (client EntityQueriesClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryID string) (result autorest.Response, err error)
Delete delete the entity query. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. entityQueryID - entity query ID
func (EntityQueriesClient) DeletePreparer ¶
func (client EntityQueriesClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryID string) (*http.Request, error)
DeletePreparer prepares the Delete request.
func (EntityQueriesClient) DeleteResponder ¶
func (client EntityQueriesClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
DeleteResponder handles the response to the Delete request. The method always closes the http.Response Body.
func (EntityQueriesClient) DeleteSender ¶
DeleteSender sends the Delete request. The method will close the http.Response Body if it receives an error.
func (EntityQueriesClient) Get ¶
func (client EntityQueriesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryID string) (result EntityQueryModel, err error)
Get gets an entity query. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. entityQueryID - entity query ID
func (EntityQueriesClient) GetPreparer ¶
func (client EntityQueriesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryID string) (*http.Request, error)
GetPreparer prepares the Get request.
func (EntityQueriesClient) GetResponder ¶
func (client EntityQueriesClient) GetResponder(resp *http.Response) (result EntityQueryModel, err error)
GetResponder handles the response to the Get request. The method always closes the http.Response Body.
func (EntityQueriesClient) GetSender ¶
GetSender sends the Get request. The method will close the http.Response Body if it receives an error.
func (EntityQueriesClient) List ¶
func (client EntityQueriesClient) List(ctx context.Context, resourceGroupName string, workspaceName string, kind string) (result EntityQueryListPage, err error)
List gets all entity queries. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. kind - the entity query kind we want to fetch
func (EntityQueriesClient) ListComplete ¶
func (client EntityQueriesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, kind string) (result EntityQueryListIterator, err error)
ListComplete enumerates all values, automatically crossing page boundaries as required.
func (EntityQueriesClient) ListPreparer ¶
func (client EntityQueriesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, kind string) (*http.Request, error)
ListPreparer prepares the List request.
func (EntityQueriesClient) ListResponder ¶
func (client EntityQueriesClient) ListResponder(resp *http.Response) (result EntityQueryList, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (EntityQueriesClient) ListSender ¶
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
type EntityQuery ¶
type EntityQuery struct { autorest.Response `json:"-"` // Kind - Possible values include: 'KindBasicEntityQueryKindEntityQuery', 'KindBasicEntityQueryKindExpansion', 'KindBasicEntityQueryKindActivity' Kind KindBasicEntityQuery `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
EntityQuery specific entity query.
func (EntityQuery) AsActivityEntityQuery ¶
func (eq EntityQuery) AsActivityEntityQuery() (*ActivityEntityQuery, bool)
AsActivityEntityQuery is the BasicEntityQuery implementation for EntityQuery.
func (EntityQuery) AsBasicEntityQuery ¶
func (eq EntityQuery) AsBasicEntityQuery() (BasicEntityQuery, bool)
AsBasicEntityQuery is the BasicEntityQuery implementation for EntityQuery.
func (EntityQuery) AsEntityQuery ¶
func (eq EntityQuery) AsEntityQuery() (*EntityQuery, bool)
AsEntityQuery is the BasicEntityQuery implementation for EntityQuery.
func (EntityQuery) AsExpansionEntityQuery ¶
func (eq EntityQuery) AsExpansionEntityQuery() (*ExpansionEntityQuery, bool)
AsExpansionEntityQuery is the BasicEntityQuery implementation for EntityQuery.
func (EntityQuery) MarshalJSON ¶
func (eq EntityQuery) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for EntityQuery.
type EntityQueryItem ¶
type EntityQueryItem struct { // ID - READ-ONLY; Query Template ARM ID ID *string `json:"id,omitempty"` // Name - Query Template ARM Name Name *string `json:"name,omitempty"` // Type - ARM Type Type *string `json:"type,omitempty"` // Kind - Possible values include: 'KindBasicEntityQueryItemKindEntityQueryItem', 'KindBasicEntityQueryItemKindInsight' Kind KindBasicEntityQueryItem `json:"kind,omitempty"` }
EntityQueryItem an abstract Query item for entity
func (EntityQueryItem) AsBasicEntityQueryItem ¶
func (eqi EntityQueryItem) AsBasicEntityQueryItem() (BasicEntityQueryItem, bool)
AsBasicEntityQueryItem is the BasicEntityQueryItem implementation for EntityQueryItem.
func (EntityQueryItem) AsEntityQueryItem ¶
func (eqi EntityQueryItem) AsEntityQueryItem() (*EntityQueryItem, bool)
AsEntityQueryItem is the BasicEntityQueryItem implementation for EntityQueryItem.
func (EntityQueryItem) AsInsightQueryItem ¶
func (eqi EntityQueryItem) AsInsightQueryItem() (*InsightQueryItem, bool)
AsInsightQueryItem is the BasicEntityQueryItem implementation for EntityQueryItem.
func (EntityQueryItem) MarshalJSON ¶
func (eqi EntityQueryItem) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for EntityQueryItem.
type EntityQueryItemProperties ¶
type EntityQueryItemProperties struct { // DataTypes - Data types for template DataTypes *[]EntityQueryItemPropertiesDataTypesItem `json:"dataTypes,omitempty"` // InputEntityType - The type of the entity. Possible values include: 'EntityTypeAccount', 'EntityTypeHost', 'EntityTypeFile', 'EntityTypeAzureResource', 'EntityTypeCloudApplication', 'EntityTypeDNS', 'EntityTypeFileHash', 'EntityTypeIP', 'EntityTypeMalware', 'EntityTypeProcess', 'EntityTypeRegistryKey', 'EntityTypeRegistryValue', 'EntityTypeSecurityGroup', 'EntityTypeURL', 'EntityTypeIoTDevice', 'EntityTypeSecurityAlert', 'EntityTypeHuntingBookmark', 'EntityTypeMailCluster', 'EntityTypeMailMessage', 'EntityTypeMailbox', 'EntityTypeSubmissionMail' InputEntityType EntityType `json:"inputEntityType,omitempty"` // RequiredInputFieldsSets - Data types for template RequiredInputFieldsSets *[][]string `json:"requiredInputFieldsSets,omitempty"` // EntitiesFilter - The query applied only to entities matching to all filters EntitiesFilter interface{} `json:"entitiesFilter,omitempty"` }
EntityQueryItemProperties an properties abstract Query item for entity
type EntityQueryItemPropertiesDataTypesItem ¶
type EntityQueryItemPropertiesDataTypesItem struct { // DataType - Data type name DataType *string `json:"dataType,omitempty"` }
EntityQueryItemPropertiesDataTypesItem ...
type EntityQueryKind ¶
type EntityQueryKind string
EntityQueryKind enumerates the values for entity query kind.
const ( // EntityQueryKindActivity ... EntityQueryKindActivity EntityQueryKind = "Activity" // EntityQueryKindExpansion ... EntityQueryKindExpansion EntityQueryKind = "Expansion" // EntityQueryKindInsight ... EntityQueryKindInsight EntityQueryKind = "Insight" )
func PossibleEntityQueryKindValues ¶
func PossibleEntityQueryKindValues() []EntityQueryKind
PossibleEntityQueryKindValues returns an array of possible values for the EntityQueryKind const type.
type EntityQueryList ¶
type EntityQueryList struct { autorest.Response `json:"-"` // NextLink - READ-ONLY; URL to fetch the next set of entity queries. NextLink *string `json:"nextLink,omitempty"` // Value - Array of entity queries. Value *[]BasicEntityQuery `json:"value,omitempty"` }
EntityQueryList list of all the entity queries.
func (EntityQueryList) IsEmpty ¶
func (eql EntityQueryList) IsEmpty() bool
IsEmpty returns true if the ListResult contains no values.
func (EntityQueryList) MarshalJSON ¶
func (eql EntityQueryList) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for EntityQueryList.
func (*EntityQueryList) UnmarshalJSON ¶
func (eql *EntityQueryList) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for EntityQueryList struct.
type EntityQueryListIterator ¶
type EntityQueryListIterator struct {
// contains filtered or unexported fields
}
EntityQueryListIterator provides access to a complete listing of EntityQuery values.
func NewEntityQueryListIterator ¶
func NewEntityQueryListIterator(page EntityQueryListPage) EntityQueryListIterator
Creates a new instance of the EntityQueryListIterator type.
func (*EntityQueryListIterator) Next ¶
func (iter *EntityQueryListIterator) Next() error
Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*EntityQueryListIterator) NextWithContext ¶
func (iter *EntityQueryListIterator) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.
func (EntityQueryListIterator) NotDone ¶
func (iter EntityQueryListIterator) NotDone() bool
NotDone returns true if the enumeration should be started or is not yet complete.
func (EntityQueryListIterator) Response ¶
func (iter EntityQueryListIterator) Response() EntityQueryList
Response returns the raw server response from the last page request.
func (EntityQueryListIterator) Value ¶
func (iter EntityQueryListIterator) Value() BasicEntityQuery
Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.
type EntityQueryListPage ¶
type EntityQueryListPage struct {
// contains filtered or unexported fields
}
EntityQueryListPage contains a page of BasicEntityQuery values.
func NewEntityQueryListPage ¶
func NewEntityQueryListPage(cur EntityQueryList, getNextPage func(context.Context, EntityQueryList) (EntityQueryList, error)) EntityQueryListPage
Creates a new instance of the EntityQueryListPage type.
func (*EntityQueryListPage) Next ¶
func (page *EntityQueryListPage) Next() error
Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*EntityQueryListPage) NextWithContext ¶
func (page *EntityQueryListPage) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.
func (EntityQueryListPage) NotDone ¶
func (page EntityQueryListPage) NotDone() bool
NotDone returns true if the page enumeration should be started or is not yet complete.
func (EntityQueryListPage) Response ¶
func (page EntityQueryListPage) Response() EntityQueryList
Response returns the raw server response from the last page request.
func (EntityQueryListPage) Values ¶
func (page EntityQueryListPage) Values() []BasicEntityQuery
Values returns the slice of values for the current page or nil if there are no values.
type EntityQueryModel ¶
type EntityQueryModel struct { autorest.Response `json:"-"` Value BasicEntityQuery `json:"value,omitempty"` }
EntityQueryModel ...
func (*EntityQueryModel) UnmarshalJSON ¶
func (eqm *EntityQueryModel) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for EntityQueryModel struct.
type EntityQueryTemplate ¶
type EntityQueryTemplate struct { autorest.Response `json:"-"` // Kind - Possible values include: 'KindBasicEntityQueryTemplateKindEntityQueryTemplate', 'KindBasicEntityQueryTemplateKindActivity' Kind KindBasicEntityQueryTemplate `json:"kind,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
EntityQueryTemplate specific entity query template.
func (EntityQueryTemplate) AsActivityEntityQueryTemplate ¶
func (eqt EntityQueryTemplate) AsActivityEntityQueryTemplate() (*ActivityEntityQueryTemplate, bool)
AsActivityEntityQueryTemplate is the BasicEntityQueryTemplate implementation for EntityQueryTemplate.
func (EntityQueryTemplate) AsBasicEntityQueryTemplate ¶
func (eqt EntityQueryTemplate) AsBasicEntityQueryTemplate() (BasicEntityQueryTemplate, bool)
AsBasicEntityQueryTemplate is the BasicEntityQueryTemplate implementation for EntityQueryTemplate.
func (EntityQueryTemplate) AsEntityQueryTemplate ¶
func (eqt EntityQueryTemplate) AsEntityQueryTemplate() (*EntityQueryTemplate, bool)
AsEntityQueryTemplate is the BasicEntityQueryTemplate implementation for EntityQueryTemplate.
func (EntityQueryTemplate) MarshalJSON ¶
func (eqt EntityQueryTemplate) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for EntityQueryTemplate.
type EntityQueryTemplateKind ¶
type EntityQueryTemplateKind string
EntityQueryTemplateKind enumerates the values for entity query template kind.
const ( // EntityQueryTemplateKindActivity ... EntityQueryTemplateKindActivity EntityQueryTemplateKind = "Activity" )
func PossibleEntityQueryTemplateKindValues ¶
func PossibleEntityQueryTemplateKindValues() []EntityQueryTemplateKind
PossibleEntityQueryTemplateKindValues returns an array of possible values for the EntityQueryTemplateKind const type.
type EntityQueryTemplateList ¶
type EntityQueryTemplateList struct { autorest.Response `json:"-"` // NextLink - READ-ONLY; URL to fetch the next set of entity query templates. NextLink *string `json:"nextLink,omitempty"` // Value - Array of entity query templates. Value *[]BasicEntityQueryTemplate `json:"value,omitempty"` }
EntityQueryTemplateList list of all the entity query templates.
func (EntityQueryTemplateList) IsEmpty ¶
func (eqtl EntityQueryTemplateList) IsEmpty() bool
IsEmpty returns true if the ListResult contains no values.
func (EntityQueryTemplateList) MarshalJSON ¶
func (eqtl EntityQueryTemplateList) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for EntityQueryTemplateList.
func (*EntityQueryTemplateList) UnmarshalJSON ¶
func (eqtl *EntityQueryTemplateList) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for EntityQueryTemplateList struct.
type EntityQueryTemplateListIterator ¶
type EntityQueryTemplateListIterator struct {
// contains filtered or unexported fields
}
EntityQueryTemplateListIterator provides access to a complete listing of EntityQueryTemplate values.
func NewEntityQueryTemplateListIterator ¶
func NewEntityQueryTemplateListIterator(page EntityQueryTemplateListPage) EntityQueryTemplateListIterator
Creates a new instance of the EntityQueryTemplateListIterator type.
func (*EntityQueryTemplateListIterator) Next ¶
func (iter *EntityQueryTemplateListIterator) Next() error
Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*EntityQueryTemplateListIterator) NextWithContext ¶
func (iter *EntityQueryTemplateListIterator) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.
func (EntityQueryTemplateListIterator) NotDone ¶
func (iter EntityQueryTemplateListIterator) NotDone() bool
NotDone returns true if the enumeration should be started or is not yet complete.
func (EntityQueryTemplateListIterator) Response ¶
func (iter EntityQueryTemplateListIterator) Response() EntityQueryTemplateList
Response returns the raw server response from the last page request.
func (EntityQueryTemplateListIterator) Value ¶
func (iter EntityQueryTemplateListIterator) Value() BasicEntityQueryTemplate
Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.
type EntityQueryTemplateListPage ¶
type EntityQueryTemplateListPage struct {
// contains filtered or unexported fields
}
EntityQueryTemplateListPage contains a page of BasicEntityQueryTemplate values.
func NewEntityQueryTemplateListPage ¶
func NewEntityQueryTemplateListPage(cur EntityQueryTemplateList, getNextPage func(context.Context, EntityQueryTemplateList) (EntityQueryTemplateList, error)) EntityQueryTemplateListPage
Creates a new instance of the EntityQueryTemplateListPage type.
func (*EntityQueryTemplateListPage) Next ¶
func (page *EntityQueryTemplateListPage) Next() error
Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*EntityQueryTemplateListPage) NextWithContext ¶
func (page *EntityQueryTemplateListPage) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.
func (EntityQueryTemplateListPage) NotDone ¶
func (page EntityQueryTemplateListPage) NotDone() bool
NotDone returns true if the page enumeration should be started or is not yet complete.
func (EntityQueryTemplateListPage) Response ¶
func (page EntityQueryTemplateListPage) Response() EntityQueryTemplateList
Response returns the raw server response from the last page request.
func (EntityQueryTemplateListPage) Values ¶
func (page EntityQueryTemplateListPage) Values() []BasicEntityQueryTemplate
Values returns the slice of values for the current page or nil if there are no values.
type EntityQueryTemplateModel ¶
type EntityQueryTemplateModel struct { autorest.Response `json:"-"` Value BasicEntityQueryTemplate `json:"value,omitempty"` }
EntityQueryTemplateModel ...
func (*EntityQueryTemplateModel) UnmarshalJSON ¶
func (eqtm *EntityQueryTemplateModel) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for EntityQueryTemplateModel struct.
type EntityQueryTemplatesClient ¶
type EntityQueryTemplatesClient struct {
BaseClient
}
EntityQueryTemplatesClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewEntityQueryTemplatesClient ¶
func NewEntityQueryTemplatesClient(subscriptionID string) EntityQueryTemplatesClient
NewEntityQueryTemplatesClient creates an instance of the EntityQueryTemplatesClient client.
func NewEntityQueryTemplatesClientWithBaseURI ¶
func NewEntityQueryTemplatesClientWithBaseURI(baseURI string, subscriptionID string) EntityQueryTemplatesClient
NewEntityQueryTemplatesClientWithBaseURI creates an instance of the EntityQueryTemplatesClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (EntityQueryTemplatesClient) Get ¶
func (client EntityQueryTemplatesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryTemplateID string) (result EntityQueryTemplateModel, err error)
Get gets an entity query. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. entityQueryTemplateID - entity query template ID
func (EntityQueryTemplatesClient) GetPreparer ¶
func (client EntityQueryTemplatesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryTemplateID string) (*http.Request, error)
GetPreparer prepares the Get request.
func (EntityQueryTemplatesClient) GetResponder ¶
func (client EntityQueryTemplatesClient) GetResponder(resp *http.Response) (result EntityQueryTemplateModel, err error)
GetResponder handles the response to the Get request. The method always closes the http.Response Body.
func (EntityQueryTemplatesClient) GetSender ¶
GetSender sends the Get request. The method will close the http.Response Body if it receives an error.
func (EntityQueryTemplatesClient) List ¶
func (client EntityQueryTemplatesClient) List(ctx context.Context, resourceGroupName string, workspaceName string, kind string) (result EntityQueryTemplateListPage, err error)
List gets all entity query templates. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. kind - the entity template query kind we want to fetch
func (EntityQueryTemplatesClient) ListComplete ¶
func (client EntityQueryTemplatesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, kind string) (result EntityQueryTemplateListIterator, err error)
ListComplete enumerates all values, automatically crossing page boundaries as required.
func (EntityQueryTemplatesClient) ListPreparer ¶
func (client EntityQueryTemplatesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, kind string) (*http.Request, error)
ListPreparer prepares the List request.
func (EntityQueryTemplatesClient) ListResponder ¶
func (client EntityQueryTemplatesClient) ListResponder(resp *http.Response) (result EntityQueryTemplateList, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (EntityQueryTemplatesClient) ListSender ¶
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
type EntityRelationsClient ¶
type EntityRelationsClient struct {
BaseClient
}
EntityRelationsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewEntityRelationsClient ¶
func NewEntityRelationsClient(subscriptionID string) EntityRelationsClient
NewEntityRelationsClient creates an instance of the EntityRelationsClient client.
func NewEntityRelationsClientWithBaseURI ¶
func NewEntityRelationsClientWithBaseURI(baseURI string, subscriptionID string) EntityRelationsClient
NewEntityRelationsClientWithBaseURI creates an instance of the EntityRelationsClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (EntityRelationsClient) GetRelation ¶
func (client EntityRelationsClient) GetRelation(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, relationName string) (result Relation, err error)
GetRelation gets an entity relation. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. entityID - entity ID relationName - relation Name
func (EntityRelationsClient) GetRelationPreparer ¶
func (client EntityRelationsClient) GetRelationPreparer(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, relationName string) (*http.Request, error)
GetRelationPreparer prepares the GetRelation request.
func (EntityRelationsClient) GetRelationResponder ¶
func (client EntityRelationsClient) GetRelationResponder(resp *http.Response) (result Relation, err error)
GetRelationResponder handles the response to the GetRelation request. The method always closes the http.Response Body.
func (EntityRelationsClient) GetRelationSender ¶
GetRelationSender sends the GetRelation request. The method will close the http.Response Body if it receives an error.
type EntityTimelineItem ¶
type EntityTimelineItem struct { // Kind - Possible values include: 'KindBasicEntityTimelineItemKindEntityTimelineItem', 'KindBasicEntityTimelineItemKindActivity', 'KindBasicEntityTimelineItemKindBookmark', 'KindBasicEntityTimelineItemKindSecurityAlert' Kind KindBasicEntityTimelineItem `json:"kind,omitempty"` }
EntityTimelineItem entity timeline Item.
func (EntityTimelineItem) AsActivityTimelineItem ¶
func (eti EntityTimelineItem) AsActivityTimelineItem() (*ActivityTimelineItem, bool)
AsActivityTimelineItem is the BasicEntityTimelineItem implementation for EntityTimelineItem.
func (EntityTimelineItem) AsBasicEntityTimelineItem ¶
func (eti EntityTimelineItem) AsBasicEntityTimelineItem() (BasicEntityTimelineItem, bool)
AsBasicEntityTimelineItem is the BasicEntityTimelineItem implementation for EntityTimelineItem.
func (EntityTimelineItem) AsBookmarkTimelineItem ¶
func (eti EntityTimelineItem) AsBookmarkTimelineItem() (*BookmarkTimelineItem, bool)
AsBookmarkTimelineItem is the BasicEntityTimelineItem implementation for EntityTimelineItem.
func (EntityTimelineItem) AsEntityTimelineItem ¶
func (eti EntityTimelineItem) AsEntityTimelineItem() (*EntityTimelineItem, bool)
AsEntityTimelineItem is the BasicEntityTimelineItem implementation for EntityTimelineItem.
func (EntityTimelineItem) AsSecurityAlertTimelineItem ¶
func (eti EntityTimelineItem) AsSecurityAlertTimelineItem() (*SecurityAlertTimelineItem, bool)
AsSecurityAlertTimelineItem is the BasicEntityTimelineItem implementation for EntityTimelineItem.
func (EntityTimelineItem) MarshalJSON ¶
func (eti EntityTimelineItem) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for EntityTimelineItem.
type EntityTimelineKind ¶
type EntityTimelineKind string
EntityTimelineKind enumerates the values for entity timeline kind.
const ( // EntityTimelineKindActivity activity EntityTimelineKindActivity EntityTimelineKind = "Activity" // EntityTimelineKindBookmark bookmarks EntityTimelineKindBookmark EntityTimelineKind = "Bookmark" // EntityTimelineKindSecurityAlert security alerts EntityTimelineKindSecurityAlert EntityTimelineKind = "SecurityAlert" )
func PossibleEntityTimelineKindValues ¶
func PossibleEntityTimelineKindValues() []EntityTimelineKind
PossibleEntityTimelineKindValues returns an array of possible values for the EntityTimelineKind const type.
type EntityTimelineParameters ¶
type EntityTimelineParameters struct { // Kinds - Array of timeline Item kinds. Kinds *[]EntityTimelineKind `json:"kinds,omitempty"` // StartTime - The start timeline date, so the results returned are after this date. StartTime *date.Time `json:"startTime,omitempty"` // EndTime - The end timeline date, so the results returned are before this date. EndTime *date.Time `json:"endTime,omitempty"` // NumberOfBucket - The number of bucket for timeline queries aggregation. NumberOfBucket *int32 `json:"numberOfBucket,omitempty"` }
EntityTimelineParameters the parameters required to execute s timeline operation on the given entity.
type EntityTimelineResponse ¶
type EntityTimelineResponse struct { autorest.Response `json:"-"` // MetaData - The metadata from the timeline operation results. MetaData *TimelineResultsMetadata `json:"metaData,omitempty"` // Value - The timeline result values. Value *[]BasicEntityTimelineItem `json:"value,omitempty"` }
EntityTimelineResponse the entity timeline result operation response.
func (*EntityTimelineResponse) UnmarshalJSON ¶
func (etr *EntityTimelineResponse) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for EntityTimelineResponse struct.
type EntityType ¶
type EntityType string
EntityType enumerates the values for entity type.
const ( // EntityTypeAccount Entity represents account in the system. EntityTypeAccount EntityType = "Account" // EntityTypeAzureResource Entity represents azure resource in the system. EntityTypeAzureResource EntityType = "AzureResource" // EntityTypeCloudApplication Entity represents cloud application in the system. EntityTypeCloudApplication EntityType = "CloudApplication" // EntityTypeDNS Entity represents dns in the system. EntityTypeDNS EntityType = "DNS" // EntityTypeFile Entity represents file in the system. EntityTypeFile EntityType = "File" // EntityTypeFileHash Entity represents file hash in the system. EntityTypeFileHash EntityType = "FileHash" // EntityTypeHost Entity represents host in the system. EntityTypeHost EntityType = "Host" // EntityTypeHuntingBookmark Entity represents HuntingBookmark in the system. EntityTypeHuntingBookmark EntityType = "HuntingBookmark" // EntityTypeIoTDevice Entity represents IoT device in the system. EntityTypeIoTDevice EntityType = "IoTDevice" // EntityTypeIP Entity represents ip in the system. EntityTypeIP EntityType = "IP" // EntityTypeMailbox Entity represents mailbox in the system. EntityTypeMailbox EntityType = "Mailbox" // EntityTypeMailCluster Entity represents mail cluster in the system. EntityTypeMailCluster EntityType = "MailCluster" // EntityTypeMailMessage Entity represents mail message in the system. EntityTypeMailMessage EntityType = "MailMessage" // EntityTypeMalware Entity represents malware in the system. EntityTypeMalware EntityType = "Malware" // EntityTypeProcess Entity represents process in the system. EntityTypeProcess EntityType = "Process" // EntityTypeRegistryKey Entity represents registry key in the system. EntityTypeRegistryKey EntityType = "RegistryKey" // EntityTypeRegistryValue Entity represents registry value in the system. EntityTypeRegistryValue EntityType = "RegistryValue" // EntityTypeSecurityAlert Entity represents security alert in the system. EntityTypeSecurityAlert EntityType = "SecurityAlert" // EntityTypeSecurityGroup Entity represents security group in the system. EntityTypeSecurityGroup EntityType = "SecurityGroup" // EntityTypeSubmissionMail Entity represents submission mail in the system. EntityTypeSubmissionMail EntityType = "SubmissionMail" // EntityTypeURL Entity represents url in the system. EntityTypeURL EntityType = "URL" )
func PossibleEntityTypeValues ¶
func PossibleEntityTypeValues() []EntityType
PossibleEntityTypeValues returns an array of possible values for the EntityType const type.
type ErrorAdditionalInfo ¶
type ErrorAdditionalInfo struct { // Type - READ-ONLY; The additional info type. Type *string `json:"type,omitempty"` // Info - READ-ONLY; The additional info. Info interface{} `json:"info,omitempty"` }
ErrorAdditionalInfo the resource management error additional info.
func (ErrorAdditionalInfo) MarshalJSON ¶
func (eai ErrorAdditionalInfo) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ErrorAdditionalInfo.
type ErrorDetail ¶
type ErrorDetail struct { // Code - READ-ONLY; The error code. Code *string `json:"code,omitempty"` // Message - READ-ONLY; The error message. Message *string `json:"message,omitempty"` // Target - READ-ONLY; The error target. Target *string `json:"target,omitempty"` // Details - READ-ONLY; The error details. Details *[]ErrorDetail `json:"details,omitempty"` // AdditionalInfo - READ-ONLY; The error additional info. AdditionalInfo *[]ErrorAdditionalInfo `json:"additionalInfo,omitempty"` }
ErrorDetail the error detail.
func (ErrorDetail) MarshalJSON ¶
func (ed ErrorDetail) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ErrorDetail.
type ErrorResponse ¶
type ErrorResponse struct { // Error - The error object. Error *ErrorDetail `json:"error,omitempty"` }
ErrorResponse common error response for all Azure Resource Manager APIs to return error details for failed operations. (This also follows the OData error response format.).
type EventGroupingAggregationKind ¶
type EventGroupingAggregationKind string
EventGroupingAggregationKind enumerates the values for event grouping aggregation kind.
const ( // EventGroupingAggregationKindAlertPerResult ... EventGroupingAggregationKindAlertPerResult EventGroupingAggregationKind = "AlertPerResult" // EventGroupingAggregationKindSingleAlert ... EventGroupingAggregationKindSingleAlert EventGroupingAggregationKind = "SingleAlert" )
func PossibleEventGroupingAggregationKindValues ¶
func PossibleEventGroupingAggregationKindValues() []EventGroupingAggregationKind
PossibleEventGroupingAggregationKindValues returns an array of possible values for the EventGroupingAggregationKind const type.
type EventGroupingSettings ¶
type EventGroupingSettings struct { // AggregationKind - Possible values include: 'EventGroupingAggregationKindSingleAlert', 'EventGroupingAggregationKindAlertPerResult' AggregationKind EventGroupingAggregationKind `json:"aggregationKind,omitempty"` }
EventGroupingSettings event grouping settings property bag.
type ExpansionEntityQueriesProperties ¶
type ExpansionEntityQueriesProperties struct { // DataSources - List of the data sources that are required to run the query DataSources *[]string `json:"dataSources,omitempty"` // DisplayName - The query display name DisplayName *string `json:"displayName,omitempty"` // InputEntityType - The type of the query's source entity. Possible values include: 'EntityTypeAccount', 'EntityTypeHost', 'EntityTypeFile', 'EntityTypeAzureResource', 'EntityTypeCloudApplication', 'EntityTypeDNS', 'EntityTypeFileHash', 'EntityTypeIP', 'EntityTypeMalware', 'EntityTypeProcess', 'EntityTypeRegistryKey', 'EntityTypeRegistryValue', 'EntityTypeSecurityGroup', 'EntityTypeURL', 'EntityTypeIoTDevice', 'EntityTypeSecurityAlert', 'EntityTypeHuntingBookmark', 'EntityTypeMailCluster', 'EntityTypeMailMessage', 'EntityTypeMailbox', 'EntityTypeSubmissionMail' InputEntityType EntityType `json:"inputEntityType,omitempty"` // InputFields - List of the fields of the source entity that are required to run the query InputFields *[]string `json:"inputFields,omitempty"` // OutputEntityTypes - List of the desired output types to be constructed from the result OutputEntityTypes *[]EntityType `json:"outputEntityTypes,omitempty"` // QueryTemplate - The template query string to be parsed and formatted QueryTemplate *string `json:"queryTemplate,omitempty"` }
ExpansionEntityQueriesProperties describes expansion entity query properties
type ExpansionEntityQuery ¶
type ExpansionEntityQuery struct { // ExpansionEntityQueriesProperties - Expansion entity query properties *ExpansionEntityQueriesProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicEntityQueryKindEntityQuery', 'KindBasicEntityQueryKindExpansion', 'KindBasicEntityQueryKindActivity' Kind KindBasicEntityQuery `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
ExpansionEntityQuery represents Expansion entity query.
func (ExpansionEntityQuery) AsActivityEntityQuery ¶
func (eeq ExpansionEntityQuery) AsActivityEntityQuery() (*ActivityEntityQuery, bool)
AsActivityEntityQuery is the BasicEntityQuery implementation for ExpansionEntityQuery.
func (ExpansionEntityQuery) AsBasicEntityQuery ¶
func (eeq ExpansionEntityQuery) AsBasicEntityQuery() (BasicEntityQuery, bool)
AsBasicEntityQuery is the BasicEntityQuery implementation for ExpansionEntityQuery.
func (ExpansionEntityQuery) AsEntityQuery ¶
func (eeq ExpansionEntityQuery) AsEntityQuery() (*EntityQuery, bool)
AsEntityQuery is the BasicEntityQuery implementation for ExpansionEntityQuery.
func (ExpansionEntityQuery) AsExpansionEntityQuery ¶
func (eeq ExpansionEntityQuery) AsExpansionEntityQuery() (*ExpansionEntityQuery, bool)
AsExpansionEntityQuery is the BasicEntityQuery implementation for ExpansionEntityQuery.
func (ExpansionEntityQuery) MarshalJSON ¶
func (eeq ExpansionEntityQuery) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ExpansionEntityQuery.
func (*ExpansionEntityQuery) UnmarshalJSON ¶
func (eeq *ExpansionEntityQuery) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for ExpansionEntityQuery struct.
type ExpansionResultAggregation ¶
type ExpansionResultAggregation struct { // AggregationType - The common type of the aggregation. (for e.g. entity field name) AggregationType *string `json:"aggregationType,omitempty"` // Count - Total number of aggregations of the given kind (and aggregationType if given) in the expansion result. Count *int32 `json:"count,omitempty"` // DisplayName - The display name of the aggregation by type. DisplayName *string `json:"displayName,omitempty"` // EntityKind - The kind of the aggregated entity. Possible values include: 'EntityKindAccount', 'EntityKindHost', 'EntityKindFile', 'EntityKindAzureResource', 'EntityKindCloudApplication', 'EntityKindDNSResolution', 'EntityKindFileHash', 'EntityKindIP', 'EntityKindMalware', 'EntityKindProcess', 'EntityKindRegistryKey', 'EntityKindRegistryValue', 'EntityKindSecurityGroup', 'EntityKindURL', 'EntityKindIoTDevice', 'EntityKindSecurityAlert', 'EntityKindBookmark', 'EntityKindMailCluster', 'EntityKindMailMessage', 'EntityKindMailbox', 'EntityKindSubmissionMail' EntityKind EntityKind `json:"entityKind,omitempty"` }
ExpansionResultAggregation information of a specific aggregation in the expansion result.
type ExpansionResultsMetadata ¶
type ExpansionResultsMetadata struct { // Aggregations - Information of the aggregated nodes in the expansion result. Aggregations *[]ExpansionResultAggregation `json:"aggregations,omitempty"` }
ExpansionResultsMetadata expansion result metadata.
type EyesOn ¶
type EyesOn struct { // EyesOnSettingsProperties - EyesOn properties *EyesOnSettingsProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicSettingsKindSettings', 'KindBasicSettingsKindAnomalies', 'KindBasicSettingsKindEyesOn', 'KindBasicSettingsKindEntityAnalytics', 'KindBasicSettingsKindUeba' Kind KindBasicSettings `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
EyesOn settings with single toggle.
func (EyesOn) AsAnomalies ¶
AsAnomalies is the BasicSettings implementation for EyesOn.
func (EyesOn) AsBasicSettings ¶
func (eo EyesOn) AsBasicSettings() (BasicSettings, bool)
AsBasicSettings is the BasicSettings implementation for EyesOn.
func (EyesOn) AsEntityAnalytics ¶
func (eo EyesOn) AsEntityAnalytics() (*EntityAnalytics, bool)
AsEntityAnalytics is the BasicSettings implementation for EyesOn.
func (EyesOn) AsSettings ¶
AsSettings is the BasicSettings implementation for EyesOn.
func (EyesOn) MarshalJSON ¶
MarshalJSON is the custom marshaler for EyesOn.
func (*EyesOn) UnmarshalJSON ¶
UnmarshalJSON is the custom unmarshaler for EyesOn struct.
type EyesOnSettingsProperties ¶
type EyesOnSettingsProperties struct { // IsEnabled - READ-ONLY; Determines whether the setting is enable or disabled. IsEnabled *bool `json:"isEnabled,omitempty"` }
EyesOnSettingsProperties eyesOn property bag.
func (EyesOnSettingsProperties) MarshalJSON ¶
func (eosp EyesOnSettingsProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for EyesOnSettingsProperties.
type FieldMapping ¶
type FieldMapping struct { // Identifier - the V3 identifier of the entity Identifier *string `json:"identifier,omitempty"` // ColumnName - the column name to be mapped to the identifier ColumnName *string `json:"columnName,omitempty"` }
FieldMapping a single field mapping of the mapped entity
type FileEntity ¶
type FileEntity struct { // FileEntityProperties - File entity properties *FileEntityProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' Kind KindBasicEntity `json:"kind,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
FileEntity represents a file entity.
func (FileEntity) AsAccountEntity ¶
func (fe FileEntity) AsAccountEntity() (*AccountEntity, bool)
AsAccountEntity is the BasicEntity implementation for FileEntity.
func (FileEntity) AsAzureResourceEntity ¶
func (fe FileEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
AsAzureResourceEntity is the BasicEntity implementation for FileEntity.
func (FileEntity) AsBasicEntity ¶
func (fe FileEntity) AsBasicEntity() (BasicEntity, bool)
AsBasicEntity is the BasicEntity implementation for FileEntity.
func (FileEntity) AsCloudApplicationEntity ¶
func (fe FileEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
AsCloudApplicationEntity is the BasicEntity implementation for FileEntity.
func (FileEntity) AsDNSEntity ¶
func (fe FileEntity) AsDNSEntity() (*DNSEntity, bool)
AsDNSEntity is the BasicEntity implementation for FileEntity.
func (FileEntity) AsEntity ¶
func (fe FileEntity) AsEntity() (*Entity, bool)
AsEntity is the BasicEntity implementation for FileEntity.
func (FileEntity) AsFileEntity ¶
func (fe FileEntity) AsFileEntity() (*FileEntity, bool)
AsFileEntity is the BasicEntity implementation for FileEntity.
func (FileEntity) AsFileHashEntity ¶
func (fe FileEntity) AsFileHashEntity() (*FileHashEntity, bool)
AsFileHashEntity is the BasicEntity implementation for FileEntity.
func (FileEntity) AsHostEntity ¶
func (fe FileEntity) AsHostEntity() (*HostEntity, bool)
AsHostEntity is the BasicEntity implementation for FileEntity.
func (FileEntity) AsHuntingBookmark ¶
func (fe FileEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
AsHuntingBookmark is the BasicEntity implementation for FileEntity.
func (FileEntity) AsIPEntity ¶
func (fe FileEntity) AsIPEntity() (*IPEntity, bool)
AsIPEntity is the BasicEntity implementation for FileEntity.
func (FileEntity) AsIoTDeviceEntity ¶
func (fe FileEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
AsIoTDeviceEntity is the BasicEntity implementation for FileEntity.
func (FileEntity) AsMailClusterEntity ¶
func (fe FileEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
AsMailClusterEntity is the BasicEntity implementation for FileEntity.
func (FileEntity) AsMailMessageEntity ¶
func (fe FileEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
AsMailMessageEntity is the BasicEntity implementation for FileEntity.
func (FileEntity) AsMailboxEntity ¶
func (fe FileEntity) AsMailboxEntity() (*MailboxEntity, bool)
AsMailboxEntity is the BasicEntity implementation for FileEntity.
func (FileEntity) AsMalwareEntity ¶
func (fe FileEntity) AsMalwareEntity() (*MalwareEntity, bool)
AsMalwareEntity is the BasicEntity implementation for FileEntity.
func (FileEntity) AsProcessEntity ¶
func (fe FileEntity) AsProcessEntity() (*ProcessEntity, bool)
AsProcessEntity is the BasicEntity implementation for FileEntity.
func (FileEntity) AsRegistryKeyEntity ¶
func (fe FileEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
AsRegistryKeyEntity is the BasicEntity implementation for FileEntity.
func (FileEntity) AsRegistryValueEntity ¶
func (fe FileEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
AsRegistryValueEntity is the BasicEntity implementation for FileEntity.
func (FileEntity) AsSecurityAlert ¶
func (fe FileEntity) AsSecurityAlert() (*SecurityAlert, bool)
AsSecurityAlert is the BasicEntity implementation for FileEntity.
func (FileEntity) AsSecurityGroupEntity ¶
func (fe FileEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
AsSecurityGroupEntity is the BasicEntity implementation for FileEntity.
func (FileEntity) AsSubmissionMailEntity ¶
func (fe FileEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
AsSubmissionMailEntity is the BasicEntity implementation for FileEntity.
func (FileEntity) AsURLEntity ¶
func (fe FileEntity) AsURLEntity() (*URLEntity, bool)
AsURLEntity is the BasicEntity implementation for FileEntity.
func (FileEntity) MarshalJSON ¶
func (fe FileEntity) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for FileEntity.
func (*FileEntity) UnmarshalJSON ¶
func (fe *FileEntity) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for FileEntity struct.
type FileEntityProperties ¶
type FileEntityProperties struct { // Directory - READ-ONLY; The full path to the file. Directory *string `json:"directory,omitempty"` // FileHashEntityIds - READ-ONLY; The file hash entity identifiers associated with this file FileHashEntityIds *[]string `json:"fileHashEntityIds,omitempty"` // FileName - READ-ONLY; The file name without path (some alerts might not include path). FileName *string `json:"fileName,omitempty"` // HostEntityID - READ-ONLY; The Host entity id which the file belongs to HostEntityID *string `json:"hostEntityId,omitempty"` // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]interface{} `json:"additionalData"` // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. FriendlyName *string `json:"friendlyName,omitempty"` }
FileEntityProperties file entity property bag.
func (FileEntityProperties) MarshalJSON ¶
func (fep FileEntityProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for FileEntityProperties.
type FileHashAlgorithm ¶
type FileHashAlgorithm string
FileHashAlgorithm enumerates the values for file hash algorithm.
const ( // FileHashAlgorithmMD5 MD5 hash type FileHashAlgorithmMD5 FileHashAlgorithm = "MD5" // FileHashAlgorithmSHA1 SHA1 hash type FileHashAlgorithmSHA1 FileHashAlgorithm = "SHA1" // FileHashAlgorithmSHA256 SHA256 hash type FileHashAlgorithmSHA256 FileHashAlgorithm = "SHA256" // FileHashAlgorithmSHA256AC SHA256 Authenticode hash type FileHashAlgorithmSHA256AC FileHashAlgorithm = "SHA256AC" // FileHashAlgorithmUnknown Unknown hash algorithm FileHashAlgorithmUnknown FileHashAlgorithm = "Unknown" )
func PossibleFileHashAlgorithmValues ¶
func PossibleFileHashAlgorithmValues() []FileHashAlgorithm
PossibleFileHashAlgorithmValues returns an array of possible values for the FileHashAlgorithm const type.
type FileHashEntity ¶
type FileHashEntity struct { // FileHashEntityProperties - FileHash entity properties *FileHashEntityProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' Kind KindBasicEntity `json:"kind,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
FileHashEntity represents a file hash entity.
func (FileHashEntity) AsAccountEntity ¶
func (fhe FileHashEntity) AsAccountEntity() (*AccountEntity, bool)
AsAccountEntity is the BasicEntity implementation for FileHashEntity.
func (FileHashEntity) AsAzureResourceEntity ¶
func (fhe FileHashEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
AsAzureResourceEntity is the BasicEntity implementation for FileHashEntity.
func (FileHashEntity) AsBasicEntity ¶
func (fhe FileHashEntity) AsBasicEntity() (BasicEntity, bool)
AsBasicEntity is the BasicEntity implementation for FileHashEntity.
func (FileHashEntity) AsCloudApplicationEntity ¶
func (fhe FileHashEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
AsCloudApplicationEntity is the BasicEntity implementation for FileHashEntity.
func (FileHashEntity) AsDNSEntity ¶
func (fhe FileHashEntity) AsDNSEntity() (*DNSEntity, bool)
AsDNSEntity is the BasicEntity implementation for FileHashEntity.
func (FileHashEntity) AsEntity ¶
func (fhe FileHashEntity) AsEntity() (*Entity, bool)
AsEntity is the BasicEntity implementation for FileHashEntity.
func (FileHashEntity) AsFileEntity ¶
func (fhe FileHashEntity) AsFileEntity() (*FileEntity, bool)
AsFileEntity is the BasicEntity implementation for FileHashEntity.
func (FileHashEntity) AsFileHashEntity ¶
func (fhe FileHashEntity) AsFileHashEntity() (*FileHashEntity, bool)
AsFileHashEntity is the BasicEntity implementation for FileHashEntity.
func (FileHashEntity) AsHostEntity ¶
func (fhe FileHashEntity) AsHostEntity() (*HostEntity, bool)
AsHostEntity is the BasicEntity implementation for FileHashEntity.
func (FileHashEntity) AsHuntingBookmark ¶
func (fhe FileHashEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
AsHuntingBookmark is the BasicEntity implementation for FileHashEntity.
func (FileHashEntity) AsIPEntity ¶
func (fhe FileHashEntity) AsIPEntity() (*IPEntity, bool)
AsIPEntity is the BasicEntity implementation for FileHashEntity.
func (FileHashEntity) AsIoTDeviceEntity ¶
func (fhe FileHashEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
AsIoTDeviceEntity is the BasicEntity implementation for FileHashEntity.
func (FileHashEntity) AsMailClusterEntity ¶
func (fhe FileHashEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
AsMailClusterEntity is the BasicEntity implementation for FileHashEntity.
func (FileHashEntity) AsMailMessageEntity ¶
func (fhe FileHashEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
AsMailMessageEntity is the BasicEntity implementation for FileHashEntity.
func (FileHashEntity) AsMailboxEntity ¶
func (fhe FileHashEntity) AsMailboxEntity() (*MailboxEntity, bool)
AsMailboxEntity is the BasicEntity implementation for FileHashEntity.
func (FileHashEntity) AsMalwareEntity ¶
func (fhe FileHashEntity) AsMalwareEntity() (*MalwareEntity, bool)
AsMalwareEntity is the BasicEntity implementation for FileHashEntity.
func (FileHashEntity) AsProcessEntity ¶
func (fhe FileHashEntity) AsProcessEntity() (*ProcessEntity, bool)
AsProcessEntity is the BasicEntity implementation for FileHashEntity.
func (FileHashEntity) AsRegistryKeyEntity ¶
func (fhe FileHashEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
AsRegistryKeyEntity is the BasicEntity implementation for FileHashEntity.
func (FileHashEntity) AsRegistryValueEntity ¶
func (fhe FileHashEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
AsRegistryValueEntity is the BasicEntity implementation for FileHashEntity.
func (FileHashEntity) AsSecurityAlert ¶
func (fhe FileHashEntity) AsSecurityAlert() (*SecurityAlert, bool)
AsSecurityAlert is the BasicEntity implementation for FileHashEntity.
func (FileHashEntity) AsSecurityGroupEntity ¶
func (fhe FileHashEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
AsSecurityGroupEntity is the BasicEntity implementation for FileHashEntity.
func (FileHashEntity) AsSubmissionMailEntity ¶
func (fhe FileHashEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
AsSubmissionMailEntity is the BasicEntity implementation for FileHashEntity.
func (FileHashEntity) AsURLEntity ¶
func (fhe FileHashEntity) AsURLEntity() (*URLEntity, bool)
AsURLEntity is the BasicEntity implementation for FileHashEntity.
func (FileHashEntity) MarshalJSON ¶
func (fhe FileHashEntity) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for FileHashEntity.
func (*FileHashEntity) UnmarshalJSON ¶
func (fhe *FileHashEntity) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for FileHashEntity struct.
type FileHashEntityProperties ¶
type FileHashEntityProperties struct { // Algorithm - READ-ONLY; The hash algorithm type. Possible values include: 'FileHashAlgorithmUnknown', 'FileHashAlgorithmMD5', 'FileHashAlgorithmSHA1', 'FileHashAlgorithmSHA256', 'FileHashAlgorithmSHA256AC' Algorithm FileHashAlgorithm `json:"algorithm,omitempty"` // HashValue - READ-ONLY; The file hash value. HashValue *string `json:"hashValue,omitempty"` // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]interface{} `json:"additionalData"` // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. FriendlyName *string `json:"friendlyName,omitempty"` }
FileHashEntityProperties fileHash entity property bag.
func (FileHashEntityProperties) MarshalJSON ¶
func (fhep FileHashEntityProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for FileHashEntityProperties.
type FusionAlertRule ¶
type FusionAlertRule struct { // FusionAlertRuleProperties - Fusion alert rule properties *FusionAlertRuleProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicAlertRuleKindAlertRule', 'KindBasicAlertRuleKindMLBehaviorAnalytics', 'KindBasicAlertRuleKindFusion', 'KindBasicAlertRuleKindThreatIntelligence', 'KindBasicAlertRuleKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleKindScheduled', 'KindBasicAlertRuleKindNRT' Kind KindBasicAlertRule `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
FusionAlertRule represents Fusion alert rule.
func (FusionAlertRule) AsAlertRule ¶
func (far FusionAlertRule) AsAlertRule() (*AlertRule, bool)
AsAlertRule is the BasicAlertRule implementation for FusionAlertRule.
func (FusionAlertRule) AsBasicAlertRule ¶
func (far FusionAlertRule) AsBasicAlertRule() (BasicAlertRule, bool)
AsBasicAlertRule is the BasicAlertRule implementation for FusionAlertRule.
func (FusionAlertRule) AsFusionAlertRule ¶
func (far FusionAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)
AsFusionAlertRule is the BasicAlertRule implementation for FusionAlertRule.
func (FusionAlertRule) AsMLBehaviorAnalyticsAlertRule ¶
func (far FusionAlertRule) AsMLBehaviorAnalyticsAlertRule() (*MLBehaviorAnalyticsAlertRule, bool)
AsMLBehaviorAnalyticsAlertRule is the BasicAlertRule implementation for FusionAlertRule.
func (FusionAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule ¶
func (far FusionAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)
AsMicrosoftSecurityIncidentCreationAlertRule is the BasicAlertRule implementation for FusionAlertRule.
func (FusionAlertRule) AsNrtAlertRule ¶
func (far FusionAlertRule) AsNrtAlertRule() (*NrtAlertRule, bool)
AsNrtAlertRule is the BasicAlertRule implementation for FusionAlertRule.
func (FusionAlertRule) AsScheduledAlertRule ¶
func (far FusionAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)
AsScheduledAlertRule is the BasicAlertRule implementation for FusionAlertRule.
func (FusionAlertRule) AsThreatIntelligenceAlertRule ¶
func (far FusionAlertRule) AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool)
AsThreatIntelligenceAlertRule is the BasicAlertRule implementation for FusionAlertRule.
func (FusionAlertRule) MarshalJSON ¶
func (far FusionAlertRule) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for FusionAlertRule.
func (*FusionAlertRule) UnmarshalJSON ¶
func (far *FusionAlertRule) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for FusionAlertRule struct.
type FusionAlertRuleProperties ¶
type FusionAlertRuleProperties struct { // AlertRuleTemplateName - The Name of the alert rule template used to create this rule. AlertRuleTemplateName *string `json:"alertRuleTemplateName,omitempty"` // Description - READ-ONLY; The description of the alert rule. Description *string `json:"description,omitempty"` // DisplayName - READ-ONLY; The display name for alerts created by this alert rule. DisplayName *string `json:"displayName,omitempty"` // Enabled - Determines whether this alert rule is enabled or disabled. Enabled *bool `json:"enabled,omitempty"` // LastModifiedUtc - READ-ONLY; The last time that this alert has been modified. LastModifiedUtc *date.Time `json:"lastModifiedUtc,omitempty"` // Severity - READ-ONLY; The severity for alerts created by this alert rule. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' Severity AlertSeverity `json:"severity,omitempty"` // Tactics - READ-ONLY; The tactics of the alert rule Tactics *[]AttackTactic `json:"tactics,omitempty"` }
FusionAlertRuleProperties fusion alert rule base property bag.
func (FusionAlertRuleProperties) MarshalJSON ¶
func (farp FusionAlertRuleProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for FusionAlertRuleProperties.
type FusionAlertRuleTemplate ¶
type FusionAlertRuleTemplate struct { // FusionAlertRuleTemplateProperties - Fusion alert rule template properties *FusionAlertRuleTemplateProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindMLBehaviorAnalytics', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindThreatIntelligence', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled', 'KindBasicAlertRuleTemplateKindNRT' Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
FusionAlertRuleTemplate represents Fusion alert rule template.
func (FusionAlertRuleTemplate) AsAlertRuleTemplate ¶
func (fart FusionAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)
AsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for FusionAlertRuleTemplate.
func (FusionAlertRuleTemplate) AsBasicAlertRuleTemplate ¶
func (fart FusionAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)
AsBasicAlertRuleTemplate is the BasicAlertRuleTemplate implementation for FusionAlertRuleTemplate.
func (FusionAlertRuleTemplate) AsFusionAlertRuleTemplate ¶
func (fart FusionAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)
AsFusionAlertRuleTemplate is the BasicAlertRuleTemplate implementation for FusionAlertRuleTemplate.
func (FusionAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate ¶
func (fart FusionAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate() (*MLBehaviorAnalyticsAlertRuleTemplate, bool)
AsMLBehaviorAnalyticsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for FusionAlertRuleTemplate.
func (FusionAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate ¶
func (fart FusionAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)
AsMicrosoftSecurityIncidentCreationAlertRuleTemplate is the BasicAlertRuleTemplate implementation for FusionAlertRuleTemplate.
func (FusionAlertRuleTemplate) AsNrtAlertRuleTemplate ¶
func (fart FusionAlertRuleTemplate) AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool)
AsNrtAlertRuleTemplate is the BasicAlertRuleTemplate implementation for FusionAlertRuleTemplate.
func (FusionAlertRuleTemplate) AsScheduledAlertRuleTemplate ¶
func (fart FusionAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)
AsScheduledAlertRuleTemplate is the BasicAlertRuleTemplate implementation for FusionAlertRuleTemplate.
func (FusionAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate ¶
func (fart FusionAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool)
AsThreatIntelligenceAlertRuleTemplate is the BasicAlertRuleTemplate implementation for FusionAlertRuleTemplate.
func (FusionAlertRuleTemplate) MarshalJSON ¶
func (fart FusionAlertRuleTemplate) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for FusionAlertRuleTemplate.
func (*FusionAlertRuleTemplate) UnmarshalJSON ¶
func (fart *FusionAlertRuleTemplate) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for FusionAlertRuleTemplate struct.
type FusionAlertRuleTemplateProperties ¶
type FusionAlertRuleTemplateProperties struct { // Severity - The severity for alerts created by this alert rule. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' Severity AlertSeverity `json:"severity,omitempty"` // Tactics - The tactics of the alert rule template Tactics *[]AttackTactic `json:"tactics,omitempty"` // AlertRulesCreatedByTemplateCount - the number of alert rules that were created by this template AlertRulesCreatedByTemplateCount *int32 `json:"alertRulesCreatedByTemplateCount,omitempty"` // LastUpdatedDateUTC - READ-ONLY; The last time that this alert rule template has been updated. LastUpdatedDateUTC *date.Time `json:"lastUpdatedDateUTC,omitempty"` // CreatedDateUTC - READ-ONLY; The time that this alert rule template has been added. CreatedDateUTC *date.Time `json:"createdDateUTC,omitempty"` // Description - The description of the alert rule template. Description *string `json:"description,omitempty"` // DisplayName - The display name for alert rule template. DisplayName *string `json:"displayName,omitempty"` // RequiredDataConnectors - The required data sources for this template RequiredDataConnectors *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"` // Status - The alert rule template status. Possible values include: 'TemplateStatusInstalled', 'TemplateStatusAvailable', 'TemplateStatusNotAvailable' Status TemplateStatus `json:"status,omitempty"` }
FusionAlertRuleTemplateProperties fusion alert rule template properties
func (FusionAlertRuleTemplateProperties) MarshalJSON ¶
func (fart FusionAlertRuleTemplateProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for FusionAlertRuleTemplateProperties.
type GeoLocation ¶
type GeoLocation struct { // Asn - READ-ONLY; Autonomous System Number Asn *int32 `json:"asn,omitempty"` // City - READ-ONLY; City name City *string `json:"city,omitempty"` // CountryCode - READ-ONLY; The country code according to ISO 3166 format CountryCode *string `json:"countryCode,omitempty"` // CountryName - READ-ONLY; Country name according to ISO 3166 Alpha 2: the lowercase of the English Short Name CountryName *string `json:"countryName,omitempty"` // Latitude - READ-ONLY; The longitude of the identified location, expressed as a floating point number with range of -180 to 180, with positive numbers representing East and negative numbers representing West. Latitude and longitude are derived from the city or postal code. Latitude *float64 `json:"latitude,omitempty"` // Longitude - READ-ONLY; The latitude of the identified location, expressed as a floating point number with range of - 90 to 90, with positive numbers representing North and negative numbers representing South. Latitude and longitude are derived from the city or postal code. Longitude *float64 `json:"longitude,omitempty"` // State - READ-ONLY; State name State *string `json:"state,omitempty"` }
GeoLocation the geo-location context attached to the ip entity
func (GeoLocation) MarshalJSON ¶
func (gl GeoLocation) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for GeoLocation.
type GetInsightsError ¶
type GetInsightsError struct { // Kind - the query kind Kind *string `json:"kind,omitempty"` // QueryID - the query id QueryID *string `json:"queryId,omitempty"` // ErrorMessage - the error message ErrorMessage *string `json:"errorMessage,omitempty"` }
GetInsightsError getInsights Query Errors.
type GetInsightsResultsMetadata ¶
type GetInsightsResultsMetadata struct { // TotalCount - the total items found for the insights request TotalCount *int32 `json:"totalCount,omitempty"` // Errors - information about the failed queries Errors *[]GetInsightsError `json:"errors,omitempty"` }
GetInsightsResultsMetadata get Insights result metadata.
type GetQueriesResponse ¶
type GetQueriesResponse struct { autorest.Response `json:"-"` // Value - The query result values. Value *[]BasicEntityQueryItem `json:"value,omitempty"` }
GetQueriesResponse retrieve queries for entity result operation response.
func (*GetQueriesResponse) UnmarshalJSON ¶
func (gqr *GetQueriesResponse) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for GetQueriesResponse struct.
type GraphQueries ¶
type GraphQueries struct { // MetricName - the metric that the query is checking MetricName *string `json:"metricName,omitempty"` // Legend - The legend for the graph Legend *string `json:"legend,omitempty"` // BaseQuery - The base query for the graph BaseQuery *string `json:"baseQuery,omitempty"` }
GraphQueries the graph query to show the current data status
type GroupingConfiguration ¶
type GroupingConfiguration struct { // Enabled - Grouping enabled Enabled *bool `json:"enabled,omitempty"` // ReopenClosedIncident - Re-open closed matching incidents ReopenClosedIncident *bool `json:"reopenClosedIncident,omitempty"` // LookbackDuration - Limit the group to alerts created within the lookback duration (in ISO 8601 duration format) LookbackDuration *string `json:"lookbackDuration,omitempty"` // MatchingMethod - Grouping matching method. When method is Selected at least one of groupByEntities, groupByAlertDetails, groupByCustomDetails must be provided and not empty. Possible values include: 'MatchingMethodAllEntities', 'MatchingMethodAnyAlert', 'MatchingMethodSelected' MatchingMethod MatchingMethod `json:"matchingMethod,omitempty"` // GroupByEntities - A list of entity types to group by (when matchingMethod is Selected). Only entities defined in the current alert rule may be used. GroupByEntities *[]EntityMappingType `json:"groupByEntities,omitempty"` // GroupByAlertDetails - A list of alert details to group by (when matchingMethod is Selected) GroupByAlertDetails *[]AlertDetail `json:"groupByAlertDetails,omitempty"` // GroupByCustomDetails - A list of custom details keys to group by (when matchingMethod is Selected). Only keys defined in the current alert rule may be used. GroupByCustomDetails *[]string `json:"groupByCustomDetails,omitempty"` }
GroupingConfiguration grouping configuration property bag.
type HostEntity ¶
type HostEntity struct { // HostEntityProperties - Host entity properties *HostEntityProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' Kind KindBasicEntity `json:"kind,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
HostEntity represents a host entity.
func (HostEntity) AsAccountEntity ¶
func (he HostEntity) AsAccountEntity() (*AccountEntity, bool)
AsAccountEntity is the BasicEntity implementation for HostEntity.
func (HostEntity) AsAzureResourceEntity ¶
func (he HostEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
AsAzureResourceEntity is the BasicEntity implementation for HostEntity.
func (HostEntity) AsBasicEntity ¶
func (he HostEntity) AsBasicEntity() (BasicEntity, bool)
AsBasicEntity is the BasicEntity implementation for HostEntity.
func (HostEntity) AsCloudApplicationEntity ¶
func (he HostEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
AsCloudApplicationEntity is the BasicEntity implementation for HostEntity.
func (HostEntity) AsDNSEntity ¶
func (he HostEntity) AsDNSEntity() (*DNSEntity, bool)
AsDNSEntity is the BasicEntity implementation for HostEntity.
func (HostEntity) AsEntity ¶
func (he HostEntity) AsEntity() (*Entity, bool)
AsEntity is the BasicEntity implementation for HostEntity.
func (HostEntity) AsFileEntity ¶
func (he HostEntity) AsFileEntity() (*FileEntity, bool)
AsFileEntity is the BasicEntity implementation for HostEntity.
func (HostEntity) AsFileHashEntity ¶
func (he HostEntity) AsFileHashEntity() (*FileHashEntity, bool)
AsFileHashEntity is the BasicEntity implementation for HostEntity.
func (HostEntity) AsHostEntity ¶
func (he HostEntity) AsHostEntity() (*HostEntity, bool)
AsHostEntity is the BasicEntity implementation for HostEntity.
func (HostEntity) AsHuntingBookmark ¶
func (he HostEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
AsHuntingBookmark is the BasicEntity implementation for HostEntity.
func (HostEntity) AsIPEntity ¶
func (he HostEntity) AsIPEntity() (*IPEntity, bool)
AsIPEntity is the BasicEntity implementation for HostEntity.
func (HostEntity) AsIoTDeviceEntity ¶
func (he HostEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
AsIoTDeviceEntity is the BasicEntity implementation for HostEntity.
func (HostEntity) AsMailClusterEntity ¶
func (he HostEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
AsMailClusterEntity is the BasicEntity implementation for HostEntity.
func (HostEntity) AsMailMessageEntity ¶
func (he HostEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
AsMailMessageEntity is the BasicEntity implementation for HostEntity.
func (HostEntity) AsMailboxEntity ¶
func (he HostEntity) AsMailboxEntity() (*MailboxEntity, bool)
AsMailboxEntity is the BasicEntity implementation for HostEntity.
func (HostEntity) AsMalwareEntity ¶
func (he HostEntity) AsMalwareEntity() (*MalwareEntity, bool)
AsMalwareEntity is the BasicEntity implementation for HostEntity.
func (HostEntity) AsProcessEntity ¶
func (he HostEntity) AsProcessEntity() (*ProcessEntity, bool)
AsProcessEntity is the BasicEntity implementation for HostEntity.
func (HostEntity) AsRegistryKeyEntity ¶
func (he HostEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
AsRegistryKeyEntity is the BasicEntity implementation for HostEntity.
func (HostEntity) AsRegistryValueEntity ¶
func (he HostEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
AsRegistryValueEntity is the BasicEntity implementation for HostEntity.
func (HostEntity) AsSecurityAlert ¶
func (he HostEntity) AsSecurityAlert() (*SecurityAlert, bool)
AsSecurityAlert is the BasicEntity implementation for HostEntity.
func (HostEntity) AsSecurityGroupEntity ¶
func (he HostEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
AsSecurityGroupEntity is the BasicEntity implementation for HostEntity.
func (HostEntity) AsSubmissionMailEntity ¶
func (he HostEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
AsSubmissionMailEntity is the BasicEntity implementation for HostEntity.
func (HostEntity) AsURLEntity ¶
func (he HostEntity) AsURLEntity() (*URLEntity, bool)
AsURLEntity is the BasicEntity implementation for HostEntity.
func (HostEntity) MarshalJSON ¶
func (he HostEntity) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for HostEntity.
func (*HostEntity) UnmarshalJSON ¶
func (he *HostEntity) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for HostEntity struct.
type HostEntityProperties ¶
type HostEntityProperties struct { // AzureID - READ-ONLY; The azure resource id of the VM. AzureID *string `json:"azureID,omitempty"` // DNSDomain - READ-ONLY; The DNS domain that this host belongs to. Should contain the compete DNS suffix for the domain DNSDomain *string `json:"dnsDomain,omitempty"` // HostName - READ-ONLY; The hostname without the domain suffix. HostName *string `json:"hostName,omitempty"` // IsDomainJoined - READ-ONLY; Determines whether this host belongs to a domain. IsDomainJoined *bool `json:"isDomainJoined,omitempty"` // NetBiosName - READ-ONLY; The host name (pre-windows2000). NetBiosName *string `json:"netBiosName,omitempty"` // NtDomain - READ-ONLY; The NT domain that this host belongs to. NtDomain *string `json:"ntDomain,omitempty"` // OmsAgentID - READ-ONLY; The OMS agent id, if the host has OMS agent installed. OmsAgentID *string `json:"omsAgentID,omitempty"` // OsFamily - The operating system type. Possible values include: 'OSFamilyLinux', 'OSFamilyWindows', 'OSFamilyAndroid', 'OSFamilyIOS', 'OSFamilyUnknown' OsFamily OSFamily `json:"osFamily,omitempty"` // OsVersion - READ-ONLY; A free text representation of the operating system. This field is meant to hold specific versions the are more fine grained than OSFamily or future values not supported by OSFamily enumeration OsVersion *string `json:"osVersion,omitempty"` // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]interface{} `json:"additionalData"` // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. FriendlyName *string `json:"friendlyName,omitempty"` }
HostEntityProperties host entity property bag.
func (HostEntityProperties) MarshalJSON ¶
func (hep HostEntityProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for HostEntityProperties.
type HuntingBookmark ¶
type HuntingBookmark struct { // HuntingBookmarkProperties - HuntingBookmark entity properties *HuntingBookmarkProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' Kind KindBasicEntity `json:"kind,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
HuntingBookmark represents a Hunting bookmark entity.
func (HuntingBookmark) AsAccountEntity ¶
func (hb HuntingBookmark) AsAccountEntity() (*AccountEntity, bool)
AsAccountEntity is the BasicEntity implementation for HuntingBookmark.
func (HuntingBookmark) AsAzureResourceEntity ¶
func (hb HuntingBookmark) AsAzureResourceEntity() (*AzureResourceEntity, bool)
AsAzureResourceEntity is the BasicEntity implementation for HuntingBookmark.
func (HuntingBookmark) AsBasicEntity ¶
func (hb HuntingBookmark) AsBasicEntity() (BasicEntity, bool)
AsBasicEntity is the BasicEntity implementation for HuntingBookmark.
func (HuntingBookmark) AsCloudApplicationEntity ¶
func (hb HuntingBookmark) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
AsCloudApplicationEntity is the BasicEntity implementation for HuntingBookmark.
func (HuntingBookmark) AsDNSEntity ¶
func (hb HuntingBookmark) AsDNSEntity() (*DNSEntity, bool)
AsDNSEntity is the BasicEntity implementation for HuntingBookmark.
func (HuntingBookmark) AsEntity ¶
func (hb HuntingBookmark) AsEntity() (*Entity, bool)
AsEntity is the BasicEntity implementation for HuntingBookmark.
func (HuntingBookmark) AsFileEntity ¶
func (hb HuntingBookmark) AsFileEntity() (*FileEntity, bool)
AsFileEntity is the BasicEntity implementation for HuntingBookmark.
func (HuntingBookmark) AsFileHashEntity ¶
func (hb HuntingBookmark) AsFileHashEntity() (*FileHashEntity, bool)
AsFileHashEntity is the BasicEntity implementation for HuntingBookmark.
func (HuntingBookmark) AsHostEntity ¶
func (hb HuntingBookmark) AsHostEntity() (*HostEntity, bool)
AsHostEntity is the BasicEntity implementation for HuntingBookmark.
func (HuntingBookmark) AsHuntingBookmark ¶
func (hb HuntingBookmark) AsHuntingBookmark() (*HuntingBookmark, bool)
AsHuntingBookmark is the BasicEntity implementation for HuntingBookmark.
func (HuntingBookmark) AsIPEntity ¶
func (hb HuntingBookmark) AsIPEntity() (*IPEntity, bool)
AsIPEntity is the BasicEntity implementation for HuntingBookmark.
func (HuntingBookmark) AsIoTDeviceEntity ¶
func (hb HuntingBookmark) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
AsIoTDeviceEntity is the BasicEntity implementation for HuntingBookmark.
func (HuntingBookmark) AsMailClusterEntity ¶
func (hb HuntingBookmark) AsMailClusterEntity() (*MailClusterEntity, bool)
AsMailClusterEntity is the BasicEntity implementation for HuntingBookmark.
func (HuntingBookmark) AsMailMessageEntity ¶
func (hb HuntingBookmark) AsMailMessageEntity() (*MailMessageEntity, bool)
AsMailMessageEntity is the BasicEntity implementation for HuntingBookmark.
func (HuntingBookmark) AsMailboxEntity ¶
func (hb HuntingBookmark) AsMailboxEntity() (*MailboxEntity, bool)
AsMailboxEntity is the BasicEntity implementation for HuntingBookmark.
func (HuntingBookmark) AsMalwareEntity ¶
func (hb HuntingBookmark) AsMalwareEntity() (*MalwareEntity, bool)
AsMalwareEntity is the BasicEntity implementation for HuntingBookmark.
func (HuntingBookmark) AsProcessEntity ¶
func (hb HuntingBookmark) AsProcessEntity() (*ProcessEntity, bool)
AsProcessEntity is the BasicEntity implementation for HuntingBookmark.
func (HuntingBookmark) AsRegistryKeyEntity ¶
func (hb HuntingBookmark) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
AsRegistryKeyEntity is the BasicEntity implementation for HuntingBookmark.
func (HuntingBookmark) AsRegistryValueEntity ¶
func (hb HuntingBookmark) AsRegistryValueEntity() (*RegistryValueEntity, bool)
AsRegistryValueEntity is the BasicEntity implementation for HuntingBookmark.
func (HuntingBookmark) AsSecurityAlert ¶
func (hb HuntingBookmark) AsSecurityAlert() (*SecurityAlert, bool)
AsSecurityAlert is the BasicEntity implementation for HuntingBookmark.
func (HuntingBookmark) AsSecurityGroupEntity ¶
func (hb HuntingBookmark) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
AsSecurityGroupEntity is the BasicEntity implementation for HuntingBookmark.
func (HuntingBookmark) AsSubmissionMailEntity ¶
func (hb HuntingBookmark) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
AsSubmissionMailEntity is the BasicEntity implementation for HuntingBookmark.
func (HuntingBookmark) AsURLEntity ¶
func (hb HuntingBookmark) AsURLEntity() (*URLEntity, bool)
AsURLEntity is the BasicEntity implementation for HuntingBookmark.
func (HuntingBookmark) MarshalJSON ¶
func (hb HuntingBookmark) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for HuntingBookmark.
func (*HuntingBookmark) UnmarshalJSON ¶
func (hb *HuntingBookmark) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for HuntingBookmark struct.
type HuntingBookmarkProperties ¶
type HuntingBookmarkProperties struct { // Created - The time the bookmark was created Created *date.Time `json:"created,omitempty"` // CreatedBy - Describes a user that created the bookmark CreatedBy *UserInfo `json:"createdBy,omitempty"` // DisplayName - The display name of the bookmark DisplayName *string `json:"displayName,omitempty"` // EventTime - The time of the event EventTime *date.Time `json:"eventTime,omitempty"` // Labels - List of labels relevant to this bookmark Labels *[]string `json:"labels,omitempty"` // Notes - The notes of the bookmark Notes *string `json:"notes,omitempty"` // Query - The query of the bookmark. Query *string `json:"query,omitempty"` // QueryResult - The query result of the bookmark. QueryResult *string `json:"queryResult,omitempty"` // Updated - The last time the bookmark was updated Updated *date.Time `json:"updated,omitempty"` // UpdatedBy - Describes a user that updated the bookmark UpdatedBy *UserInfo `json:"updatedBy,omitempty"` // IncidentInfo - Describes an incident that relates to bookmark IncidentInfo *IncidentInfo `json:"incidentInfo,omitempty"` // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]interface{} `json:"additionalData"` // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. FriendlyName *string `json:"friendlyName,omitempty"` }
HuntingBookmarkProperties describes bookmark properties
func (HuntingBookmarkProperties) MarshalJSON ¶
func (hbp HuntingBookmarkProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for HuntingBookmarkProperties.
type IPEntity ¶
type IPEntity struct { // IPEntityProperties - Ip entity properties *IPEntityProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' Kind KindBasicEntity `json:"kind,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
IPEntity represents an ip entity.
func (IPEntity) AsAccountEntity ¶
func (ie IPEntity) AsAccountEntity() (*AccountEntity, bool)
AsAccountEntity is the BasicEntity implementation for IPEntity.
func (IPEntity) AsAzureResourceEntity ¶
func (ie IPEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
AsAzureResourceEntity is the BasicEntity implementation for IPEntity.
func (IPEntity) AsBasicEntity ¶
func (ie IPEntity) AsBasicEntity() (BasicEntity, bool)
AsBasicEntity is the BasicEntity implementation for IPEntity.
func (IPEntity) AsCloudApplicationEntity ¶
func (ie IPEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
AsCloudApplicationEntity is the BasicEntity implementation for IPEntity.
func (IPEntity) AsDNSEntity ¶
AsDNSEntity is the BasicEntity implementation for IPEntity.
func (IPEntity) AsFileEntity ¶
func (ie IPEntity) AsFileEntity() (*FileEntity, bool)
AsFileEntity is the BasicEntity implementation for IPEntity.
func (IPEntity) AsFileHashEntity ¶
func (ie IPEntity) AsFileHashEntity() (*FileHashEntity, bool)
AsFileHashEntity is the BasicEntity implementation for IPEntity.
func (IPEntity) AsHostEntity ¶
func (ie IPEntity) AsHostEntity() (*HostEntity, bool)
AsHostEntity is the BasicEntity implementation for IPEntity.
func (IPEntity) AsHuntingBookmark ¶
func (ie IPEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
AsHuntingBookmark is the BasicEntity implementation for IPEntity.
func (IPEntity) AsIPEntity ¶
AsIPEntity is the BasicEntity implementation for IPEntity.
func (IPEntity) AsIoTDeviceEntity ¶
func (ie IPEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
AsIoTDeviceEntity is the BasicEntity implementation for IPEntity.
func (IPEntity) AsMailClusterEntity ¶
func (ie IPEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
AsMailClusterEntity is the BasicEntity implementation for IPEntity.
func (IPEntity) AsMailMessageEntity ¶
func (ie IPEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
AsMailMessageEntity is the BasicEntity implementation for IPEntity.
func (IPEntity) AsMailboxEntity ¶
func (ie IPEntity) AsMailboxEntity() (*MailboxEntity, bool)
AsMailboxEntity is the BasicEntity implementation for IPEntity.
func (IPEntity) AsMalwareEntity ¶
func (ie IPEntity) AsMalwareEntity() (*MalwareEntity, bool)
AsMalwareEntity is the BasicEntity implementation for IPEntity.
func (IPEntity) AsProcessEntity ¶
func (ie IPEntity) AsProcessEntity() (*ProcessEntity, bool)
AsProcessEntity is the BasicEntity implementation for IPEntity.
func (IPEntity) AsRegistryKeyEntity ¶
func (ie IPEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
AsRegistryKeyEntity is the BasicEntity implementation for IPEntity.
func (IPEntity) AsRegistryValueEntity ¶
func (ie IPEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
AsRegistryValueEntity is the BasicEntity implementation for IPEntity.
func (IPEntity) AsSecurityAlert ¶
func (ie IPEntity) AsSecurityAlert() (*SecurityAlert, bool)
AsSecurityAlert is the BasicEntity implementation for IPEntity.
func (IPEntity) AsSecurityGroupEntity ¶
func (ie IPEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
AsSecurityGroupEntity is the BasicEntity implementation for IPEntity.
func (IPEntity) AsSubmissionMailEntity ¶
func (ie IPEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
AsSubmissionMailEntity is the BasicEntity implementation for IPEntity.
func (IPEntity) AsURLEntity ¶
AsURLEntity is the BasicEntity implementation for IPEntity.
func (IPEntity) MarshalJSON ¶
MarshalJSON is the custom marshaler for IPEntity.
func (*IPEntity) UnmarshalJSON ¶
UnmarshalJSON is the custom unmarshaler for IPEntity struct.
type IPEntityProperties ¶
type IPEntityProperties struct { // Address - READ-ONLY; The IP address as string, e.g. 127.0.0.1 (either in Ipv4 or Ipv6) Address *string `json:"address,omitempty"` // Location - The geo-location context attached to the ip entity Location *GeoLocation `json:"location,omitempty"` // ThreatIntelligence - READ-ONLY; A list of TI contexts attached to the ip entity. ThreatIntelligence *[]ThreatIntelligence `json:"threatIntelligence,omitempty"` // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]interface{} `json:"additionalData"` // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. FriendlyName *string `json:"friendlyName,omitempty"` }
IPEntityProperties ip entity property bag.
func (IPEntityProperties) MarshalJSON ¶
func (iep IPEntityProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for IPEntityProperties.
type IPGeodataClient ¶
type IPGeodataClient struct {
BaseClient
}
IPGeodataClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewIPGeodataClient ¶
func NewIPGeodataClient(subscriptionID string) IPGeodataClient
NewIPGeodataClient creates an instance of the IPGeodataClient client.
func NewIPGeodataClientWithBaseURI ¶
func NewIPGeodataClientWithBaseURI(baseURI string, subscriptionID string) IPGeodataClient
NewIPGeodataClientWithBaseURI creates an instance of the IPGeodataClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (IPGeodataClient) Get ¶
func (client IPGeodataClient) Get(ctx context.Context, resourceGroupName string, IPAddress string) (result EnrichmentIPGeodata, err error)
Get get geodata for a single IP address Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. IPAddress - IP address (v4 or v6) to be enriched
func (IPGeodataClient) GetPreparer ¶
func (client IPGeodataClient) GetPreparer(ctx context.Context, resourceGroupName string, IPAddress string) (*http.Request, error)
GetPreparer prepares the Get request.
func (IPGeodataClient) GetResponder ¶
func (client IPGeodataClient) GetResponder(resp *http.Response) (result EnrichmentIPGeodata, err error)
GetResponder handles the response to the Get request. The method always closes the http.Response Body.
type Incident ¶
type Incident struct { autorest.Response `json:"-"` // IncidentProperties - Incident properties *IncidentProperties `json:"properties,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
Incident represents an incident in Azure Security Insights.
func (Incident) MarshalJSON ¶
MarshalJSON is the custom marshaler for Incident.
func (*Incident) UnmarshalJSON ¶
UnmarshalJSON is the custom unmarshaler for Incident struct.
type IncidentAdditionalData ¶
type IncidentAdditionalData struct { // AlertsCount - READ-ONLY; The number of alerts in the incident AlertsCount *int32 `json:"alertsCount,omitempty"` // BookmarksCount - READ-ONLY; The number of bookmarks in the incident BookmarksCount *int32 `json:"bookmarksCount,omitempty"` // CommentsCount - READ-ONLY; The number of comments in the incident CommentsCount *int32 `json:"commentsCount,omitempty"` // AlertProductNames - READ-ONLY; List of product names of alerts in the incident AlertProductNames *[]string `json:"alertProductNames,omitempty"` // Tactics - READ-ONLY; The tactics associated with incident Tactics *[]AttackTactic `json:"tactics,omitempty"` }
IncidentAdditionalData incident additional data property bag.
func (IncidentAdditionalData) MarshalJSON ¶
func (iad IncidentAdditionalData) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for IncidentAdditionalData.
type IncidentAlertList ¶
type IncidentAlertList struct { autorest.Response `json:"-"` // Value - Array of incident alerts. Value *[]SecurityAlert `json:"value,omitempty"` }
IncidentAlertList list of incident alerts.
type IncidentBookmarkList ¶
type IncidentBookmarkList struct { autorest.Response `json:"-"` // Value - Array of incident bookmarks. Value *[]HuntingBookmark `json:"value,omitempty"` }
IncidentBookmarkList list of incident bookmarks.
type IncidentClassification ¶
type IncidentClassification string
IncidentClassification enumerates the values for incident classification.
const ( // IncidentClassificationBenignPositive Incident was benign positive IncidentClassificationBenignPositive IncidentClassification = "BenignPositive" // IncidentClassificationFalsePositive Incident was false positive IncidentClassificationFalsePositive IncidentClassification = "FalsePositive" // IncidentClassificationTruePositive Incident was true positive IncidentClassificationTruePositive IncidentClassification = "TruePositive" // IncidentClassificationUndetermined Incident classification was undetermined IncidentClassificationUndetermined IncidentClassification = "Undetermined" )
func PossibleIncidentClassificationValues ¶
func PossibleIncidentClassificationValues() []IncidentClassification
PossibleIncidentClassificationValues returns an array of possible values for the IncidentClassification const type.
type IncidentClassificationReason ¶
type IncidentClassificationReason string
IncidentClassificationReason enumerates the values for incident classification reason.
const ( // IncidentClassificationReasonInaccurateData Classification reason was inaccurate data IncidentClassificationReasonInaccurateData IncidentClassificationReason = "InaccurateData" // IncidentClassificationReasonIncorrectAlertLogic Classification reason was incorrect alert logic IncidentClassificationReasonIncorrectAlertLogic IncidentClassificationReason = "IncorrectAlertLogic" // IncidentClassificationReasonSuspiciousActivity Classification reason was suspicious activity IncidentClassificationReasonSuspiciousActivity IncidentClassificationReason = "SuspiciousActivity" // IncidentClassificationReasonSuspiciousButExpected Classification reason was suspicious but expected IncidentClassificationReasonSuspiciousButExpected IncidentClassificationReason = "SuspiciousButExpected" )
func PossibleIncidentClassificationReasonValues ¶
func PossibleIncidentClassificationReasonValues() []IncidentClassificationReason
PossibleIncidentClassificationReasonValues returns an array of possible values for the IncidentClassificationReason const type.
type IncidentComment ¶
type IncidentComment struct { autorest.Response `json:"-"` // IncidentCommentProperties - Incident comment properties *IncidentCommentProperties `json:"properties,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
IncidentComment represents an incident comment
func (IncidentComment) MarshalJSON ¶
func (ic IncidentComment) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for IncidentComment.
func (*IncidentComment) UnmarshalJSON ¶
func (ic *IncidentComment) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for IncidentComment struct.
type IncidentCommentList ¶
type IncidentCommentList struct { autorest.Response `json:"-"` // NextLink - READ-ONLY; URL to fetch the next set of comments. NextLink *string `json:"nextLink,omitempty"` // Value - Array of comments. Value *[]IncidentComment `json:"value,omitempty"` }
IncidentCommentList list of incident comments.
func (IncidentCommentList) IsEmpty ¶
func (icl IncidentCommentList) IsEmpty() bool
IsEmpty returns true if the ListResult contains no values.
func (IncidentCommentList) MarshalJSON ¶
func (icl IncidentCommentList) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for IncidentCommentList.
type IncidentCommentListIterator ¶
type IncidentCommentListIterator struct {
// contains filtered or unexported fields
}
IncidentCommentListIterator provides access to a complete listing of IncidentComment values.
func NewIncidentCommentListIterator ¶
func NewIncidentCommentListIterator(page IncidentCommentListPage) IncidentCommentListIterator
Creates a new instance of the IncidentCommentListIterator type.
func (*IncidentCommentListIterator) Next ¶
func (iter *IncidentCommentListIterator) Next() error
Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*IncidentCommentListIterator) NextWithContext ¶
func (iter *IncidentCommentListIterator) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.
func (IncidentCommentListIterator) NotDone ¶
func (iter IncidentCommentListIterator) NotDone() bool
NotDone returns true if the enumeration should be started or is not yet complete.
func (IncidentCommentListIterator) Response ¶
func (iter IncidentCommentListIterator) Response() IncidentCommentList
Response returns the raw server response from the last page request.
func (IncidentCommentListIterator) Value ¶
func (iter IncidentCommentListIterator) Value() IncidentComment
Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.
type IncidentCommentListPage ¶
type IncidentCommentListPage struct {
// contains filtered or unexported fields
}
IncidentCommentListPage contains a page of IncidentComment values.
func NewIncidentCommentListPage ¶
func NewIncidentCommentListPage(cur IncidentCommentList, getNextPage func(context.Context, IncidentCommentList) (IncidentCommentList, error)) IncidentCommentListPage
Creates a new instance of the IncidentCommentListPage type.
func (*IncidentCommentListPage) Next ¶
func (page *IncidentCommentListPage) Next() error
Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*IncidentCommentListPage) NextWithContext ¶
func (page *IncidentCommentListPage) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.
func (IncidentCommentListPage) NotDone ¶
func (page IncidentCommentListPage) NotDone() bool
NotDone returns true if the page enumeration should be started or is not yet complete.
func (IncidentCommentListPage) Response ¶
func (page IncidentCommentListPage) Response() IncidentCommentList
Response returns the raw server response from the last page request.
func (IncidentCommentListPage) Values ¶
func (page IncidentCommentListPage) Values() []IncidentComment
Values returns the slice of values for the current page or nil if there are no values.
type IncidentCommentProperties ¶
type IncidentCommentProperties struct { // CreatedTimeUtc - READ-ONLY; The time the comment was created CreatedTimeUtc *date.Time `json:"createdTimeUtc,omitempty"` // LastModifiedTimeUtc - READ-ONLY; The time the comment was updated LastModifiedTimeUtc *date.Time `json:"lastModifiedTimeUtc,omitempty"` // Message - The comment message Message *string `json:"message,omitempty"` // Author - READ-ONLY; Describes the client that created the comment Author *ClientInfo `json:"author,omitempty"` }
IncidentCommentProperties incident comment property bag.
func (IncidentCommentProperties) MarshalJSON ¶
func (icp IncidentCommentProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for IncidentCommentProperties.
type IncidentCommentsClient ¶
type IncidentCommentsClient struct {
BaseClient
}
IncidentCommentsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewIncidentCommentsClient ¶
func NewIncidentCommentsClient(subscriptionID string) IncidentCommentsClient
NewIncidentCommentsClient creates an instance of the IncidentCommentsClient client.
func NewIncidentCommentsClientWithBaseURI ¶
func NewIncidentCommentsClientWithBaseURI(baseURI string, subscriptionID string) IncidentCommentsClient
NewIncidentCommentsClientWithBaseURI creates an instance of the IncidentCommentsClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (IncidentCommentsClient) CreateOrUpdate ¶
func (client IncidentCommentsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentCommentID string, incidentComment IncidentComment) (result IncidentComment, err error)
CreateOrUpdate creates or updates the incident comment. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. incidentID - incident ID incidentCommentID - incident comment ID incidentComment - the incident comment
func (IncidentCommentsClient) CreateOrUpdatePreparer ¶
func (client IncidentCommentsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentCommentID string, incidentComment IncidentComment) (*http.Request, error)
CreateOrUpdatePreparer prepares the CreateOrUpdate request.
func (IncidentCommentsClient) CreateOrUpdateResponder ¶
func (client IncidentCommentsClient) CreateOrUpdateResponder(resp *http.Response) (result IncidentComment, err error)
CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always closes the http.Response Body.
func (IncidentCommentsClient) CreateOrUpdateSender ¶
func (client IncidentCommentsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)
CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the http.Response Body if it receives an error.
func (IncidentCommentsClient) Delete ¶
func (client IncidentCommentsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentCommentID string) (result autorest.Response, err error)
Delete delete the incident comment. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. incidentID - incident ID incidentCommentID - incident comment ID
func (IncidentCommentsClient) DeletePreparer ¶
func (client IncidentCommentsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentCommentID string) (*http.Request, error)
DeletePreparer prepares the Delete request.
func (IncidentCommentsClient) DeleteResponder ¶
func (client IncidentCommentsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
DeleteResponder handles the response to the Delete request. The method always closes the http.Response Body.
func (IncidentCommentsClient) DeleteSender ¶
DeleteSender sends the Delete request. The method will close the http.Response Body if it receives an error.
func (IncidentCommentsClient) Get ¶
func (client IncidentCommentsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentCommentID string) (result IncidentComment, err error)
Get gets an incident comment. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. incidentID - incident ID incidentCommentID - incident comment ID
func (IncidentCommentsClient) GetPreparer ¶
func (client IncidentCommentsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentCommentID string) (*http.Request, error)
GetPreparer prepares the Get request.
func (IncidentCommentsClient) GetResponder ¶
func (client IncidentCommentsClient) GetResponder(resp *http.Response) (result IncidentComment, err error)
GetResponder handles the response to the Get request. The method always closes the http.Response Body.
func (IncidentCommentsClient) GetSender ¶
GetSender sends the Get request. The method will close the http.Response Body if it receives an error.
func (IncidentCommentsClient) List ¶
func (client IncidentCommentsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (result IncidentCommentListPage, err error)
List gets all incident comments. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. incidentID - incident ID filter - filters the results, based on a Boolean condition. Optional. orderby - sorts the results. Optional. top - returns only the first n results. Optional. skipToken - skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional.
func (IncidentCommentsClient) ListComplete ¶
func (client IncidentCommentsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (result IncidentCommentListIterator, err error)
ListComplete enumerates all values, automatically crossing page boundaries as required.
func (IncidentCommentsClient) ListPreparer ¶
func (client IncidentCommentsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error)
ListPreparer prepares the List request.
func (IncidentCommentsClient) ListResponder ¶
func (client IncidentCommentsClient) ListResponder(resp *http.Response) (result IncidentCommentList, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (IncidentCommentsClient) ListSender ¶
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
type IncidentConfiguration ¶
type IncidentConfiguration struct { // CreateIncident - Create incidents from alerts triggered by this analytics rule CreateIncident *bool `json:"createIncident,omitempty"` // GroupingConfiguration - Set how the alerts that are triggered by this analytics rule, are grouped into incidents GroupingConfiguration *GroupingConfiguration `json:"groupingConfiguration,omitempty"` }
IncidentConfiguration incident Configuration property bag.
type IncidentEntitiesResponse ¶
type IncidentEntitiesResponse struct { autorest.Response `json:"-"` // Entities - Array of the incident related entities. Entities *[]BasicEntity `json:"entities,omitempty"` // MetaData - The metadata from the incident related entities results. MetaData *[]IncidentEntitiesResultsMetadata `json:"metaData,omitempty"` }
IncidentEntitiesResponse the incident related entities response.
func (*IncidentEntitiesResponse) UnmarshalJSON ¶
func (ier *IncidentEntitiesResponse) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for IncidentEntitiesResponse struct.
type IncidentEntitiesResultsMetadata ¶
type IncidentEntitiesResultsMetadata struct { // Count - Total number of aggregations of the given kind in the incident related entities result. Count *int32 `json:"count,omitempty"` // EntityKind - The kind of the aggregated entity. Possible values include: 'EntityKindAccount', 'EntityKindHost', 'EntityKindFile', 'EntityKindAzureResource', 'EntityKindCloudApplication', 'EntityKindDNSResolution', 'EntityKindFileHash', 'EntityKindIP', 'EntityKindMalware', 'EntityKindProcess', 'EntityKindRegistryKey', 'EntityKindRegistryValue', 'EntityKindSecurityGroup', 'EntityKindURL', 'EntityKindIoTDevice', 'EntityKindSecurityAlert', 'EntityKindBookmark', 'EntityKindMailCluster', 'EntityKindMailMessage', 'EntityKindMailbox', 'EntityKindSubmissionMail' EntityKind EntityKind `json:"entityKind,omitempty"` }
IncidentEntitiesResultsMetadata information of a specific aggregation in the incident related entities result.
type IncidentInfo ¶
type IncidentInfo struct { // IncidentID - Incident Id IncidentID *string `json:"incidentId,omitempty"` // Severity - The severity of the incident. Possible values include: 'IncidentSeverityHigh', 'IncidentSeverityMedium', 'IncidentSeverityLow', 'IncidentSeverityInformational' Severity IncidentSeverity `json:"severity,omitempty"` // Title - The title of the incident Title *string `json:"title,omitempty"` // RelationName - Relation Name RelationName *string `json:"relationName,omitempty"` }
IncidentInfo describes related incident information for the bookmark
type IncidentLabel ¶
type IncidentLabel struct { // LabelName - The name of the label LabelName *string `json:"labelName,omitempty"` // LabelType - READ-ONLY; The type of the label. Possible values include: 'IncidentLabelTypeUser', 'IncidentLabelTypeSystem' LabelType IncidentLabelType `json:"labelType,omitempty"` }
IncidentLabel represents an incident label
func (IncidentLabel) MarshalJSON ¶
func (il IncidentLabel) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for IncidentLabel.
type IncidentLabelType ¶
type IncidentLabelType string
IncidentLabelType enumerates the values for incident label type.
const ( // IncidentLabelTypeSystem Label automatically created by the system IncidentLabelTypeSystem IncidentLabelType = "System" // IncidentLabelTypeUser Label manually created by a user IncidentLabelTypeUser IncidentLabelType = "User" )
func PossibleIncidentLabelTypeValues ¶
func PossibleIncidentLabelTypeValues() []IncidentLabelType
PossibleIncidentLabelTypeValues returns an array of possible values for the IncidentLabelType const type.
type IncidentList ¶
type IncidentList struct { autorest.Response `json:"-"` // NextLink - READ-ONLY; URL to fetch the next set of incidents. NextLink *string `json:"nextLink,omitempty"` // Value - Array of incidents. Value *[]Incident `json:"value,omitempty"` }
IncidentList list all the incidents.
func (IncidentList) IsEmpty ¶
func (il IncidentList) IsEmpty() bool
IsEmpty returns true if the ListResult contains no values.
func (IncidentList) MarshalJSON ¶
func (il IncidentList) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for IncidentList.
type IncidentListIterator ¶
type IncidentListIterator struct {
// contains filtered or unexported fields
}
IncidentListIterator provides access to a complete listing of Incident values.
func NewIncidentListIterator ¶
func NewIncidentListIterator(page IncidentListPage) IncidentListIterator
Creates a new instance of the IncidentListIterator type.
func (*IncidentListIterator) Next ¶
func (iter *IncidentListIterator) Next() error
Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*IncidentListIterator) NextWithContext ¶
func (iter *IncidentListIterator) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.
func (IncidentListIterator) NotDone ¶
func (iter IncidentListIterator) NotDone() bool
NotDone returns true if the enumeration should be started or is not yet complete.
func (IncidentListIterator) Response ¶
func (iter IncidentListIterator) Response() IncidentList
Response returns the raw server response from the last page request.
func (IncidentListIterator) Value ¶
func (iter IncidentListIterator) Value() Incident
Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.
type IncidentListPage ¶
type IncidentListPage struct {
// contains filtered or unexported fields
}
IncidentListPage contains a page of Incident values.
func NewIncidentListPage ¶
func NewIncidentListPage(cur IncidentList, getNextPage func(context.Context, IncidentList) (IncidentList, error)) IncidentListPage
Creates a new instance of the IncidentListPage type.
func (*IncidentListPage) Next ¶
func (page *IncidentListPage) Next() error
Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*IncidentListPage) NextWithContext ¶
func (page *IncidentListPage) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.
func (IncidentListPage) NotDone ¶
func (page IncidentListPage) NotDone() bool
NotDone returns true if the page enumeration should be started or is not yet complete.
func (IncidentListPage) Response ¶
func (page IncidentListPage) Response() IncidentList
Response returns the raw server response from the last page request.
func (IncidentListPage) Values ¶
func (page IncidentListPage) Values() []Incident
Values returns the slice of values for the current page or nil if there are no values.
type IncidentOwnerInfo ¶
type IncidentOwnerInfo struct { // Email - The email of the user the incident is assigned to. Email *string `json:"email,omitempty"` // AssignedTo - The name of the user the incident is assigned to. AssignedTo *string `json:"assignedTo,omitempty"` // ObjectID - The object id of the user the incident is assigned to. ObjectID *uuid.UUID `json:"objectId,omitempty"` // UserPrincipalName - The user principal name of the user the incident is assigned to. UserPrincipalName *string `json:"userPrincipalName,omitempty"` // OwnerType - READ-ONLY; The type of the owner the incident is assigned to. Possible values include: 'OwnerTypeUnknown', 'OwnerTypeUser', 'OwnerTypeGroup' OwnerType OwnerType `json:"ownerType,omitempty"` }
IncidentOwnerInfo information on the user an incident is assigned to
func (IncidentOwnerInfo) MarshalJSON ¶
func (ioi IncidentOwnerInfo) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for IncidentOwnerInfo.
type IncidentProperties ¶
type IncidentProperties struct { // AdditionalData - READ-ONLY; Additional data on the incident AdditionalData *IncidentAdditionalData `json:"additionalData,omitempty"` // Classification - The reason the incident was closed. Possible values include: 'IncidentClassificationUndetermined', 'IncidentClassificationTruePositive', 'IncidentClassificationBenignPositive', 'IncidentClassificationFalsePositive' Classification IncidentClassification `json:"classification,omitempty"` // ClassificationComment - Describes the reason the incident was closed ClassificationComment *string `json:"classificationComment,omitempty"` // ClassificationReason - The classification reason the incident was closed with. Possible values include: 'IncidentClassificationReasonSuspiciousActivity', 'IncidentClassificationReasonSuspiciousButExpected', 'IncidentClassificationReasonIncorrectAlertLogic', 'IncidentClassificationReasonInaccurateData' ClassificationReason IncidentClassificationReason `json:"classificationReason,omitempty"` // CreatedTimeUtc - READ-ONLY; The time the incident was created CreatedTimeUtc *date.Time `json:"createdTimeUtc,omitempty"` // Description - The description of the incident Description *string `json:"description,omitempty"` // FirstActivityTimeUtc - The time of the first activity in the incident FirstActivityTimeUtc *date.Time `json:"firstActivityTimeUtc,omitempty"` // IncidentURL - READ-ONLY; The deep-link url to the incident in Azure portal IncidentURL *string `json:"incidentUrl,omitempty"` // IncidentNumber - READ-ONLY; A sequential number IncidentNumber *int32 `json:"incidentNumber,omitempty"` // Labels - List of labels relevant to this incident Labels *[]IncidentLabel `json:"labels,omitempty"` // ProviderName - The name of the source provider that generated the incident ProviderName *string `json:"providerName,omitempty"` // ProviderIncidentID - The incident ID assigned by the incident provider ProviderIncidentID *string `json:"providerIncidentId,omitempty"` // LastActivityTimeUtc - The time of the last activity in the incident LastActivityTimeUtc *date.Time `json:"lastActivityTimeUtc,omitempty"` // LastModifiedTimeUtc - READ-ONLY; The last time the incident was updated LastModifiedTimeUtc *date.Time `json:"lastModifiedTimeUtc,omitempty"` // Owner - Describes a user that the incident is assigned to Owner *IncidentOwnerInfo `json:"owner,omitempty"` // RelatedAnalyticRuleIds - READ-ONLY; List of resource ids of Analytic rules related to the incident RelatedAnalyticRuleIds *[]string `json:"relatedAnalyticRuleIds,omitempty"` // Severity - The severity of the incident. Possible values include: 'IncidentSeverityHigh', 'IncidentSeverityMedium', 'IncidentSeverityLow', 'IncidentSeverityInformational' Severity IncidentSeverity `json:"severity,omitempty"` // Status - The status of the incident. Possible values include: 'IncidentStatusNew', 'IncidentStatusActive', 'IncidentStatusClosed' Status IncidentStatus `json:"status,omitempty"` // TeamInformation - Describes a team for the incident TeamInformation *TeamInformation `json:"teamInformation,omitempty"` // Title - The title of the incident Title *string `json:"title,omitempty"` }
IncidentProperties describes incident properties
func (IncidentProperties) MarshalJSON ¶
func (IP IncidentProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for IncidentProperties.
type IncidentRelationsClient ¶
type IncidentRelationsClient struct {
BaseClient
}
IncidentRelationsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewIncidentRelationsClient ¶
func NewIncidentRelationsClient(subscriptionID string) IncidentRelationsClient
NewIncidentRelationsClient creates an instance of the IncidentRelationsClient client.
func NewIncidentRelationsClientWithBaseURI ¶
func NewIncidentRelationsClientWithBaseURI(baseURI string, subscriptionID string) IncidentRelationsClient
NewIncidentRelationsClientWithBaseURI creates an instance of the IncidentRelationsClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (IncidentRelationsClient) CreateOrUpdate ¶
func (client IncidentRelationsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, relationName string, relation Relation) (result Relation, err error)
CreateOrUpdate creates or updates the incident relation. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. incidentID - incident ID relationName - relation Name relation - the relation model
func (IncidentRelationsClient) CreateOrUpdatePreparer ¶
func (client IncidentRelationsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, relationName string, relation Relation) (*http.Request, error)
CreateOrUpdatePreparer prepares the CreateOrUpdate request.
func (IncidentRelationsClient) CreateOrUpdateResponder ¶
func (client IncidentRelationsClient) CreateOrUpdateResponder(resp *http.Response) (result Relation, err error)
CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always closes the http.Response Body.
func (IncidentRelationsClient) CreateOrUpdateSender ¶
func (client IncidentRelationsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)
CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the http.Response Body if it receives an error.
func (IncidentRelationsClient) Delete ¶
func (client IncidentRelationsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, relationName string) (result autorest.Response, err error)
Delete delete the incident relation. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. incidentID - incident ID relationName - relation Name
func (IncidentRelationsClient) DeletePreparer ¶
func (client IncidentRelationsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, relationName string) (*http.Request, error)
DeletePreparer prepares the Delete request.
func (IncidentRelationsClient) DeleteResponder ¶
func (client IncidentRelationsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
DeleteResponder handles the response to the Delete request. The method always closes the http.Response Body.
func (IncidentRelationsClient) DeleteSender ¶
DeleteSender sends the Delete request. The method will close the http.Response Body if it receives an error.
func (IncidentRelationsClient) Get ¶
func (client IncidentRelationsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, relationName string) (result Relation, err error)
Get gets an incident relation. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. incidentID - incident ID relationName - relation Name
func (IncidentRelationsClient) GetPreparer ¶
func (client IncidentRelationsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, relationName string) (*http.Request, error)
GetPreparer prepares the Get request.
func (IncidentRelationsClient) GetResponder ¶
func (client IncidentRelationsClient) GetResponder(resp *http.Response) (result Relation, err error)
GetResponder handles the response to the Get request. The method always closes the http.Response Body.
func (IncidentRelationsClient) GetSender ¶
GetSender sends the Get request. The method will close the http.Response Body if it receives an error.
func (IncidentRelationsClient) List ¶
func (client IncidentRelationsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (result RelationListPage, err error)
List gets all incident relations. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. incidentID - incident ID filter - filters the results, based on a Boolean condition. Optional. orderby - sorts the results. Optional. top - returns only the first n results. Optional. skipToken - skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional.
func (IncidentRelationsClient) ListComplete ¶
func (client IncidentRelationsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (result RelationListIterator, err error)
ListComplete enumerates all values, automatically crossing page boundaries as required.
func (IncidentRelationsClient) ListPreparer ¶
func (client IncidentRelationsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error)
ListPreparer prepares the List request.
func (IncidentRelationsClient) ListResponder ¶
func (client IncidentRelationsClient) ListResponder(resp *http.Response) (result RelationList, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (IncidentRelationsClient) ListSender ¶
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
type IncidentSeverity ¶
type IncidentSeverity string
IncidentSeverity enumerates the values for incident severity.
const ( // IncidentSeverityHigh High severity IncidentSeverityHigh IncidentSeverity = "High" // IncidentSeverityInformational Informational severity IncidentSeverityInformational IncidentSeverity = "Informational" // IncidentSeverityLow Low severity IncidentSeverityLow IncidentSeverity = "Low" // IncidentSeverityMedium Medium severity IncidentSeverityMedium IncidentSeverity = "Medium" )
func PossibleIncidentSeverityValues ¶
func PossibleIncidentSeverityValues() []IncidentSeverity
PossibleIncidentSeverityValues returns an array of possible values for the IncidentSeverity const type.
type IncidentStatus ¶
type IncidentStatus string
IncidentStatus enumerates the values for incident status.
const ( // IncidentStatusActive An active incident which is being handled IncidentStatusActive IncidentStatus = "Active" // IncidentStatusClosed A non-active incident IncidentStatusClosed IncidentStatus = "Closed" // IncidentStatusNew An active incident which isn't being handled currently IncidentStatusNew IncidentStatus = "New" )
func PossibleIncidentStatusValues ¶
func PossibleIncidentStatusValues() []IncidentStatus
PossibleIncidentStatusValues returns an array of possible values for the IncidentStatus const type.
type IncidentsClient ¶
type IncidentsClient struct {
BaseClient
}
IncidentsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewIncidentsClient ¶
func NewIncidentsClient(subscriptionID string) IncidentsClient
NewIncidentsClient creates an instance of the IncidentsClient client.
func NewIncidentsClientWithBaseURI ¶
func NewIncidentsClientWithBaseURI(baseURI string, subscriptionID string) IncidentsClient
NewIncidentsClientWithBaseURI creates an instance of the IncidentsClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (IncidentsClient) CreateOrUpdate ¶
func (client IncidentsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incident Incident) (result Incident, err error)
CreateOrUpdate creates or updates the incident. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. incidentID - incident ID incident - the incident
func (IncidentsClient) CreateOrUpdatePreparer ¶
func (client IncidentsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incident Incident) (*http.Request, error)
CreateOrUpdatePreparer prepares the CreateOrUpdate request.
func (IncidentsClient) CreateOrUpdateResponder ¶
func (client IncidentsClient) CreateOrUpdateResponder(resp *http.Response) (result Incident, err error)
CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always closes the http.Response Body.
func (IncidentsClient) CreateOrUpdateSender ¶
CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the http.Response Body if it receives an error.
func (IncidentsClient) CreateTeam ¶
func (client IncidentsClient) CreateTeam(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, teamProperties TeamProperties) (result TeamInformation, err error)
CreateTeam creates a Microsoft team to investigate the incident by sharing information and insights between participants. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. incidentID - incident ID teamProperties - team properties
func (IncidentsClient) CreateTeamPreparer ¶
func (client IncidentsClient) CreateTeamPreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, teamProperties TeamProperties) (*http.Request, error)
CreateTeamPreparer prepares the CreateTeam request.
func (IncidentsClient) CreateTeamResponder ¶
func (client IncidentsClient) CreateTeamResponder(resp *http.Response) (result TeamInformation, err error)
CreateTeamResponder handles the response to the CreateTeam request. The method always closes the http.Response Body.
func (IncidentsClient) CreateTeamSender ¶
CreateTeamSender sends the CreateTeam request. The method will close the http.Response Body if it receives an error.
func (IncidentsClient) Delete ¶
func (client IncidentsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string) (result autorest.Response, err error)
Delete delete the incident. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. incidentID - incident ID
func (IncidentsClient) DeletePreparer ¶
func (client IncidentsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string) (*http.Request, error)
DeletePreparer prepares the Delete request.
func (IncidentsClient) DeleteResponder ¶
func (client IncidentsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
DeleteResponder handles the response to the Delete request. The method always closes the http.Response Body.
func (IncidentsClient) DeleteSender ¶
DeleteSender sends the Delete request. The method will close the http.Response Body if it receives an error.
func (IncidentsClient) Get ¶
func (client IncidentsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string) (result Incident, err error)
Get gets an incident. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. incidentID - incident ID
func (IncidentsClient) GetPreparer ¶
func (client IncidentsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string) (*http.Request, error)
GetPreparer prepares the Get request.
func (IncidentsClient) GetResponder ¶
func (client IncidentsClient) GetResponder(resp *http.Response) (result Incident, err error)
GetResponder handles the response to the Get request. The method always closes the http.Response Body.
func (IncidentsClient) GetSender ¶
GetSender sends the Get request. The method will close the http.Response Body if it receives an error.
func (IncidentsClient) List ¶
func (client IncidentsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (result IncidentListPage, err error)
List gets all incidents. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. filter - filters the results, based on a Boolean condition. Optional. orderby - sorts the results. Optional. top - returns only the first n results. Optional. skipToken - skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional.
func (IncidentsClient) ListAlerts ¶
func (client IncidentsClient) ListAlerts(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string) (result IncidentAlertList, err error)
ListAlerts gets all incident alerts. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. incidentID - incident ID
func (IncidentsClient) ListAlertsPreparer ¶
func (client IncidentsClient) ListAlertsPreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string) (*http.Request, error)
ListAlertsPreparer prepares the ListAlerts request.
func (IncidentsClient) ListAlertsResponder ¶
func (client IncidentsClient) ListAlertsResponder(resp *http.Response) (result IncidentAlertList, err error)
ListAlertsResponder handles the response to the ListAlerts request. The method always closes the http.Response Body.
func (IncidentsClient) ListAlertsSender ¶
ListAlertsSender sends the ListAlerts request. The method will close the http.Response Body if it receives an error.
func (IncidentsClient) ListBookmarks ¶
func (client IncidentsClient) ListBookmarks(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string) (result IncidentBookmarkList, err error)
ListBookmarks gets all incident bookmarks. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. incidentID - incident ID
func (IncidentsClient) ListBookmarksPreparer ¶
func (client IncidentsClient) ListBookmarksPreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string) (*http.Request, error)
ListBookmarksPreparer prepares the ListBookmarks request.
func (IncidentsClient) ListBookmarksResponder ¶
func (client IncidentsClient) ListBookmarksResponder(resp *http.Response) (result IncidentBookmarkList, err error)
ListBookmarksResponder handles the response to the ListBookmarks request. The method always closes the http.Response Body.
func (IncidentsClient) ListBookmarksSender ¶
ListBookmarksSender sends the ListBookmarks request. The method will close the http.Response Body if it receives an error.
func (IncidentsClient) ListComplete ¶
func (client IncidentsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (result IncidentListIterator, err error)
ListComplete enumerates all values, automatically crossing page boundaries as required.
func (IncidentsClient) ListEntities ¶
func (client IncidentsClient) ListEntities(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string) (result IncidentEntitiesResponse, err error)
ListEntities gets all incident related entities. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. incidentID - incident ID
func (IncidentsClient) ListEntitiesPreparer ¶
func (client IncidentsClient) ListEntitiesPreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string) (*http.Request, error)
ListEntitiesPreparer prepares the ListEntities request.
func (IncidentsClient) ListEntitiesResponder ¶
func (client IncidentsClient) ListEntitiesResponder(resp *http.Response) (result IncidentEntitiesResponse, err error)
ListEntitiesResponder handles the response to the ListEntities request. The method always closes the http.Response Body.
func (IncidentsClient) ListEntitiesSender ¶
ListEntitiesSender sends the ListEntities request. The method will close the http.Response Body if it receives an error.
func (IncidentsClient) ListPreparer ¶
func (client IncidentsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error)
ListPreparer prepares the List request.
func (IncidentsClient) ListResponder ¶
func (client IncidentsClient) ListResponder(resp *http.Response) (result IncidentList, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (IncidentsClient) ListSender ¶
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
type InsightQueryItem ¶
type InsightQueryItem struct { // Properties - Properties bag for InsightQueryItem Properties *InsightQueryItemProperties `json:"properties,omitempty"` // ID - READ-ONLY; Query Template ARM ID ID *string `json:"id,omitempty"` // Name - Query Template ARM Name Name *string `json:"name,omitempty"` // Type - ARM Type Type *string `json:"type,omitempty"` // Kind - Possible values include: 'KindBasicEntityQueryItemKindEntityQueryItem', 'KindBasicEntityQueryItemKindInsight' Kind KindBasicEntityQueryItem `json:"kind,omitempty"` }
InsightQueryItem represents Insight Query.
func (InsightQueryItem) AsBasicEntityQueryItem ¶
func (iqi InsightQueryItem) AsBasicEntityQueryItem() (BasicEntityQueryItem, bool)
AsBasicEntityQueryItem is the BasicEntityQueryItem implementation for InsightQueryItem.
func (InsightQueryItem) AsEntityQueryItem ¶
func (iqi InsightQueryItem) AsEntityQueryItem() (*EntityQueryItem, bool)
AsEntityQueryItem is the BasicEntityQueryItem implementation for InsightQueryItem.
func (InsightQueryItem) AsInsightQueryItem ¶
func (iqi InsightQueryItem) AsInsightQueryItem() (*InsightQueryItem, bool)
AsInsightQueryItem is the BasicEntityQueryItem implementation for InsightQueryItem.
func (InsightQueryItem) MarshalJSON ¶
func (iqi InsightQueryItem) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for InsightQueryItem.
type InsightQueryItemProperties ¶
type InsightQueryItemProperties struct { // DisplayName - The insight display name. DisplayName *string `json:"displayName,omitempty"` // Description - The insight description. Description *string `json:"description,omitempty"` // BaseQuery - The base query of the insight. BaseQuery *string `json:"baseQuery,omitempty"` // TableQuery - The insight table query. TableQuery *InsightQueryItemPropertiesTableQuery `json:"tableQuery,omitempty"` // ChartQuery - The insight chart query. ChartQuery interface{} `json:"chartQuery,omitempty"` // AdditionalQuery - The activity query definitions. AdditionalQuery *InsightQueryItemPropertiesAdditionalQuery `json:"additionalQuery,omitempty"` // DefaultTimeRange - The insight chart query. DefaultTimeRange *InsightQueryItemPropertiesDefaultTimeRange `json:"defaultTimeRange,omitempty"` // ReferenceTimeRange - The insight chart query. ReferenceTimeRange *InsightQueryItemPropertiesReferenceTimeRange `json:"referenceTimeRange,omitempty"` // DataTypes - Data types for template DataTypes *[]EntityQueryItemPropertiesDataTypesItem `json:"dataTypes,omitempty"` // InputEntityType - The type of the entity. Possible values include: 'EntityTypeAccount', 'EntityTypeHost', 'EntityTypeFile', 'EntityTypeAzureResource', 'EntityTypeCloudApplication', 'EntityTypeDNS', 'EntityTypeFileHash', 'EntityTypeIP', 'EntityTypeMalware', 'EntityTypeProcess', 'EntityTypeRegistryKey', 'EntityTypeRegistryValue', 'EntityTypeSecurityGroup', 'EntityTypeURL', 'EntityTypeIoTDevice', 'EntityTypeSecurityAlert', 'EntityTypeHuntingBookmark', 'EntityTypeMailCluster', 'EntityTypeMailMessage', 'EntityTypeMailbox', 'EntityTypeSubmissionMail' InputEntityType EntityType `json:"inputEntityType,omitempty"` // RequiredInputFieldsSets - Data types for template RequiredInputFieldsSets *[][]string `json:"requiredInputFieldsSets,omitempty"` // EntitiesFilter - The query applied only to entities matching to all filters EntitiesFilter interface{} `json:"entitiesFilter,omitempty"` }
InsightQueryItemProperties represents Insight Query.
type InsightQueryItemPropertiesAdditionalQuery ¶
type InsightQueryItemPropertiesAdditionalQuery struct { // Query - The insight query. Query *string `json:"query,omitempty"` // Text - The insight text. Text *string `json:"text,omitempty"` }
InsightQueryItemPropertiesAdditionalQuery the activity query definitions.
type InsightQueryItemPropertiesDefaultTimeRange ¶
type InsightQueryItemPropertiesDefaultTimeRange struct { // BeforeRange - The padding for the start time of the query. BeforeRange *string `json:"beforeRange,omitempty"` // AfterRange - The padding for the end time of the query. AfterRange *string `json:"afterRange,omitempty"` }
InsightQueryItemPropertiesDefaultTimeRange the insight chart query.
type InsightQueryItemPropertiesReferenceTimeRange ¶
type InsightQueryItemPropertiesReferenceTimeRange struct { // BeforeRange - Additional query time for looking back. BeforeRange *string `json:"beforeRange,omitempty"` }
InsightQueryItemPropertiesReferenceTimeRange the insight chart query.
type InsightQueryItemPropertiesTableQuery ¶
type InsightQueryItemPropertiesTableQuery struct { // ColumnsDefinitions - List of insight column definitions. ColumnsDefinitions *[]InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem `json:"columnsDefinitions,omitempty"` // QueriesDefinitions - List of insight queries definitions. QueriesDefinitions *[]InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem `json:"queriesDefinitions,omitempty"` }
InsightQueryItemPropertiesTableQuery the insight table query.
type InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem ¶
type InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem struct { // Header - Insight column header. Header *string `json:"header,omitempty"` // OutputType - Insights Column type. Possible values include: 'OutputTypeNumber', 'OutputTypeString', 'OutputTypeDate', 'OutputTypeEntity' OutputType OutputType `json:"outputType,omitempty"` // SupportDeepLink - Is query supports deep-link. SupportDeepLink *bool `json:"supportDeepLink,omitempty"` }
InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem ...
type InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem ¶
type InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem struct { // Filter - Insight column header. Filter *string `json:"filter,omitempty"` // Summarize - Insight column header. Summarize *string `json:"summarize,omitempty"` // Project - Insight column header. Project *string `json:"project,omitempty"` // LinkColumnsDefinitions - Insight column header. LinkColumnsDefinitions *[]InsightQueryItemPropertiesTableQueryQueriesDefinitionsItemLinkColumnsDefinitionsItem `json:"linkColumnsDefinitions,omitempty"` }
InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem ...
type InsightQueryItemPropertiesTableQueryQueriesDefinitionsItemLinkColumnsDefinitionsItem ¶
type InsightQueryItemPropertiesTableQueryQueriesDefinitionsItemLinkColumnsDefinitionsItem struct { // ProjectedName - Insight Link Definition Projected Name. ProjectedName *string `json:"projectedName,omitempty"` // Query - Insight Link Definition Query. Query *string `json:"Query,omitempty"` }
InsightQueryItemPropertiesTableQueryQueriesDefinitionsItemLinkColumnsDefinitionsItem ...
type InsightsTableResult ¶
type InsightsTableResult struct { // Columns - Columns Metadata of the table Columns *[]InsightsTableResultColumnsItem `json:"columns,omitempty"` // Rows - Rows data of the table Rows *[][]string `json:"rows,omitempty"` }
InsightsTableResult query results for table insights query.
type InsightsTableResultColumnsItem ¶
type InsightsTableResultColumnsItem struct { // Type - the type of the colum Type *string `json:"type,omitempty"` // Name - the name of the colum Name *string `json:"name,omitempty"` }
InsightsTableResultColumnsItem ...
type InstructionSteps ¶
type InstructionSteps struct { // Title - Instruction step title Title *string `json:"title,omitempty"` // Description - Instruction step description Description *string `json:"description,omitempty"` // Instructions - Instruction step details Instructions *[]InstructionStepsInstructionsItem `json:"instructions,omitempty"` }
InstructionSteps instruction steps to enable the connector
type InstructionStepsInstructionsItem ¶
type InstructionStepsInstructionsItem struct { // Parameters - The parameters for the setting Parameters interface{} `json:"parameters,omitempty"` // Type - The kind of the setting. Possible values include: 'SettingTypeCopyableLabel', 'SettingTypeInstructionStepsGroup', 'SettingTypeInfoMessage' Type SettingType `json:"type,omitempty"` }
InstructionStepsInstructionsItem ...
type IoTDeviceEntity ¶
type IoTDeviceEntity struct { // IoTDeviceEntityProperties - IoTDevice entity properties *IoTDeviceEntityProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' Kind KindBasicEntity `json:"kind,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
IoTDeviceEntity represents an IoT device entity.
func (IoTDeviceEntity) AsAccountEntity ¶
func (itde IoTDeviceEntity) AsAccountEntity() (*AccountEntity, bool)
AsAccountEntity is the BasicEntity implementation for IoTDeviceEntity.
func (IoTDeviceEntity) AsAzureResourceEntity ¶
func (itde IoTDeviceEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
AsAzureResourceEntity is the BasicEntity implementation for IoTDeviceEntity.
func (IoTDeviceEntity) AsBasicEntity ¶
func (itde IoTDeviceEntity) AsBasicEntity() (BasicEntity, bool)
AsBasicEntity is the BasicEntity implementation for IoTDeviceEntity.
func (IoTDeviceEntity) AsCloudApplicationEntity ¶
func (itde IoTDeviceEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
AsCloudApplicationEntity is the BasicEntity implementation for IoTDeviceEntity.
func (IoTDeviceEntity) AsDNSEntity ¶
func (itde IoTDeviceEntity) AsDNSEntity() (*DNSEntity, bool)
AsDNSEntity is the BasicEntity implementation for IoTDeviceEntity.
func (IoTDeviceEntity) AsEntity ¶
func (itde IoTDeviceEntity) AsEntity() (*Entity, bool)
AsEntity is the BasicEntity implementation for IoTDeviceEntity.
func (IoTDeviceEntity) AsFileEntity ¶
func (itde IoTDeviceEntity) AsFileEntity() (*FileEntity, bool)
AsFileEntity is the BasicEntity implementation for IoTDeviceEntity.
func (IoTDeviceEntity) AsFileHashEntity ¶
func (itde IoTDeviceEntity) AsFileHashEntity() (*FileHashEntity, bool)
AsFileHashEntity is the BasicEntity implementation for IoTDeviceEntity.
func (IoTDeviceEntity) AsHostEntity ¶
func (itde IoTDeviceEntity) AsHostEntity() (*HostEntity, bool)
AsHostEntity is the BasicEntity implementation for IoTDeviceEntity.
func (IoTDeviceEntity) AsHuntingBookmark ¶
func (itde IoTDeviceEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
AsHuntingBookmark is the BasicEntity implementation for IoTDeviceEntity.
func (IoTDeviceEntity) AsIPEntity ¶
func (itde IoTDeviceEntity) AsIPEntity() (*IPEntity, bool)
AsIPEntity is the BasicEntity implementation for IoTDeviceEntity.
func (IoTDeviceEntity) AsIoTDeviceEntity ¶
func (itde IoTDeviceEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
AsIoTDeviceEntity is the BasicEntity implementation for IoTDeviceEntity.
func (IoTDeviceEntity) AsMailClusterEntity ¶
func (itde IoTDeviceEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
AsMailClusterEntity is the BasicEntity implementation for IoTDeviceEntity.
func (IoTDeviceEntity) AsMailMessageEntity ¶
func (itde IoTDeviceEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
AsMailMessageEntity is the BasicEntity implementation for IoTDeviceEntity.
func (IoTDeviceEntity) AsMailboxEntity ¶
func (itde IoTDeviceEntity) AsMailboxEntity() (*MailboxEntity, bool)
AsMailboxEntity is the BasicEntity implementation for IoTDeviceEntity.
func (IoTDeviceEntity) AsMalwareEntity ¶
func (itde IoTDeviceEntity) AsMalwareEntity() (*MalwareEntity, bool)
AsMalwareEntity is the BasicEntity implementation for IoTDeviceEntity.
func (IoTDeviceEntity) AsProcessEntity ¶
func (itde IoTDeviceEntity) AsProcessEntity() (*ProcessEntity, bool)
AsProcessEntity is the BasicEntity implementation for IoTDeviceEntity.
func (IoTDeviceEntity) AsRegistryKeyEntity ¶
func (itde IoTDeviceEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
AsRegistryKeyEntity is the BasicEntity implementation for IoTDeviceEntity.
func (IoTDeviceEntity) AsRegistryValueEntity ¶
func (itde IoTDeviceEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
AsRegistryValueEntity is the BasicEntity implementation for IoTDeviceEntity.
func (IoTDeviceEntity) AsSecurityAlert ¶
func (itde IoTDeviceEntity) AsSecurityAlert() (*SecurityAlert, bool)
AsSecurityAlert is the BasicEntity implementation for IoTDeviceEntity.
func (IoTDeviceEntity) AsSecurityGroupEntity ¶
func (itde IoTDeviceEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
AsSecurityGroupEntity is the BasicEntity implementation for IoTDeviceEntity.
func (IoTDeviceEntity) AsSubmissionMailEntity ¶
func (itde IoTDeviceEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
AsSubmissionMailEntity is the BasicEntity implementation for IoTDeviceEntity.
func (IoTDeviceEntity) AsURLEntity ¶
func (itde IoTDeviceEntity) AsURLEntity() (*URLEntity, bool)
AsURLEntity is the BasicEntity implementation for IoTDeviceEntity.
func (IoTDeviceEntity) MarshalJSON ¶
func (itde IoTDeviceEntity) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for IoTDeviceEntity.
func (*IoTDeviceEntity) UnmarshalJSON ¶
func (itde *IoTDeviceEntity) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for IoTDeviceEntity struct.
type IoTDeviceEntityProperties ¶
type IoTDeviceEntityProperties struct { // DeviceID - READ-ONLY; The ID of the IoT Device in the IoT Hub DeviceID *string `json:"deviceId,omitempty"` // DeviceName - READ-ONLY; The friendly name of the device DeviceName *string `json:"deviceName,omitempty"` // Source - READ-ONLY; The source of the device Source *string `json:"source,omitempty"` // IotSecurityAgentID - READ-ONLY; The ID of the security agent running on the device IotSecurityAgentID *uuid.UUID `json:"iotSecurityAgentId,omitempty"` // DeviceType - READ-ONLY; The type of the device DeviceType *string `json:"deviceType,omitempty"` // Vendor - READ-ONLY; The vendor of the device Vendor *string `json:"vendor,omitempty"` // EdgeID - READ-ONLY; The ID of the edge device EdgeID *string `json:"edgeId,omitempty"` // MacAddress - READ-ONLY; The MAC address of the device MacAddress *string `json:"macAddress,omitempty"` // Model - READ-ONLY; The model of the device Model *string `json:"model,omitempty"` // SerialNumber - READ-ONLY; The serial number of the device SerialNumber *string `json:"serialNumber,omitempty"` // FirmwareVersion - READ-ONLY; The firmware version of the device FirmwareVersion *string `json:"firmwareVersion,omitempty"` // OperatingSystem - READ-ONLY; The operating system of the device OperatingSystem *string `json:"operatingSystem,omitempty"` // IotHubEntityID - READ-ONLY; The AzureResource entity id of the IoT Hub IotHubEntityID *string `json:"iotHubEntityId,omitempty"` // HostEntityID - READ-ONLY; The Host entity id of this device HostEntityID *string `json:"hostEntityId,omitempty"` // IPAddressEntityID - READ-ONLY; The IP entity if of this device IPAddressEntityID *string `json:"ipAddressEntityId,omitempty"` // ThreatIntelligence - READ-ONLY; A list of TI contexts attached to the IoTDevice entity. ThreatIntelligence *[]ThreatIntelligence `json:"threatIntelligence,omitempty"` // Protocols - READ-ONLY; A list of protocols of the IoTDevice entity. Protocols *[]string `json:"protocols,omitempty"` // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]interface{} `json:"additionalData"` // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. FriendlyName *string `json:"friendlyName,omitempty"` }
IoTDeviceEntityProperties ioTDevice entity property bag.
func (IoTDeviceEntityProperties) MarshalJSON ¶
func (itdep IoTDeviceEntityProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for IoTDeviceEntityProperties.
type KillChainIntent ¶
type KillChainIntent string
KillChainIntent enumerates the values for kill chain intent.
const ( // KillChainIntentCollection Collection consists of techniques used to identify and gather information, // such as sensitive files, from a target network prior to exfiltration. This category also covers // locations on a system or network where the adversary may look for information to exfiltrate. KillChainIntentCollection KillChainIntent = "Collection" // KillChainIntentCommandAndControl The command and control tactic represents how adversaries communicate // with systems under their control within a target network. KillChainIntentCommandAndControl KillChainIntent = "CommandAndControl" // KillChainIntentCredentialAccess Credential access represents techniques resulting in access to or // control over system, domain, or service credentials that are used within an enterprise environment. // Adversaries will likely attempt to obtain legitimate credentials from users or administrator accounts // (local system administrator or domain users with administrator access) to use within the network. With // sufficient access within a network, an adversary can create accounts for later use within the // environment. KillChainIntentCredentialAccess KillChainIntent = "CredentialAccess" // KillChainIntentDefenseEvasion Defense evasion consists of techniques an adversary may use to evade // detection or avoid other defenses. Sometimes these actions are the same as or variations of techniques // in other categories that have the added benefit of subverting a particular defense or mitigation. KillChainIntentDefenseEvasion KillChainIntent = "DefenseEvasion" // KillChainIntentDiscovery Discovery consists of techniques that allow the adversary to gain knowledge // about the system and internal network. When adversaries gain access to a new system, they must orient // themselves to what they now have control of and what benefits operating from that system give to their // current objective or overall goals during the intrusion. The operating system provides many native tools // that aid in this post-compromise information-gathering phase. KillChainIntentDiscovery KillChainIntent = "Discovery" // KillChainIntentExecution The execution tactic represents techniques that result in execution of // adversary-controlled code on a local or remote system. This tactic is often used in conjunction with // lateral movement to expand access to remote systems on a network. KillChainIntentExecution KillChainIntent = "Execution" // KillChainIntentExfiltration Exfiltration refers to techniques and attributes that result or aid in the // adversary removing files and information from a target network. This category also covers locations on a // system or network where the adversary may look for information to exfiltrate. KillChainIntentExfiltration KillChainIntent = "Exfiltration" // KillChainIntentExploitation Exploitation is the stage where an attacker manage to get foothold on the // attacked resource. This stage is applicable not only for compute hosts, but also for resources such as // user accounts, certificates etc. Adversaries will often be able to control the resource after this // stage. KillChainIntentExploitation KillChainIntent = "Exploitation" // KillChainIntentImpact The impact intent primary objective is to directly reduce the availability or // integrity of a system, service, or network; including manipulation of data to impact a business or // operational process. This would often refer to techniques such as ransom-ware, defacement, data // manipulation and others. KillChainIntentImpact KillChainIntent = "Impact" // KillChainIntentLateralMovement Lateral movement consists of techniques that enable an adversary to // access and control remote systems on a network and could, but does not necessarily, include execution of // tools on remote systems. The lateral movement techniques could allow an adversary to gather information // from a system without needing additional tools, such as a remote access tool. An adversary can use // lateral movement for many purposes, including remote Execution of tools, pivoting to additional systems, // access to specific information or files, access to additional credentials, or to cause an effect. KillChainIntentLateralMovement KillChainIntent = "LateralMovement" // KillChainIntentPersistence Persistence is any access, action, or configuration change to a system that // gives an adversary a persistent presence on that system. Adversaries will often need to maintain access // to systems through interruptions such as system restarts, loss of credentials, or other failures that // would require a remote access tool to restart or alternate backdoor for them to regain access. KillChainIntentPersistence KillChainIntent = "Persistence" // KillChainIntentPrivilegeEscalation Privilege escalation is the result of actions that allow an adversary // to obtain a higher level of permissions on a system or network. Certain tools or actions require a // higher level of privilege to work and are likely necessary at many points throughout an operation. User // accounts with permissions to access specific systems or perform specific functions necessary for // adversaries to achieve their objective may also be considered an escalation of privilege. KillChainIntentPrivilegeEscalation KillChainIntent = "PrivilegeEscalation" // KillChainIntentProbing Probing could be an attempt to access a certain resource regardless of a // malicious intent or a failed attempt to gain access to a target system to gather information prior to // exploitation. This step is usually detected as an attempt originating from outside the network in // attempt to scan the target system and find a way in. KillChainIntentProbing KillChainIntent = "Probing" // KillChainIntentUnknown The default value. KillChainIntentUnknown KillChainIntent = "Unknown" )
func PossibleKillChainIntentValues ¶
func PossibleKillChainIntentValues() []KillChainIntent
PossibleKillChainIntentValues returns an array of possible values for the KillChainIntent const type.
type Kind ¶
type Kind string
Kind enumerates the values for kind.
const ( // KindAnalyticsRule ... KindAnalyticsRule Kind = "AnalyticsRule" // KindAnalyticsRuleTemplate ... KindAnalyticsRuleTemplate Kind = "AnalyticsRuleTemplate" // KindDataConnector ... KindDataConnector Kind = "DataConnector" // KindDataType ... KindDataType Kind = "DataType" // KindHuntingQuery ... KindHuntingQuery Kind = "HuntingQuery" // KindInvestigationQuery ... KindInvestigationQuery Kind = "InvestigationQuery" // KindParser ... KindParser Kind = "Parser" // KindPlaybook ... KindPlaybook Kind = "Playbook" // KindPlaybookTemplate ... KindPlaybookTemplate Kind = "PlaybookTemplate" // KindSolution ... KindSolution Kind = "Solution" // KindWatchlist ... KindWatchlist Kind = "Watchlist" // KindWatchlistTemplate ... KindWatchlistTemplate Kind = "WatchlistTemplate" // KindWorkbook ... KindWorkbook Kind = "Workbook" // KindWorkbookTemplate ... KindWorkbookTemplate Kind = "WorkbookTemplate" )
func PossibleKindValues ¶
func PossibleKindValues() []Kind
PossibleKindValues returns an array of possible values for the Kind const type.
type KindBasicAlertRule ¶
type KindBasicAlertRule string
KindBasicAlertRule enumerates the values for kind basic alert rule.
const ( // KindBasicAlertRuleKindAlertRule ... KindBasicAlertRuleKindAlertRule KindBasicAlertRule = "AlertRule" // KindBasicAlertRuleKindFusion ... KindBasicAlertRuleKindFusion KindBasicAlertRule = "Fusion" // KindBasicAlertRuleKindMicrosoftSecurityIncidentCreation ... KindBasicAlertRuleKindMicrosoftSecurityIncidentCreation KindBasicAlertRule = "MicrosoftSecurityIncidentCreation" // KindBasicAlertRuleKindMLBehaviorAnalytics ... KindBasicAlertRuleKindMLBehaviorAnalytics KindBasicAlertRule = "MLBehaviorAnalytics" // KindBasicAlertRuleKindNRT ... KindBasicAlertRuleKindNRT KindBasicAlertRule = "NRT" // KindBasicAlertRuleKindScheduled ... KindBasicAlertRuleKindScheduled KindBasicAlertRule = "Scheduled" // KindBasicAlertRuleKindThreatIntelligence ... KindBasicAlertRuleKindThreatIntelligence KindBasicAlertRule = "ThreatIntelligence" )
func PossibleKindBasicAlertRuleValues ¶
func PossibleKindBasicAlertRuleValues() []KindBasicAlertRule
PossibleKindBasicAlertRuleValues returns an array of possible values for the KindBasicAlertRule const type.
type KindBasicAlertRuleTemplate ¶
type KindBasicAlertRuleTemplate string
KindBasicAlertRuleTemplate enumerates the values for kind basic alert rule template.
const ( // KindBasicAlertRuleTemplateKindAlertRuleTemplate ... KindBasicAlertRuleTemplateKindAlertRuleTemplate KindBasicAlertRuleTemplate = "AlertRuleTemplate" // KindBasicAlertRuleTemplateKindFusion ... KindBasicAlertRuleTemplateKindFusion KindBasicAlertRuleTemplate = "Fusion" // KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation ... KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation KindBasicAlertRuleTemplate = "MicrosoftSecurityIncidentCreation" // KindBasicAlertRuleTemplateKindMLBehaviorAnalytics ... KindBasicAlertRuleTemplateKindMLBehaviorAnalytics KindBasicAlertRuleTemplate = "MLBehaviorAnalytics" // KindBasicAlertRuleTemplateKindNRT ... KindBasicAlertRuleTemplateKindNRT KindBasicAlertRuleTemplate = "NRT" // KindBasicAlertRuleTemplateKindScheduled ... KindBasicAlertRuleTemplateKindScheduled KindBasicAlertRuleTemplate = "Scheduled" // KindBasicAlertRuleTemplateKindThreatIntelligence ... KindBasicAlertRuleTemplateKindThreatIntelligence KindBasicAlertRuleTemplate = "ThreatIntelligence" )
func PossibleKindBasicAlertRuleTemplateValues ¶
func PossibleKindBasicAlertRuleTemplateValues() []KindBasicAlertRuleTemplate
PossibleKindBasicAlertRuleTemplateValues returns an array of possible values for the KindBasicAlertRuleTemplate const type.
type KindBasicCustomEntityQuery ¶
type KindBasicCustomEntityQuery string
KindBasicCustomEntityQuery enumerates the values for kind basic custom entity query.
const ( // KindBasicCustomEntityQueryKindActivity ... KindBasicCustomEntityQueryKindActivity KindBasicCustomEntityQuery = "Activity" // KindBasicCustomEntityQueryKindCustomEntityQuery ... KindBasicCustomEntityQueryKindCustomEntityQuery KindBasicCustomEntityQuery = "CustomEntityQuery" )
func PossibleKindBasicCustomEntityQueryValues ¶
func PossibleKindBasicCustomEntityQueryValues() []KindBasicCustomEntityQuery
PossibleKindBasicCustomEntityQueryValues returns an array of possible values for the KindBasicCustomEntityQuery const type.
type KindBasicDataConnector ¶
type KindBasicDataConnector string
KindBasicDataConnector enumerates the values for kind basic data connector.
const ( // KindBasicDataConnectorKindAmazonWebServicesCloudTrail ... KindBasicDataConnectorKindAmazonWebServicesCloudTrail KindBasicDataConnector = "AmazonWebServicesCloudTrail" // KindBasicDataConnectorKindAmazonWebServicesS3 ... KindBasicDataConnectorKindAmazonWebServicesS3 KindBasicDataConnector = "AmazonWebServicesS3" // KindBasicDataConnectorKindAPIPolling ... KindBasicDataConnectorKindAPIPolling KindBasicDataConnector = "APIPolling" // KindBasicDataConnectorKindAzureActiveDirectory ... KindBasicDataConnectorKindAzureActiveDirectory KindBasicDataConnector = "AzureActiveDirectory" // KindBasicDataConnectorKindAzureAdvancedThreatProtection ... KindBasicDataConnectorKindAzureAdvancedThreatProtection KindBasicDataConnector = "AzureAdvancedThreatProtection" // KindBasicDataConnectorKindAzureSecurityCenter ... KindBasicDataConnectorKindAzureSecurityCenter KindBasicDataConnector = "AzureSecurityCenter" // KindBasicDataConnectorKindDataConnector ... KindBasicDataConnectorKindDataConnector KindBasicDataConnector = "DataConnector" // KindBasicDataConnectorKindDynamics365 ... KindBasicDataConnectorKindDynamics365 KindBasicDataConnector = "Dynamics365" // KindBasicDataConnectorKindGenericUI ... KindBasicDataConnectorKindGenericUI KindBasicDataConnector = "GenericUI" // KindBasicDataConnectorKindMicrosoftCloudAppSecurity ... KindBasicDataConnectorKindMicrosoftCloudAppSecurity KindBasicDataConnector = "MicrosoftCloudAppSecurity" // KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection ... KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection KindBasicDataConnector = "MicrosoftDefenderAdvancedThreatProtection" // KindBasicDataConnectorKindMicrosoftThreatIntelligence ... KindBasicDataConnectorKindMicrosoftThreatIntelligence KindBasicDataConnector = "MicrosoftThreatIntelligence" // KindBasicDataConnectorKindMicrosoftThreatProtection ... KindBasicDataConnectorKindMicrosoftThreatProtection KindBasicDataConnector = "MicrosoftThreatProtection" // KindBasicDataConnectorKindOffice365 ... KindBasicDataConnectorKindOffice365 KindBasicDataConnector = "Office365" // KindBasicDataConnectorKindOfficeATP ... KindBasicDataConnectorKindOfficeATP KindBasicDataConnector = "OfficeATP" // KindBasicDataConnectorKindOfficeIRM ... KindBasicDataConnectorKindOfficeIRM KindBasicDataConnector = "OfficeIRM" // KindBasicDataConnectorKindThreatIntelligence ... KindBasicDataConnectorKindThreatIntelligence KindBasicDataConnector = "ThreatIntelligence" // KindBasicDataConnectorKindThreatIntelligenceTaxii ... KindBasicDataConnectorKindThreatIntelligenceTaxii KindBasicDataConnector = "ThreatIntelligenceTaxii" )
func PossibleKindBasicDataConnectorValues ¶
func PossibleKindBasicDataConnectorValues() []KindBasicDataConnector
PossibleKindBasicDataConnectorValues returns an array of possible values for the KindBasicDataConnector const type.
type KindBasicDataConnectorsCheckRequirements ¶
type KindBasicDataConnectorsCheckRequirements string
KindBasicDataConnectorsCheckRequirements enumerates the values for kind basic data connectors check requirements.
const ( // KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail ... KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail KindBasicDataConnectorsCheckRequirements = "AmazonWebServicesCloudTrail" // KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3 ... KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3 KindBasicDataConnectorsCheckRequirements = "AmazonWebServicesS3" // KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory ... KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory KindBasicDataConnectorsCheckRequirements = "AzureActiveDirectory" // KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection ... KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection KindBasicDataConnectorsCheckRequirements = "AzureAdvancedThreatProtection" // KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter ... KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter KindBasicDataConnectorsCheckRequirements = "AzureSecurityCenter" // KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements ... KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements KindBasicDataConnectorsCheckRequirements = "DataConnectorsCheckRequirements" // KindBasicDataConnectorsCheckRequirementsKindDynamics365 ... KindBasicDataConnectorsCheckRequirementsKindDynamics365 KindBasicDataConnectorsCheckRequirements = "Dynamics365" // KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity ... KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity KindBasicDataConnectorsCheckRequirements = "MicrosoftCloudAppSecurity" // KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection ... KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection KindBasicDataConnectorsCheckRequirements = "MicrosoftDefenderAdvancedThreatProtection" // KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence ... KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence KindBasicDataConnectorsCheckRequirements = "MicrosoftThreatIntelligence" // KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection ... KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection KindBasicDataConnectorsCheckRequirements = "MicrosoftThreatProtection" // KindBasicDataConnectorsCheckRequirementsKindOfficeATP ... KindBasicDataConnectorsCheckRequirementsKindOfficeATP KindBasicDataConnectorsCheckRequirements = "OfficeATP" // KindBasicDataConnectorsCheckRequirementsKindOfficeIRM ... KindBasicDataConnectorsCheckRequirementsKindOfficeIRM KindBasicDataConnectorsCheckRequirements = "OfficeIRM" // KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence ... KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence KindBasicDataConnectorsCheckRequirements = "ThreatIntelligence" // KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii ... KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii KindBasicDataConnectorsCheckRequirements = "ThreatIntelligenceTaxii" )
func PossibleKindBasicDataConnectorsCheckRequirementsValues ¶
func PossibleKindBasicDataConnectorsCheckRequirementsValues() []KindBasicDataConnectorsCheckRequirements
PossibleKindBasicDataConnectorsCheckRequirementsValues returns an array of possible values for the KindBasicDataConnectorsCheckRequirements const type.
type KindBasicEntity ¶
type KindBasicEntity string
KindBasicEntity enumerates the values for kind basic entity.
const ( // KindBasicEntityKindAccount ... KindBasicEntityKindAccount KindBasicEntity = "Account" // KindBasicEntityKindAzureResource ... KindBasicEntityKindAzureResource KindBasicEntity = "AzureResource" // KindBasicEntityKindBookmark ... KindBasicEntityKindBookmark KindBasicEntity = "Bookmark" // KindBasicEntityKindCloudApplication ... KindBasicEntityKindCloudApplication KindBasicEntity = "CloudApplication" // KindBasicEntityKindDNSResolution ... KindBasicEntityKindDNSResolution KindBasicEntity = "DnsResolution" // KindBasicEntityKindEntity ... KindBasicEntityKindEntity KindBasicEntity = "Entity" // KindBasicEntityKindFile ... KindBasicEntityKindFile KindBasicEntity = "File" // KindBasicEntityKindFileHash ... KindBasicEntityKindFileHash KindBasicEntity = "FileHash" // KindBasicEntityKindHost ... KindBasicEntityKindHost KindBasicEntity = "Host" // KindBasicEntityKindIoTDevice ... KindBasicEntityKindIoTDevice KindBasicEntity = "IoTDevice" // KindBasicEntityKindIP ... KindBasicEntityKindIP KindBasicEntity = "Ip" // KindBasicEntityKindMailbox ... KindBasicEntityKindMailbox KindBasicEntity = "Mailbox" // KindBasicEntityKindMailCluster ... KindBasicEntityKindMailCluster KindBasicEntity = "MailCluster" // KindBasicEntityKindMailMessage ... KindBasicEntityKindMailMessage KindBasicEntity = "MailMessage" // KindBasicEntityKindMalware ... KindBasicEntityKindMalware KindBasicEntity = "Malware" // KindBasicEntityKindProcess ... KindBasicEntityKindProcess KindBasicEntity = "Process" // KindBasicEntityKindRegistryKey ... KindBasicEntityKindRegistryKey KindBasicEntity = "RegistryKey" // KindBasicEntityKindRegistryValue ... KindBasicEntityKindRegistryValue KindBasicEntity = "RegistryValue" // KindBasicEntityKindSecurityAlert ... KindBasicEntityKindSecurityAlert KindBasicEntity = "SecurityAlert" // KindBasicEntityKindSecurityGroup ... KindBasicEntityKindSecurityGroup KindBasicEntity = "SecurityGroup" // KindBasicEntityKindSubmissionMail ... KindBasicEntityKindSubmissionMail KindBasicEntity = "SubmissionMail" // KindBasicEntityKindURL ... KindBasicEntityKindURL KindBasicEntity = "Url" )
func PossibleKindBasicEntityValues ¶
func PossibleKindBasicEntityValues() []KindBasicEntity
PossibleKindBasicEntityValues returns an array of possible values for the KindBasicEntity const type.
type KindBasicEntityQuery ¶
type KindBasicEntityQuery string
KindBasicEntityQuery enumerates the values for kind basic entity query.
const ( // KindBasicEntityQueryKindActivity ... KindBasicEntityQueryKindActivity KindBasicEntityQuery = "Activity" // KindBasicEntityQueryKindEntityQuery ... KindBasicEntityQueryKindEntityQuery KindBasicEntityQuery = "EntityQuery" // KindBasicEntityQueryKindExpansion ... KindBasicEntityQueryKindExpansion KindBasicEntityQuery = "Expansion" )
func PossibleKindBasicEntityQueryValues ¶
func PossibleKindBasicEntityQueryValues() []KindBasicEntityQuery
PossibleKindBasicEntityQueryValues returns an array of possible values for the KindBasicEntityQuery const type.
type KindBasicEntityQueryItem ¶
type KindBasicEntityQueryItem string
KindBasicEntityQueryItem enumerates the values for kind basic entity query item.
const ( // KindBasicEntityQueryItemKindEntityQueryItem ... KindBasicEntityQueryItemKindEntityQueryItem KindBasicEntityQueryItem = "EntityQueryItem" // KindBasicEntityQueryItemKindInsight ... KindBasicEntityQueryItemKindInsight KindBasicEntityQueryItem = "Insight" )
func PossibleKindBasicEntityQueryItemValues ¶
func PossibleKindBasicEntityQueryItemValues() []KindBasicEntityQueryItem
PossibleKindBasicEntityQueryItemValues returns an array of possible values for the KindBasicEntityQueryItem const type.
type KindBasicEntityQueryTemplate ¶
type KindBasicEntityQueryTemplate string
KindBasicEntityQueryTemplate enumerates the values for kind basic entity query template.
const ( // KindBasicEntityQueryTemplateKindActivity ... KindBasicEntityQueryTemplateKindActivity KindBasicEntityQueryTemplate = "Activity" // KindBasicEntityQueryTemplateKindEntityQueryTemplate ... KindBasicEntityQueryTemplateKindEntityQueryTemplate KindBasicEntityQueryTemplate = "EntityQueryTemplate" )
func PossibleKindBasicEntityQueryTemplateValues ¶
func PossibleKindBasicEntityQueryTemplateValues() []KindBasicEntityQueryTemplate
PossibleKindBasicEntityQueryTemplateValues returns an array of possible values for the KindBasicEntityQueryTemplate const type.
type KindBasicEntityTimelineItem ¶
type KindBasicEntityTimelineItem string
KindBasicEntityTimelineItem enumerates the values for kind basic entity timeline item.
const ( // KindBasicEntityTimelineItemKindActivity ... KindBasicEntityTimelineItemKindActivity KindBasicEntityTimelineItem = "Activity" // KindBasicEntityTimelineItemKindBookmark ... KindBasicEntityTimelineItemKindBookmark KindBasicEntityTimelineItem = "Bookmark" // KindBasicEntityTimelineItemKindEntityTimelineItem ... KindBasicEntityTimelineItemKindEntityTimelineItem KindBasicEntityTimelineItem = "EntityTimelineItem" // KindBasicEntityTimelineItemKindSecurityAlert ... KindBasicEntityTimelineItemKindSecurityAlert KindBasicEntityTimelineItem = "SecurityAlert" )
func PossibleKindBasicEntityTimelineItemValues ¶
func PossibleKindBasicEntityTimelineItemValues() []KindBasicEntityTimelineItem
PossibleKindBasicEntityTimelineItemValues returns an array of possible values for the KindBasicEntityTimelineItem const type.
type KindBasicSettings ¶
type KindBasicSettings string
KindBasicSettings enumerates the values for kind basic settings.
const ( // KindBasicSettingsKindAnomalies ... KindBasicSettingsKindAnomalies KindBasicSettings = "Anomalies" // KindBasicSettingsKindEntityAnalytics ... KindBasicSettingsKindEntityAnalytics KindBasicSettings = "EntityAnalytics" // KindBasicSettingsKindEyesOn ... KindBasicSettingsKindEyesOn KindBasicSettings = "EyesOn" // KindBasicSettingsKindSettings ... KindBasicSettingsKindSettings KindBasicSettings = "Settings" // KindBasicSettingsKindUeba ... KindBasicSettingsKindUeba KindBasicSettings = "Ueba" )
func PossibleKindBasicSettingsValues ¶
func PossibleKindBasicSettingsValues() []KindBasicSettings
PossibleKindBasicSettingsValues returns an array of possible values for the KindBasicSettings const type.
type KindBasicThreatIntelligenceInformation ¶
type KindBasicThreatIntelligenceInformation string
KindBasicThreatIntelligenceInformation enumerates the values for kind basic threat intelligence information.
const ( // KindBasicThreatIntelligenceInformationKindIndicator ... KindBasicThreatIntelligenceInformationKindIndicator KindBasicThreatIntelligenceInformation = "indicator" // KindBasicThreatIntelligenceInformationKindThreatIntelligenceInformation ... KindBasicThreatIntelligenceInformationKindThreatIntelligenceInformation KindBasicThreatIntelligenceInformation = "ThreatIntelligenceInformation" )
func PossibleKindBasicThreatIntelligenceInformationValues ¶
func PossibleKindBasicThreatIntelligenceInformationValues() []KindBasicThreatIntelligenceInformation
PossibleKindBasicThreatIntelligenceInformationValues returns an array of possible values for the KindBasicThreatIntelligenceInformation const type.
type LastDataReceivedDataType ¶
type LastDataReceivedDataType struct { // Name - Name of the data type to show in the graph. can be use with {{graphQueriesTableName}} placeholder Name *string `json:"name,omitempty"` // LastDataReceivedQuery - Query for indicate last data received LastDataReceivedQuery *string `json:"lastDataReceivedQuery,omitempty"` }
LastDataReceivedDataType data type for last data received
type MCASCheckRequirements ¶
type MCASCheckRequirements struct { // MCASCheckRequirementsProperties - MCAS (Microsoft Cloud App Security) requirements check properties. *MCASCheckRequirementsProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` }
MCASCheckRequirements represents MCAS (Microsoft Cloud App Security) requirements check request.
func (MCASCheckRequirements) AsAADCheckRequirements ¶
func (mcr MCASCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements.
func (MCASCheckRequirements) AsAATPCheckRequirements ¶
func (mcr MCASCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements.
func (MCASCheckRequirements) AsASCCheckRequirements ¶
func (mcr MCASCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements.
func (MCASCheckRequirements) AsAwsCloudTrailCheckRequirements ¶
func (mcr MCASCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements.
func (MCASCheckRequirements) AsAwsS3CheckRequirements ¶
func (mcr MCASCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements.
func (MCASCheckRequirements) AsBasicDataConnectorsCheckRequirements ¶
func (mcr MCASCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements.
func (MCASCheckRequirements) AsDataConnectorsCheckRequirements ¶
func (mcr MCASCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements.
func (MCASCheckRequirements) AsDynamics365CheckRequirements ¶
func (mcr MCASCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements.
func (MCASCheckRequirements) AsMCASCheckRequirements ¶
func (mcr MCASCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements.
func (MCASCheckRequirements) AsMDATPCheckRequirements ¶
func (mcr MCASCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements.
func (MCASCheckRequirements) AsMSTICheckRequirements ¶
func (mcr MCASCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements.
func (MCASCheckRequirements) AsMtpCheckRequirements ¶
func (mcr MCASCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements.
func (MCASCheckRequirements) AsOfficeATPCheckRequirements ¶
func (mcr MCASCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements.
func (MCASCheckRequirements) AsOfficeIRMCheckRequirements ¶
func (mcr MCASCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements.
func (MCASCheckRequirements) AsTICheckRequirements ¶
func (mcr MCASCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements.
func (MCASCheckRequirements) AsTiTaxiiCheckRequirements ¶
func (mcr MCASCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements.
func (MCASCheckRequirements) MarshalJSON ¶
func (mcr MCASCheckRequirements) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MCASCheckRequirements.
func (*MCASCheckRequirements) UnmarshalJSON ¶
func (mcr *MCASCheckRequirements) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for MCASCheckRequirements struct.
type MCASCheckRequirementsProperties ¶
type MCASCheckRequirementsProperties struct { // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` }
MCASCheckRequirementsProperties MCAS (Microsoft Cloud App Security) requirements check properties.
type MCASDataConnector ¶
type MCASDataConnector struct { // MCASDataConnectorProperties - MCAS (Microsoft Cloud App Security) data connector properties. *MCASDataConnectorProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' Kind KindBasicDataConnector `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
MCASDataConnector represents MCAS (Microsoft Cloud App Security) data connector.
func (MCASDataConnector) AsAADDataConnector ¶
func (mdc MCASDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
AsAADDataConnector is the BasicDataConnector implementation for MCASDataConnector.
func (MCASDataConnector) AsAATPDataConnector ¶
func (mdc MCASDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
AsAATPDataConnector is the BasicDataConnector implementation for MCASDataConnector.
func (MCASDataConnector) AsASCDataConnector ¶
func (mdc MCASDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
AsASCDataConnector is the BasicDataConnector implementation for MCASDataConnector.
func (MCASDataConnector) AsAwsCloudTrailDataConnector ¶
func (mdc MCASDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for MCASDataConnector.
func (MCASDataConnector) AsAwsS3DataConnector ¶
func (mdc MCASDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
AsAwsS3DataConnector is the BasicDataConnector implementation for MCASDataConnector.
func (MCASDataConnector) AsBasicDataConnector ¶
func (mdc MCASDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
AsBasicDataConnector is the BasicDataConnector implementation for MCASDataConnector.
func (MCASDataConnector) AsCodelessAPIPollingDataConnector ¶
func (mdc MCASDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for MCASDataConnector.
func (MCASDataConnector) AsCodelessUIDataConnector ¶
func (mdc MCASDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
AsCodelessUIDataConnector is the BasicDataConnector implementation for MCASDataConnector.
func (MCASDataConnector) AsDataConnector ¶
func (mdc MCASDataConnector) AsDataConnector() (*DataConnector, bool)
AsDataConnector is the BasicDataConnector implementation for MCASDataConnector.
func (MCASDataConnector) AsDynamics365DataConnector ¶
func (mdc MCASDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
AsDynamics365DataConnector is the BasicDataConnector implementation for MCASDataConnector.
func (MCASDataConnector) AsMCASDataConnector ¶
func (mdc MCASDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
AsMCASDataConnector is the BasicDataConnector implementation for MCASDataConnector.
func (MCASDataConnector) AsMDATPDataConnector ¶
func (mdc MCASDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
AsMDATPDataConnector is the BasicDataConnector implementation for MCASDataConnector.
func (MCASDataConnector) AsMSTIDataConnector ¶
func (mdc MCASDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
AsMSTIDataConnector is the BasicDataConnector implementation for MCASDataConnector.
func (MCASDataConnector) AsMTPDataConnector ¶
func (mdc MCASDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
AsMTPDataConnector is the BasicDataConnector implementation for MCASDataConnector.
func (MCASDataConnector) AsOfficeATPDataConnector ¶
func (mdc MCASDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
AsOfficeATPDataConnector is the BasicDataConnector implementation for MCASDataConnector.
func (MCASDataConnector) AsOfficeDataConnector ¶
func (mdc MCASDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
AsOfficeDataConnector is the BasicDataConnector implementation for MCASDataConnector.
func (MCASDataConnector) AsOfficeIRMDataConnector ¶
func (mdc MCASDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
AsOfficeIRMDataConnector is the BasicDataConnector implementation for MCASDataConnector.
func (MCASDataConnector) AsTIDataConnector ¶
func (mdc MCASDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
AsTIDataConnector is the BasicDataConnector implementation for MCASDataConnector.
func (MCASDataConnector) AsTiTaxiiDataConnector ¶
func (mdc MCASDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
AsTiTaxiiDataConnector is the BasicDataConnector implementation for MCASDataConnector.
func (MCASDataConnector) MarshalJSON ¶
func (mdc MCASDataConnector) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MCASDataConnector.
func (*MCASDataConnector) UnmarshalJSON ¶
func (mdc *MCASDataConnector) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for MCASDataConnector struct.
type MCASDataConnectorDataTypes ¶
type MCASDataConnectorDataTypes struct { // DiscoveryLogs - Discovery log data type connection. DiscoveryLogs *DataConnectorDataTypeCommon `json:"discoveryLogs,omitempty"` // Alerts - Alerts data type connection. Alerts *DataConnectorDataTypeCommon `json:"alerts,omitempty"` }
MCASDataConnectorDataTypes the available data types for MCAS (Microsoft Cloud App Security) data connector.
type MCASDataConnectorProperties ¶
type MCASDataConnectorProperties struct { // DataTypes - The available data types for the connector. DataTypes *MCASDataConnectorDataTypes `json:"dataTypes,omitempty"` // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` }
MCASDataConnectorProperties MCAS (Microsoft Cloud App Security) data connector properties.
type MDATPCheckRequirements ¶
type MDATPCheckRequirements struct { // MDATPCheckRequirementsProperties - MDATP (Microsoft Defender Advanced Threat Protection) requirements check properties. *MDATPCheckRequirementsProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` }
MDATPCheckRequirements represents MDATP (Microsoft Defender Advanced Threat Protection) requirements check request.
func (MDATPCheckRequirements) AsAADCheckRequirements ¶
func (mcr MDATPCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements.
func (MDATPCheckRequirements) AsAATPCheckRequirements ¶
func (mcr MDATPCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements.
func (MDATPCheckRequirements) AsASCCheckRequirements ¶
func (mcr MDATPCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements.
func (MDATPCheckRequirements) AsAwsCloudTrailCheckRequirements ¶
func (mcr MDATPCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements.
func (MDATPCheckRequirements) AsAwsS3CheckRequirements ¶
func (mcr MDATPCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements.
func (MDATPCheckRequirements) AsBasicDataConnectorsCheckRequirements ¶
func (mcr MDATPCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements.
func (MDATPCheckRequirements) AsDataConnectorsCheckRequirements ¶
func (mcr MDATPCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements.
func (MDATPCheckRequirements) AsDynamics365CheckRequirements ¶
func (mcr MDATPCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements.
func (MDATPCheckRequirements) AsMCASCheckRequirements ¶
func (mcr MDATPCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements.
func (MDATPCheckRequirements) AsMDATPCheckRequirements ¶
func (mcr MDATPCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements.
func (MDATPCheckRequirements) AsMSTICheckRequirements ¶
func (mcr MDATPCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements.
func (MDATPCheckRequirements) AsMtpCheckRequirements ¶
func (mcr MDATPCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements.
func (MDATPCheckRequirements) AsOfficeATPCheckRequirements ¶
func (mcr MDATPCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements.
func (MDATPCheckRequirements) AsOfficeIRMCheckRequirements ¶
func (mcr MDATPCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements.
func (MDATPCheckRequirements) AsTICheckRequirements ¶
func (mcr MDATPCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements.
func (MDATPCheckRequirements) AsTiTaxiiCheckRequirements ¶
func (mcr MDATPCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements.
func (MDATPCheckRequirements) MarshalJSON ¶
func (mcr MDATPCheckRequirements) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MDATPCheckRequirements.
func (*MDATPCheckRequirements) UnmarshalJSON ¶
func (mcr *MDATPCheckRequirements) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for MDATPCheckRequirements struct.
type MDATPCheckRequirementsProperties ¶
type MDATPCheckRequirementsProperties struct { // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` }
MDATPCheckRequirementsProperties MDATP (Microsoft Defender Advanced Threat Protection) requirements check properties.
type MDATPDataConnector ¶
type MDATPDataConnector struct { // MDATPDataConnectorProperties - MDATP (Microsoft Defender Advanced Threat Protection) data connector properties. *MDATPDataConnectorProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' Kind KindBasicDataConnector `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
MDATPDataConnector represents MDATP (Microsoft Defender Advanced Threat Protection) data connector.
func (MDATPDataConnector) AsAADDataConnector ¶
func (mdc MDATPDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
AsAADDataConnector is the BasicDataConnector implementation for MDATPDataConnector.
func (MDATPDataConnector) AsAATPDataConnector ¶
func (mdc MDATPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
AsAATPDataConnector is the BasicDataConnector implementation for MDATPDataConnector.
func (MDATPDataConnector) AsASCDataConnector ¶
func (mdc MDATPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
AsASCDataConnector is the BasicDataConnector implementation for MDATPDataConnector.
func (MDATPDataConnector) AsAwsCloudTrailDataConnector ¶
func (mdc MDATPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for MDATPDataConnector.
func (MDATPDataConnector) AsAwsS3DataConnector ¶
func (mdc MDATPDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
AsAwsS3DataConnector is the BasicDataConnector implementation for MDATPDataConnector.
func (MDATPDataConnector) AsBasicDataConnector ¶
func (mdc MDATPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
AsBasicDataConnector is the BasicDataConnector implementation for MDATPDataConnector.
func (MDATPDataConnector) AsCodelessAPIPollingDataConnector ¶
func (mdc MDATPDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for MDATPDataConnector.
func (MDATPDataConnector) AsCodelessUIDataConnector ¶
func (mdc MDATPDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
AsCodelessUIDataConnector is the BasicDataConnector implementation for MDATPDataConnector.
func (MDATPDataConnector) AsDataConnector ¶
func (mdc MDATPDataConnector) AsDataConnector() (*DataConnector, bool)
AsDataConnector is the BasicDataConnector implementation for MDATPDataConnector.
func (MDATPDataConnector) AsDynamics365DataConnector ¶
func (mdc MDATPDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
AsDynamics365DataConnector is the BasicDataConnector implementation for MDATPDataConnector.
func (MDATPDataConnector) AsMCASDataConnector ¶
func (mdc MDATPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
AsMCASDataConnector is the BasicDataConnector implementation for MDATPDataConnector.
func (MDATPDataConnector) AsMDATPDataConnector ¶
func (mdc MDATPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
AsMDATPDataConnector is the BasicDataConnector implementation for MDATPDataConnector.
func (MDATPDataConnector) AsMSTIDataConnector ¶
func (mdc MDATPDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
AsMSTIDataConnector is the BasicDataConnector implementation for MDATPDataConnector.
func (MDATPDataConnector) AsMTPDataConnector ¶
func (mdc MDATPDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
AsMTPDataConnector is the BasicDataConnector implementation for MDATPDataConnector.
func (MDATPDataConnector) AsOfficeATPDataConnector ¶
func (mdc MDATPDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
AsOfficeATPDataConnector is the BasicDataConnector implementation for MDATPDataConnector.
func (MDATPDataConnector) AsOfficeDataConnector ¶
func (mdc MDATPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
AsOfficeDataConnector is the BasicDataConnector implementation for MDATPDataConnector.
func (MDATPDataConnector) AsOfficeIRMDataConnector ¶
func (mdc MDATPDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
AsOfficeIRMDataConnector is the BasicDataConnector implementation for MDATPDataConnector.
func (MDATPDataConnector) AsTIDataConnector ¶
func (mdc MDATPDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
AsTIDataConnector is the BasicDataConnector implementation for MDATPDataConnector.
func (MDATPDataConnector) AsTiTaxiiDataConnector ¶
func (mdc MDATPDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
AsTiTaxiiDataConnector is the BasicDataConnector implementation for MDATPDataConnector.
func (MDATPDataConnector) MarshalJSON ¶
func (mdc MDATPDataConnector) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MDATPDataConnector.
func (*MDATPDataConnector) UnmarshalJSON ¶
func (mdc *MDATPDataConnector) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for MDATPDataConnector struct.
type MDATPDataConnectorProperties ¶
type MDATPDataConnectorProperties struct { // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` // DataTypes - The available data types for the connector. DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"` }
MDATPDataConnectorProperties MDATP (Microsoft Defender Advanced Threat Protection) data connector properties.
type MLBehaviorAnalyticsAlertRule ¶
type MLBehaviorAnalyticsAlertRule struct { // MLBehaviorAnalyticsAlertRuleProperties - MLBehaviorAnalytics alert rule properties *MLBehaviorAnalyticsAlertRuleProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicAlertRuleKindAlertRule', 'KindBasicAlertRuleKindMLBehaviorAnalytics', 'KindBasicAlertRuleKindFusion', 'KindBasicAlertRuleKindThreatIntelligence', 'KindBasicAlertRuleKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleKindScheduled', 'KindBasicAlertRuleKindNRT' Kind KindBasicAlertRule `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
MLBehaviorAnalyticsAlertRule represents MLBehaviorAnalytics alert rule.
func (MLBehaviorAnalyticsAlertRule) AsAlertRule ¶
func (mbaar MLBehaviorAnalyticsAlertRule) AsAlertRule() (*AlertRule, bool)
AsAlertRule is the BasicAlertRule implementation for MLBehaviorAnalyticsAlertRule.
func (MLBehaviorAnalyticsAlertRule) AsBasicAlertRule ¶
func (mbaar MLBehaviorAnalyticsAlertRule) AsBasicAlertRule() (BasicAlertRule, bool)
AsBasicAlertRule is the BasicAlertRule implementation for MLBehaviorAnalyticsAlertRule.
func (MLBehaviorAnalyticsAlertRule) AsFusionAlertRule ¶
func (mbaar MLBehaviorAnalyticsAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)
AsFusionAlertRule is the BasicAlertRule implementation for MLBehaviorAnalyticsAlertRule.
func (MLBehaviorAnalyticsAlertRule) AsMLBehaviorAnalyticsAlertRule ¶
func (mbaar MLBehaviorAnalyticsAlertRule) AsMLBehaviorAnalyticsAlertRule() (*MLBehaviorAnalyticsAlertRule, bool)
AsMLBehaviorAnalyticsAlertRule is the BasicAlertRule implementation for MLBehaviorAnalyticsAlertRule.
func (MLBehaviorAnalyticsAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule ¶
func (mbaar MLBehaviorAnalyticsAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)
AsMicrosoftSecurityIncidentCreationAlertRule is the BasicAlertRule implementation for MLBehaviorAnalyticsAlertRule.
func (MLBehaviorAnalyticsAlertRule) AsNrtAlertRule ¶
func (mbaar MLBehaviorAnalyticsAlertRule) AsNrtAlertRule() (*NrtAlertRule, bool)
AsNrtAlertRule is the BasicAlertRule implementation for MLBehaviorAnalyticsAlertRule.
func (MLBehaviorAnalyticsAlertRule) AsScheduledAlertRule ¶
func (mbaar MLBehaviorAnalyticsAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)
AsScheduledAlertRule is the BasicAlertRule implementation for MLBehaviorAnalyticsAlertRule.
func (MLBehaviorAnalyticsAlertRule) AsThreatIntelligenceAlertRule ¶
func (mbaar MLBehaviorAnalyticsAlertRule) AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool)
AsThreatIntelligenceAlertRule is the BasicAlertRule implementation for MLBehaviorAnalyticsAlertRule.
func (MLBehaviorAnalyticsAlertRule) MarshalJSON ¶
func (mbaar MLBehaviorAnalyticsAlertRule) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MLBehaviorAnalyticsAlertRule.
func (*MLBehaviorAnalyticsAlertRule) UnmarshalJSON ¶
func (mbaar *MLBehaviorAnalyticsAlertRule) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for MLBehaviorAnalyticsAlertRule struct.
type MLBehaviorAnalyticsAlertRuleProperties ¶
type MLBehaviorAnalyticsAlertRuleProperties struct { // AlertRuleTemplateName - The Name of the alert rule template used to create this rule. AlertRuleTemplateName *string `json:"alertRuleTemplateName,omitempty"` // Description - READ-ONLY; The description of the alert rule. Description *string `json:"description,omitempty"` // DisplayName - READ-ONLY; The display name for alerts created by this alert rule. DisplayName *string `json:"displayName,omitempty"` // Enabled - Determines whether this alert rule is enabled or disabled. Enabled *bool `json:"enabled,omitempty"` // LastModifiedUtc - READ-ONLY; The last time that this alert rule has been modified. LastModifiedUtc *date.Time `json:"lastModifiedUtc,omitempty"` // Severity - READ-ONLY; The severity for alerts created by this alert rule. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' Severity AlertSeverity `json:"severity,omitempty"` // Tactics - READ-ONLY; The tactics of the alert rule Tactics *[]AttackTactic `json:"tactics,omitempty"` }
MLBehaviorAnalyticsAlertRuleProperties mLBehaviorAnalytics alert rule base property bag.
func (MLBehaviorAnalyticsAlertRuleProperties) MarshalJSON ¶
func (mbaarp MLBehaviorAnalyticsAlertRuleProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MLBehaviorAnalyticsAlertRuleProperties.
type MLBehaviorAnalyticsAlertRuleTemplate ¶
type MLBehaviorAnalyticsAlertRuleTemplate struct { // MLBehaviorAnalyticsAlertRuleTemplateProperties - MLBehaviorAnalytics alert rule template properties. *MLBehaviorAnalyticsAlertRuleTemplateProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindMLBehaviorAnalytics', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindThreatIntelligence', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled', 'KindBasicAlertRuleTemplateKindNRT' Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
MLBehaviorAnalyticsAlertRuleTemplate represents MLBehaviorAnalytics alert rule template.
func (MLBehaviorAnalyticsAlertRuleTemplate) AsAlertRuleTemplate ¶
func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)
AsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MLBehaviorAnalyticsAlertRuleTemplate.
func (MLBehaviorAnalyticsAlertRuleTemplate) AsBasicAlertRuleTemplate ¶
func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)
AsBasicAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MLBehaviorAnalyticsAlertRuleTemplate.
func (MLBehaviorAnalyticsAlertRuleTemplate) AsFusionAlertRuleTemplate ¶
func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)
AsFusionAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MLBehaviorAnalyticsAlertRuleTemplate.
func (MLBehaviorAnalyticsAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate ¶
func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate() (*MLBehaviorAnalyticsAlertRuleTemplate, bool)
AsMLBehaviorAnalyticsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MLBehaviorAnalyticsAlertRuleTemplate.
func (MLBehaviorAnalyticsAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate ¶
func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)
AsMicrosoftSecurityIncidentCreationAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MLBehaviorAnalyticsAlertRuleTemplate.
func (MLBehaviorAnalyticsAlertRuleTemplate) AsNrtAlertRuleTemplate ¶
func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool)
AsNrtAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MLBehaviorAnalyticsAlertRuleTemplate.
func (MLBehaviorAnalyticsAlertRuleTemplate) AsScheduledAlertRuleTemplate ¶
func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)
AsScheduledAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MLBehaviorAnalyticsAlertRuleTemplate.
func (MLBehaviorAnalyticsAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate ¶
func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool)
AsThreatIntelligenceAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MLBehaviorAnalyticsAlertRuleTemplate.
func (MLBehaviorAnalyticsAlertRuleTemplate) MarshalJSON ¶
func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MLBehaviorAnalyticsAlertRuleTemplate.
func (*MLBehaviorAnalyticsAlertRuleTemplate) UnmarshalJSON ¶
func (mbaart *MLBehaviorAnalyticsAlertRuleTemplate) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for MLBehaviorAnalyticsAlertRuleTemplate struct.
type MLBehaviorAnalyticsAlertRuleTemplateProperties ¶
type MLBehaviorAnalyticsAlertRuleTemplateProperties struct { // Severity - The severity for alerts created by this alert rule. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' Severity AlertSeverity `json:"severity,omitempty"` // Tactics - The tactics of the alert rule template. Tactics *[]AttackTactic `json:"tactics,omitempty"` // AlertRulesCreatedByTemplateCount - the number of alert rules that were created by this template AlertRulesCreatedByTemplateCount *int32 `json:"alertRulesCreatedByTemplateCount,omitempty"` // LastUpdatedDateUTC - READ-ONLY; The last time that this alert rule template has been updated. LastUpdatedDateUTC *date.Time `json:"lastUpdatedDateUTC,omitempty"` // CreatedDateUTC - READ-ONLY; The time that this alert rule template has been added. CreatedDateUTC *date.Time `json:"createdDateUTC,omitempty"` // Description - The description of the alert rule template. Description *string `json:"description,omitempty"` // DisplayName - The display name for alert rule template. DisplayName *string `json:"displayName,omitempty"` // RequiredDataConnectors - The required data sources for this template RequiredDataConnectors *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"` // Status - The alert rule template status. Possible values include: 'TemplateStatusInstalled', 'TemplateStatusAvailable', 'TemplateStatusNotAvailable' Status TemplateStatus `json:"status,omitempty"` }
MLBehaviorAnalyticsAlertRuleTemplateProperties mLBehaviorAnalytics alert rule template properties.
func (MLBehaviorAnalyticsAlertRuleTemplateProperties) MarshalJSON ¶
func (mbaart MLBehaviorAnalyticsAlertRuleTemplateProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MLBehaviorAnalyticsAlertRuleTemplateProperties.
type MSTICheckRequirements ¶
type MSTICheckRequirements struct { // MSTICheckRequirementsProperties - Microsoft Threat Intelligence requirements check properties. *MSTICheckRequirementsProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` }
MSTICheckRequirements represents Microsoft Threat Intelligence requirements check request.
func (MSTICheckRequirements) AsAADCheckRequirements ¶
func (mcr MSTICheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements.
func (MSTICheckRequirements) AsAATPCheckRequirements ¶
func (mcr MSTICheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements.
func (MSTICheckRequirements) AsASCCheckRequirements ¶
func (mcr MSTICheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements.
func (MSTICheckRequirements) AsAwsCloudTrailCheckRequirements ¶
func (mcr MSTICheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements.
func (MSTICheckRequirements) AsAwsS3CheckRequirements ¶
func (mcr MSTICheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements.
func (MSTICheckRequirements) AsBasicDataConnectorsCheckRequirements ¶
func (mcr MSTICheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements.
func (MSTICheckRequirements) AsDataConnectorsCheckRequirements ¶
func (mcr MSTICheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements.
func (MSTICheckRequirements) AsDynamics365CheckRequirements ¶
func (mcr MSTICheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements.
func (MSTICheckRequirements) AsMCASCheckRequirements ¶
func (mcr MSTICheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements.
func (MSTICheckRequirements) AsMDATPCheckRequirements ¶
func (mcr MSTICheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements.
func (MSTICheckRequirements) AsMSTICheckRequirements ¶
func (mcr MSTICheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements.
func (MSTICheckRequirements) AsMtpCheckRequirements ¶
func (mcr MSTICheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements.
func (MSTICheckRequirements) AsOfficeATPCheckRequirements ¶
func (mcr MSTICheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements.
func (MSTICheckRequirements) AsOfficeIRMCheckRequirements ¶
func (mcr MSTICheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements.
func (MSTICheckRequirements) AsTICheckRequirements ¶
func (mcr MSTICheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements.
func (MSTICheckRequirements) AsTiTaxiiCheckRequirements ¶
func (mcr MSTICheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements.
func (MSTICheckRequirements) MarshalJSON ¶
func (mcr MSTICheckRequirements) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MSTICheckRequirements.
func (*MSTICheckRequirements) UnmarshalJSON ¶
func (mcr *MSTICheckRequirements) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for MSTICheckRequirements struct.
type MSTICheckRequirementsProperties ¶
type MSTICheckRequirementsProperties struct { // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` }
MSTICheckRequirementsProperties microsoft Threat Intelligence requirements check properties.
type MSTIDataConnector ¶
type MSTIDataConnector struct { // MSTIDataConnectorProperties - Microsoft Threat Intelligence data connector properties. *MSTIDataConnectorProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' Kind KindBasicDataConnector `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
MSTIDataConnector represents Microsoft Threat Intelligence data connector.
func (MSTIDataConnector) AsAADDataConnector ¶
func (mdc MSTIDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
AsAADDataConnector is the BasicDataConnector implementation for MSTIDataConnector.
func (MSTIDataConnector) AsAATPDataConnector ¶
func (mdc MSTIDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
AsAATPDataConnector is the BasicDataConnector implementation for MSTIDataConnector.
func (MSTIDataConnector) AsASCDataConnector ¶
func (mdc MSTIDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
AsASCDataConnector is the BasicDataConnector implementation for MSTIDataConnector.
func (MSTIDataConnector) AsAwsCloudTrailDataConnector ¶
func (mdc MSTIDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for MSTIDataConnector.
func (MSTIDataConnector) AsAwsS3DataConnector ¶
func (mdc MSTIDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
AsAwsS3DataConnector is the BasicDataConnector implementation for MSTIDataConnector.
func (MSTIDataConnector) AsBasicDataConnector ¶
func (mdc MSTIDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
AsBasicDataConnector is the BasicDataConnector implementation for MSTIDataConnector.
func (MSTIDataConnector) AsCodelessAPIPollingDataConnector ¶
func (mdc MSTIDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for MSTIDataConnector.
func (MSTIDataConnector) AsCodelessUIDataConnector ¶
func (mdc MSTIDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
AsCodelessUIDataConnector is the BasicDataConnector implementation for MSTIDataConnector.
func (MSTIDataConnector) AsDataConnector ¶
func (mdc MSTIDataConnector) AsDataConnector() (*DataConnector, bool)
AsDataConnector is the BasicDataConnector implementation for MSTIDataConnector.
func (MSTIDataConnector) AsDynamics365DataConnector ¶
func (mdc MSTIDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
AsDynamics365DataConnector is the BasicDataConnector implementation for MSTIDataConnector.
func (MSTIDataConnector) AsMCASDataConnector ¶
func (mdc MSTIDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
AsMCASDataConnector is the BasicDataConnector implementation for MSTIDataConnector.
func (MSTIDataConnector) AsMDATPDataConnector ¶
func (mdc MSTIDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
AsMDATPDataConnector is the BasicDataConnector implementation for MSTIDataConnector.
func (MSTIDataConnector) AsMSTIDataConnector ¶
func (mdc MSTIDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
AsMSTIDataConnector is the BasicDataConnector implementation for MSTIDataConnector.
func (MSTIDataConnector) AsMTPDataConnector ¶
func (mdc MSTIDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
AsMTPDataConnector is the BasicDataConnector implementation for MSTIDataConnector.
func (MSTIDataConnector) AsOfficeATPDataConnector ¶
func (mdc MSTIDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
AsOfficeATPDataConnector is the BasicDataConnector implementation for MSTIDataConnector.
func (MSTIDataConnector) AsOfficeDataConnector ¶
func (mdc MSTIDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
AsOfficeDataConnector is the BasicDataConnector implementation for MSTIDataConnector.
func (MSTIDataConnector) AsOfficeIRMDataConnector ¶
func (mdc MSTIDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
AsOfficeIRMDataConnector is the BasicDataConnector implementation for MSTIDataConnector.
func (MSTIDataConnector) AsTIDataConnector ¶
func (mdc MSTIDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
AsTIDataConnector is the BasicDataConnector implementation for MSTIDataConnector.
func (MSTIDataConnector) AsTiTaxiiDataConnector ¶
func (mdc MSTIDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
AsTiTaxiiDataConnector is the BasicDataConnector implementation for MSTIDataConnector.
func (MSTIDataConnector) MarshalJSON ¶
func (mdc MSTIDataConnector) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MSTIDataConnector.
func (*MSTIDataConnector) UnmarshalJSON ¶
func (mdc *MSTIDataConnector) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for MSTIDataConnector struct.
type MSTIDataConnectorDataTypes ¶
type MSTIDataConnectorDataTypes struct { // BingSafetyPhishingURL - Data type for Microsoft Threat Intelligence Platforms data connector. BingSafetyPhishingURL *MSTIDataConnectorDataTypesBingSafetyPhishingURL `json:"bingSafetyPhishingURL,omitempty"` // MicrosoftEmergingThreatFeed - Data type for Microsoft Threat Intelligence Platforms data connector. MicrosoftEmergingThreatFeed *MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed `json:"microsoftEmergingThreatFeed,omitempty"` }
MSTIDataConnectorDataTypes the available data types for Microsoft Threat Intelligence Platforms data connector.
type MSTIDataConnectorDataTypesBingSafetyPhishingURL ¶
type MSTIDataConnectorDataTypesBingSafetyPhishingURL struct { // LookbackPeriod - lookback period LookbackPeriod *string `json:"lookbackPeriod,omitempty"` // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' State DataTypeState `json:"state,omitempty"` }
MSTIDataConnectorDataTypesBingSafetyPhishingURL data type for Microsoft Threat Intelligence Platforms data connector.
type MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed ¶
type MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed struct { // LookbackPeriod - lookback period LookbackPeriod *string `json:"lookbackPeriod,omitempty"` // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' State DataTypeState `json:"state,omitempty"` }
MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed data type for Microsoft Threat Intelligence Platforms data connector.
type MSTIDataConnectorProperties ¶
type MSTIDataConnectorProperties struct { // DataTypes - The available data types for the connector. DataTypes *MSTIDataConnectorDataTypes `json:"dataTypes,omitempty"` // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` }
MSTIDataConnectorProperties microsoft Threat Intelligence data connector properties.
type MTPCheckRequirementsProperties ¶
type MTPCheckRequirementsProperties struct { // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` }
MTPCheckRequirementsProperties MTP (Microsoft Threat Protection) requirements check properties.
type MTPDataConnector ¶
type MTPDataConnector struct { // MTPDataConnectorProperties - MTP (Microsoft Threat Protection) data connector properties. *MTPDataConnectorProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' Kind KindBasicDataConnector `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
MTPDataConnector represents MTP (Microsoft Threat Protection) data connector.
func (MTPDataConnector) AsAADDataConnector ¶
func (mdc MTPDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
AsAADDataConnector is the BasicDataConnector implementation for MTPDataConnector.
func (MTPDataConnector) AsAATPDataConnector ¶
func (mdc MTPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
AsAATPDataConnector is the BasicDataConnector implementation for MTPDataConnector.
func (MTPDataConnector) AsASCDataConnector ¶
func (mdc MTPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
AsASCDataConnector is the BasicDataConnector implementation for MTPDataConnector.
func (MTPDataConnector) AsAwsCloudTrailDataConnector ¶
func (mdc MTPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for MTPDataConnector.
func (MTPDataConnector) AsAwsS3DataConnector ¶
func (mdc MTPDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
AsAwsS3DataConnector is the BasicDataConnector implementation for MTPDataConnector.
func (MTPDataConnector) AsBasicDataConnector ¶
func (mdc MTPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
AsBasicDataConnector is the BasicDataConnector implementation for MTPDataConnector.
func (MTPDataConnector) AsCodelessAPIPollingDataConnector ¶
func (mdc MTPDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for MTPDataConnector.
func (MTPDataConnector) AsCodelessUIDataConnector ¶
func (mdc MTPDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
AsCodelessUIDataConnector is the BasicDataConnector implementation for MTPDataConnector.
func (MTPDataConnector) AsDataConnector ¶
func (mdc MTPDataConnector) AsDataConnector() (*DataConnector, bool)
AsDataConnector is the BasicDataConnector implementation for MTPDataConnector.
func (MTPDataConnector) AsDynamics365DataConnector ¶
func (mdc MTPDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
AsDynamics365DataConnector is the BasicDataConnector implementation for MTPDataConnector.
func (MTPDataConnector) AsMCASDataConnector ¶
func (mdc MTPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
AsMCASDataConnector is the BasicDataConnector implementation for MTPDataConnector.
func (MTPDataConnector) AsMDATPDataConnector ¶
func (mdc MTPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
AsMDATPDataConnector is the BasicDataConnector implementation for MTPDataConnector.
func (MTPDataConnector) AsMSTIDataConnector ¶
func (mdc MTPDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
AsMSTIDataConnector is the BasicDataConnector implementation for MTPDataConnector.
func (MTPDataConnector) AsMTPDataConnector ¶
func (mdc MTPDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
AsMTPDataConnector is the BasicDataConnector implementation for MTPDataConnector.
func (MTPDataConnector) AsOfficeATPDataConnector ¶
func (mdc MTPDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
AsOfficeATPDataConnector is the BasicDataConnector implementation for MTPDataConnector.
func (MTPDataConnector) AsOfficeDataConnector ¶
func (mdc MTPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
AsOfficeDataConnector is the BasicDataConnector implementation for MTPDataConnector.
func (MTPDataConnector) AsOfficeIRMDataConnector ¶
func (mdc MTPDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
AsOfficeIRMDataConnector is the BasicDataConnector implementation for MTPDataConnector.
func (MTPDataConnector) AsTIDataConnector ¶
func (mdc MTPDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
AsTIDataConnector is the BasicDataConnector implementation for MTPDataConnector.
func (MTPDataConnector) AsTiTaxiiDataConnector ¶
func (mdc MTPDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
AsTiTaxiiDataConnector is the BasicDataConnector implementation for MTPDataConnector.
func (MTPDataConnector) MarshalJSON ¶
func (mdc MTPDataConnector) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MTPDataConnector.
func (*MTPDataConnector) UnmarshalJSON ¶
func (mdc *MTPDataConnector) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for MTPDataConnector struct.
type MTPDataConnectorDataTypes ¶
type MTPDataConnectorDataTypes struct { // Incidents - Data type for Microsoft Threat Protection Platforms data connector. Incidents *MTPDataConnectorDataTypesIncidents `json:"incidents,omitempty"` }
MTPDataConnectorDataTypes the available data types for Microsoft Threat Protection Platforms data connector.
type MTPDataConnectorDataTypesIncidents ¶
type MTPDataConnectorDataTypesIncidents struct { // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' State DataTypeState `json:"state,omitempty"` }
MTPDataConnectorDataTypesIncidents data type for Microsoft Threat Protection Platforms data connector.
type MTPDataConnectorProperties ¶
type MTPDataConnectorProperties struct { // DataTypes - The available data types for the connector. DataTypes *MTPDataConnectorDataTypes `json:"dataTypes,omitempty"` // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` }
MTPDataConnectorProperties MTP (Microsoft Threat Protection) data connector properties.
type MailClusterEntity ¶
type MailClusterEntity struct { // MailClusterEntityProperties - Mail cluster entity properties *MailClusterEntityProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' Kind KindBasicEntity `json:"kind,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
MailClusterEntity represents a mail cluster entity.
func (MailClusterEntity) AsAccountEntity ¶
func (mce MailClusterEntity) AsAccountEntity() (*AccountEntity, bool)
AsAccountEntity is the BasicEntity implementation for MailClusterEntity.
func (MailClusterEntity) AsAzureResourceEntity ¶
func (mce MailClusterEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
AsAzureResourceEntity is the BasicEntity implementation for MailClusterEntity.
func (MailClusterEntity) AsBasicEntity ¶
func (mce MailClusterEntity) AsBasicEntity() (BasicEntity, bool)
AsBasicEntity is the BasicEntity implementation for MailClusterEntity.
func (MailClusterEntity) AsCloudApplicationEntity ¶
func (mce MailClusterEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
AsCloudApplicationEntity is the BasicEntity implementation for MailClusterEntity.
func (MailClusterEntity) AsDNSEntity ¶
func (mce MailClusterEntity) AsDNSEntity() (*DNSEntity, bool)
AsDNSEntity is the BasicEntity implementation for MailClusterEntity.
func (MailClusterEntity) AsEntity ¶
func (mce MailClusterEntity) AsEntity() (*Entity, bool)
AsEntity is the BasicEntity implementation for MailClusterEntity.
func (MailClusterEntity) AsFileEntity ¶
func (mce MailClusterEntity) AsFileEntity() (*FileEntity, bool)
AsFileEntity is the BasicEntity implementation for MailClusterEntity.
func (MailClusterEntity) AsFileHashEntity ¶
func (mce MailClusterEntity) AsFileHashEntity() (*FileHashEntity, bool)
AsFileHashEntity is the BasicEntity implementation for MailClusterEntity.
func (MailClusterEntity) AsHostEntity ¶
func (mce MailClusterEntity) AsHostEntity() (*HostEntity, bool)
AsHostEntity is the BasicEntity implementation for MailClusterEntity.
func (MailClusterEntity) AsHuntingBookmark ¶
func (mce MailClusterEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
AsHuntingBookmark is the BasicEntity implementation for MailClusterEntity.
func (MailClusterEntity) AsIPEntity ¶
func (mce MailClusterEntity) AsIPEntity() (*IPEntity, bool)
AsIPEntity is the BasicEntity implementation for MailClusterEntity.
func (MailClusterEntity) AsIoTDeviceEntity ¶
func (mce MailClusterEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
AsIoTDeviceEntity is the BasicEntity implementation for MailClusterEntity.
func (MailClusterEntity) AsMailClusterEntity ¶
func (mce MailClusterEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
AsMailClusterEntity is the BasicEntity implementation for MailClusterEntity.
func (MailClusterEntity) AsMailMessageEntity ¶
func (mce MailClusterEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
AsMailMessageEntity is the BasicEntity implementation for MailClusterEntity.
func (MailClusterEntity) AsMailboxEntity ¶
func (mce MailClusterEntity) AsMailboxEntity() (*MailboxEntity, bool)
AsMailboxEntity is the BasicEntity implementation for MailClusterEntity.
func (MailClusterEntity) AsMalwareEntity ¶
func (mce MailClusterEntity) AsMalwareEntity() (*MalwareEntity, bool)
AsMalwareEntity is the BasicEntity implementation for MailClusterEntity.
func (MailClusterEntity) AsProcessEntity ¶
func (mce MailClusterEntity) AsProcessEntity() (*ProcessEntity, bool)
AsProcessEntity is the BasicEntity implementation for MailClusterEntity.
func (MailClusterEntity) AsRegistryKeyEntity ¶
func (mce MailClusterEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
AsRegistryKeyEntity is the BasicEntity implementation for MailClusterEntity.
func (MailClusterEntity) AsRegistryValueEntity ¶
func (mce MailClusterEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
AsRegistryValueEntity is the BasicEntity implementation for MailClusterEntity.
func (MailClusterEntity) AsSecurityAlert ¶
func (mce MailClusterEntity) AsSecurityAlert() (*SecurityAlert, bool)
AsSecurityAlert is the BasicEntity implementation for MailClusterEntity.
func (MailClusterEntity) AsSecurityGroupEntity ¶
func (mce MailClusterEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
AsSecurityGroupEntity is the BasicEntity implementation for MailClusterEntity.
func (MailClusterEntity) AsSubmissionMailEntity ¶
func (mce MailClusterEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
AsSubmissionMailEntity is the BasicEntity implementation for MailClusterEntity.
func (MailClusterEntity) AsURLEntity ¶
func (mce MailClusterEntity) AsURLEntity() (*URLEntity, bool)
AsURLEntity is the BasicEntity implementation for MailClusterEntity.
func (MailClusterEntity) MarshalJSON ¶
func (mce MailClusterEntity) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MailClusterEntity.
func (*MailClusterEntity) UnmarshalJSON ¶
func (mce *MailClusterEntity) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for MailClusterEntity struct.
type MailClusterEntityProperties ¶
type MailClusterEntityProperties struct { // NetworkMessageIds - READ-ONLY; The mail message IDs that are part of the mail cluster NetworkMessageIds *[]string `json:"networkMessageIds,omitempty"` // CountByDeliveryStatus - READ-ONLY; Count of mail messages by DeliveryStatus string representation CountByDeliveryStatus interface{} `json:"countByDeliveryStatus,omitempty"` // CountByThreatType - READ-ONLY; Count of mail messages by ThreatType string representation CountByThreatType interface{} `json:"countByThreatType,omitempty"` // CountByProtectionStatus - READ-ONLY; Count of mail messages by ProtectionStatus string representation CountByProtectionStatus interface{} `json:"countByProtectionStatus,omitempty"` // Threats - READ-ONLY; The threats of mail messages that are part of the mail cluster Threats *[]string `json:"threats,omitempty"` // Query - READ-ONLY; The query that was used to identify the messages of the mail cluster Query *string `json:"query,omitempty"` // QueryTime - READ-ONLY; The query time QueryTime *date.Time `json:"queryTime,omitempty"` // MailCount - READ-ONLY; The number of mail messages that are part of the mail cluster MailCount *int32 `json:"mailCount,omitempty"` // IsVolumeAnomaly - READ-ONLY; Is this a volume anomaly mail cluster IsVolumeAnomaly *bool `json:"isVolumeAnomaly,omitempty"` // Source - READ-ONLY; The source of the mail cluster (default is 'O365 ATP') Source *string `json:"source,omitempty"` // ClusterSourceIdentifier - READ-ONLY; The id of the cluster source ClusterSourceIdentifier *string `json:"clusterSourceIdentifier,omitempty"` // ClusterSourceType - READ-ONLY; The type of the cluster source ClusterSourceType *string `json:"clusterSourceType,omitempty"` // ClusterQueryStartTime - READ-ONLY; The cluster query start time ClusterQueryStartTime *date.Time `json:"clusterQueryStartTime,omitempty"` // ClusterQueryEndTime - READ-ONLY; The cluster query end time ClusterQueryEndTime *date.Time `json:"clusterQueryEndTime,omitempty"` // ClusterGroup - READ-ONLY; The cluster group ClusterGroup *string `json:"clusterGroup,omitempty"` // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]interface{} `json:"additionalData"` // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. FriendlyName *string `json:"friendlyName,omitempty"` }
MailClusterEntityProperties mail cluster entity property bag.
func (MailClusterEntityProperties) MarshalJSON ¶
func (mcep MailClusterEntityProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MailClusterEntityProperties.
type MailMessageEntity ¶
type MailMessageEntity struct { // MailMessageEntityProperties - Mail message entity properties *MailMessageEntityProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' Kind KindBasicEntity `json:"kind,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
MailMessageEntity represents a mail message entity.
func (MailMessageEntity) AsAccountEntity ¶
func (mme MailMessageEntity) AsAccountEntity() (*AccountEntity, bool)
AsAccountEntity is the BasicEntity implementation for MailMessageEntity.
func (MailMessageEntity) AsAzureResourceEntity ¶
func (mme MailMessageEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
AsAzureResourceEntity is the BasicEntity implementation for MailMessageEntity.
func (MailMessageEntity) AsBasicEntity ¶
func (mme MailMessageEntity) AsBasicEntity() (BasicEntity, bool)
AsBasicEntity is the BasicEntity implementation for MailMessageEntity.
func (MailMessageEntity) AsCloudApplicationEntity ¶
func (mme MailMessageEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
AsCloudApplicationEntity is the BasicEntity implementation for MailMessageEntity.
func (MailMessageEntity) AsDNSEntity ¶
func (mme MailMessageEntity) AsDNSEntity() (*DNSEntity, bool)
AsDNSEntity is the BasicEntity implementation for MailMessageEntity.
func (MailMessageEntity) AsEntity ¶
func (mme MailMessageEntity) AsEntity() (*Entity, bool)
AsEntity is the BasicEntity implementation for MailMessageEntity.
func (MailMessageEntity) AsFileEntity ¶
func (mme MailMessageEntity) AsFileEntity() (*FileEntity, bool)
AsFileEntity is the BasicEntity implementation for MailMessageEntity.
func (MailMessageEntity) AsFileHashEntity ¶
func (mme MailMessageEntity) AsFileHashEntity() (*FileHashEntity, bool)
AsFileHashEntity is the BasicEntity implementation for MailMessageEntity.
func (MailMessageEntity) AsHostEntity ¶
func (mme MailMessageEntity) AsHostEntity() (*HostEntity, bool)
AsHostEntity is the BasicEntity implementation for MailMessageEntity.
func (MailMessageEntity) AsHuntingBookmark ¶
func (mme MailMessageEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
AsHuntingBookmark is the BasicEntity implementation for MailMessageEntity.
func (MailMessageEntity) AsIPEntity ¶
func (mme MailMessageEntity) AsIPEntity() (*IPEntity, bool)
AsIPEntity is the BasicEntity implementation for MailMessageEntity.
func (MailMessageEntity) AsIoTDeviceEntity ¶
func (mme MailMessageEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
AsIoTDeviceEntity is the BasicEntity implementation for MailMessageEntity.
func (MailMessageEntity) AsMailClusterEntity ¶
func (mme MailMessageEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
AsMailClusterEntity is the BasicEntity implementation for MailMessageEntity.
func (MailMessageEntity) AsMailMessageEntity ¶
func (mme MailMessageEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
AsMailMessageEntity is the BasicEntity implementation for MailMessageEntity.
func (MailMessageEntity) AsMailboxEntity ¶
func (mme MailMessageEntity) AsMailboxEntity() (*MailboxEntity, bool)
AsMailboxEntity is the BasicEntity implementation for MailMessageEntity.
func (MailMessageEntity) AsMalwareEntity ¶
func (mme MailMessageEntity) AsMalwareEntity() (*MalwareEntity, bool)
AsMalwareEntity is the BasicEntity implementation for MailMessageEntity.
func (MailMessageEntity) AsProcessEntity ¶
func (mme MailMessageEntity) AsProcessEntity() (*ProcessEntity, bool)
AsProcessEntity is the BasicEntity implementation for MailMessageEntity.
func (MailMessageEntity) AsRegistryKeyEntity ¶
func (mme MailMessageEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
AsRegistryKeyEntity is the BasicEntity implementation for MailMessageEntity.
func (MailMessageEntity) AsRegistryValueEntity ¶
func (mme MailMessageEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
AsRegistryValueEntity is the BasicEntity implementation for MailMessageEntity.
func (MailMessageEntity) AsSecurityAlert ¶
func (mme MailMessageEntity) AsSecurityAlert() (*SecurityAlert, bool)
AsSecurityAlert is the BasicEntity implementation for MailMessageEntity.
func (MailMessageEntity) AsSecurityGroupEntity ¶
func (mme MailMessageEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
AsSecurityGroupEntity is the BasicEntity implementation for MailMessageEntity.
func (MailMessageEntity) AsSubmissionMailEntity ¶
func (mme MailMessageEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
AsSubmissionMailEntity is the BasicEntity implementation for MailMessageEntity.
func (MailMessageEntity) AsURLEntity ¶
func (mme MailMessageEntity) AsURLEntity() (*URLEntity, bool)
AsURLEntity is the BasicEntity implementation for MailMessageEntity.
func (MailMessageEntity) MarshalJSON ¶
func (mme MailMessageEntity) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MailMessageEntity.
func (*MailMessageEntity) UnmarshalJSON ¶
func (mme *MailMessageEntity) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for MailMessageEntity struct.
type MailMessageEntityProperties ¶
type MailMessageEntityProperties struct { // FileEntityIds - READ-ONLY; The File entity ids of this mail message's attachments FileEntityIds *[]string `json:"fileEntityIds,omitempty"` // Recipient - READ-ONLY; The recipient of this mail message. Note that in case of multiple recipients the mail message is forked and each copy has one recipient Recipient *string `json:"recipient,omitempty"` // Urls - READ-ONLY; The Urls contained in this mail message Urls *[]string `json:"urls,omitempty"` // Threats - READ-ONLY; The threats of this mail message Threats *[]string `json:"threats,omitempty"` // P1Sender - READ-ONLY; The p1 sender's email address P1Sender *string `json:"p1Sender,omitempty"` // P1SenderDisplayName - READ-ONLY; The p1 sender's display name P1SenderDisplayName *string `json:"p1SenderDisplayName,omitempty"` // P1SenderDomain - READ-ONLY; The p1 sender's domain P1SenderDomain *string `json:"p1SenderDomain,omitempty"` // SenderIP - READ-ONLY; The sender's IP address SenderIP *string `json:"senderIP,omitempty"` // P2Sender - READ-ONLY; The p2 sender's email address P2Sender *string `json:"p2Sender,omitempty"` // P2SenderDisplayName - READ-ONLY; The p2 sender's display name P2SenderDisplayName *string `json:"p2SenderDisplayName,omitempty"` // P2SenderDomain - READ-ONLY; The p2 sender's domain P2SenderDomain *string `json:"p2SenderDomain,omitempty"` // ReceiveDate - READ-ONLY; The receive date of this message ReceiveDate *date.Time `json:"receiveDate,omitempty"` // NetworkMessageID - READ-ONLY; The network message id of this mail message NetworkMessageID *uuid.UUID `json:"networkMessageId,omitempty"` // InternetMessageID - READ-ONLY; The internet message id of this mail message InternetMessageID *string `json:"internetMessageId,omitempty"` // Subject - READ-ONLY; The subject of this mail message Subject *string `json:"subject,omitempty"` // Language - READ-ONLY; The language of this mail message Language *string `json:"language,omitempty"` // ThreatDetectionMethods - READ-ONLY; The threat detection methods ThreatDetectionMethods *[]string `json:"threatDetectionMethods,omitempty"` // BodyFingerprintBin1 - The bodyFingerprintBin1 BodyFingerprintBin1 *int32 `json:"bodyFingerprintBin1,omitempty"` // BodyFingerprintBin2 - The bodyFingerprintBin2 BodyFingerprintBin2 *int32 `json:"bodyFingerprintBin2,omitempty"` // BodyFingerprintBin3 - The bodyFingerprintBin3 BodyFingerprintBin3 *int32 `json:"bodyFingerprintBin3,omitempty"` // BodyFingerprintBin4 - The bodyFingerprintBin4 BodyFingerprintBin4 *int32 `json:"bodyFingerprintBin4,omitempty"` // BodyFingerprintBin5 - The bodyFingerprintBin5 BodyFingerprintBin5 *int32 `json:"bodyFingerprintBin5,omitempty"` // AntispamDirection - The directionality of this mail message. Possible values include: 'AntispamMailDirectionUnknown', 'AntispamMailDirectionInbound', 'AntispamMailDirectionOutbound', 'AntispamMailDirectionIntraorg' AntispamDirection AntispamMailDirection `json:"antispamDirection,omitempty"` // DeliveryAction - The delivery action of this mail message like Delivered, Blocked, Replaced etc. Possible values include: 'DeliveryActionUnknown', 'DeliveryActionDeliveredAsSpam', 'DeliveryActionDelivered', 'DeliveryActionBlocked', 'DeliveryActionReplaced' DeliveryAction DeliveryAction `json:"deliveryAction,omitempty"` // DeliveryLocation - The delivery location of this mail message like Inbox, JunkFolder etc. Possible values include: 'DeliveryLocationUnknown', 'DeliveryLocationInbox', 'DeliveryLocationJunkFolder', 'DeliveryLocationDeletedFolder', 'DeliveryLocationQuarantine', 'DeliveryLocationExternal', 'DeliveryLocationFailed', 'DeliveryLocationDropped', 'DeliveryLocationForwarded' DeliveryLocation DeliveryLocation `json:"deliveryLocation,omitempty"` // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]interface{} `json:"additionalData"` // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. FriendlyName *string `json:"friendlyName,omitempty"` }
MailMessageEntityProperties mail message entity property bag.
func (MailMessageEntityProperties) MarshalJSON ¶
func (mmep MailMessageEntityProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MailMessageEntityProperties.
type MailboxEntity ¶
type MailboxEntity struct { // MailboxEntityProperties - Mailbox entity properties *MailboxEntityProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' Kind KindBasicEntity `json:"kind,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
MailboxEntity represents a mailbox entity.
func (MailboxEntity) AsAccountEntity ¶
func (me MailboxEntity) AsAccountEntity() (*AccountEntity, bool)
AsAccountEntity is the BasicEntity implementation for MailboxEntity.
func (MailboxEntity) AsAzureResourceEntity ¶
func (me MailboxEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
AsAzureResourceEntity is the BasicEntity implementation for MailboxEntity.
func (MailboxEntity) AsBasicEntity ¶
func (me MailboxEntity) AsBasicEntity() (BasicEntity, bool)
AsBasicEntity is the BasicEntity implementation for MailboxEntity.
func (MailboxEntity) AsCloudApplicationEntity ¶
func (me MailboxEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
AsCloudApplicationEntity is the BasicEntity implementation for MailboxEntity.
func (MailboxEntity) AsDNSEntity ¶
func (me MailboxEntity) AsDNSEntity() (*DNSEntity, bool)
AsDNSEntity is the BasicEntity implementation for MailboxEntity.
func (MailboxEntity) AsEntity ¶
func (me MailboxEntity) AsEntity() (*Entity, bool)
AsEntity is the BasicEntity implementation for MailboxEntity.
func (MailboxEntity) AsFileEntity ¶
func (me MailboxEntity) AsFileEntity() (*FileEntity, bool)
AsFileEntity is the BasicEntity implementation for MailboxEntity.
func (MailboxEntity) AsFileHashEntity ¶
func (me MailboxEntity) AsFileHashEntity() (*FileHashEntity, bool)
AsFileHashEntity is the BasicEntity implementation for MailboxEntity.
func (MailboxEntity) AsHostEntity ¶
func (me MailboxEntity) AsHostEntity() (*HostEntity, bool)
AsHostEntity is the BasicEntity implementation for MailboxEntity.
func (MailboxEntity) AsHuntingBookmark ¶
func (me MailboxEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
AsHuntingBookmark is the BasicEntity implementation for MailboxEntity.
func (MailboxEntity) AsIPEntity ¶
func (me MailboxEntity) AsIPEntity() (*IPEntity, bool)
AsIPEntity is the BasicEntity implementation for MailboxEntity.
func (MailboxEntity) AsIoTDeviceEntity ¶
func (me MailboxEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
AsIoTDeviceEntity is the BasicEntity implementation for MailboxEntity.
func (MailboxEntity) AsMailClusterEntity ¶
func (me MailboxEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
AsMailClusterEntity is the BasicEntity implementation for MailboxEntity.
func (MailboxEntity) AsMailMessageEntity ¶
func (me MailboxEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
AsMailMessageEntity is the BasicEntity implementation for MailboxEntity.
func (MailboxEntity) AsMailboxEntity ¶
func (me MailboxEntity) AsMailboxEntity() (*MailboxEntity, bool)
AsMailboxEntity is the BasicEntity implementation for MailboxEntity.
func (MailboxEntity) AsMalwareEntity ¶
func (me MailboxEntity) AsMalwareEntity() (*MalwareEntity, bool)
AsMalwareEntity is the BasicEntity implementation for MailboxEntity.
func (MailboxEntity) AsProcessEntity ¶
func (me MailboxEntity) AsProcessEntity() (*ProcessEntity, bool)
AsProcessEntity is the BasicEntity implementation for MailboxEntity.
func (MailboxEntity) AsRegistryKeyEntity ¶
func (me MailboxEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
AsRegistryKeyEntity is the BasicEntity implementation for MailboxEntity.
func (MailboxEntity) AsRegistryValueEntity ¶
func (me MailboxEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
AsRegistryValueEntity is the BasicEntity implementation for MailboxEntity.
func (MailboxEntity) AsSecurityAlert ¶
func (me MailboxEntity) AsSecurityAlert() (*SecurityAlert, bool)
AsSecurityAlert is the BasicEntity implementation for MailboxEntity.
func (MailboxEntity) AsSecurityGroupEntity ¶
func (me MailboxEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
AsSecurityGroupEntity is the BasicEntity implementation for MailboxEntity.
func (MailboxEntity) AsSubmissionMailEntity ¶
func (me MailboxEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
AsSubmissionMailEntity is the BasicEntity implementation for MailboxEntity.
func (MailboxEntity) AsURLEntity ¶
func (me MailboxEntity) AsURLEntity() (*URLEntity, bool)
AsURLEntity is the BasicEntity implementation for MailboxEntity.
func (MailboxEntity) MarshalJSON ¶
func (me MailboxEntity) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MailboxEntity.
func (*MailboxEntity) UnmarshalJSON ¶
func (me *MailboxEntity) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for MailboxEntity struct.
type MailboxEntityProperties ¶
type MailboxEntityProperties struct { // MailboxPrimaryAddress - READ-ONLY; The mailbox's primary address MailboxPrimaryAddress *string `json:"mailboxPrimaryAddress,omitempty"` // DisplayName - READ-ONLY; The mailbox's display name DisplayName *string `json:"displayName,omitempty"` // Upn - READ-ONLY; The mailbox's UPN Upn *string `json:"upn,omitempty"` // ExternalDirectoryObjectID - READ-ONLY; The AzureAD identifier of mailbox. Similar to AadUserId in account entity but this property is specific to mailbox object on office side ExternalDirectoryObjectID *uuid.UUID `json:"externalDirectoryObjectId,omitempty"` // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]interface{} `json:"additionalData"` // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. FriendlyName *string `json:"friendlyName,omitempty"` }
MailboxEntityProperties mailbox entity property bag.
func (MailboxEntityProperties) MarshalJSON ¶
func (mep MailboxEntityProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MailboxEntityProperties.
type MalwareEntity ¶
type MalwareEntity struct { // MalwareEntityProperties - File entity properties *MalwareEntityProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' Kind KindBasicEntity `json:"kind,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
MalwareEntity represents a malware entity.
func (MalwareEntity) AsAccountEntity ¶
func (me MalwareEntity) AsAccountEntity() (*AccountEntity, bool)
AsAccountEntity is the BasicEntity implementation for MalwareEntity.
func (MalwareEntity) AsAzureResourceEntity ¶
func (me MalwareEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
AsAzureResourceEntity is the BasicEntity implementation for MalwareEntity.
func (MalwareEntity) AsBasicEntity ¶
func (me MalwareEntity) AsBasicEntity() (BasicEntity, bool)
AsBasicEntity is the BasicEntity implementation for MalwareEntity.
func (MalwareEntity) AsCloudApplicationEntity ¶
func (me MalwareEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
AsCloudApplicationEntity is the BasicEntity implementation for MalwareEntity.
func (MalwareEntity) AsDNSEntity ¶
func (me MalwareEntity) AsDNSEntity() (*DNSEntity, bool)
AsDNSEntity is the BasicEntity implementation for MalwareEntity.
func (MalwareEntity) AsEntity ¶
func (me MalwareEntity) AsEntity() (*Entity, bool)
AsEntity is the BasicEntity implementation for MalwareEntity.
func (MalwareEntity) AsFileEntity ¶
func (me MalwareEntity) AsFileEntity() (*FileEntity, bool)
AsFileEntity is the BasicEntity implementation for MalwareEntity.
func (MalwareEntity) AsFileHashEntity ¶
func (me MalwareEntity) AsFileHashEntity() (*FileHashEntity, bool)
AsFileHashEntity is the BasicEntity implementation for MalwareEntity.
func (MalwareEntity) AsHostEntity ¶
func (me MalwareEntity) AsHostEntity() (*HostEntity, bool)
AsHostEntity is the BasicEntity implementation for MalwareEntity.
func (MalwareEntity) AsHuntingBookmark ¶
func (me MalwareEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
AsHuntingBookmark is the BasicEntity implementation for MalwareEntity.
func (MalwareEntity) AsIPEntity ¶
func (me MalwareEntity) AsIPEntity() (*IPEntity, bool)
AsIPEntity is the BasicEntity implementation for MalwareEntity.
func (MalwareEntity) AsIoTDeviceEntity ¶
func (me MalwareEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
AsIoTDeviceEntity is the BasicEntity implementation for MalwareEntity.
func (MalwareEntity) AsMailClusterEntity ¶
func (me MalwareEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
AsMailClusterEntity is the BasicEntity implementation for MalwareEntity.
func (MalwareEntity) AsMailMessageEntity ¶
func (me MalwareEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
AsMailMessageEntity is the BasicEntity implementation for MalwareEntity.
func (MalwareEntity) AsMailboxEntity ¶
func (me MalwareEntity) AsMailboxEntity() (*MailboxEntity, bool)
AsMailboxEntity is the BasicEntity implementation for MalwareEntity.
func (MalwareEntity) AsMalwareEntity ¶
func (me MalwareEntity) AsMalwareEntity() (*MalwareEntity, bool)
AsMalwareEntity is the BasicEntity implementation for MalwareEntity.
func (MalwareEntity) AsProcessEntity ¶
func (me MalwareEntity) AsProcessEntity() (*ProcessEntity, bool)
AsProcessEntity is the BasicEntity implementation for MalwareEntity.
func (MalwareEntity) AsRegistryKeyEntity ¶
func (me MalwareEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
AsRegistryKeyEntity is the BasicEntity implementation for MalwareEntity.
func (MalwareEntity) AsRegistryValueEntity ¶
func (me MalwareEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
AsRegistryValueEntity is the BasicEntity implementation for MalwareEntity.
func (MalwareEntity) AsSecurityAlert ¶
func (me MalwareEntity) AsSecurityAlert() (*SecurityAlert, bool)
AsSecurityAlert is the BasicEntity implementation for MalwareEntity.
func (MalwareEntity) AsSecurityGroupEntity ¶
func (me MalwareEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
AsSecurityGroupEntity is the BasicEntity implementation for MalwareEntity.
func (MalwareEntity) AsSubmissionMailEntity ¶
func (me MalwareEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
AsSubmissionMailEntity is the BasicEntity implementation for MalwareEntity.
func (MalwareEntity) AsURLEntity ¶
func (me MalwareEntity) AsURLEntity() (*URLEntity, bool)
AsURLEntity is the BasicEntity implementation for MalwareEntity.
func (MalwareEntity) MarshalJSON ¶
func (me MalwareEntity) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MalwareEntity.
func (*MalwareEntity) UnmarshalJSON ¶
func (me *MalwareEntity) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for MalwareEntity struct.
type MalwareEntityProperties ¶
type MalwareEntityProperties struct { // Category - READ-ONLY; The malware category by the vendor, e.g. Trojan Category *string `json:"category,omitempty"` // FileEntityIds - READ-ONLY; List of linked file entity identifiers on which the malware was found FileEntityIds *[]string `json:"fileEntityIds,omitempty"` // MalwareName - READ-ONLY; The malware name by the vendor, e.g. Win32/Toga!rfn MalwareName *string `json:"malwareName,omitempty"` // ProcessEntityIds - READ-ONLY; List of linked process entity identifiers on which the malware was found. ProcessEntityIds *[]string `json:"processEntityIds,omitempty"` // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]interface{} `json:"additionalData"` // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. FriendlyName *string `json:"friendlyName,omitempty"` }
MalwareEntityProperties malware entity property bag.
func (MalwareEntityProperties) MarshalJSON ¶
func (mep MalwareEntityProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MalwareEntityProperties.
type MatchingMethod ¶
type MatchingMethod string
MatchingMethod enumerates the values for matching method.
const ( // MatchingMethodAllEntities Grouping alerts into a single incident if all the entities match MatchingMethodAllEntities MatchingMethod = "AllEntities" // MatchingMethodAnyAlert Grouping any alerts triggered by this rule into a single incident MatchingMethodAnyAlert MatchingMethod = "AnyAlert" // MatchingMethodSelected Grouping alerts into a single incident if the selected entities, custom details // and alert details match MatchingMethodSelected MatchingMethod = "Selected" )
func PossibleMatchingMethodValues ¶
func PossibleMatchingMethodValues() []MatchingMethod
PossibleMatchingMethodValues returns an array of possible values for the MatchingMethod const type.
type MetadataAuthor ¶
type MetadataAuthor struct { // Name - Name of the author. Company or person. Name *string `json:"name,omitempty"` // Email - Email of author contact Email *string `json:"email,omitempty"` // Link - Link for author/vendor page Link *string `json:"link,omitempty"` }
MetadataAuthor publisher or creator of the content item.
type MetadataCategories ¶
type MetadataCategories struct { // Domains - domain for the solution content item Domains *[]string `json:"domains,omitempty"` // Verticals - Industry verticals for the solution content item Verticals *[]string `json:"verticals,omitempty"` }
MetadataCategories ies for the solution content item
type MetadataClient ¶
type MetadataClient struct {
BaseClient
}
MetadataClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewMetadataClient ¶
func NewMetadataClient(subscriptionID string) MetadataClient
NewMetadataClient creates an instance of the MetadataClient client.
func NewMetadataClientWithBaseURI ¶
func NewMetadataClientWithBaseURI(baseURI string, subscriptionID string) MetadataClient
NewMetadataClientWithBaseURI creates an instance of the MetadataClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (MetadataClient) Create ¶
func (client MetadataClient) Create(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string, metadata MetadataModel) (result MetadataModel, err error)
Create create a Metadata. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. metadataName - the Metadata name. metadata - metadata resource.
func (MetadataClient) CreatePreparer ¶
func (client MetadataClient) CreatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string, metadata MetadataModel) (*http.Request, error)
CreatePreparer prepares the Create request.
func (MetadataClient) CreateResponder ¶
func (client MetadataClient) CreateResponder(resp *http.Response) (result MetadataModel, err error)
CreateResponder handles the response to the Create request. The method always closes the http.Response Body.
func (MetadataClient) CreateSender ¶
CreateSender sends the Create request. The method will close the http.Response Body if it receives an error.
func (MetadataClient) Delete ¶
func (client MetadataClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string) (result autorest.Response, err error)
Delete delete a Metadata. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. metadataName - the Metadata name.
func (MetadataClient) DeletePreparer ¶
func (client MetadataClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string) (*http.Request, error)
DeletePreparer prepares the Delete request.
func (MetadataClient) DeleteResponder ¶
func (client MetadataClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
DeleteResponder handles the response to the Delete request. The method always closes the http.Response Body.
func (MetadataClient) DeleteSender ¶
DeleteSender sends the Delete request. The method will close the http.Response Body if it receives an error.
func (MetadataClient) Get ¶
func (client MetadataClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string) (result MetadataModel, err error)
Get get a Metadata. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. metadataName - the Metadata name.
func (MetadataClient) GetPreparer ¶
func (client MetadataClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string) (*http.Request, error)
GetPreparer prepares the Get request.
func (MetadataClient) GetResponder ¶
func (client MetadataClient) GetResponder(resp *http.Response) (result MetadataModel, err error)
GetResponder handles the response to the Get request. The method always closes the http.Response Body.
func (MetadataClient) GetSender ¶
GetSender sends the Get request. The method will close the http.Response Body if it receives an error.
func (MetadataClient) List ¶
func (client MetadataClient) List(ctx context.Context, resourceGroupName string, workspaceName string, filter string, orderby string, top *int32, skip *int32) (result MetadataListPage, err error)
List list of all metadata Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. filter - filters the results, based on a Boolean condition. Optional. orderby - sorts the results. Optional. top - returns only the first n results. Optional. skip - used to skip n elements in the OData query (offset). Returns a nextLink to the next page of results if there are any left.
func (MetadataClient) ListComplete ¶
func (client MetadataClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, filter string, orderby string, top *int32, skip *int32) (result MetadataListIterator, err error)
ListComplete enumerates all values, automatically crossing page boundaries as required.
func (MetadataClient) ListPreparer ¶
func (client MetadataClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, filter string, orderby string, top *int32, skip *int32) (*http.Request, error)
ListPreparer prepares the List request.
func (MetadataClient) ListResponder ¶
func (client MetadataClient) ListResponder(resp *http.Response) (result MetadataList, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (MetadataClient) ListSender ¶
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
func (MetadataClient) Update ¶
func (client MetadataClient) Update(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string, metadataPatch MetadataPatch) (result MetadataModel, err error)
Update update an existing Metadata. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. metadataName - the Metadata name. metadataPatch - partial metadata request.
func (MetadataClient) UpdatePreparer ¶
func (client MetadataClient) UpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string, metadataPatch MetadataPatch) (*http.Request, error)
UpdatePreparer prepares the Update request.
func (MetadataClient) UpdateResponder ¶
func (client MetadataClient) UpdateResponder(resp *http.Response) (result MetadataModel, err error)
UpdateResponder handles the response to the Update request. The method always closes the http.Response Body.
func (MetadataClient) UpdateSender ¶
UpdateSender sends the Update request. The method will close the http.Response Body if it receives an error.
type MetadataDependencies ¶
type MetadataDependencies struct { // ContentID - Id of the content item we depend on ContentID *string `json:"contentId,omitempty"` // Kind - Type of the content item we depend on. Possible values include: 'KindDataConnector', 'KindDataType', 'KindWorkbook', 'KindWorkbookTemplate', 'KindPlaybook', 'KindPlaybookTemplate', 'KindAnalyticsRuleTemplate', 'KindAnalyticsRule', 'KindHuntingQuery', 'KindInvestigationQuery', 'KindParser', 'KindWatchlist', 'KindWatchlistTemplate', 'KindSolution' Kind Kind `json:"kind,omitempty"` // Version - Version of the the content item we depend on. Can be blank, * or missing to indicate any version fulfills the dependency. If version does not match our defined numeric format then an exact match is required. Version *string `json:"version,omitempty"` // Name - Name of the content item Name *string `json:"name,omitempty"` // Operator - Operator used for list of dependencies in criteria array. Possible values include: 'OperatorAND', 'OperatorOR' Operator Operator `json:"operator,omitempty"` // Criteria - This is the list of dependencies we must fulfill, according to the AND/OR operator Criteria *[]MetadataDependencies `json:"criteria,omitempty"` }
MetadataDependencies dependencies for the content item, what other content items it requires to work. Can describe more complex dependencies using a recursive/nested structure. For a single dependency an id/kind/version can be supplied or operator/criteria for complex dependencies.
type MetadataList ¶
type MetadataList struct { autorest.Response `json:"-"` // Value - Array of metadata. Value *[]MetadataModel `json:"value,omitempty"` // NextLink - READ-ONLY; URL to fetch the next page of metadata. NextLink *string `json:"nextLink,omitempty"` }
MetadataList list of all the metadata.
func (MetadataList) IsEmpty ¶
func (ml MetadataList) IsEmpty() bool
IsEmpty returns true if the ListResult contains no values.
func (MetadataList) MarshalJSON ¶
func (ml MetadataList) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MetadataList.
type MetadataListIterator ¶
type MetadataListIterator struct {
// contains filtered or unexported fields
}
MetadataListIterator provides access to a complete listing of MetadataModel values.
func NewMetadataListIterator ¶
func NewMetadataListIterator(page MetadataListPage) MetadataListIterator
Creates a new instance of the MetadataListIterator type.
func (*MetadataListIterator) Next ¶
func (iter *MetadataListIterator) Next() error
Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*MetadataListIterator) NextWithContext ¶
func (iter *MetadataListIterator) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.
func (MetadataListIterator) NotDone ¶
func (iter MetadataListIterator) NotDone() bool
NotDone returns true if the enumeration should be started or is not yet complete.
func (MetadataListIterator) Response ¶
func (iter MetadataListIterator) Response() MetadataList
Response returns the raw server response from the last page request.
func (MetadataListIterator) Value ¶
func (iter MetadataListIterator) Value() MetadataModel
Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.
type MetadataListPage ¶
type MetadataListPage struct {
// contains filtered or unexported fields
}
MetadataListPage contains a page of MetadataModel values.
func NewMetadataListPage ¶
func NewMetadataListPage(cur MetadataList, getNextPage func(context.Context, MetadataList) (MetadataList, error)) MetadataListPage
Creates a new instance of the MetadataListPage type.
func (*MetadataListPage) Next ¶
func (page *MetadataListPage) Next() error
Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*MetadataListPage) NextWithContext ¶
func (page *MetadataListPage) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.
func (MetadataListPage) NotDone ¶
func (page MetadataListPage) NotDone() bool
NotDone returns true if the page enumeration should be started or is not yet complete.
func (MetadataListPage) Response ¶
func (page MetadataListPage) Response() MetadataList
Response returns the raw server response from the last page request.
func (MetadataListPage) Values ¶
func (page MetadataListPage) Values() []MetadataModel
Values returns the slice of values for the current page or nil if there are no values.
type MetadataModel ¶
type MetadataModel struct { autorest.Response `json:"-"` // MetadataProperties - Metadata properties *MetadataProperties `json:"properties,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
MetadataModel metadata resource definition.
func (MetadataModel) MarshalJSON ¶
func (mm MetadataModel) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MetadataModel.
func (*MetadataModel) UnmarshalJSON ¶
func (mm *MetadataModel) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for MetadataModel struct.
type MetadataPatch ¶
type MetadataPatch struct { // MetadataPropertiesPatch - Metadata patch request body *MetadataPropertiesPatch `json:"properties,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
MetadataPatch metadata patch request body.
func (MetadataPatch) MarshalJSON ¶
func (mp MetadataPatch) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MetadataPatch.
func (*MetadataPatch) UnmarshalJSON ¶
func (mp *MetadataPatch) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for MetadataPatch struct.
type MetadataProperties ¶
type MetadataProperties struct { // ContentID - Static ID for the content. Used to identify dependencies and content from solutions or community. Hard-coded/static for out of the box content and solutions. Dynamic for user-created. This is the resource name ContentID *string `json:"contentId,omitempty"` // ParentID - Full parent resource ID of the content item the metadata is for. This is the full resource ID including the scope (subscription and resource group) ParentID *string `json:"parentId,omitempty"` // Version - Version of the content. Default and recommended format is numeric (e.g. 1, 1.0, 1.0.0, 1.0.0.0), following ARM template best practices. Can also be any string, but then we cannot guarantee any version checks Version *string `json:"version,omitempty"` // Kind - The kind of content the metadata is for. Possible values include: 'KindDataConnector', 'KindDataType', 'KindWorkbook', 'KindWorkbookTemplate', 'KindPlaybook', 'KindPlaybookTemplate', 'KindAnalyticsRuleTemplate', 'KindAnalyticsRule', 'KindHuntingQuery', 'KindInvestigationQuery', 'KindParser', 'KindWatchlist', 'KindWatchlistTemplate', 'KindSolution' Kind Kind `json:"kind,omitempty"` // Source - Source of the content. This is where/how it was created. Source *MetadataSource `json:"source,omitempty"` // Author - The creator of the content item. Author *MetadataAuthor `json:"author,omitempty"` // Support - Support information for the metadata - type, name, contact information Support *MetadataSupport `json:"support,omitempty"` // Dependencies - Dependencies for the content item, what other content items it requires to work. Can describe more complex dependencies using a recursive/nested structure. For a single dependency an id/kind/version can be supplied or operator/criteria for complex formats. Dependencies *MetadataDependencies `json:"dependencies,omitempty"` // Categories - Categories for the solution content item Categories *MetadataCategories `json:"categories,omitempty"` // Providers - Providers for the solution content item Providers *[]string `json:"providers,omitempty"` // FirstPublishDate - first publish date solution content item FirstPublishDate *date.Date `json:"firstPublishDate,omitempty"` // LastPublishDate - last publish date for the solution content item LastPublishDate *date.Date `json:"lastPublishDate,omitempty"` }
MetadataProperties metadata property bag.
type MetadataPropertiesPatch ¶
type MetadataPropertiesPatch struct { // ContentID - Static ID for the content. Used to identify dependencies and content from solutions or community. Hard-coded/static for out of the box content and solutions. Dynamic for user-created. This is the resource name ContentID *string `json:"contentId,omitempty"` // ParentID - Full parent resource ID of the content item the metadata is for. This is the full resource ID including the scope (subscription and resource group) ParentID *string `json:"parentId,omitempty"` // Version - Version of the content. Default and recommended format is numeric (e.g. 1, 1.0, 1.0.0, 1.0.0.0), following ARM template best practices. Can also be any string, but then we cannot guarantee any version checks Version *string `json:"version,omitempty"` // Kind - The kind of content the metadata is for. Possible values include: 'KindDataConnector', 'KindDataType', 'KindWorkbook', 'KindWorkbookTemplate', 'KindPlaybook', 'KindPlaybookTemplate', 'KindAnalyticsRuleTemplate', 'KindAnalyticsRule', 'KindHuntingQuery', 'KindInvestigationQuery', 'KindParser', 'KindWatchlist', 'KindWatchlistTemplate', 'KindSolution' Kind Kind `json:"kind,omitempty"` // Source - Source of the content. This is where/how it was created. Source *MetadataSource `json:"source,omitempty"` // Author - The creator of the content item. Author *MetadataAuthor `json:"author,omitempty"` // Support - Support information for the metadata - type, name, contact information Support *MetadataSupport `json:"support,omitempty"` // Dependencies - Dependencies for the content item, what other content items it requires to work. Can describe more complex dependencies using a recursive/nested structure. For a single dependency an id/kind/version can be supplied or operator/criteria for complex formats. Dependencies *MetadataDependencies `json:"dependencies,omitempty"` // Categories - Categories for the solution content item Categories *MetadataCategories `json:"categories,omitempty"` // Providers - Providers for the solution content item Providers *[]string `json:"providers,omitempty"` // FirstPublishDate - first publish date solution content item FirstPublishDate *date.Date `json:"firstPublishDate,omitempty"` // LastPublishDate - last publish date for the solution content item LastPublishDate *date.Date `json:"lastPublishDate,omitempty"` }
MetadataPropertiesPatch metadata property bag for patch requests. This is the same as the MetadataProperties, but with nothing required
type MetadataSource ¶
type MetadataSource struct { // Kind - Source type of the content. Possible values include: 'SourceKindLocalWorkspace', 'SourceKindCommunity', 'SourceKindSolution', 'SourceKindSourceRepository' Kind SourceKind `json:"kind,omitempty"` // Name - Name of the content source. The repo name, solution name, LA workspace name etc. Name *string `json:"name,omitempty"` // SourceID - ID of the content source. The solution ID, workspace ID, etc SourceID *string `json:"sourceId,omitempty"` }
MetadataSource the original source of the content item, where it comes from.
type MetadataSupport ¶
type MetadataSupport struct { // Tier - Type of support for content item. Possible values include: 'SupportTierMicrosoft', 'SupportTierPartner', 'SupportTierCommunity' Tier SupportTier `json:"tier,omitempty"` // Name - Name of the support contact. Company or person. Name *string `json:"name,omitempty"` // Email - Email of support contact Email *string `json:"email,omitempty"` // Link - Link for support help, like to support page to open a ticket etc. Link *string `json:"link,omitempty"` }
MetadataSupport support information for the content item.
type MicrosoftSecurityIncidentCreationAlertRule ¶
type MicrosoftSecurityIncidentCreationAlertRule struct { // MicrosoftSecurityIncidentCreationAlertRuleProperties - MicrosoftSecurityIncidentCreation rule properties *MicrosoftSecurityIncidentCreationAlertRuleProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicAlertRuleKindAlertRule', 'KindBasicAlertRuleKindMLBehaviorAnalytics', 'KindBasicAlertRuleKindFusion', 'KindBasicAlertRuleKindThreatIntelligence', 'KindBasicAlertRuleKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleKindScheduled', 'KindBasicAlertRuleKindNRT' Kind KindBasicAlertRule `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
MicrosoftSecurityIncidentCreationAlertRule represents MicrosoftSecurityIncidentCreation rule.
func (MicrosoftSecurityIncidentCreationAlertRule) AsAlertRule ¶
func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsAlertRule() (*AlertRule, bool)
AsAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule.
func (MicrosoftSecurityIncidentCreationAlertRule) AsBasicAlertRule ¶
func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsBasicAlertRule() (BasicAlertRule, bool)
AsBasicAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule.
func (MicrosoftSecurityIncidentCreationAlertRule) AsFusionAlertRule ¶
func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)
AsFusionAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule.
func (MicrosoftSecurityIncidentCreationAlertRule) AsMLBehaviorAnalyticsAlertRule ¶
func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsMLBehaviorAnalyticsAlertRule() (*MLBehaviorAnalyticsAlertRule, bool)
AsMLBehaviorAnalyticsAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule.
func (MicrosoftSecurityIncidentCreationAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule ¶
func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)
AsMicrosoftSecurityIncidentCreationAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule.
func (MicrosoftSecurityIncidentCreationAlertRule) AsNrtAlertRule ¶
func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsNrtAlertRule() (*NrtAlertRule, bool)
AsNrtAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule.
func (MicrosoftSecurityIncidentCreationAlertRule) AsScheduledAlertRule ¶
func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)
AsScheduledAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule.
func (MicrosoftSecurityIncidentCreationAlertRule) AsThreatIntelligenceAlertRule ¶
func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool)
AsThreatIntelligenceAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule.
func (MicrosoftSecurityIncidentCreationAlertRule) MarshalJSON ¶
func (msicar MicrosoftSecurityIncidentCreationAlertRule) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MicrosoftSecurityIncidentCreationAlertRule.
func (*MicrosoftSecurityIncidentCreationAlertRule) UnmarshalJSON ¶
func (msicar *MicrosoftSecurityIncidentCreationAlertRule) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for MicrosoftSecurityIncidentCreationAlertRule struct.
type MicrosoftSecurityIncidentCreationAlertRuleCommonProperties ¶
type MicrosoftSecurityIncidentCreationAlertRuleCommonProperties struct { // DisplayNamesFilter - the alerts' displayNames on which the cases will be generated DisplayNamesFilter *[]string `json:"displayNamesFilter,omitempty"` // DisplayNamesExcludeFilter - the alerts' displayNames on which the cases will not be generated DisplayNamesExcludeFilter *[]string `json:"displayNamesExcludeFilter,omitempty"` // ProductFilter - The alerts' productName on which the cases will be generated. Possible values include: 'MicrosoftSecurityProductNameMicrosoftCloudAppSecurity', 'MicrosoftSecurityProductNameAzureSecurityCenter', 'MicrosoftSecurityProductNameAzureAdvancedThreatProtection', 'MicrosoftSecurityProductNameAzureActiveDirectoryIdentityProtection', 'MicrosoftSecurityProductNameAzureSecurityCenterforIoT', 'MicrosoftSecurityProductNameOffice365AdvancedThreatProtection', 'MicrosoftSecurityProductNameMicrosoftDefenderAdvancedThreatProtection' ProductFilter MicrosoftSecurityProductName `json:"productFilter,omitempty"` // SeveritiesFilter - the alerts' severities on which the cases will be generated SeveritiesFilter *[]AlertSeverity `json:"severitiesFilter,omitempty"` }
MicrosoftSecurityIncidentCreationAlertRuleCommonProperties microsoftSecurityIncidentCreation rule common property bag.
type MicrosoftSecurityIncidentCreationAlertRuleProperties ¶
type MicrosoftSecurityIncidentCreationAlertRuleProperties struct { // AlertRuleTemplateName - The Name of the alert rule template used to create this rule. AlertRuleTemplateName *string `json:"alertRuleTemplateName,omitempty"` // Description - The description of the alert rule. Description *string `json:"description,omitempty"` // DisplayName - The display name for alerts created by this alert rule. DisplayName *string `json:"displayName,omitempty"` // Enabled - Determines whether this alert rule is enabled or disabled. Enabled *bool `json:"enabled,omitempty"` // LastModifiedUtc - READ-ONLY; The last time that this alert has been modified. LastModifiedUtc *date.Time `json:"lastModifiedUtc,omitempty"` // DisplayNamesFilter - the alerts' displayNames on which the cases will be generated DisplayNamesFilter *[]string `json:"displayNamesFilter,omitempty"` // DisplayNamesExcludeFilter - the alerts' displayNames on which the cases will not be generated DisplayNamesExcludeFilter *[]string `json:"displayNamesExcludeFilter,omitempty"` // ProductFilter - The alerts' productName on which the cases will be generated. Possible values include: 'MicrosoftSecurityProductNameMicrosoftCloudAppSecurity', 'MicrosoftSecurityProductNameAzureSecurityCenter', 'MicrosoftSecurityProductNameAzureAdvancedThreatProtection', 'MicrosoftSecurityProductNameAzureActiveDirectoryIdentityProtection', 'MicrosoftSecurityProductNameAzureSecurityCenterforIoT', 'MicrosoftSecurityProductNameOffice365AdvancedThreatProtection', 'MicrosoftSecurityProductNameMicrosoftDefenderAdvancedThreatProtection' ProductFilter MicrosoftSecurityProductName `json:"productFilter,omitempty"` // SeveritiesFilter - the alerts' severities on which the cases will be generated SeveritiesFilter *[]AlertSeverity `json:"severitiesFilter,omitempty"` }
MicrosoftSecurityIncidentCreationAlertRuleProperties microsoftSecurityIncidentCreation rule property bag.
func (MicrosoftSecurityIncidentCreationAlertRuleProperties) MarshalJSON ¶
func (msicarp MicrosoftSecurityIncidentCreationAlertRuleProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MicrosoftSecurityIncidentCreationAlertRuleProperties.
type MicrosoftSecurityIncidentCreationAlertRuleTemplate ¶
type MicrosoftSecurityIncidentCreationAlertRuleTemplate struct { // MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties - MicrosoftSecurityIncidentCreation rule template properties *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindMLBehaviorAnalytics', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindThreatIntelligence', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled', 'KindBasicAlertRuleTemplateKindNRT' Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
MicrosoftSecurityIncidentCreationAlertRuleTemplate represents MicrosoftSecurityIncidentCreation rule template.
func (MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsAlertRuleTemplate ¶
func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)
AsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate.
func (MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsBasicAlertRuleTemplate ¶
func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)
AsBasicAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate.
func (MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsFusionAlertRuleTemplate ¶
func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)
AsFusionAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate.
func (MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate ¶
func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate() (*MLBehaviorAnalyticsAlertRuleTemplate, bool)
AsMLBehaviorAnalyticsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate.
func (MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate ¶
func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)
AsMicrosoftSecurityIncidentCreationAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate.
func (MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsNrtAlertRuleTemplate ¶
func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool)
AsNrtAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate.
func (MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsScheduledAlertRuleTemplate ¶
func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)
AsScheduledAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate.
func (MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate ¶
func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool)
AsThreatIntelligenceAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate.
func (MicrosoftSecurityIncidentCreationAlertRuleTemplate) MarshalJSON ¶
func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MicrosoftSecurityIncidentCreationAlertRuleTemplate.
func (*MicrosoftSecurityIncidentCreationAlertRuleTemplate) UnmarshalJSON ¶
func (msicart *MicrosoftSecurityIncidentCreationAlertRuleTemplate) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for MicrosoftSecurityIncidentCreationAlertRuleTemplate struct.
type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties ¶
type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties struct { // AlertRulesCreatedByTemplateCount - the number of alert rules that were created by this template AlertRulesCreatedByTemplateCount *int32 `json:"alertRulesCreatedByTemplateCount,omitempty"` // LastUpdatedDateUTC - READ-ONLY; The last time that this alert rule template has been updated. LastUpdatedDateUTC *date.Time `json:"lastUpdatedDateUTC,omitempty"` // CreatedDateUTC - READ-ONLY; The time that this alert rule template has been added. CreatedDateUTC *date.Time `json:"createdDateUTC,omitempty"` // Description - The description of the alert rule template. Description *string `json:"description,omitempty"` // DisplayName - The display name for alert rule template. DisplayName *string `json:"displayName,omitempty"` // RequiredDataConnectors - The required data sources for this template RequiredDataConnectors *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"` // Status - The alert rule template status. Possible values include: 'TemplateStatusInstalled', 'TemplateStatusAvailable', 'TemplateStatusNotAvailable' Status TemplateStatus `json:"status,omitempty"` // DisplayNamesFilter - the alerts' displayNames on which the cases will be generated DisplayNamesFilter *[]string `json:"displayNamesFilter,omitempty"` // DisplayNamesExcludeFilter - the alerts' displayNames on which the cases will not be generated DisplayNamesExcludeFilter *[]string `json:"displayNamesExcludeFilter,omitempty"` // ProductFilter - The alerts' productName on which the cases will be generated. Possible values include: 'MicrosoftSecurityProductNameMicrosoftCloudAppSecurity', 'MicrosoftSecurityProductNameAzureSecurityCenter', 'MicrosoftSecurityProductNameAzureAdvancedThreatProtection', 'MicrosoftSecurityProductNameAzureActiveDirectoryIdentityProtection', 'MicrosoftSecurityProductNameAzureSecurityCenterforIoT', 'MicrosoftSecurityProductNameOffice365AdvancedThreatProtection', 'MicrosoftSecurityProductNameMicrosoftDefenderAdvancedThreatProtection' ProductFilter MicrosoftSecurityProductName `json:"productFilter,omitempty"` // SeveritiesFilter - the alerts' severities on which the cases will be generated SeveritiesFilter *[]AlertSeverity `json:"severitiesFilter,omitempty"` }
MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties microsoftSecurityIncidentCreation rule template properties
func (MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) MarshalJSON ¶
func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties.
type MicrosoftSecurityProductName ¶
type MicrosoftSecurityProductName string
MicrosoftSecurityProductName enumerates the values for microsoft security product name.
const ( // MicrosoftSecurityProductNameAzureActiveDirectoryIdentityProtection ... MicrosoftSecurityProductNameAzureActiveDirectoryIdentityProtection MicrosoftSecurityProductName = "Azure Active Directory Identity Protection" // MicrosoftSecurityProductNameAzureAdvancedThreatProtection ... MicrosoftSecurityProductNameAzureAdvancedThreatProtection MicrosoftSecurityProductName = "Azure Advanced Threat Protection" // MicrosoftSecurityProductNameAzureSecurityCenter ... MicrosoftSecurityProductNameAzureSecurityCenter MicrosoftSecurityProductName = "Azure Security Center" // MicrosoftSecurityProductNameAzureSecurityCenterforIoT ... MicrosoftSecurityProductNameAzureSecurityCenterforIoT MicrosoftSecurityProductName = "Azure Security Center for IoT" // MicrosoftSecurityProductNameMicrosoftCloudAppSecurity ... MicrosoftSecurityProductNameMicrosoftCloudAppSecurity MicrosoftSecurityProductName = "Microsoft Cloud App Security" // MicrosoftSecurityProductNameMicrosoftDefenderAdvancedThreatProtection ... MicrosoftSecurityProductNameMicrosoftDefenderAdvancedThreatProtection MicrosoftSecurityProductName = "Microsoft Defender Advanced Threat Protection" // MicrosoftSecurityProductNameOffice365AdvancedThreatProtection ... MicrosoftSecurityProductNameOffice365AdvancedThreatProtection MicrosoftSecurityProductName = "Office 365 Advanced Threat Protection" )
func PossibleMicrosoftSecurityProductNameValues ¶
func PossibleMicrosoftSecurityProductNameValues() []MicrosoftSecurityProductName
PossibleMicrosoftSecurityProductNameValues returns an array of possible values for the MicrosoftSecurityProductName const type.
type MtpCheckRequirements ¶
type MtpCheckRequirements struct { // MTPCheckRequirementsProperties - MTP (Microsoft Threat Protection) requirements check properties. *MTPCheckRequirementsProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` }
MtpCheckRequirements represents MTP (Microsoft Threat Protection) requirements check request.
func (MtpCheckRequirements) AsAADCheckRequirements ¶
func (mcr MtpCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements.
func (MtpCheckRequirements) AsAATPCheckRequirements ¶
func (mcr MtpCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements.
func (MtpCheckRequirements) AsASCCheckRequirements ¶
func (mcr MtpCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements.
func (MtpCheckRequirements) AsAwsCloudTrailCheckRequirements ¶
func (mcr MtpCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements.
func (MtpCheckRequirements) AsAwsS3CheckRequirements ¶
func (mcr MtpCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements.
func (MtpCheckRequirements) AsBasicDataConnectorsCheckRequirements ¶
func (mcr MtpCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements.
func (MtpCheckRequirements) AsDataConnectorsCheckRequirements ¶
func (mcr MtpCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements.
func (MtpCheckRequirements) AsDynamics365CheckRequirements ¶
func (mcr MtpCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements.
func (MtpCheckRequirements) AsMCASCheckRequirements ¶
func (mcr MtpCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements.
func (MtpCheckRequirements) AsMDATPCheckRequirements ¶
func (mcr MtpCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements.
func (MtpCheckRequirements) AsMSTICheckRequirements ¶
func (mcr MtpCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements.
func (MtpCheckRequirements) AsMtpCheckRequirements ¶
func (mcr MtpCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements.
func (MtpCheckRequirements) AsOfficeATPCheckRequirements ¶
func (mcr MtpCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements.
func (MtpCheckRequirements) AsOfficeIRMCheckRequirements ¶
func (mcr MtpCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements.
func (MtpCheckRequirements) AsTICheckRequirements ¶
func (mcr MtpCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements.
func (MtpCheckRequirements) AsTiTaxiiCheckRequirements ¶
func (mcr MtpCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements.
func (MtpCheckRequirements) MarshalJSON ¶
func (mcr MtpCheckRequirements) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MtpCheckRequirements.
func (*MtpCheckRequirements) UnmarshalJSON ¶
func (mcr *MtpCheckRequirements) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for MtpCheckRequirements struct.
type NrtAlertRule ¶
type NrtAlertRule struct { // NrtAlertRuleProperties - NRT alert rule properties *NrtAlertRuleProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicAlertRuleKindAlertRule', 'KindBasicAlertRuleKindMLBehaviorAnalytics', 'KindBasicAlertRuleKindFusion', 'KindBasicAlertRuleKindThreatIntelligence', 'KindBasicAlertRuleKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleKindScheduled', 'KindBasicAlertRuleKindNRT' Kind KindBasicAlertRule `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
NrtAlertRule represents NRT alert rule.
func (NrtAlertRule) AsAlertRule ¶
func (nar NrtAlertRule) AsAlertRule() (*AlertRule, bool)
AsAlertRule is the BasicAlertRule implementation for NrtAlertRule.
func (NrtAlertRule) AsBasicAlertRule ¶
func (nar NrtAlertRule) AsBasicAlertRule() (BasicAlertRule, bool)
AsBasicAlertRule is the BasicAlertRule implementation for NrtAlertRule.
func (NrtAlertRule) AsFusionAlertRule ¶
func (nar NrtAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)
AsFusionAlertRule is the BasicAlertRule implementation for NrtAlertRule.
func (NrtAlertRule) AsMLBehaviorAnalyticsAlertRule ¶
func (nar NrtAlertRule) AsMLBehaviorAnalyticsAlertRule() (*MLBehaviorAnalyticsAlertRule, bool)
AsMLBehaviorAnalyticsAlertRule is the BasicAlertRule implementation for NrtAlertRule.
func (NrtAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule ¶
func (nar NrtAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)
AsMicrosoftSecurityIncidentCreationAlertRule is the BasicAlertRule implementation for NrtAlertRule.
func (NrtAlertRule) AsNrtAlertRule ¶
func (nar NrtAlertRule) AsNrtAlertRule() (*NrtAlertRule, bool)
AsNrtAlertRule is the BasicAlertRule implementation for NrtAlertRule.
func (NrtAlertRule) AsScheduledAlertRule ¶
func (nar NrtAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)
AsScheduledAlertRule is the BasicAlertRule implementation for NrtAlertRule.
func (NrtAlertRule) AsThreatIntelligenceAlertRule ¶
func (nar NrtAlertRule) AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool)
AsThreatIntelligenceAlertRule is the BasicAlertRule implementation for NrtAlertRule.
func (NrtAlertRule) MarshalJSON ¶
func (nar NrtAlertRule) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for NrtAlertRule.
func (*NrtAlertRule) UnmarshalJSON ¶
func (nar *NrtAlertRule) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for NrtAlertRule struct.
type NrtAlertRuleProperties ¶
type NrtAlertRuleProperties struct { // AlertRuleTemplateName - The Name of the alert rule template used to create this rule. AlertRuleTemplateName *string `json:"alertRuleTemplateName,omitempty"` // TemplateVersion - The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2> TemplateVersion *string `json:"templateVersion,omitempty"` // Description - The description of the alert rule. Description *string `json:"description,omitempty"` // Query - The query that creates alerts for this rule. Query *string `json:"query,omitempty"` // DisplayName - The display name for alerts created by this alert rule. DisplayName *string `json:"displayName,omitempty"` // Enabled - Determines whether this alert rule is enabled or disabled. Enabled *bool `json:"enabled,omitempty"` // LastModifiedUtc - READ-ONLY; The last time that this alert rule has been modified. LastModifiedUtc *date.Time `json:"lastModifiedUtc,omitempty"` // SuppressionDuration - The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered. SuppressionDuration *string `json:"suppressionDuration,omitempty"` // SuppressionEnabled - Determines whether the suppression for this alert rule is enabled or disabled. SuppressionEnabled *bool `json:"suppressionEnabled,omitempty"` // Severity - The severity for alerts created by this alert rule. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' Severity AlertSeverity `json:"severity,omitempty"` // Tactics - The tactics of the alert rule Tactics *[]AttackTactic `json:"tactics,omitempty"` // IncidentConfiguration - The settings of the incidents that created from alerts triggered by this analytics rule IncidentConfiguration *IncidentConfiguration `json:"incidentConfiguration,omitempty"` // CustomDetails - Dictionary of string key-value pairs of columns to be attached to the alert CustomDetails map[string]*string `json:"customDetails"` // EntityMappings - Array of the entity mappings of the alert rule EntityMappings *[]EntityMapping `json:"entityMappings,omitempty"` // AlertDetailsOverride - The alert details override settings AlertDetailsOverride *AlertDetailsOverride `json:"alertDetailsOverride,omitempty"` }
NrtAlertRuleProperties nrt alert rule base property bag.
func (NrtAlertRuleProperties) MarshalJSON ¶
func (narp NrtAlertRuleProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for NrtAlertRuleProperties.
type NrtAlertRuleTemplate ¶
type NrtAlertRuleTemplate struct { // NrtAlertRuleTemplateProperties - NRT alert rule template properties *NrtAlertRuleTemplateProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindMLBehaviorAnalytics', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindThreatIntelligence', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled', 'KindBasicAlertRuleTemplateKindNRT' Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
NrtAlertRuleTemplate represents NRT alert rule template.
func (NrtAlertRuleTemplate) AsAlertRuleTemplate ¶
func (nart NrtAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)
AsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for NrtAlertRuleTemplate.
func (NrtAlertRuleTemplate) AsBasicAlertRuleTemplate ¶
func (nart NrtAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)
AsBasicAlertRuleTemplate is the BasicAlertRuleTemplate implementation for NrtAlertRuleTemplate.
func (NrtAlertRuleTemplate) AsFusionAlertRuleTemplate ¶
func (nart NrtAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)
AsFusionAlertRuleTemplate is the BasicAlertRuleTemplate implementation for NrtAlertRuleTemplate.
func (NrtAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate ¶
func (nart NrtAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate() (*MLBehaviorAnalyticsAlertRuleTemplate, bool)
AsMLBehaviorAnalyticsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for NrtAlertRuleTemplate.
func (NrtAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate ¶
func (nart NrtAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)
AsMicrosoftSecurityIncidentCreationAlertRuleTemplate is the BasicAlertRuleTemplate implementation for NrtAlertRuleTemplate.
func (NrtAlertRuleTemplate) AsNrtAlertRuleTemplate ¶
func (nart NrtAlertRuleTemplate) AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool)
AsNrtAlertRuleTemplate is the BasicAlertRuleTemplate implementation for NrtAlertRuleTemplate.
func (NrtAlertRuleTemplate) AsScheduledAlertRuleTemplate ¶
func (nart NrtAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)
AsScheduledAlertRuleTemplate is the BasicAlertRuleTemplate implementation for NrtAlertRuleTemplate.
func (NrtAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate ¶
func (nart NrtAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool)
AsThreatIntelligenceAlertRuleTemplate is the BasicAlertRuleTemplate implementation for NrtAlertRuleTemplate.
func (NrtAlertRuleTemplate) MarshalJSON ¶
func (nart NrtAlertRuleTemplate) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for NrtAlertRuleTemplate.
func (*NrtAlertRuleTemplate) UnmarshalJSON ¶
func (nart *NrtAlertRuleTemplate) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for NrtAlertRuleTemplate struct.
type NrtAlertRuleTemplateProperties ¶
type NrtAlertRuleTemplateProperties struct { // AlertRulesCreatedByTemplateCount - the number of alert rules that were created by this template AlertRulesCreatedByTemplateCount *int32 `json:"alertRulesCreatedByTemplateCount,omitempty"` // LastUpdatedDateUTC - READ-ONLY; The last time that this alert rule template has been updated. LastUpdatedDateUTC *date.Time `json:"lastUpdatedDateUTC,omitempty"` // CreatedDateUTC - READ-ONLY; The time that this alert rule template has been added. CreatedDateUTC *date.Time `json:"createdDateUTC,omitempty"` // Description - The description of the alert rule template. Description *string `json:"description,omitempty"` // DisplayName - The display name for alert rule template. DisplayName *string `json:"displayName,omitempty"` // RequiredDataConnectors - The required data sources for this template RequiredDataConnectors *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"` // Status - The alert rule template status. Possible values include: 'TemplateStatusInstalled', 'TemplateStatusAvailable', 'TemplateStatusNotAvailable' Status TemplateStatus `json:"status,omitempty"` // Query - The query that creates alerts for this rule. Query *string `json:"query,omitempty"` // Severity - The severity for alerts created by this alert rule. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' Severity AlertSeverity `json:"severity,omitempty"` // Tactics - The tactics of the alert rule Tactics *[]AttackTactic `json:"tactics,omitempty"` // Version - The version of this template - in format <a.b.c>, where all are numbers. For example <1.0.2>. Version *string `json:"version,omitempty"` // CustomDetails - Dictionary of string key-value pairs of columns to be attached to the alert CustomDetails map[string]*string `json:"customDetails"` // EntityMappings - Array of the entity mappings of the alert rule EntityMappings *[]EntityMapping `json:"entityMappings,omitempty"` // AlertDetailsOverride - The alert details override settings AlertDetailsOverride *AlertDetailsOverride `json:"alertDetailsOverride,omitempty"` }
NrtAlertRuleTemplateProperties NRT alert rule template properties
func (NrtAlertRuleTemplateProperties) MarshalJSON ¶
func (nart NrtAlertRuleTemplateProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for NrtAlertRuleTemplateProperties.
type OSFamily ¶
type OSFamily string
OSFamily enumerates the values for os family.
const ( // OSFamilyAndroid Host with Android operating system. OSFamilyAndroid OSFamily = "Android" // OSFamilyIOS Host with IOS operating system. OSFamilyIOS OSFamily = "IOS" // OSFamilyLinux Host with Linux operating system. OSFamilyLinux OSFamily = "Linux" // OSFamilyUnknown Host with Unknown operating system. OSFamilyUnknown OSFamily = "Unknown" // OSFamilyWindows Host with Windows operating system. OSFamilyWindows OSFamily = "Windows" )
func PossibleOSFamilyValues ¶
func PossibleOSFamilyValues() []OSFamily
PossibleOSFamilyValues returns an array of possible values for the OSFamily const type.
type OfficeATPCheckRequirements ¶
type OfficeATPCheckRequirements struct { // OfficeATPCheckRequirementsProperties - OfficeATP (Office 365 Advanced Threat Protection) requirements check properties. *OfficeATPCheckRequirementsProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` }
OfficeATPCheckRequirements represents OfficeATP (Office 365 Advanced Threat Protection) requirements check request.
func (OfficeATPCheckRequirements) AsAADCheckRequirements ¶
func (oacr OfficeATPCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements.
func (OfficeATPCheckRequirements) AsAATPCheckRequirements ¶
func (oacr OfficeATPCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements.
func (OfficeATPCheckRequirements) AsASCCheckRequirements ¶
func (oacr OfficeATPCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements.
func (OfficeATPCheckRequirements) AsAwsCloudTrailCheckRequirements ¶
func (oacr OfficeATPCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements.
func (OfficeATPCheckRequirements) AsAwsS3CheckRequirements ¶
func (oacr OfficeATPCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements.
func (OfficeATPCheckRequirements) AsBasicDataConnectorsCheckRequirements ¶
func (oacr OfficeATPCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements.
func (OfficeATPCheckRequirements) AsDataConnectorsCheckRequirements ¶
func (oacr OfficeATPCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements.
func (OfficeATPCheckRequirements) AsDynamics365CheckRequirements ¶
func (oacr OfficeATPCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements.
func (OfficeATPCheckRequirements) AsMCASCheckRequirements ¶
func (oacr OfficeATPCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements.
func (OfficeATPCheckRequirements) AsMDATPCheckRequirements ¶
func (oacr OfficeATPCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements.
func (OfficeATPCheckRequirements) AsMSTICheckRequirements ¶
func (oacr OfficeATPCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements.
func (OfficeATPCheckRequirements) AsMtpCheckRequirements ¶
func (oacr OfficeATPCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements.
func (OfficeATPCheckRequirements) AsOfficeATPCheckRequirements ¶
func (oacr OfficeATPCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements.
func (OfficeATPCheckRequirements) AsOfficeIRMCheckRequirements ¶
func (oacr OfficeATPCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements.
func (OfficeATPCheckRequirements) AsTICheckRequirements ¶
func (oacr OfficeATPCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements.
func (OfficeATPCheckRequirements) AsTiTaxiiCheckRequirements ¶
func (oacr OfficeATPCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements.
func (OfficeATPCheckRequirements) MarshalJSON ¶
func (oacr OfficeATPCheckRequirements) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for OfficeATPCheckRequirements.
func (*OfficeATPCheckRequirements) UnmarshalJSON ¶
func (oacr *OfficeATPCheckRequirements) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for OfficeATPCheckRequirements struct.
type OfficeATPCheckRequirementsProperties ¶
type OfficeATPCheckRequirementsProperties struct { // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` }
OfficeATPCheckRequirementsProperties officeATP (Office 365 Advanced Threat Protection) requirements check properties.
type OfficeATPDataConnector ¶
type OfficeATPDataConnector struct { // OfficeATPDataConnectorProperties - OfficeATP (Office 365 Advanced Threat Protection) data connector properties. *OfficeATPDataConnectorProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' Kind KindBasicDataConnector `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
OfficeATPDataConnector represents OfficeATP (Office 365 Advanced Threat Protection) data connector.
func (OfficeATPDataConnector) AsAADDataConnector ¶
func (oadc OfficeATPDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
AsAADDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector.
func (OfficeATPDataConnector) AsAATPDataConnector ¶
func (oadc OfficeATPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
AsAATPDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector.
func (OfficeATPDataConnector) AsASCDataConnector ¶
func (oadc OfficeATPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
AsASCDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector.
func (OfficeATPDataConnector) AsAwsCloudTrailDataConnector ¶
func (oadc OfficeATPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector.
func (OfficeATPDataConnector) AsAwsS3DataConnector ¶
func (oadc OfficeATPDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
AsAwsS3DataConnector is the BasicDataConnector implementation for OfficeATPDataConnector.
func (OfficeATPDataConnector) AsBasicDataConnector ¶
func (oadc OfficeATPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
AsBasicDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector.
func (OfficeATPDataConnector) AsCodelessAPIPollingDataConnector ¶
func (oadc OfficeATPDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector.
func (OfficeATPDataConnector) AsCodelessUIDataConnector ¶
func (oadc OfficeATPDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
AsCodelessUIDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector.
func (OfficeATPDataConnector) AsDataConnector ¶
func (oadc OfficeATPDataConnector) AsDataConnector() (*DataConnector, bool)
AsDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector.
func (OfficeATPDataConnector) AsDynamics365DataConnector ¶
func (oadc OfficeATPDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
AsDynamics365DataConnector is the BasicDataConnector implementation for OfficeATPDataConnector.
func (OfficeATPDataConnector) AsMCASDataConnector ¶
func (oadc OfficeATPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
AsMCASDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector.
func (OfficeATPDataConnector) AsMDATPDataConnector ¶
func (oadc OfficeATPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
AsMDATPDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector.
func (OfficeATPDataConnector) AsMSTIDataConnector ¶
func (oadc OfficeATPDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
AsMSTIDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector.
func (OfficeATPDataConnector) AsMTPDataConnector ¶
func (oadc OfficeATPDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
AsMTPDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector.
func (OfficeATPDataConnector) AsOfficeATPDataConnector ¶
func (oadc OfficeATPDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
AsOfficeATPDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector.
func (OfficeATPDataConnector) AsOfficeDataConnector ¶
func (oadc OfficeATPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
AsOfficeDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector.
func (OfficeATPDataConnector) AsOfficeIRMDataConnector ¶
func (oadc OfficeATPDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
AsOfficeIRMDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector.
func (OfficeATPDataConnector) AsTIDataConnector ¶
func (oadc OfficeATPDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
AsTIDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector.
func (OfficeATPDataConnector) AsTiTaxiiDataConnector ¶
func (oadc OfficeATPDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
AsTiTaxiiDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector.
func (OfficeATPDataConnector) MarshalJSON ¶
func (oadc OfficeATPDataConnector) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for OfficeATPDataConnector.
func (*OfficeATPDataConnector) UnmarshalJSON ¶
func (oadc *OfficeATPDataConnector) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for OfficeATPDataConnector struct.
type OfficeATPDataConnectorProperties ¶
type OfficeATPDataConnectorProperties struct { // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` // DataTypes - The available data types for the connector. DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"` }
OfficeATPDataConnectorProperties officeATP (Office 365 Advanced Threat Protection) data connector properties.
type OfficeConsent ¶
type OfficeConsent struct { autorest.Response `json:"-"` // OfficeConsentProperties - Office consent properties *OfficeConsentProperties `json:"properties,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
OfficeConsent consent for Office365 tenant that already made.
func (OfficeConsent) MarshalJSON ¶
func (oc OfficeConsent) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for OfficeConsent.
func (*OfficeConsent) UnmarshalJSON ¶
func (oc *OfficeConsent) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for OfficeConsent struct.
type OfficeConsentList ¶
type OfficeConsentList struct { autorest.Response `json:"-"` // NextLink - READ-ONLY; URL to fetch the next set of office consents. NextLink *string `json:"nextLink,omitempty"` // Value - Array of the consents. Value *[]OfficeConsent `json:"value,omitempty"` }
OfficeConsentList list of all the office365 consents.
func (OfficeConsentList) IsEmpty ¶
func (ocl OfficeConsentList) IsEmpty() bool
IsEmpty returns true if the ListResult contains no values.
func (OfficeConsentList) MarshalJSON ¶
func (ocl OfficeConsentList) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for OfficeConsentList.
type OfficeConsentListIterator ¶
type OfficeConsentListIterator struct {
// contains filtered or unexported fields
}
OfficeConsentListIterator provides access to a complete listing of OfficeConsent values.
func NewOfficeConsentListIterator ¶
func NewOfficeConsentListIterator(page OfficeConsentListPage) OfficeConsentListIterator
Creates a new instance of the OfficeConsentListIterator type.
func (*OfficeConsentListIterator) Next ¶
func (iter *OfficeConsentListIterator) Next() error
Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*OfficeConsentListIterator) NextWithContext ¶
func (iter *OfficeConsentListIterator) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.
func (OfficeConsentListIterator) NotDone ¶
func (iter OfficeConsentListIterator) NotDone() bool
NotDone returns true if the enumeration should be started or is not yet complete.
func (OfficeConsentListIterator) Response ¶
func (iter OfficeConsentListIterator) Response() OfficeConsentList
Response returns the raw server response from the last page request.
func (OfficeConsentListIterator) Value ¶
func (iter OfficeConsentListIterator) Value() OfficeConsent
Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.
type OfficeConsentListPage ¶
type OfficeConsentListPage struct {
// contains filtered or unexported fields
}
OfficeConsentListPage contains a page of OfficeConsent values.
func NewOfficeConsentListPage ¶
func NewOfficeConsentListPage(cur OfficeConsentList, getNextPage func(context.Context, OfficeConsentList) (OfficeConsentList, error)) OfficeConsentListPage
Creates a new instance of the OfficeConsentListPage type.
func (*OfficeConsentListPage) Next ¶
func (page *OfficeConsentListPage) Next() error
Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*OfficeConsentListPage) NextWithContext ¶
func (page *OfficeConsentListPage) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.
func (OfficeConsentListPage) NotDone ¶
func (page OfficeConsentListPage) NotDone() bool
NotDone returns true if the page enumeration should be started or is not yet complete.
func (OfficeConsentListPage) Response ¶
func (page OfficeConsentListPage) Response() OfficeConsentList
Response returns the raw server response from the last page request.
func (OfficeConsentListPage) Values ¶
func (page OfficeConsentListPage) Values() []OfficeConsent
Values returns the slice of values for the current page or nil if there are no values.
type OfficeConsentProperties ¶
type OfficeConsentProperties struct { // TenantID - The tenantId of the Office365 with the consent. TenantID *string `json:"tenantId,omitempty"` // ConsentID - Help to easily cascade among the data layers. ConsentID *string `json:"consentId,omitempty"` }
OfficeConsentProperties consent property bag.
type OfficeConsentsClient ¶
type OfficeConsentsClient struct {
BaseClient
}
OfficeConsentsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewOfficeConsentsClient ¶
func NewOfficeConsentsClient(subscriptionID string) OfficeConsentsClient
NewOfficeConsentsClient creates an instance of the OfficeConsentsClient client.
func NewOfficeConsentsClientWithBaseURI ¶
func NewOfficeConsentsClientWithBaseURI(baseURI string, subscriptionID string) OfficeConsentsClient
NewOfficeConsentsClientWithBaseURI creates an instance of the OfficeConsentsClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (OfficeConsentsClient) Delete ¶
func (client OfficeConsentsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, consentID string) (result autorest.Response, err error)
Delete delete the office365 consent. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. consentID - consent ID
func (OfficeConsentsClient) DeletePreparer ¶
func (client OfficeConsentsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, consentID string) (*http.Request, error)
DeletePreparer prepares the Delete request.
func (OfficeConsentsClient) DeleteResponder ¶
func (client OfficeConsentsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
DeleteResponder handles the response to the Delete request. The method always closes the http.Response Body.
func (OfficeConsentsClient) DeleteSender ¶
DeleteSender sends the Delete request. The method will close the http.Response Body if it receives an error.
func (OfficeConsentsClient) Get ¶
func (client OfficeConsentsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, consentID string) (result OfficeConsent, err error)
Get gets an office365 consent. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. consentID - consent ID
func (OfficeConsentsClient) GetPreparer ¶
func (client OfficeConsentsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, consentID string) (*http.Request, error)
GetPreparer prepares the Get request.
func (OfficeConsentsClient) GetResponder ¶
func (client OfficeConsentsClient) GetResponder(resp *http.Response) (result OfficeConsent, err error)
GetResponder handles the response to the Get request. The method always closes the http.Response Body.
func (OfficeConsentsClient) GetSender ¶
GetSender sends the Get request. The method will close the http.Response Body if it receives an error.
func (OfficeConsentsClient) List ¶
func (client OfficeConsentsClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result OfficeConsentListPage, err error)
List gets all office365 consents. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace.
func (OfficeConsentsClient) ListComplete ¶
func (client OfficeConsentsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result OfficeConsentListIterator, err error)
ListComplete enumerates all values, automatically crossing page boundaries as required.
func (OfficeConsentsClient) ListPreparer ¶
func (client OfficeConsentsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
ListPreparer prepares the List request.
func (OfficeConsentsClient) ListResponder ¶
func (client OfficeConsentsClient) ListResponder(resp *http.Response) (result OfficeConsentList, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (OfficeConsentsClient) ListSender ¶
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
type OfficeDataConnector ¶
type OfficeDataConnector struct { // OfficeDataConnectorProperties - Office data connector properties. *OfficeDataConnectorProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' Kind KindBasicDataConnector `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
OfficeDataConnector represents office data connector.
func (OfficeDataConnector) AsAADDataConnector ¶
func (odc OfficeDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
AsAADDataConnector is the BasicDataConnector implementation for OfficeDataConnector.
func (OfficeDataConnector) AsAATPDataConnector ¶
func (odc OfficeDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
AsAATPDataConnector is the BasicDataConnector implementation for OfficeDataConnector.
func (OfficeDataConnector) AsASCDataConnector ¶
func (odc OfficeDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
AsASCDataConnector is the BasicDataConnector implementation for OfficeDataConnector.
func (OfficeDataConnector) AsAwsCloudTrailDataConnector ¶
func (odc OfficeDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for OfficeDataConnector.
func (OfficeDataConnector) AsAwsS3DataConnector ¶
func (odc OfficeDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
AsAwsS3DataConnector is the BasicDataConnector implementation for OfficeDataConnector.
func (OfficeDataConnector) AsBasicDataConnector ¶
func (odc OfficeDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
AsBasicDataConnector is the BasicDataConnector implementation for OfficeDataConnector.
func (OfficeDataConnector) AsCodelessAPIPollingDataConnector ¶
func (odc OfficeDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for OfficeDataConnector.
func (OfficeDataConnector) AsCodelessUIDataConnector ¶
func (odc OfficeDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
AsCodelessUIDataConnector is the BasicDataConnector implementation for OfficeDataConnector.
func (OfficeDataConnector) AsDataConnector ¶
func (odc OfficeDataConnector) AsDataConnector() (*DataConnector, bool)
AsDataConnector is the BasicDataConnector implementation for OfficeDataConnector.
func (OfficeDataConnector) AsDynamics365DataConnector ¶
func (odc OfficeDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
AsDynamics365DataConnector is the BasicDataConnector implementation for OfficeDataConnector.
func (OfficeDataConnector) AsMCASDataConnector ¶
func (odc OfficeDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
AsMCASDataConnector is the BasicDataConnector implementation for OfficeDataConnector.
func (OfficeDataConnector) AsMDATPDataConnector ¶
func (odc OfficeDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
AsMDATPDataConnector is the BasicDataConnector implementation for OfficeDataConnector.
func (OfficeDataConnector) AsMSTIDataConnector ¶
func (odc OfficeDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
AsMSTIDataConnector is the BasicDataConnector implementation for OfficeDataConnector.
func (OfficeDataConnector) AsMTPDataConnector ¶
func (odc OfficeDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
AsMTPDataConnector is the BasicDataConnector implementation for OfficeDataConnector.
func (OfficeDataConnector) AsOfficeATPDataConnector ¶
func (odc OfficeDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
AsOfficeATPDataConnector is the BasicDataConnector implementation for OfficeDataConnector.
func (OfficeDataConnector) AsOfficeDataConnector ¶
func (odc OfficeDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
AsOfficeDataConnector is the BasicDataConnector implementation for OfficeDataConnector.
func (OfficeDataConnector) AsOfficeIRMDataConnector ¶
func (odc OfficeDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
AsOfficeIRMDataConnector is the BasicDataConnector implementation for OfficeDataConnector.
func (OfficeDataConnector) AsTIDataConnector ¶
func (odc OfficeDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
AsTIDataConnector is the BasicDataConnector implementation for OfficeDataConnector.
func (OfficeDataConnector) AsTiTaxiiDataConnector ¶
func (odc OfficeDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
AsTiTaxiiDataConnector is the BasicDataConnector implementation for OfficeDataConnector.
func (OfficeDataConnector) MarshalJSON ¶
func (odc OfficeDataConnector) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for OfficeDataConnector.
func (*OfficeDataConnector) UnmarshalJSON ¶
func (odc *OfficeDataConnector) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for OfficeDataConnector struct.
type OfficeDataConnectorDataTypes ¶
type OfficeDataConnectorDataTypes struct { // Exchange - Exchange data type connection. Exchange *OfficeDataConnectorDataTypesExchange `json:"exchange,omitempty"` SharePoint *OfficeDataConnectorDataTypesSharePoint `json:"sharePoint,omitempty"` // Teams - Teams data type connection. Teams *OfficeDataConnectorDataTypesTeams `json:"teams,omitempty"` }
OfficeDataConnectorDataTypes the available data types for office data connector.
type OfficeDataConnectorDataTypesExchange ¶
type OfficeDataConnectorDataTypesExchange struct { // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' State DataTypeState `json:"state,omitempty"` }
OfficeDataConnectorDataTypesExchange exchange data type connection.
type OfficeDataConnectorDataTypesSharePoint ¶
type OfficeDataConnectorDataTypesSharePoint struct { DataTypeState `json:"state,omitempty"` }State
OfficeDataConnectorDataTypesSharePoint sharePoint data type connection.
type OfficeDataConnectorDataTypesTeams ¶
type OfficeDataConnectorDataTypesTeams struct { // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' State DataTypeState `json:"state,omitempty"` }
OfficeDataConnectorDataTypesTeams teams data type connection.
type OfficeDataConnectorProperties ¶
type OfficeDataConnectorProperties struct { // DataTypes - The available data types for the connector. DataTypes *OfficeDataConnectorDataTypes `json:"dataTypes,omitempty"` // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` }
OfficeDataConnectorProperties office data connector properties.
type OfficeIRMCheckRequirements ¶
type OfficeIRMCheckRequirements struct { // OfficeIRMCheckRequirementsProperties - OfficeIRM (Microsoft Insider Risk Management) requirements check properties. *OfficeIRMCheckRequirementsProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` }
OfficeIRMCheckRequirements represents OfficeIRM (Microsoft Insider Risk Management) requirements check request.
func (OfficeIRMCheckRequirements) AsAADCheckRequirements ¶
func (oicr OfficeIRMCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements.
func (OfficeIRMCheckRequirements) AsAATPCheckRequirements ¶
func (oicr OfficeIRMCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements.
func (OfficeIRMCheckRequirements) AsASCCheckRequirements ¶
func (oicr OfficeIRMCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements.
func (OfficeIRMCheckRequirements) AsAwsCloudTrailCheckRequirements ¶
func (oicr OfficeIRMCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements.
func (OfficeIRMCheckRequirements) AsAwsS3CheckRequirements ¶
func (oicr OfficeIRMCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements.
func (OfficeIRMCheckRequirements) AsBasicDataConnectorsCheckRequirements ¶
func (oicr OfficeIRMCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements.
func (OfficeIRMCheckRequirements) AsDataConnectorsCheckRequirements ¶
func (oicr OfficeIRMCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements.
func (OfficeIRMCheckRequirements) AsDynamics365CheckRequirements ¶
func (oicr OfficeIRMCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements.
func (OfficeIRMCheckRequirements) AsMCASCheckRequirements ¶
func (oicr OfficeIRMCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements.
func (OfficeIRMCheckRequirements) AsMDATPCheckRequirements ¶
func (oicr OfficeIRMCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements.
func (OfficeIRMCheckRequirements) AsMSTICheckRequirements ¶
func (oicr OfficeIRMCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements.
func (OfficeIRMCheckRequirements) AsMtpCheckRequirements ¶
func (oicr OfficeIRMCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements.
func (OfficeIRMCheckRequirements) AsOfficeATPCheckRequirements ¶
func (oicr OfficeIRMCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements.
func (OfficeIRMCheckRequirements) AsOfficeIRMCheckRequirements ¶
func (oicr OfficeIRMCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements.
func (OfficeIRMCheckRequirements) AsTICheckRequirements ¶
func (oicr OfficeIRMCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements.
func (OfficeIRMCheckRequirements) AsTiTaxiiCheckRequirements ¶
func (oicr OfficeIRMCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements.
func (OfficeIRMCheckRequirements) MarshalJSON ¶
func (oicr OfficeIRMCheckRequirements) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for OfficeIRMCheckRequirements.
func (*OfficeIRMCheckRequirements) UnmarshalJSON ¶
func (oicr *OfficeIRMCheckRequirements) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for OfficeIRMCheckRequirements struct.
type OfficeIRMCheckRequirementsProperties ¶
type OfficeIRMCheckRequirementsProperties struct { // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` }
OfficeIRMCheckRequirementsProperties officeIRM (Microsoft Insider Risk Management) requirements check properties.
type OfficeIRMDataConnector ¶
type OfficeIRMDataConnector struct { // OfficeIRMDataConnectorProperties - OfficeIRM (Microsoft Insider Risk Management) data connector properties. *OfficeIRMDataConnectorProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' Kind KindBasicDataConnector `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
OfficeIRMDataConnector represents OfficeIRM (Microsoft Insider Risk Management) data connector.
func (OfficeIRMDataConnector) AsAADDataConnector ¶
func (oidc OfficeIRMDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
AsAADDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector.
func (OfficeIRMDataConnector) AsAATPDataConnector ¶
func (oidc OfficeIRMDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
AsAATPDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector.
func (OfficeIRMDataConnector) AsASCDataConnector ¶
func (oidc OfficeIRMDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
AsASCDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector.
func (OfficeIRMDataConnector) AsAwsCloudTrailDataConnector ¶
func (oidc OfficeIRMDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector.
func (OfficeIRMDataConnector) AsAwsS3DataConnector ¶
func (oidc OfficeIRMDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
AsAwsS3DataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector.
func (OfficeIRMDataConnector) AsBasicDataConnector ¶
func (oidc OfficeIRMDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
AsBasicDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector.
func (OfficeIRMDataConnector) AsCodelessAPIPollingDataConnector ¶
func (oidc OfficeIRMDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector.
func (OfficeIRMDataConnector) AsCodelessUIDataConnector ¶
func (oidc OfficeIRMDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
AsCodelessUIDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector.
func (OfficeIRMDataConnector) AsDataConnector ¶
func (oidc OfficeIRMDataConnector) AsDataConnector() (*DataConnector, bool)
AsDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector.
func (OfficeIRMDataConnector) AsDynamics365DataConnector ¶
func (oidc OfficeIRMDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
AsDynamics365DataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector.
func (OfficeIRMDataConnector) AsMCASDataConnector ¶
func (oidc OfficeIRMDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
AsMCASDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector.
func (OfficeIRMDataConnector) AsMDATPDataConnector ¶
func (oidc OfficeIRMDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
AsMDATPDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector.
func (OfficeIRMDataConnector) AsMSTIDataConnector ¶
func (oidc OfficeIRMDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
AsMSTIDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector.
func (OfficeIRMDataConnector) AsMTPDataConnector ¶
func (oidc OfficeIRMDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
AsMTPDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector.
func (OfficeIRMDataConnector) AsOfficeATPDataConnector ¶
func (oidc OfficeIRMDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
AsOfficeATPDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector.
func (OfficeIRMDataConnector) AsOfficeDataConnector ¶
func (oidc OfficeIRMDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
AsOfficeDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector.
func (OfficeIRMDataConnector) AsOfficeIRMDataConnector ¶
func (oidc OfficeIRMDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
AsOfficeIRMDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector.
func (OfficeIRMDataConnector) AsTIDataConnector ¶
func (oidc OfficeIRMDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
AsTIDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector.
func (OfficeIRMDataConnector) AsTiTaxiiDataConnector ¶
func (oidc OfficeIRMDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
AsTiTaxiiDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector.
func (OfficeIRMDataConnector) MarshalJSON ¶
func (oidc OfficeIRMDataConnector) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for OfficeIRMDataConnector.
func (*OfficeIRMDataConnector) UnmarshalJSON ¶
func (oidc *OfficeIRMDataConnector) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for OfficeIRMDataConnector struct.
type OfficeIRMDataConnectorProperties ¶
type OfficeIRMDataConnectorProperties struct { // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` // DataTypes - The available data types for the connector. DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"` }
OfficeIRMDataConnectorProperties officeIRM (Microsoft Insider Risk Management) data connector properties.
type Operation ¶
type Operation struct { // Display - Properties of the operation Display *OperationDisplay `json:"display,omitempty"` // Name - Name of the operation Name *string `json:"name,omitempty"` // Origin - The origin of the operation Origin *string `json:"origin,omitempty"` // IsDataAction - Indicates whether the operation is a data action IsDataAction *bool `json:"isDataAction,omitempty"` }
Operation operation provided by provider
type OperationDisplay ¶
type OperationDisplay struct { // Description - Description of the operation Description *string `json:"description,omitempty"` // Operation - Operation name Operation *string `json:"operation,omitempty"` // Provider - Provider name Provider *string `json:"provider,omitempty"` // Resource - Resource name Resource *string `json:"resource,omitempty"` }
OperationDisplay properties of the operation
type OperationsClient ¶
type OperationsClient struct {
BaseClient
}
OperationsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewOperationsClient ¶
func NewOperationsClient(subscriptionID string) OperationsClient
NewOperationsClient creates an instance of the OperationsClient client.
func NewOperationsClientWithBaseURI ¶
func NewOperationsClientWithBaseURI(baseURI string, subscriptionID string) OperationsClient
NewOperationsClientWithBaseURI creates an instance of the OperationsClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (OperationsClient) List ¶
func (client OperationsClient) List(ctx context.Context) (result OperationsListPage, err error)
List lists all operations available Azure Security Insights Resource Provider.
func (OperationsClient) ListComplete ¶
func (client OperationsClient) ListComplete(ctx context.Context) (result OperationsListIterator, err error)
ListComplete enumerates all values, automatically crossing page boundaries as required.
func (OperationsClient) ListPreparer ¶
ListPreparer prepares the List request.
func (OperationsClient) ListResponder ¶
func (client OperationsClient) ListResponder(resp *http.Response) (result OperationsList, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (OperationsClient) ListSender ¶
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
type OperationsList ¶
type OperationsList struct { autorest.Response `json:"-"` // NextLink - READ-ONLY; URL to fetch the next set of operations. NextLink *string `json:"nextLink,omitempty"` // Value - Array of operations Value *[]Operation `json:"value,omitempty"` }
OperationsList lists the operations available in the SecurityInsights RP.
func (OperationsList) IsEmpty ¶
func (ol OperationsList) IsEmpty() bool
IsEmpty returns true if the ListResult contains no values.
func (OperationsList) MarshalJSON ¶
func (ol OperationsList) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for OperationsList.
type OperationsListIterator ¶
type OperationsListIterator struct {
// contains filtered or unexported fields
}
OperationsListIterator provides access to a complete listing of Operation values.
func NewOperationsListIterator ¶
func NewOperationsListIterator(page OperationsListPage) OperationsListIterator
Creates a new instance of the OperationsListIterator type.
func (*OperationsListIterator) Next ¶
func (iter *OperationsListIterator) Next() error
Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*OperationsListIterator) NextWithContext ¶
func (iter *OperationsListIterator) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.
func (OperationsListIterator) NotDone ¶
func (iter OperationsListIterator) NotDone() bool
NotDone returns true if the enumeration should be started or is not yet complete.
func (OperationsListIterator) Response ¶
func (iter OperationsListIterator) Response() OperationsList
Response returns the raw server response from the last page request.
func (OperationsListIterator) Value ¶
func (iter OperationsListIterator) Value() Operation
Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.
type OperationsListPage ¶
type OperationsListPage struct {
// contains filtered or unexported fields
}
OperationsListPage contains a page of Operation values.
func NewOperationsListPage ¶
func NewOperationsListPage(cur OperationsList, getNextPage func(context.Context, OperationsList) (OperationsList, error)) OperationsListPage
Creates a new instance of the OperationsListPage type.
func (*OperationsListPage) Next ¶
func (page *OperationsListPage) Next() error
Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*OperationsListPage) NextWithContext ¶
func (page *OperationsListPage) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.
func (OperationsListPage) NotDone ¶
func (page OperationsListPage) NotDone() bool
NotDone returns true if the page enumeration should be started or is not yet complete.
func (OperationsListPage) Response ¶
func (page OperationsListPage) Response() OperationsList
Response returns the raw server response from the last page request.
func (OperationsListPage) Values ¶
func (page OperationsListPage) Values() []Operation
Values returns the slice of values for the current page or nil if there are no values.
type Operator ¶
type Operator string
Operator enumerates the values for operator.
func PossibleOperatorValues ¶
func PossibleOperatorValues() []Operator
PossibleOperatorValues returns an array of possible values for the Operator const type.
type OutputType ¶
type OutputType string
OutputType enumerates the values for output type.
const ( // OutputTypeDate ... OutputTypeDate OutputType = "Date" // OutputTypeEntity ... OutputTypeEntity OutputType = "Entity" // OutputTypeNumber ... OutputTypeNumber OutputType = "Number" // OutputTypeString ... OutputTypeString OutputType = "String" )
func PossibleOutputTypeValues ¶
func PossibleOutputTypeValues() []OutputType
PossibleOutputTypeValues returns an array of possible values for the OutputType const type.
type OwnerType ¶
type OwnerType string
OwnerType enumerates the values for owner type.
func PossibleOwnerTypeValues ¶
func PossibleOwnerTypeValues() []OwnerType
PossibleOwnerTypeValues returns an array of possible values for the OwnerType const type.
type PermissionProviderScope ¶
type PermissionProviderScope string
PermissionProviderScope enumerates the values for permission provider scope.
const ( // PermissionProviderScopeResourceGroup ... PermissionProviderScopeResourceGroup PermissionProviderScope = "ResourceGroup" // PermissionProviderScopeSubscription ... PermissionProviderScopeSubscription PermissionProviderScope = "Subscription" // PermissionProviderScopeWorkspace ... PermissionProviderScopeWorkspace PermissionProviderScope = "Workspace" )
func PossiblePermissionProviderScopeValues ¶
func PossiblePermissionProviderScopeValues() []PermissionProviderScope
PossiblePermissionProviderScopeValues returns an array of possible values for the PermissionProviderScope const type.
type Permissions ¶
type Permissions struct { // ResourceProvider - Resource provider permissions required for the connector ResourceProvider *[]PermissionsResourceProviderItem `json:"resourceProvider,omitempty"` // Customs - Customs permissions required for the connector Customs *[]PermissionsCustomsItem `json:"customs,omitempty"` }
Permissions permissions required for the connector
type PermissionsCustomsItem ¶
type PermissionsCustomsItem struct { // Name - Customs permissions name Name *string `json:"name,omitempty"` // Description - Customs permissions description Description *string `json:"description,omitempty"` }
PermissionsCustomsItem ...
type PermissionsResourceProviderItem ¶
type PermissionsResourceProviderItem struct { // Provider - Provider name. Possible values include: 'ProviderNameMicrosoftOperationalInsightssolutions', 'ProviderNameMicrosoftOperationalInsightsworkspaces', 'ProviderNameMicrosoftOperationalInsightsworkspacesdatasources', 'ProviderNameMicrosoftaadiamdiagnosticSettings', 'ProviderNameMicrosoftOperationalInsightsworkspacessharedKeys', 'ProviderNameMicrosoftAuthorizationpolicyAssignments' Provider ProviderName `json:"provider,omitempty"` // PermissionsDisplayText - Permission description text PermissionsDisplayText *string `json:"permissionsDisplayText,omitempty"` // ProviderDisplayName - Permission provider display name ProviderDisplayName *string `json:"providerDisplayName,omitempty"` // Scope - Permission provider scope. Possible values include: 'PermissionProviderScopeResourceGroup', 'PermissionProviderScopeSubscription', 'PermissionProviderScopeWorkspace' Scope PermissionProviderScope `json:"scope,omitempty"` // RequiredPermissions - Required permissions for the connector RequiredPermissions *RequiredPermissions `json:"requiredPermissions,omitempty"` }
PermissionsResourceProviderItem ...
type PollingFrequency ¶
type PollingFrequency string
PollingFrequency enumerates the values for polling frequency.
const ( // PollingFrequencyOnceADay Once a day PollingFrequencyOnceADay PollingFrequency = "OnceADay" // PollingFrequencyOnceAMinute Once a minute PollingFrequencyOnceAMinute PollingFrequency = "OnceAMinute" // PollingFrequencyOnceAnHour Once an hour PollingFrequencyOnceAnHour PollingFrequency = "OnceAnHour" )
func PossiblePollingFrequencyValues ¶
func PossiblePollingFrequencyValues() []PollingFrequency
PossiblePollingFrequencyValues returns an array of possible values for the PollingFrequency const type.
type ProcessEntity ¶
type ProcessEntity struct { // ProcessEntityProperties - Process entity properties *ProcessEntityProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' Kind KindBasicEntity `json:"kind,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
ProcessEntity represents a process entity.
func (ProcessEntity) AsAccountEntity ¶
func (peVar ProcessEntity) AsAccountEntity() (*AccountEntity, bool)
AsAccountEntity is the BasicEntity implementation for ProcessEntity.
func (ProcessEntity) AsAzureResourceEntity ¶
func (peVar ProcessEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
AsAzureResourceEntity is the BasicEntity implementation for ProcessEntity.
func (ProcessEntity) AsBasicEntity ¶
func (peVar ProcessEntity) AsBasicEntity() (BasicEntity, bool)
AsBasicEntity is the BasicEntity implementation for ProcessEntity.
func (ProcessEntity) AsCloudApplicationEntity ¶
func (peVar ProcessEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
AsCloudApplicationEntity is the BasicEntity implementation for ProcessEntity.
func (ProcessEntity) AsDNSEntity ¶
func (peVar ProcessEntity) AsDNSEntity() (*DNSEntity, bool)
AsDNSEntity is the BasicEntity implementation for ProcessEntity.
func (ProcessEntity) AsEntity ¶
func (peVar ProcessEntity) AsEntity() (*Entity, bool)
AsEntity is the BasicEntity implementation for ProcessEntity.
func (ProcessEntity) AsFileEntity ¶
func (peVar ProcessEntity) AsFileEntity() (*FileEntity, bool)
AsFileEntity is the BasicEntity implementation for ProcessEntity.
func (ProcessEntity) AsFileHashEntity ¶
func (peVar ProcessEntity) AsFileHashEntity() (*FileHashEntity, bool)
AsFileHashEntity is the BasicEntity implementation for ProcessEntity.
func (ProcessEntity) AsHostEntity ¶
func (peVar ProcessEntity) AsHostEntity() (*HostEntity, bool)
AsHostEntity is the BasicEntity implementation for ProcessEntity.
func (ProcessEntity) AsHuntingBookmark ¶
func (peVar ProcessEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
AsHuntingBookmark is the BasicEntity implementation for ProcessEntity.
func (ProcessEntity) AsIPEntity ¶
func (peVar ProcessEntity) AsIPEntity() (*IPEntity, bool)
AsIPEntity is the BasicEntity implementation for ProcessEntity.
func (ProcessEntity) AsIoTDeviceEntity ¶
func (peVar ProcessEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
AsIoTDeviceEntity is the BasicEntity implementation for ProcessEntity.
func (ProcessEntity) AsMailClusterEntity ¶
func (peVar ProcessEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
AsMailClusterEntity is the BasicEntity implementation for ProcessEntity.
func (ProcessEntity) AsMailMessageEntity ¶
func (peVar ProcessEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
AsMailMessageEntity is the BasicEntity implementation for ProcessEntity.
func (ProcessEntity) AsMailboxEntity ¶
func (peVar ProcessEntity) AsMailboxEntity() (*MailboxEntity, bool)
AsMailboxEntity is the BasicEntity implementation for ProcessEntity.
func (ProcessEntity) AsMalwareEntity ¶
func (peVar ProcessEntity) AsMalwareEntity() (*MalwareEntity, bool)
AsMalwareEntity is the BasicEntity implementation for ProcessEntity.
func (ProcessEntity) AsProcessEntity ¶
func (peVar ProcessEntity) AsProcessEntity() (*ProcessEntity, bool)
AsProcessEntity is the BasicEntity implementation for ProcessEntity.
func (ProcessEntity) AsRegistryKeyEntity ¶
func (peVar ProcessEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
AsRegistryKeyEntity is the BasicEntity implementation for ProcessEntity.
func (ProcessEntity) AsRegistryValueEntity ¶
func (peVar ProcessEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
AsRegistryValueEntity is the BasicEntity implementation for ProcessEntity.
func (ProcessEntity) AsSecurityAlert ¶
func (peVar ProcessEntity) AsSecurityAlert() (*SecurityAlert, bool)
AsSecurityAlert is the BasicEntity implementation for ProcessEntity.
func (ProcessEntity) AsSecurityGroupEntity ¶
func (peVar ProcessEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
AsSecurityGroupEntity is the BasicEntity implementation for ProcessEntity.
func (ProcessEntity) AsSubmissionMailEntity ¶
func (peVar ProcessEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
AsSubmissionMailEntity is the BasicEntity implementation for ProcessEntity.
func (ProcessEntity) AsURLEntity ¶
func (peVar ProcessEntity) AsURLEntity() (*URLEntity, bool)
AsURLEntity is the BasicEntity implementation for ProcessEntity.
func (ProcessEntity) MarshalJSON ¶
func (peVar ProcessEntity) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ProcessEntity.
func (*ProcessEntity) UnmarshalJSON ¶
func (peVar *ProcessEntity) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for ProcessEntity struct.
type ProcessEntityProperties ¶
type ProcessEntityProperties struct { // AccountEntityID - READ-ONLY; The account entity id running the processes. AccountEntityID *string `json:"accountEntityId,omitempty"` // CommandLine - READ-ONLY; The command line used to create the process CommandLine *string `json:"commandLine,omitempty"` // CreationTimeUtc - READ-ONLY; The time when the process started to run CreationTimeUtc *date.Time `json:"creationTimeUtc,omitempty"` // ElevationToken - The elevation token associated with the process. Possible values include: 'ElevationTokenDefault', 'ElevationTokenFull', 'ElevationTokenLimited' ElevationToken ElevationToken `json:"elevationToken,omitempty"` // HostEntityID - READ-ONLY; The host entity id on which the process was running HostEntityID *string `json:"hostEntityId,omitempty"` // HostLogonSessionEntityID - READ-ONLY; The session entity id in which the process was running HostLogonSessionEntityID *string `json:"hostLogonSessionEntityId,omitempty"` // ImageFileEntityID - READ-ONLY; Image file entity id ImageFileEntityID *string `json:"imageFileEntityId,omitempty"` // ParentProcessEntityID - READ-ONLY; The parent process entity id. ParentProcessEntityID *string `json:"parentProcessEntityId,omitempty"` // ProcessID - READ-ONLY; The process ID ProcessID *string `json:"processId,omitempty"` // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]interface{} `json:"additionalData"` // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. FriendlyName *string `json:"friendlyName,omitempty"` }
ProcessEntityProperties process entity property bag.
func (ProcessEntityProperties) MarshalJSON ¶
func (pep ProcessEntityProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ProcessEntityProperties.
type ProductSettingsClient ¶
type ProductSettingsClient struct {
BaseClient
}
ProductSettingsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewProductSettingsClient ¶
func NewProductSettingsClient(subscriptionID string) ProductSettingsClient
NewProductSettingsClient creates an instance of the ProductSettingsClient client.
func NewProductSettingsClientWithBaseURI ¶
func NewProductSettingsClientWithBaseURI(baseURI string, subscriptionID string) ProductSettingsClient
NewProductSettingsClientWithBaseURI creates an instance of the ProductSettingsClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (ProductSettingsClient) Delete ¶
func (client ProductSettingsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, settingsName string) (result autorest.Response, err error)
Delete delete setting of the product. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. settingsName - the setting name. Supports - Anomalies, EyesOn, EntityAnalytics, Ueba
func (ProductSettingsClient) DeletePreparer ¶
func (client ProductSettingsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, settingsName string) (*http.Request, error)
DeletePreparer prepares the Delete request.
func (ProductSettingsClient) DeleteResponder ¶
func (client ProductSettingsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
DeleteResponder handles the response to the Delete request. The method always closes the http.Response Body.
func (ProductSettingsClient) DeleteSender ¶
DeleteSender sends the Delete request. The method will close the http.Response Body if it receives an error.
func (ProductSettingsClient) Get ¶
func (client ProductSettingsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, settingsName string) (result SettingsModel, err error)
Get gets a setting. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. settingsName - the setting name. Supports - Anomalies, EyesOn, EntityAnalytics, Ueba
func (ProductSettingsClient) GetPreparer ¶
func (client ProductSettingsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, settingsName string) (*http.Request, error)
GetPreparer prepares the Get request.
func (ProductSettingsClient) GetResponder ¶
func (client ProductSettingsClient) GetResponder(resp *http.Response) (result SettingsModel, err error)
GetResponder handles the response to the Get request. The method always closes the http.Response Body.
func (ProductSettingsClient) GetSender ¶
GetSender sends the Get request. The method will close the http.Response Body if it receives an error.
func (ProductSettingsClient) List ¶
func (client ProductSettingsClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result SettingList, err error)
List list of all the settings Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace.
func (ProductSettingsClient) ListPreparer ¶
func (client ProductSettingsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
ListPreparer prepares the List request.
func (ProductSettingsClient) ListResponder ¶
func (client ProductSettingsClient) ListResponder(resp *http.Response) (result SettingList, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (ProductSettingsClient) ListSender ¶
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
func (ProductSettingsClient) Update ¶
func (client ProductSettingsClient) Update(ctx context.Context, resourceGroupName string, workspaceName string, settingsName string, settings BasicSettings) (result SettingsModel, err error)
Update updates setting. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. settingsName - the setting name. Supports - Anomalies, EyesOn, EntityAnalytics, Ueba settings - the setting
func (ProductSettingsClient) UpdatePreparer ¶
func (client ProductSettingsClient) UpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, settingsName string, settings BasicSettings) (*http.Request, error)
UpdatePreparer prepares the Update request.
func (ProductSettingsClient) UpdateResponder ¶
func (client ProductSettingsClient) UpdateResponder(resp *http.Response) (result SettingsModel, err error)
UpdateResponder handles the response to the Update request. The method always closes the http.Response Body.
func (ProductSettingsClient) UpdateSender ¶
UpdateSender sends the Update request. The method will close the http.Response Body if it receives an error.
type ProviderName ¶
type ProviderName string
ProviderName enumerates the values for provider name.
const ( // ProviderNameMicrosoftaadiamdiagnosticSettings ... ProviderNameMicrosoftaadiamdiagnosticSettings ProviderName = "microsoft.aadiam/diagnosticSettings" // ProviderNameMicrosoftAuthorizationpolicyAssignments ... ProviderNameMicrosoftAuthorizationpolicyAssignments ProviderName = "Microsoft.Authorization/policyAssignments" // ProviderNameMicrosoftOperationalInsightssolutions ... ProviderNameMicrosoftOperationalInsightssolutions ProviderName = "Microsoft.OperationalInsights/solutions" // ProviderNameMicrosoftOperationalInsightsworkspaces ... ProviderNameMicrosoftOperationalInsightsworkspaces ProviderName = "Microsoft.OperationalInsights/workspaces" // ProviderNameMicrosoftOperationalInsightsworkspacesdatasources ... ProviderNameMicrosoftOperationalInsightsworkspacesdatasources ProviderName = "Microsoft.OperationalInsights/workspaces/datasources" ProviderNameMicrosoftOperationalInsightsworkspacessharedKeys ProviderName = "Microsoft.OperationalInsights/workspaces/sharedKeys" )
func PossibleProviderNameValues ¶
func PossibleProviderNameValues() []ProviderName
PossibleProviderNameValues returns an array of possible values for the ProviderName const type.
type ProxyResource ¶
type ProxyResource struct { // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
ProxyResource the resource model definition for a Azure Resource Manager proxy resource. It will not have tags and a location
func (ProxyResource) MarshalJSON ¶
func (pr ProxyResource) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ProxyResource.
type QueryBasedAlertRuleProperties ¶
type QueryBasedAlertRuleProperties struct { // AlertRuleTemplateName - The Name of the alert rule template used to create this rule. AlertRuleTemplateName *string `json:"alertRuleTemplateName,omitempty"` // TemplateVersion - The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2> TemplateVersion *string `json:"templateVersion,omitempty"` // Description - The description of the alert rule. Description *string `json:"description,omitempty"` // Query - The query that creates alerts for this rule. Query *string `json:"query,omitempty"` // DisplayName - The display name for alerts created by this alert rule. DisplayName *string `json:"displayName,omitempty"` // Enabled - Determines whether this alert rule is enabled or disabled. Enabled *bool `json:"enabled,omitempty"` // LastModifiedUtc - READ-ONLY; The last time that this alert rule has been modified. LastModifiedUtc *date.Time `json:"lastModifiedUtc,omitempty"` // SuppressionDuration - The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered. SuppressionDuration *string `json:"suppressionDuration,omitempty"` // SuppressionEnabled - Determines whether the suppression for this alert rule is enabled or disabled. SuppressionEnabled *bool `json:"suppressionEnabled,omitempty"` // Severity - The severity for alerts created by this alert rule. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' Severity AlertSeverity `json:"severity,omitempty"` // Tactics - The tactics of the alert rule Tactics *[]AttackTactic `json:"tactics,omitempty"` // IncidentConfiguration - The settings of the incidents that created from alerts triggered by this analytics rule IncidentConfiguration *IncidentConfiguration `json:"incidentConfiguration,omitempty"` // CustomDetails - Dictionary of string key-value pairs of columns to be attached to the alert CustomDetails map[string]*string `json:"customDetails"` // EntityMappings - Array of the entity mappings of the alert rule EntityMappings *[]EntityMapping `json:"entityMappings,omitempty"` // AlertDetailsOverride - The alert details override settings AlertDetailsOverride *AlertDetailsOverride `json:"alertDetailsOverride,omitempty"` }
QueryBasedAlertRuleProperties query based alert rule base property bag.
func (QueryBasedAlertRuleProperties) MarshalJSON ¶
func (qbarp QueryBasedAlertRuleProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for QueryBasedAlertRuleProperties.
type QueryBasedAlertRuleTemplateProperties ¶
type QueryBasedAlertRuleTemplateProperties struct { // Query - The query that creates alerts for this rule. Query *string `json:"query,omitempty"` // Severity - The severity for alerts created by this alert rule. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' Severity AlertSeverity `json:"severity,omitempty"` // Tactics - The tactics of the alert rule Tactics *[]AttackTactic `json:"tactics,omitempty"` // Version - The version of this template - in format <a.b.c>, where all are numbers. For example <1.0.2>. Version *string `json:"version,omitempty"` // CustomDetails - Dictionary of string key-value pairs of columns to be attached to the alert CustomDetails map[string]*string `json:"customDetails"` // EntityMappings - Array of the entity mappings of the alert rule EntityMappings *[]EntityMapping `json:"entityMappings,omitempty"` // AlertDetailsOverride - The alert details override settings AlertDetailsOverride *AlertDetailsOverride `json:"alertDetailsOverride,omitempty"` }
QueryBasedAlertRuleTemplateProperties query based alert rule template base property bag.
func (QueryBasedAlertRuleTemplateProperties) MarshalJSON ¶
func (qbartp QueryBasedAlertRuleTemplateProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for QueryBasedAlertRuleTemplateProperties.
type RegistryHive ¶
type RegistryHive string
RegistryHive enumerates the values for registry hive.
const ( // RegistryHiveHKEYA HKEY_A RegistryHiveHKEYA RegistryHive = "HKEY_A" // RegistryHiveHKEYCLASSESROOT HKEY_CLASSES_ROOT RegistryHiveHKEYCLASSESROOT RegistryHive = "HKEY_CLASSES_ROOT" // RegistryHiveHKEYCURRENTCONFIG HKEY_CURRENT_CONFIG RegistryHiveHKEYCURRENTCONFIG RegistryHive = "HKEY_CURRENT_CONFIG" // RegistryHiveHKEYCURRENTUSER HKEY_CURRENT_USER RegistryHiveHKEYCURRENTUSER RegistryHive = "HKEY_CURRENT_USER" // RegistryHiveHKEYCURRENTUSERLOCALSETTINGS HKEY_CURRENT_USER_LOCAL_SETTINGS RegistryHiveHKEYCURRENTUSERLOCALSETTINGS RegistryHive = "HKEY_CURRENT_USER_LOCAL_SETTINGS" // RegistryHiveHKEYLOCALMACHINE HKEY_LOCAL_MACHINE RegistryHiveHKEYLOCALMACHINE RegistryHive = "HKEY_LOCAL_MACHINE" // RegistryHiveHKEYPERFORMANCEDATA HKEY_PERFORMANCE_DATA RegistryHiveHKEYPERFORMANCEDATA RegistryHive = "HKEY_PERFORMANCE_DATA" // RegistryHiveHKEYPERFORMANCENLSTEXT HKEY_PERFORMANCE_NLSTEXT RegistryHiveHKEYPERFORMANCENLSTEXT RegistryHive = "HKEY_PERFORMANCE_NLSTEXT" // RegistryHiveHKEYPERFORMANCETEXT HKEY_PERFORMANCE_TEXT RegistryHiveHKEYPERFORMANCETEXT RegistryHive = "HKEY_PERFORMANCE_TEXT" // RegistryHiveHKEYUSERS HKEY_USERS RegistryHiveHKEYUSERS RegistryHive = "HKEY_USERS" )
func PossibleRegistryHiveValues ¶
func PossibleRegistryHiveValues() []RegistryHive
PossibleRegistryHiveValues returns an array of possible values for the RegistryHive const type.
type RegistryKeyEntity ¶
type RegistryKeyEntity struct { // RegistryKeyEntityProperties - RegistryKey entity properties *RegistryKeyEntityProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' Kind KindBasicEntity `json:"kind,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
RegistryKeyEntity represents a registry key entity.
func (RegistryKeyEntity) AsAccountEntity ¶
func (rke RegistryKeyEntity) AsAccountEntity() (*AccountEntity, bool)
AsAccountEntity is the BasicEntity implementation for RegistryKeyEntity.
func (RegistryKeyEntity) AsAzureResourceEntity ¶
func (rke RegistryKeyEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
AsAzureResourceEntity is the BasicEntity implementation for RegistryKeyEntity.
func (RegistryKeyEntity) AsBasicEntity ¶
func (rke RegistryKeyEntity) AsBasicEntity() (BasicEntity, bool)
AsBasicEntity is the BasicEntity implementation for RegistryKeyEntity.
func (RegistryKeyEntity) AsCloudApplicationEntity ¶
func (rke RegistryKeyEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
AsCloudApplicationEntity is the BasicEntity implementation for RegistryKeyEntity.
func (RegistryKeyEntity) AsDNSEntity ¶
func (rke RegistryKeyEntity) AsDNSEntity() (*DNSEntity, bool)
AsDNSEntity is the BasicEntity implementation for RegistryKeyEntity.
func (RegistryKeyEntity) AsEntity ¶
func (rke RegistryKeyEntity) AsEntity() (*Entity, bool)
AsEntity is the BasicEntity implementation for RegistryKeyEntity.
func (RegistryKeyEntity) AsFileEntity ¶
func (rke RegistryKeyEntity) AsFileEntity() (*FileEntity, bool)
AsFileEntity is the BasicEntity implementation for RegistryKeyEntity.
func (RegistryKeyEntity) AsFileHashEntity ¶
func (rke RegistryKeyEntity) AsFileHashEntity() (*FileHashEntity, bool)
AsFileHashEntity is the BasicEntity implementation for RegistryKeyEntity.
func (RegistryKeyEntity) AsHostEntity ¶
func (rke RegistryKeyEntity) AsHostEntity() (*HostEntity, bool)
AsHostEntity is the BasicEntity implementation for RegistryKeyEntity.
func (RegistryKeyEntity) AsHuntingBookmark ¶
func (rke RegistryKeyEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
AsHuntingBookmark is the BasicEntity implementation for RegistryKeyEntity.
func (RegistryKeyEntity) AsIPEntity ¶
func (rke RegistryKeyEntity) AsIPEntity() (*IPEntity, bool)
AsIPEntity is the BasicEntity implementation for RegistryKeyEntity.
func (RegistryKeyEntity) AsIoTDeviceEntity ¶
func (rke RegistryKeyEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
AsIoTDeviceEntity is the BasicEntity implementation for RegistryKeyEntity.
func (RegistryKeyEntity) AsMailClusterEntity ¶
func (rke RegistryKeyEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
AsMailClusterEntity is the BasicEntity implementation for RegistryKeyEntity.
func (RegistryKeyEntity) AsMailMessageEntity ¶
func (rke RegistryKeyEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
AsMailMessageEntity is the BasicEntity implementation for RegistryKeyEntity.
func (RegistryKeyEntity) AsMailboxEntity ¶
func (rke RegistryKeyEntity) AsMailboxEntity() (*MailboxEntity, bool)
AsMailboxEntity is the BasicEntity implementation for RegistryKeyEntity.
func (RegistryKeyEntity) AsMalwareEntity ¶
func (rke RegistryKeyEntity) AsMalwareEntity() (*MalwareEntity, bool)
AsMalwareEntity is the BasicEntity implementation for RegistryKeyEntity.
func (RegistryKeyEntity) AsProcessEntity ¶
func (rke RegistryKeyEntity) AsProcessEntity() (*ProcessEntity, bool)
AsProcessEntity is the BasicEntity implementation for RegistryKeyEntity.
func (RegistryKeyEntity) AsRegistryKeyEntity ¶
func (rke RegistryKeyEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
AsRegistryKeyEntity is the BasicEntity implementation for RegistryKeyEntity.
func (RegistryKeyEntity) AsRegistryValueEntity ¶
func (rke RegistryKeyEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
AsRegistryValueEntity is the BasicEntity implementation for RegistryKeyEntity.
func (RegistryKeyEntity) AsSecurityAlert ¶
func (rke RegistryKeyEntity) AsSecurityAlert() (*SecurityAlert, bool)
AsSecurityAlert is the BasicEntity implementation for RegistryKeyEntity.
func (RegistryKeyEntity) AsSecurityGroupEntity ¶
func (rke RegistryKeyEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
AsSecurityGroupEntity is the BasicEntity implementation for RegistryKeyEntity.
func (RegistryKeyEntity) AsSubmissionMailEntity ¶
func (rke RegistryKeyEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
AsSubmissionMailEntity is the BasicEntity implementation for RegistryKeyEntity.
func (RegistryKeyEntity) AsURLEntity ¶
func (rke RegistryKeyEntity) AsURLEntity() (*URLEntity, bool)
AsURLEntity is the BasicEntity implementation for RegistryKeyEntity.
func (RegistryKeyEntity) MarshalJSON ¶
func (rke RegistryKeyEntity) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for RegistryKeyEntity.
func (*RegistryKeyEntity) UnmarshalJSON ¶
func (rke *RegistryKeyEntity) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for RegistryKeyEntity struct.
type RegistryKeyEntityProperties ¶
type RegistryKeyEntityProperties struct { // Hive - READ-ONLY; the hive that holds the registry key. Possible values include: 'RegistryHiveHKEYLOCALMACHINE', 'RegistryHiveHKEYCLASSESROOT', 'RegistryHiveHKEYCURRENTCONFIG', 'RegistryHiveHKEYUSERS', 'RegistryHiveHKEYCURRENTUSERLOCALSETTINGS', 'RegistryHiveHKEYPERFORMANCEDATA', 'RegistryHiveHKEYPERFORMANCENLSTEXT', 'RegistryHiveHKEYPERFORMANCETEXT', 'RegistryHiveHKEYA', 'RegistryHiveHKEYCURRENTUSER' Hive RegistryHive `json:"hive,omitempty"` // Key - READ-ONLY; The registry key path. Key *string `json:"key,omitempty"` // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]interface{} `json:"additionalData"` // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. FriendlyName *string `json:"friendlyName,omitempty"` }
RegistryKeyEntityProperties registryKey entity property bag.
func (RegistryKeyEntityProperties) MarshalJSON ¶
func (rkep RegistryKeyEntityProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for RegistryKeyEntityProperties.
type RegistryValueEntity ¶
type RegistryValueEntity struct { // RegistryValueEntityProperties - RegistryKey entity properties *RegistryValueEntityProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' Kind KindBasicEntity `json:"kind,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
RegistryValueEntity represents a registry value entity.
func (RegistryValueEntity) AsAccountEntity ¶
func (rve RegistryValueEntity) AsAccountEntity() (*AccountEntity, bool)
AsAccountEntity is the BasicEntity implementation for RegistryValueEntity.
func (RegistryValueEntity) AsAzureResourceEntity ¶
func (rve RegistryValueEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
AsAzureResourceEntity is the BasicEntity implementation for RegistryValueEntity.
func (RegistryValueEntity) AsBasicEntity ¶
func (rve RegistryValueEntity) AsBasicEntity() (BasicEntity, bool)
AsBasicEntity is the BasicEntity implementation for RegistryValueEntity.
func (RegistryValueEntity) AsCloudApplicationEntity ¶
func (rve RegistryValueEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
AsCloudApplicationEntity is the BasicEntity implementation for RegistryValueEntity.
func (RegistryValueEntity) AsDNSEntity ¶
func (rve RegistryValueEntity) AsDNSEntity() (*DNSEntity, bool)
AsDNSEntity is the BasicEntity implementation for RegistryValueEntity.
func (RegistryValueEntity) AsEntity ¶
func (rve RegistryValueEntity) AsEntity() (*Entity, bool)
AsEntity is the BasicEntity implementation for RegistryValueEntity.
func (RegistryValueEntity) AsFileEntity ¶
func (rve RegistryValueEntity) AsFileEntity() (*FileEntity, bool)
AsFileEntity is the BasicEntity implementation for RegistryValueEntity.
func (RegistryValueEntity) AsFileHashEntity ¶
func (rve RegistryValueEntity) AsFileHashEntity() (*FileHashEntity, bool)
AsFileHashEntity is the BasicEntity implementation for RegistryValueEntity.
func (RegistryValueEntity) AsHostEntity ¶
func (rve RegistryValueEntity) AsHostEntity() (*HostEntity, bool)
AsHostEntity is the BasicEntity implementation for RegistryValueEntity.
func (RegistryValueEntity) AsHuntingBookmark ¶
func (rve RegistryValueEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
AsHuntingBookmark is the BasicEntity implementation for RegistryValueEntity.
func (RegistryValueEntity) AsIPEntity ¶
func (rve RegistryValueEntity) AsIPEntity() (*IPEntity, bool)
AsIPEntity is the BasicEntity implementation for RegistryValueEntity.
func (RegistryValueEntity) AsIoTDeviceEntity ¶
func (rve RegistryValueEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
AsIoTDeviceEntity is the BasicEntity implementation for RegistryValueEntity.
func (RegistryValueEntity) AsMailClusterEntity ¶
func (rve RegistryValueEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
AsMailClusterEntity is the BasicEntity implementation for RegistryValueEntity.
func (RegistryValueEntity) AsMailMessageEntity ¶
func (rve RegistryValueEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
AsMailMessageEntity is the BasicEntity implementation for RegistryValueEntity.
func (RegistryValueEntity) AsMailboxEntity ¶
func (rve RegistryValueEntity) AsMailboxEntity() (*MailboxEntity, bool)
AsMailboxEntity is the BasicEntity implementation for RegistryValueEntity.
func (RegistryValueEntity) AsMalwareEntity ¶
func (rve RegistryValueEntity) AsMalwareEntity() (*MalwareEntity, bool)
AsMalwareEntity is the BasicEntity implementation for RegistryValueEntity.
func (RegistryValueEntity) AsProcessEntity ¶
func (rve RegistryValueEntity) AsProcessEntity() (*ProcessEntity, bool)
AsProcessEntity is the BasicEntity implementation for RegistryValueEntity.
func (RegistryValueEntity) AsRegistryKeyEntity ¶
func (rve RegistryValueEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
AsRegistryKeyEntity is the BasicEntity implementation for RegistryValueEntity.
func (RegistryValueEntity) AsRegistryValueEntity ¶
func (rve RegistryValueEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
AsRegistryValueEntity is the BasicEntity implementation for RegistryValueEntity.
func (RegistryValueEntity) AsSecurityAlert ¶
func (rve RegistryValueEntity) AsSecurityAlert() (*SecurityAlert, bool)
AsSecurityAlert is the BasicEntity implementation for RegistryValueEntity.
func (RegistryValueEntity) AsSecurityGroupEntity ¶
func (rve RegistryValueEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
AsSecurityGroupEntity is the BasicEntity implementation for RegistryValueEntity.
func (RegistryValueEntity) AsSubmissionMailEntity ¶
func (rve RegistryValueEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
AsSubmissionMailEntity is the BasicEntity implementation for RegistryValueEntity.
func (RegistryValueEntity) AsURLEntity ¶
func (rve RegistryValueEntity) AsURLEntity() (*URLEntity, bool)
AsURLEntity is the BasicEntity implementation for RegistryValueEntity.
func (RegistryValueEntity) MarshalJSON ¶
func (rve RegistryValueEntity) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for RegistryValueEntity.
func (*RegistryValueEntity) UnmarshalJSON ¶
func (rve *RegistryValueEntity) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for RegistryValueEntity struct.
type RegistryValueEntityProperties ¶
type RegistryValueEntityProperties struct { // KeyEntityID - READ-ONLY; The registry key entity id. KeyEntityID *string `json:"keyEntityId,omitempty"` // ValueData - READ-ONLY; String formatted representation of the value data. ValueData *string `json:"valueData,omitempty"` // ValueName - READ-ONLY; The registry value name. ValueName *string `json:"valueName,omitempty"` // ValueType - READ-ONLY; Specifies the data types to use when storing values in the registry, or identifies the data type of a value in the registry. Possible values include: 'RegistryValueKindNone', 'RegistryValueKindUnknown', 'RegistryValueKindString', 'RegistryValueKindExpandString', 'RegistryValueKindBinary', 'RegistryValueKindDWord', 'RegistryValueKindMultiString', 'RegistryValueKindQWord' ValueType RegistryValueKind `json:"valueType,omitempty"` // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]interface{} `json:"additionalData"` // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. FriendlyName *string `json:"friendlyName,omitempty"` }
RegistryValueEntityProperties registryValue entity property bag.
func (RegistryValueEntityProperties) MarshalJSON ¶
func (rvep RegistryValueEntityProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for RegistryValueEntityProperties.
type RegistryValueKind ¶
type RegistryValueKind string
RegistryValueKind enumerates the values for registry value kind.
const ( // RegistryValueKindBinary Binary value type RegistryValueKindBinary RegistryValueKind = "Binary" // RegistryValueKindDWord DWord value type RegistryValueKindDWord RegistryValueKind = "DWord" // RegistryValueKindExpandString ExpandString value type RegistryValueKindExpandString RegistryValueKind = "ExpandString" // RegistryValueKindMultiString MultiString value type RegistryValueKindMultiString RegistryValueKind = "MultiString" // RegistryValueKindNone None RegistryValueKindNone RegistryValueKind = "None" // RegistryValueKindQWord QWord value type RegistryValueKindQWord RegistryValueKind = "QWord" // RegistryValueKindString String value type RegistryValueKindString RegistryValueKind = "String" // RegistryValueKindUnknown Unknown value type RegistryValueKindUnknown RegistryValueKind = "Unknown" )
func PossibleRegistryValueKindValues ¶
func PossibleRegistryValueKindValues() []RegistryValueKind
PossibleRegistryValueKindValues returns an array of possible values for the RegistryValueKind const type.
type Relation ¶
type Relation struct { autorest.Response `json:"-"` // RelationProperties - Relation properties *RelationProperties `json:"properties,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
Relation represents a relation between two resources
func (Relation) MarshalJSON ¶
MarshalJSON is the custom marshaler for Relation.
func (*Relation) UnmarshalJSON ¶
UnmarshalJSON is the custom unmarshaler for Relation struct.
type RelationList ¶
type RelationList struct { autorest.Response `json:"-"` // NextLink - READ-ONLY; URL to fetch the next set of relations. NextLink *string `json:"nextLink,omitempty"` // Value - Array of relations. Value *[]Relation `json:"value,omitempty"` }
RelationList list of relations.
func (RelationList) IsEmpty ¶
func (rl RelationList) IsEmpty() bool
IsEmpty returns true if the ListResult contains no values.
func (RelationList) MarshalJSON ¶
func (rl RelationList) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for RelationList.
type RelationListIterator ¶
type RelationListIterator struct {
// contains filtered or unexported fields
}
RelationListIterator provides access to a complete listing of Relation values.
func NewRelationListIterator ¶
func NewRelationListIterator(page RelationListPage) RelationListIterator
Creates a new instance of the RelationListIterator type.
func (*RelationListIterator) Next ¶
func (iter *RelationListIterator) Next() error
Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*RelationListIterator) NextWithContext ¶
func (iter *RelationListIterator) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.
func (RelationListIterator) NotDone ¶
func (iter RelationListIterator) NotDone() bool
NotDone returns true if the enumeration should be started or is not yet complete.
func (RelationListIterator) Response ¶
func (iter RelationListIterator) Response() RelationList
Response returns the raw server response from the last page request.
func (RelationListIterator) Value ¶
func (iter RelationListIterator) Value() Relation
Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.
type RelationListPage ¶
type RelationListPage struct {
// contains filtered or unexported fields
}
RelationListPage contains a page of Relation values.
func NewRelationListPage ¶
func NewRelationListPage(cur RelationList, getNextPage func(context.Context, RelationList) (RelationList, error)) RelationListPage
Creates a new instance of the RelationListPage type.
func (*RelationListPage) Next ¶
func (page *RelationListPage) Next() error
Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*RelationListPage) NextWithContext ¶
func (page *RelationListPage) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.
func (RelationListPage) NotDone ¶
func (page RelationListPage) NotDone() bool
NotDone returns true if the page enumeration should be started or is not yet complete.
func (RelationListPage) Response ¶
func (page RelationListPage) Response() RelationList
Response returns the raw server response from the last page request.
func (RelationListPage) Values ¶
func (page RelationListPage) Values() []Relation
Values returns the slice of values for the current page or nil if there are no values.
type RelationProperties ¶
type RelationProperties struct { // RelatedResourceID - The resource ID of the related resource RelatedResourceID *string `json:"relatedResourceId,omitempty"` // RelatedResourceName - READ-ONLY; The name of the related resource RelatedResourceName *string `json:"relatedResourceName,omitempty"` // RelatedResourceType - READ-ONLY; The resource type of the related resource RelatedResourceType *string `json:"relatedResourceType,omitempty"` // RelatedResourceKind - READ-ONLY; The resource kind of the related resource RelatedResourceKind *string `json:"relatedResourceKind,omitempty"` }
RelationProperties relation property bag.
func (RelationProperties) MarshalJSON ¶
func (rp RelationProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for RelationProperties.
type Repo ¶
type Repo struct { // URL - The url to access the repository. URL *string `json:"url,omitempty"` // FullName - The name of the repository. FullName *string `json:"fullName,omitempty"` // Branches - Array of branches. Branches *[]string `json:"branches,omitempty"` }
Repo represents a repository.
type RepoList ¶
type RepoList struct { autorest.Response `json:"-"` // NextLink - READ-ONLY; URL to fetch the next set of repositories. NextLink *string `json:"nextLink,omitempty"` // Value - Array of repositories. Value *[]Repo `json:"value,omitempty"` }
RepoList list all the source controls.
func (RepoList) MarshalJSON ¶
MarshalJSON is the custom marshaler for RepoList.
type RepoListIterator ¶
type RepoListIterator struct {
// contains filtered or unexported fields
}
RepoListIterator provides access to a complete listing of Repo values.
func NewRepoListIterator ¶
func NewRepoListIterator(page RepoListPage) RepoListIterator
Creates a new instance of the RepoListIterator type.
func (*RepoListIterator) Next ¶
func (iter *RepoListIterator) Next() error
Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*RepoListIterator) NextWithContext ¶
func (iter *RepoListIterator) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.
func (RepoListIterator) NotDone ¶
func (iter RepoListIterator) NotDone() bool
NotDone returns true if the enumeration should be started or is not yet complete.
func (RepoListIterator) Response ¶
func (iter RepoListIterator) Response() RepoList
Response returns the raw server response from the last page request.
func (RepoListIterator) Value ¶
func (iter RepoListIterator) Value() Repo
Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.
type RepoListPage ¶
type RepoListPage struct {
// contains filtered or unexported fields
}
RepoListPage contains a page of Repo values.
func NewRepoListPage ¶
func NewRepoListPage(cur RepoList, getNextPage func(context.Context, RepoList) (RepoList, error)) RepoListPage
Creates a new instance of the RepoListPage type.
func (*RepoListPage) Next ¶
func (page *RepoListPage) Next() error
Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*RepoListPage) NextWithContext ¶
func (page *RepoListPage) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.
func (RepoListPage) NotDone ¶
func (page RepoListPage) NotDone() bool
NotDone returns true if the page enumeration should be started or is not yet complete.
func (RepoListPage) Response ¶
func (page RepoListPage) Response() RepoList
Response returns the raw server response from the last page request.
func (RepoListPage) Values ¶
func (page RepoListPage) Values() []Repo
Values returns the slice of values for the current page or nil if there are no values.
type RepoType ¶
type RepoType string
RepoType enumerates the values for repo type.
func PossibleRepoTypeValues ¶
func PossibleRepoTypeValues() []RepoType
PossibleRepoTypeValues returns an array of possible values for the RepoType const type.
type Repository ¶
type Repository struct { // URL - Url of repository. URL *string `json:"url,omitempty"` // Branch - Branch name of repository. Branch *string `json:"branch,omitempty"` // DisplayURL - Display url of repository. DisplayURL *string `json:"displayUrl,omitempty"` // DeploymentLogsURL - Url to access repository action logs. DeploymentLogsURL *string `json:"deploymentLogsUrl,omitempty"` // PathMapping - Dictionary of source control content type and path mapping. PathMapping *[]ContentPathMap `json:"pathMapping,omitempty"` }
Repository metadata of a repository.
type RequiredPermissions ¶
type RequiredPermissions struct { // Action - action permission Action *bool `json:"action,omitempty"` // Write - write permission Write *bool `json:"write,omitempty"` // Read - read permission Read *bool `json:"read,omitempty"` // Delete - delete permission Delete *bool `json:"delete,omitempty"` }
RequiredPermissions required permissions for the connector
type Resource ¶
type Resource struct { // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
Resource common fields that are returned in the response for all Azure Resource Manager resources
func (Resource) MarshalJSON ¶
MarshalJSON is the custom marshaler for Resource.
type ResourceProvider ¶
type ResourceProvider struct { // Provider - Provider name. Possible values include: 'ProviderNameMicrosoftOperationalInsightssolutions', 'ProviderNameMicrosoftOperationalInsightsworkspaces', 'ProviderNameMicrosoftOperationalInsightsworkspacesdatasources', 'ProviderNameMicrosoftaadiamdiagnosticSettings', 'ProviderNameMicrosoftOperationalInsightsworkspacessharedKeys', 'ProviderNameMicrosoftAuthorizationpolicyAssignments' Provider ProviderName `json:"provider,omitempty"` // PermissionsDisplayText - Permission description text PermissionsDisplayText *string `json:"permissionsDisplayText,omitempty"` // ProviderDisplayName - Permission provider display name ProviderDisplayName *string `json:"providerDisplayName,omitempty"` // Scope - Permission provider scope. Possible values include: 'PermissionProviderScopeResourceGroup', 'PermissionProviderScopeSubscription', 'PermissionProviderScopeWorkspace' Scope PermissionProviderScope `json:"scope,omitempty"` // RequiredPermissions - Required permissions for the connector RequiredPermissions *RequiredPermissions `json:"requiredPermissions,omitempty"` }
ResourceProvider resource provider permissions required for the connector
type ResourceWithEtag ¶
type ResourceWithEtag struct { // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
ResourceWithEtag an azure resource object with an Etag property
func (ResourceWithEtag) MarshalJSON ¶
func (rwe ResourceWithEtag) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ResourceWithEtag.
type SampleQueries ¶
type SampleQueries struct { // Description - The sample query description Description *string `json:"description,omitempty"` // Query - the sample query Query *string `json:"query,omitempty"` }
SampleQueries the sample queries for the connector
type ScheduledAlertRule ¶
type ScheduledAlertRule struct { // ScheduledAlertRuleProperties - Scheduled alert rule properties *ScheduledAlertRuleProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicAlertRuleKindAlertRule', 'KindBasicAlertRuleKindMLBehaviorAnalytics', 'KindBasicAlertRuleKindFusion', 'KindBasicAlertRuleKindThreatIntelligence', 'KindBasicAlertRuleKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleKindScheduled', 'KindBasicAlertRuleKindNRT' Kind KindBasicAlertRule `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
ScheduledAlertRule represents scheduled alert rule.
func (ScheduledAlertRule) AsAlertRule ¶
func (sar ScheduledAlertRule) AsAlertRule() (*AlertRule, bool)
AsAlertRule is the BasicAlertRule implementation for ScheduledAlertRule.
func (ScheduledAlertRule) AsBasicAlertRule ¶
func (sar ScheduledAlertRule) AsBasicAlertRule() (BasicAlertRule, bool)
AsBasicAlertRule is the BasicAlertRule implementation for ScheduledAlertRule.
func (ScheduledAlertRule) AsFusionAlertRule ¶
func (sar ScheduledAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)
AsFusionAlertRule is the BasicAlertRule implementation for ScheduledAlertRule.
func (ScheduledAlertRule) AsMLBehaviorAnalyticsAlertRule ¶
func (sar ScheduledAlertRule) AsMLBehaviorAnalyticsAlertRule() (*MLBehaviorAnalyticsAlertRule, bool)
AsMLBehaviorAnalyticsAlertRule is the BasicAlertRule implementation for ScheduledAlertRule.
func (ScheduledAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule ¶
func (sar ScheduledAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)
AsMicrosoftSecurityIncidentCreationAlertRule is the BasicAlertRule implementation for ScheduledAlertRule.
func (ScheduledAlertRule) AsNrtAlertRule ¶
func (sar ScheduledAlertRule) AsNrtAlertRule() (*NrtAlertRule, bool)
AsNrtAlertRule is the BasicAlertRule implementation for ScheduledAlertRule.
func (ScheduledAlertRule) AsScheduledAlertRule ¶
func (sar ScheduledAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)
AsScheduledAlertRule is the BasicAlertRule implementation for ScheduledAlertRule.
func (ScheduledAlertRule) AsThreatIntelligenceAlertRule ¶
func (sar ScheduledAlertRule) AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool)
AsThreatIntelligenceAlertRule is the BasicAlertRule implementation for ScheduledAlertRule.
func (ScheduledAlertRule) MarshalJSON ¶
func (sar ScheduledAlertRule) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ScheduledAlertRule.
func (*ScheduledAlertRule) UnmarshalJSON ¶
func (sar *ScheduledAlertRule) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for ScheduledAlertRule struct.
type ScheduledAlertRuleCommonProperties ¶
type ScheduledAlertRuleCommonProperties struct { // QueryFrequency - The frequency (in ISO 8601 duration format) for this alert rule to run. QueryFrequency *string `json:"queryFrequency,omitempty"` // QueryPeriod - The period (in ISO 8601 duration format) that this alert rule looks at. QueryPeriod *string `json:"queryPeriod,omitempty"` // TriggerOperator - The operation against the threshold that triggers alert rule. Possible values include: 'TriggerOperatorGreaterThan', 'TriggerOperatorLessThan', 'TriggerOperatorEqual', 'TriggerOperatorNotEqual' TriggerOperator TriggerOperator `json:"triggerOperator,omitempty"` // TriggerThreshold - The threshold triggers this alert rule. TriggerThreshold *int32 `json:"triggerThreshold,omitempty"` // EventGroupingSettings - The event grouping settings. EventGroupingSettings *EventGroupingSettings `json:"eventGroupingSettings,omitempty"` }
ScheduledAlertRuleCommonProperties scheduled alert rule template property bag.
type ScheduledAlertRuleProperties ¶
type ScheduledAlertRuleProperties struct { // QueryFrequency - The frequency (in ISO 8601 duration format) for this alert rule to run. QueryFrequency *string `json:"queryFrequency,omitempty"` // QueryPeriod - The period (in ISO 8601 duration format) that this alert rule looks at. QueryPeriod *string `json:"queryPeriod,omitempty"` // TriggerOperator - The operation against the threshold that triggers alert rule. Possible values include: 'TriggerOperatorGreaterThan', 'TriggerOperatorLessThan', 'TriggerOperatorEqual', 'TriggerOperatorNotEqual' TriggerOperator TriggerOperator `json:"triggerOperator,omitempty"` // TriggerThreshold - The threshold triggers this alert rule. TriggerThreshold *int32 `json:"triggerThreshold,omitempty"` // EventGroupingSettings - The event grouping settings. EventGroupingSettings *EventGroupingSettings `json:"eventGroupingSettings,omitempty"` // AlertRuleTemplateName - The Name of the alert rule template used to create this rule. AlertRuleTemplateName *string `json:"alertRuleTemplateName,omitempty"` // TemplateVersion - The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2> TemplateVersion *string `json:"templateVersion,omitempty"` // Description - The description of the alert rule. Description *string `json:"description,omitempty"` // Query - The query that creates alerts for this rule. Query *string `json:"query,omitempty"` // DisplayName - The display name for alerts created by this alert rule. DisplayName *string `json:"displayName,omitempty"` // Enabled - Determines whether this alert rule is enabled or disabled. Enabled *bool `json:"enabled,omitempty"` // LastModifiedUtc - READ-ONLY; The last time that this alert rule has been modified. LastModifiedUtc *date.Time `json:"lastModifiedUtc,omitempty"` // SuppressionDuration - The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered. SuppressionDuration *string `json:"suppressionDuration,omitempty"` // SuppressionEnabled - Determines whether the suppression for this alert rule is enabled or disabled. SuppressionEnabled *bool `json:"suppressionEnabled,omitempty"` // Severity - The severity for alerts created by this alert rule. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' Severity AlertSeverity `json:"severity,omitempty"` // Tactics - The tactics of the alert rule Tactics *[]AttackTactic `json:"tactics,omitempty"` // IncidentConfiguration - The settings of the incidents that created from alerts triggered by this analytics rule IncidentConfiguration *IncidentConfiguration `json:"incidentConfiguration,omitempty"` // CustomDetails - Dictionary of string key-value pairs of columns to be attached to the alert CustomDetails map[string]*string `json:"customDetails"` // EntityMappings - Array of the entity mappings of the alert rule EntityMappings *[]EntityMapping `json:"entityMappings,omitempty"` // AlertDetailsOverride - The alert details override settings AlertDetailsOverride *AlertDetailsOverride `json:"alertDetailsOverride,omitempty"` }
ScheduledAlertRuleProperties scheduled alert rule base property bag.
func (ScheduledAlertRuleProperties) MarshalJSON ¶
func (sarp ScheduledAlertRuleProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ScheduledAlertRuleProperties.
type ScheduledAlertRuleTemplate ¶
type ScheduledAlertRuleTemplate struct { // ScheduledAlertRuleTemplateProperties - Scheduled alert rule template properties *ScheduledAlertRuleTemplateProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindMLBehaviorAnalytics', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindThreatIntelligence', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled', 'KindBasicAlertRuleTemplateKindNRT' Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
ScheduledAlertRuleTemplate represents scheduled alert rule template.
func (ScheduledAlertRuleTemplate) AsAlertRuleTemplate ¶
func (sart ScheduledAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)
AsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate.
func (ScheduledAlertRuleTemplate) AsBasicAlertRuleTemplate ¶
func (sart ScheduledAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)
AsBasicAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate.
func (ScheduledAlertRuleTemplate) AsFusionAlertRuleTemplate ¶
func (sart ScheduledAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)
AsFusionAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate.
func (ScheduledAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate ¶
func (sart ScheduledAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate() (*MLBehaviorAnalyticsAlertRuleTemplate, bool)
AsMLBehaviorAnalyticsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate.
func (ScheduledAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate ¶
func (sart ScheduledAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)
AsMicrosoftSecurityIncidentCreationAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate.
func (ScheduledAlertRuleTemplate) AsNrtAlertRuleTemplate ¶
func (sart ScheduledAlertRuleTemplate) AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool)
AsNrtAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate.
func (ScheduledAlertRuleTemplate) AsScheduledAlertRuleTemplate ¶
func (sart ScheduledAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)
AsScheduledAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate.
func (ScheduledAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate ¶
func (sart ScheduledAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool)
AsThreatIntelligenceAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate.
func (ScheduledAlertRuleTemplate) MarshalJSON ¶
func (sart ScheduledAlertRuleTemplate) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ScheduledAlertRuleTemplate.
func (*ScheduledAlertRuleTemplate) UnmarshalJSON ¶
func (sart *ScheduledAlertRuleTemplate) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for ScheduledAlertRuleTemplate struct.
type ScheduledAlertRuleTemplateProperties ¶
type ScheduledAlertRuleTemplateProperties struct { // AlertRulesCreatedByTemplateCount - the number of alert rules that were created by this template AlertRulesCreatedByTemplateCount *int32 `json:"alertRulesCreatedByTemplateCount,omitempty"` // LastUpdatedDateUTC - READ-ONLY; The last time that this alert rule template has been updated. LastUpdatedDateUTC *date.Time `json:"lastUpdatedDateUTC,omitempty"` // CreatedDateUTC - READ-ONLY; The time that this alert rule template has been added. CreatedDateUTC *date.Time `json:"createdDateUTC,omitempty"` // Description - The description of the alert rule template. Description *string `json:"description,omitempty"` // DisplayName - The display name for alert rule template. DisplayName *string `json:"displayName,omitempty"` // RequiredDataConnectors - The required data sources for this template RequiredDataConnectors *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"` // Status - The alert rule template status. Possible values include: 'TemplateStatusInstalled', 'TemplateStatusAvailable', 'TemplateStatusNotAvailable' Status TemplateStatus `json:"status,omitempty"` // Query - The query that creates alerts for this rule. Query *string `json:"query,omitempty"` // Severity - The severity for alerts created by this alert rule. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' Severity AlertSeverity `json:"severity,omitempty"` // Tactics - The tactics of the alert rule Tactics *[]AttackTactic `json:"tactics,omitempty"` // Version - The version of this template - in format <a.b.c>, where all are numbers. For example <1.0.2>. Version *string `json:"version,omitempty"` // CustomDetails - Dictionary of string key-value pairs of columns to be attached to the alert CustomDetails map[string]*string `json:"customDetails"` // EntityMappings - Array of the entity mappings of the alert rule EntityMappings *[]EntityMapping `json:"entityMappings,omitempty"` // AlertDetailsOverride - The alert details override settings AlertDetailsOverride *AlertDetailsOverride `json:"alertDetailsOverride,omitempty"` // QueryFrequency - The frequency (in ISO 8601 duration format) for this alert rule to run. QueryFrequency *string `json:"queryFrequency,omitempty"` // QueryPeriod - The period (in ISO 8601 duration format) that this alert rule looks at. QueryPeriod *string `json:"queryPeriod,omitempty"` // TriggerOperator - The operation against the threshold that triggers alert rule. Possible values include: 'TriggerOperatorGreaterThan', 'TriggerOperatorLessThan', 'TriggerOperatorEqual', 'TriggerOperatorNotEqual' TriggerOperator TriggerOperator `json:"triggerOperator,omitempty"` // TriggerThreshold - The threshold triggers this alert rule. TriggerThreshold *int32 `json:"triggerThreshold,omitempty"` // EventGroupingSettings - The event grouping settings. EventGroupingSettings *EventGroupingSettings `json:"eventGroupingSettings,omitempty"` }
ScheduledAlertRuleTemplateProperties scheduled alert rule template properties
func (ScheduledAlertRuleTemplateProperties) MarshalJSON ¶
func (sart ScheduledAlertRuleTemplateProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ScheduledAlertRuleTemplateProperties.
type SecurityAlert ¶
type SecurityAlert struct { // SecurityAlertProperties - SecurityAlert entity properties *SecurityAlertProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' Kind KindBasicEntity `json:"kind,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
SecurityAlert represents a security alert entity.
func (SecurityAlert) AsAccountEntity ¶
func (sa SecurityAlert) AsAccountEntity() (*AccountEntity, bool)
AsAccountEntity is the BasicEntity implementation for SecurityAlert.
func (SecurityAlert) AsAzureResourceEntity ¶
func (sa SecurityAlert) AsAzureResourceEntity() (*AzureResourceEntity, bool)
AsAzureResourceEntity is the BasicEntity implementation for SecurityAlert.
func (SecurityAlert) AsBasicEntity ¶
func (sa SecurityAlert) AsBasicEntity() (BasicEntity, bool)
AsBasicEntity is the BasicEntity implementation for SecurityAlert.
func (SecurityAlert) AsCloudApplicationEntity ¶
func (sa SecurityAlert) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
AsCloudApplicationEntity is the BasicEntity implementation for SecurityAlert.
func (SecurityAlert) AsDNSEntity ¶
func (sa SecurityAlert) AsDNSEntity() (*DNSEntity, bool)
AsDNSEntity is the BasicEntity implementation for SecurityAlert.
func (SecurityAlert) AsEntity ¶
func (sa SecurityAlert) AsEntity() (*Entity, bool)
AsEntity is the BasicEntity implementation for SecurityAlert.
func (SecurityAlert) AsFileEntity ¶
func (sa SecurityAlert) AsFileEntity() (*FileEntity, bool)
AsFileEntity is the BasicEntity implementation for SecurityAlert.
func (SecurityAlert) AsFileHashEntity ¶
func (sa SecurityAlert) AsFileHashEntity() (*FileHashEntity, bool)
AsFileHashEntity is the BasicEntity implementation for SecurityAlert.
func (SecurityAlert) AsHostEntity ¶
func (sa SecurityAlert) AsHostEntity() (*HostEntity, bool)
AsHostEntity is the BasicEntity implementation for SecurityAlert.
func (SecurityAlert) AsHuntingBookmark ¶
func (sa SecurityAlert) AsHuntingBookmark() (*HuntingBookmark, bool)
AsHuntingBookmark is the BasicEntity implementation for SecurityAlert.
func (SecurityAlert) AsIPEntity ¶
func (sa SecurityAlert) AsIPEntity() (*IPEntity, bool)
AsIPEntity is the BasicEntity implementation for SecurityAlert.
func (SecurityAlert) AsIoTDeviceEntity ¶
func (sa SecurityAlert) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
AsIoTDeviceEntity is the BasicEntity implementation for SecurityAlert.
func (SecurityAlert) AsMailClusterEntity ¶
func (sa SecurityAlert) AsMailClusterEntity() (*MailClusterEntity, bool)
AsMailClusterEntity is the BasicEntity implementation for SecurityAlert.
func (SecurityAlert) AsMailMessageEntity ¶
func (sa SecurityAlert) AsMailMessageEntity() (*MailMessageEntity, bool)
AsMailMessageEntity is the BasicEntity implementation for SecurityAlert.
func (SecurityAlert) AsMailboxEntity ¶
func (sa SecurityAlert) AsMailboxEntity() (*MailboxEntity, bool)
AsMailboxEntity is the BasicEntity implementation for SecurityAlert.
func (SecurityAlert) AsMalwareEntity ¶
func (sa SecurityAlert) AsMalwareEntity() (*MalwareEntity, bool)
AsMalwareEntity is the BasicEntity implementation for SecurityAlert.
func (SecurityAlert) AsProcessEntity ¶
func (sa SecurityAlert) AsProcessEntity() (*ProcessEntity, bool)
AsProcessEntity is the BasicEntity implementation for SecurityAlert.
func (SecurityAlert) AsRegistryKeyEntity ¶
func (sa SecurityAlert) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
AsRegistryKeyEntity is the BasicEntity implementation for SecurityAlert.
func (SecurityAlert) AsRegistryValueEntity ¶
func (sa SecurityAlert) AsRegistryValueEntity() (*RegistryValueEntity, bool)
AsRegistryValueEntity is the BasicEntity implementation for SecurityAlert.
func (SecurityAlert) AsSecurityAlert ¶
func (sa SecurityAlert) AsSecurityAlert() (*SecurityAlert, bool)
AsSecurityAlert is the BasicEntity implementation for SecurityAlert.
func (SecurityAlert) AsSecurityGroupEntity ¶
func (sa SecurityAlert) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
AsSecurityGroupEntity is the BasicEntity implementation for SecurityAlert.
func (SecurityAlert) AsSubmissionMailEntity ¶
func (sa SecurityAlert) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
AsSubmissionMailEntity is the BasicEntity implementation for SecurityAlert.
func (SecurityAlert) AsURLEntity ¶
func (sa SecurityAlert) AsURLEntity() (*URLEntity, bool)
AsURLEntity is the BasicEntity implementation for SecurityAlert.
func (SecurityAlert) MarshalJSON ¶
func (sa SecurityAlert) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for SecurityAlert.
func (*SecurityAlert) UnmarshalJSON ¶
func (sa *SecurityAlert) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for SecurityAlert struct.
type SecurityAlertProperties ¶
type SecurityAlertProperties struct { // AlertDisplayName - READ-ONLY; The display name of the alert. AlertDisplayName *string `json:"alertDisplayName,omitempty"` // AlertType - READ-ONLY; The type name of the alert. AlertType *string `json:"alertType,omitempty"` // CompromisedEntity - READ-ONLY; Display name of the main entity being reported on. CompromisedEntity *string `json:"compromisedEntity,omitempty"` // ConfidenceLevel - READ-ONLY; The confidence level of this alert. Possible values include: 'ConfidenceLevelUnknown', 'ConfidenceLevelLow', 'ConfidenceLevelHigh' ConfidenceLevel ConfidenceLevel `json:"confidenceLevel,omitempty"` // ConfidenceReasons - READ-ONLY; The confidence reasons ConfidenceReasons *[]SecurityAlertPropertiesConfidenceReasonsItem `json:"confidenceReasons,omitempty"` // ConfidenceScore - READ-ONLY; The confidence score of the alert. ConfidenceScore *float64 `json:"confidenceScore,omitempty"` // ConfidenceScoreStatus - READ-ONLY; The confidence score calculation status, i.e. indicating if score calculation is pending for this alert, not applicable or final. Possible values include: 'ConfidenceScoreStatusNotApplicable', 'ConfidenceScoreStatusInProcess', 'ConfidenceScoreStatusNotFinal', 'ConfidenceScoreStatusFinal' ConfidenceScoreStatus ConfidenceScoreStatus `json:"confidenceScoreStatus,omitempty"` // Description - READ-ONLY; Alert description. Description *string `json:"description,omitempty"` // EndTimeUtc - READ-ONLY; The impact end time of the alert (the time of the last event contributing to the alert). EndTimeUtc *date.Time `json:"endTimeUtc,omitempty"` // Intent - READ-ONLY; Holds the alert intent stage(s) mapping for this alert. Possible values include: 'KillChainIntentUnknown', 'KillChainIntentProbing', 'KillChainIntentExploitation', 'KillChainIntentPersistence', 'KillChainIntentPrivilegeEscalation', 'KillChainIntentDefenseEvasion', 'KillChainIntentCredentialAccess', 'KillChainIntentDiscovery', 'KillChainIntentLateralMovement', 'KillChainIntentExecution', 'KillChainIntentCollection', 'KillChainIntentExfiltration', 'KillChainIntentCommandAndControl', 'KillChainIntentImpact' Intent KillChainIntent `json:"intent,omitempty"` // ProviderAlertID - READ-ONLY; The identifier of the alert inside the product which generated the alert. ProviderAlertID *string `json:"providerAlertId,omitempty"` // ProcessingEndTime - READ-ONLY; The time the alert was made available for consumption. ProcessingEndTime *date.Time `json:"processingEndTime,omitempty"` // ProductComponentName - READ-ONLY; The name of a component inside the product which generated the alert. ProductComponentName *string `json:"productComponentName,omitempty"` // ProductName - READ-ONLY; The name of the product which published this alert. ProductName *string `json:"productName,omitempty"` // ProductVersion - READ-ONLY; The version of the product generating the alert. ProductVersion *string `json:"productVersion,omitempty"` // RemediationSteps - READ-ONLY; Manual action items to take to remediate the alert. RemediationSteps *[]string `json:"remediationSteps,omitempty"` // Severity - The severity of the alert. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' Severity AlertSeverity `json:"severity,omitempty"` // StartTimeUtc - READ-ONLY; The impact start time of the alert (the time of the first event contributing to the alert). StartTimeUtc *date.Time `json:"startTimeUtc,omitempty"` // Status - READ-ONLY; The lifecycle status of the alert. Possible values include: 'AlertStatusUnknown', 'AlertStatusNew', 'AlertStatusResolved', 'AlertStatusDismissed', 'AlertStatusInProgress' Status AlertStatus `json:"status,omitempty"` // SystemAlertID - READ-ONLY; Holds the product identifier of the alert for the product. SystemAlertID *string `json:"systemAlertId,omitempty"` // Tactics - READ-ONLY; The tactics of the alert Tactics *[]AttackTactic `json:"tactics,omitempty"` // TimeGenerated - READ-ONLY; The time the alert was generated. TimeGenerated *date.Time `json:"timeGenerated,omitempty"` // VendorName - READ-ONLY; The name of the vendor that raise the alert. VendorName *string `json:"vendorName,omitempty"` // AlertLink - READ-ONLY; The uri link of the alert. AlertLink *string `json:"alertLink,omitempty"` // ResourceIdentifiers - READ-ONLY; The list of resource identifiers of the alert. ResourceIdentifiers *[]interface{} `json:"resourceIdentifiers,omitempty"` // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]interface{} `json:"additionalData"` // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. FriendlyName *string `json:"friendlyName,omitempty"` }
SecurityAlertProperties securityAlert entity property bag.
func (SecurityAlertProperties) MarshalJSON ¶
func (sap SecurityAlertProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for SecurityAlertProperties.
type SecurityAlertPropertiesConfidenceReasonsItem ¶
type SecurityAlertPropertiesConfidenceReasonsItem struct { // Reason - READ-ONLY; The reason's description Reason *string `json:"reason,omitempty"` // ReasonType - READ-ONLY; The type (category) of the reason ReasonType *string `json:"reasonType,omitempty"` }
SecurityAlertPropertiesConfidenceReasonsItem confidence reason item
func (SecurityAlertPropertiesConfidenceReasonsItem) MarshalJSON ¶
func (sapRi SecurityAlertPropertiesConfidenceReasonsItem) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for SecurityAlertPropertiesConfidenceReasonsItem.
type SecurityAlertTimelineItem ¶
type SecurityAlertTimelineItem struct { // AzureResourceID - The alert azure resource id. AzureResourceID *string `json:"azureResourceId,omitempty"` // ProductName - The alert product name. ProductName *string `json:"productName,omitempty"` // Description - The alert description. Description *string `json:"description,omitempty"` // DisplayName - The alert name. DisplayName *string `json:"displayName,omitempty"` // Severity - The alert severity. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' Severity AlertSeverity `json:"severity,omitempty"` // EndTimeUtc - The alert end time. EndTimeUtc *date.Time `json:"endTimeUtc,omitempty"` // StartTimeUtc - The alert start time. StartTimeUtc *date.Time `json:"startTimeUtc,omitempty"` // TimeGenerated - The alert generated time. TimeGenerated *date.Time `json:"timeGenerated,omitempty"` // AlertType - The name of the alert type. AlertType *string `json:"alertType,omitempty"` // Kind - Possible values include: 'KindBasicEntityTimelineItemKindEntityTimelineItem', 'KindBasicEntityTimelineItemKindActivity', 'KindBasicEntityTimelineItemKindBookmark', 'KindBasicEntityTimelineItemKindSecurityAlert' Kind KindBasicEntityTimelineItem `json:"kind,omitempty"` }
SecurityAlertTimelineItem represents security alert timeline item.
func (SecurityAlertTimelineItem) AsActivityTimelineItem ¶
func (sati SecurityAlertTimelineItem) AsActivityTimelineItem() (*ActivityTimelineItem, bool)
AsActivityTimelineItem is the BasicEntityTimelineItem implementation for SecurityAlertTimelineItem.
func (SecurityAlertTimelineItem) AsBasicEntityTimelineItem ¶
func (sati SecurityAlertTimelineItem) AsBasicEntityTimelineItem() (BasicEntityTimelineItem, bool)
AsBasicEntityTimelineItem is the BasicEntityTimelineItem implementation for SecurityAlertTimelineItem.
func (SecurityAlertTimelineItem) AsBookmarkTimelineItem ¶
func (sati SecurityAlertTimelineItem) AsBookmarkTimelineItem() (*BookmarkTimelineItem, bool)
AsBookmarkTimelineItem is the BasicEntityTimelineItem implementation for SecurityAlertTimelineItem.
func (SecurityAlertTimelineItem) AsEntityTimelineItem ¶
func (sati SecurityAlertTimelineItem) AsEntityTimelineItem() (*EntityTimelineItem, bool)
AsEntityTimelineItem is the BasicEntityTimelineItem implementation for SecurityAlertTimelineItem.
func (SecurityAlertTimelineItem) AsSecurityAlertTimelineItem ¶
func (sati SecurityAlertTimelineItem) AsSecurityAlertTimelineItem() (*SecurityAlertTimelineItem, bool)
AsSecurityAlertTimelineItem is the BasicEntityTimelineItem implementation for SecurityAlertTimelineItem.
func (SecurityAlertTimelineItem) MarshalJSON ¶
func (sati SecurityAlertTimelineItem) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for SecurityAlertTimelineItem.
type SecurityGroupEntity ¶
type SecurityGroupEntity struct { // SecurityGroupEntityProperties - SecurityGroup entity properties *SecurityGroupEntityProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' Kind KindBasicEntity `json:"kind,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
SecurityGroupEntity represents a security group entity.
func (SecurityGroupEntity) AsAccountEntity ¶
func (sge SecurityGroupEntity) AsAccountEntity() (*AccountEntity, bool)
AsAccountEntity is the BasicEntity implementation for SecurityGroupEntity.
func (SecurityGroupEntity) AsAzureResourceEntity ¶
func (sge SecurityGroupEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
AsAzureResourceEntity is the BasicEntity implementation for SecurityGroupEntity.
func (SecurityGroupEntity) AsBasicEntity ¶
func (sge SecurityGroupEntity) AsBasicEntity() (BasicEntity, bool)
AsBasicEntity is the BasicEntity implementation for SecurityGroupEntity.
func (SecurityGroupEntity) AsCloudApplicationEntity ¶
func (sge SecurityGroupEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
AsCloudApplicationEntity is the BasicEntity implementation for SecurityGroupEntity.
func (SecurityGroupEntity) AsDNSEntity ¶
func (sge SecurityGroupEntity) AsDNSEntity() (*DNSEntity, bool)
AsDNSEntity is the BasicEntity implementation for SecurityGroupEntity.
func (SecurityGroupEntity) AsEntity ¶
func (sge SecurityGroupEntity) AsEntity() (*Entity, bool)
AsEntity is the BasicEntity implementation for SecurityGroupEntity.
func (SecurityGroupEntity) AsFileEntity ¶
func (sge SecurityGroupEntity) AsFileEntity() (*FileEntity, bool)
AsFileEntity is the BasicEntity implementation for SecurityGroupEntity.
func (SecurityGroupEntity) AsFileHashEntity ¶
func (sge SecurityGroupEntity) AsFileHashEntity() (*FileHashEntity, bool)
AsFileHashEntity is the BasicEntity implementation for SecurityGroupEntity.
func (SecurityGroupEntity) AsHostEntity ¶
func (sge SecurityGroupEntity) AsHostEntity() (*HostEntity, bool)
AsHostEntity is the BasicEntity implementation for SecurityGroupEntity.
func (SecurityGroupEntity) AsHuntingBookmark ¶
func (sge SecurityGroupEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
AsHuntingBookmark is the BasicEntity implementation for SecurityGroupEntity.
func (SecurityGroupEntity) AsIPEntity ¶
func (sge SecurityGroupEntity) AsIPEntity() (*IPEntity, bool)
AsIPEntity is the BasicEntity implementation for SecurityGroupEntity.
func (SecurityGroupEntity) AsIoTDeviceEntity ¶
func (sge SecurityGroupEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
AsIoTDeviceEntity is the BasicEntity implementation for SecurityGroupEntity.
func (SecurityGroupEntity) AsMailClusterEntity ¶
func (sge SecurityGroupEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
AsMailClusterEntity is the BasicEntity implementation for SecurityGroupEntity.
func (SecurityGroupEntity) AsMailMessageEntity ¶
func (sge SecurityGroupEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
AsMailMessageEntity is the BasicEntity implementation for SecurityGroupEntity.
func (SecurityGroupEntity) AsMailboxEntity ¶
func (sge SecurityGroupEntity) AsMailboxEntity() (*MailboxEntity, bool)
AsMailboxEntity is the BasicEntity implementation for SecurityGroupEntity.
func (SecurityGroupEntity) AsMalwareEntity ¶
func (sge SecurityGroupEntity) AsMalwareEntity() (*MalwareEntity, bool)
AsMalwareEntity is the BasicEntity implementation for SecurityGroupEntity.
func (SecurityGroupEntity) AsProcessEntity ¶
func (sge SecurityGroupEntity) AsProcessEntity() (*ProcessEntity, bool)
AsProcessEntity is the BasicEntity implementation for SecurityGroupEntity.
func (SecurityGroupEntity) AsRegistryKeyEntity ¶
func (sge SecurityGroupEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
AsRegistryKeyEntity is the BasicEntity implementation for SecurityGroupEntity.
func (SecurityGroupEntity) AsRegistryValueEntity ¶
func (sge SecurityGroupEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
AsRegistryValueEntity is the BasicEntity implementation for SecurityGroupEntity.
func (SecurityGroupEntity) AsSecurityAlert ¶
func (sge SecurityGroupEntity) AsSecurityAlert() (*SecurityAlert, bool)
AsSecurityAlert is the BasicEntity implementation for SecurityGroupEntity.
func (SecurityGroupEntity) AsSecurityGroupEntity ¶
func (sge SecurityGroupEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
AsSecurityGroupEntity is the BasicEntity implementation for SecurityGroupEntity.
func (SecurityGroupEntity) AsSubmissionMailEntity ¶
func (sge SecurityGroupEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
AsSubmissionMailEntity is the BasicEntity implementation for SecurityGroupEntity.
func (SecurityGroupEntity) AsURLEntity ¶
func (sge SecurityGroupEntity) AsURLEntity() (*URLEntity, bool)
AsURLEntity is the BasicEntity implementation for SecurityGroupEntity.
func (SecurityGroupEntity) MarshalJSON ¶
func (sge SecurityGroupEntity) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for SecurityGroupEntity.
func (*SecurityGroupEntity) UnmarshalJSON ¶
func (sge *SecurityGroupEntity) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for SecurityGroupEntity struct.
type SecurityGroupEntityProperties ¶
type SecurityGroupEntityProperties struct { // DistinguishedName - READ-ONLY; The group distinguished name DistinguishedName *string `json:"distinguishedName,omitempty"` // ObjectGUID - READ-ONLY; A single-value attribute that is the unique identifier for the object, assigned by active directory. ObjectGUID *uuid.UUID `json:"objectGuid,omitempty"` // Sid - READ-ONLY; The SID attribute is a single-value attribute that specifies the security identifier (SID) of the group Sid *string `json:"sid,omitempty"` // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]interface{} `json:"additionalData"` // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. FriendlyName *string `json:"friendlyName,omitempty"` }
SecurityGroupEntityProperties securityGroup entity property bag.
func (SecurityGroupEntityProperties) MarshalJSON ¶
func (sgep SecurityGroupEntityProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for SecurityGroupEntityProperties.
type SentinelOnboardingState ¶
type SentinelOnboardingState struct { autorest.Response `json:"-"` // SentinelOnboardingStateProperties - The Sentinel onboarding state object *SentinelOnboardingStateProperties `json:"properties,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
SentinelOnboardingState sentinel onboarding state
func (SentinelOnboardingState) MarshalJSON ¶
func (sos SentinelOnboardingState) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for SentinelOnboardingState.
func (*SentinelOnboardingState) UnmarshalJSON ¶
func (sos *SentinelOnboardingState) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for SentinelOnboardingState struct.
type SentinelOnboardingStateProperties ¶
type SentinelOnboardingStateProperties struct { // CustomerManagedKey - Flag that indicates the status of the CMK setting CustomerManagedKey *bool `json:"customerManagedKey,omitempty"` }
SentinelOnboardingStateProperties the Sentinel onboarding state properties
type SentinelOnboardingStatesClient ¶
type SentinelOnboardingStatesClient struct {
BaseClient
}
SentinelOnboardingStatesClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewSentinelOnboardingStatesClient ¶
func NewSentinelOnboardingStatesClient(subscriptionID string) SentinelOnboardingStatesClient
NewSentinelOnboardingStatesClient creates an instance of the SentinelOnboardingStatesClient client.
func NewSentinelOnboardingStatesClientWithBaseURI ¶
func NewSentinelOnboardingStatesClientWithBaseURI(baseURI string, subscriptionID string) SentinelOnboardingStatesClient
NewSentinelOnboardingStatesClientWithBaseURI creates an instance of the SentinelOnboardingStatesClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (SentinelOnboardingStatesClient) Create ¶
func (client SentinelOnboardingStatesClient) Create(ctx context.Context, resourceGroupName string, workspaceName string, sentinelOnboardingStateName string, sentinelOnboardingStateParameter *SentinelOnboardingState) (result SentinelOnboardingState, err error)
Create create Sentinel onboarding state Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. sentinelOnboardingStateName - the Sentinel onboarding state name. Supports - default sentinelOnboardingStateParameter - the Sentinel onboarding state parameter
func (SentinelOnboardingStatesClient) CreatePreparer ¶
func (client SentinelOnboardingStatesClient) CreatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, sentinelOnboardingStateName string, sentinelOnboardingStateParameter *SentinelOnboardingState) (*http.Request, error)
CreatePreparer prepares the Create request.
func (SentinelOnboardingStatesClient) CreateResponder ¶
func (client SentinelOnboardingStatesClient) CreateResponder(resp *http.Response) (result SentinelOnboardingState, err error)
CreateResponder handles the response to the Create request. The method always closes the http.Response Body.
func (SentinelOnboardingStatesClient) CreateSender ¶
func (client SentinelOnboardingStatesClient) CreateSender(req *http.Request) (*http.Response, error)
CreateSender sends the Create request. The method will close the http.Response Body if it receives an error.
func (SentinelOnboardingStatesClient) Delete ¶
func (client SentinelOnboardingStatesClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, sentinelOnboardingStateName string) (result autorest.Response, err error)
Delete delete Sentinel onboarding state Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. sentinelOnboardingStateName - the Sentinel onboarding state name. Supports - default
func (SentinelOnboardingStatesClient) DeletePreparer ¶
func (client SentinelOnboardingStatesClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, sentinelOnboardingStateName string) (*http.Request, error)
DeletePreparer prepares the Delete request.
func (SentinelOnboardingStatesClient) DeleteResponder ¶
func (client SentinelOnboardingStatesClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
DeleteResponder handles the response to the Delete request. The method always closes the http.Response Body.
func (SentinelOnboardingStatesClient) DeleteSender ¶
func (client SentinelOnboardingStatesClient) DeleteSender(req *http.Request) (*http.Response, error)
DeleteSender sends the Delete request. The method will close the http.Response Body if it receives an error.
func (SentinelOnboardingStatesClient) Get ¶
func (client SentinelOnboardingStatesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, sentinelOnboardingStateName string) (result SentinelOnboardingState, err error)
Get get Sentinel onboarding state Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. sentinelOnboardingStateName - the Sentinel onboarding state name. Supports - default
func (SentinelOnboardingStatesClient) GetPreparer ¶
func (client SentinelOnboardingStatesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, sentinelOnboardingStateName string) (*http.Request, error)
GetPreparer prepares the Get request.
func (SentinelOnboardingStatesClient) GetResponder ¶
func (client SentinelOnboardingStatesClient) GetResponder(resp *http.Response) (result SentinelOnboardingState, err error)
GetResponder handles the response to the Get request. The method always closes the http.Response Body.
func (SentinelOnboardingStatesClient) GetSender ¶
GetSender sends the Get request. The method will close the http.Response Body if it receives an error.
func (SentinelOnboardingStatesClient) List ¶
func (client SentinelOnboardingStatesClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result SentinelOnboardingStatesList, err error)
List gets all Sentinel onboarding states Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace.
func (SentinelOnboardingStatesClient) ListPreparer ¶
func (client SentinelOnboardingStatesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
ListPreparer prepares the List request.
func (SentinelOnboardingStatesClient) ListResponder ¶
func (client SentinelOnboardingStatesClient) ListResponder(resp *http.Response) (result SentinelOnboardingStatesList, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (SentinelOnboardingStatesClient) ListSender ¶
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
type SentinelOnboardingStatesList ¶
type SentinelOnboardingStatesList struct { autorest.Response `json:"-"` // Value - Array of Sentinel onboarding states Value *[]SentinelOnboardingState `json:"value,omitempty"` }
SentinelOnboardingStatesList list of the Sentinel onboarding states
type SettingList ¶
type SettingList struct { autorest.Response `json:"-"` // Value - Array of settings. Value *[]BasicSettings `json:"value,omitempty"` }
SettingList list of all the settings.
func (*SettingList) UnmarshalJSON ¶
func (sl *SettingList) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for SettingList struct.
type SettingType ¶
type SettingType string
SettingType enumerates the values for setting type.
const ( // SettingTypeCopyableLabel ... SettingTypeCopyableLabel SettingType = "CopyableLabel" // SettingTypeInfoMessage ... SettingTypeInfoMessage SettingType = "InfoMessage" // SettingTypeInstructionStepsGroup ... SettingTypeInstructionStepsGroup SettingType = "InstructionStepsGroup" )
func PossibleSettingTypeValues ¶
func PossibleSettingTypeValues() []SettingType
PossibleSettingTypeValues returns an array of possible values for the SettingType const type.
type Settings ¶
type Settings struct { autorest.Response `json:"-"` // Kind - Possible values include: 'KindBasicSettingsKindSettings', 'KindBasicSettingsKindAnomalies', 'KindBasicSettingsKindEyesOn', 'KindBasicSettingsKindEntityAnalytics', 'KindBasicSettingsKindUeba' Kind KindBasicSettings `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
Settings the Setting.
func (Settings) AsAnomalies ¶
AsAnomalies is the BasicSettings implementation for Settings.
func (Settings) AsBasicSettings ¶
func (s Settings) AsBasicSettings() (BasicSettings, bool)
AsBasicSettings is the BasicSettings implementation for Settings.
func (Settings) AsEntityAnalytics ¶
func (s Settings) AsEntityAnalytics() (*EntityAnalytics, bool)
AsEntityAnalytics is the BasicSettings implementation for Settings.
func (Settings) AsSettings ¶
AsSettings is the BasicSettings implementation for Settings.
func (Settings) MarshalJSON ¶
MarshalJSON is the custom marshaler for Settings.
type SettingsModel ¶
type SettingsModel struct { autorest.Response `json:"-"` Value BasicSettings `json:"value,omitempty"` }
SettingsModel ...
func (*SettingsModel) UnmarshalJSON ¶
func (sm *SettingsModel) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for SettingsModel struct.
type Sku ¶
type Sku struct { // Name - The kind of the tier. Possible values include: 'SkuKindPerGB', 'SkuKindCapacityReservation' Name SkuKind `json:"name,omitempty"` // CapacityReservationLevel - The amount of reservation level CapacityReservationLevel *int32 `json:"capacityReservationLevel,omitempty"` }
Sku the pricing tier of the solution
type SkuKind ¶
type SkuKind string
SkuKind enumerates the values for sku kind.
func PossibleSkuKindValues ¶
func PossibleSkuKindValues() []SkuKind
PossibleSkuKindValues returns an array of possible values for the SkuKind const type.
type Source ¶
type Source string
Source enumerates the values for source.
func PossibleSourceValues ¶
func PossibleSourceValues() []Source
PossibleSourceValues returns an array of possible values for the Source const type.
type SourceControl ¶
type SourceControl struct { autorest.Response `json:"-"` // SourceControlProperties - source control properties *SourceControlProperties `json:"properties,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
SourceControl represents a SourceControl in Azure Security Insights.
func (SourceControl) MarshalJSON ¶
func (sc SourceControl) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for SourceControl.
func (*SourceControl) UnmarshalJSON ¶
func (sc *SourceControl) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for SourceControl struct.
type SourceControlClient ¶
type SourceControlClient struct {
BaseClient
}
SourceControlClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewSourceControlClient ¶
func NewSourceControlClient(subscriptionID string) SourceControlClient
NewSourceControlClient creates an instance of the SourceControlClient client.
func NewSourceControlClientWithBaseURI ¶
func NewSourceControlClientWithBaseURI(baseURI string, subscriptionID string) SourceControlClient
NewSourceControlClientWithBaseURI creates an instance of the SourceControlClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (SourceControlClient) ListRepositories ¶
func (client SourceControlClient) ListRepositories(ctx context.Context, resourceGroupName string, workspaceName string, repoType RepoType) (result RepoListPage, err error)
ListRepositories gets a list of repositories metadata. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. repoType - the repo type.
func (SourceControlClient) ListRepositoriesComplete ¶
func (client SourceControlClient) ListRepositoriesComplete(ctx context.Context, resourceGroupName string, workspaceName string, repoType RepoType) (result RepoListIterator, err error)
ListRepositoriesComplete enumerates all values, automatically crossing page boundaries as required.
func (SourceControlClient) ListRepositoriesPreparer ¶
func (client SourceControlClient) ListRepositoriesPreparer(ctx context.Context, resourceGroupName string, workspaceName string, repoType RepoType) (*http.Request, error)
ListRepositoriesPreparer prepares the ListRepositories request.
func (SourceControlClient) ListRepositoriesResponder ¶
func (client SourceControlClient) ListRepositoriesResponder(resp *http.Response) (result RepoList, err error)
ListRepositoriesResponder handles the response to the ListRepositories request. The method always closes the http.Response Body.
func (SourceControlClient) ListRepositoriesSender ¶
ListRepositoriesSender sends the ListRepositories request. The method will close the http.Response Body if it receives an error.
type SourceControlList ¶
type SourceControlList struct { autorest.Response `json:"-"` // NextLink - READ-ONLY; URL to fetch the next set of source controls. NextLink *string `json:"nextLink,omitempty"` // Value - Array of source controls. Value *[]SourceControl `json:"value,omitempty"` }
SourceControlList list all the source controls.
func (SourceControlList) IsEmpty ¶
func (scl SourceControlList) IsEmpty() bool
IsEmpty returns true if the ListResult contains no values.
func (SourceControlList) MarshalJSON ¶
func (scl SourceControlList) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for SourceControlList.
type SourceControlListIterator ¶
type SourceControlListIterator struct {
// contains filtered or unexported fields
}
SourceControlListIterator provides access to a complete listing of SourceControl values.
func NewSourceControlListIterator ¶
func NewSourceControlListIterator(page SourceControlListPage) SourceControlListIterator
Creates a new instance of the SourceControlListIterator type.
func (*SourceControlListIterator) Next ¶
func (iter *SourceControlListIterator) Next() error
Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*SourceControlListIterator) NextWithContext ¶
func (iter *SourceControlListIterator) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.
func (SourceControlListIterator) NotDone ¶
func (iter SourceControlListIterator) NotDone() bool
NotDone returns true if the enumeration should be started or is not yet complete.
func (SourceControlListIterator) Response ¶
func (iter SourceControlListIterator) Response() SourceControlList
Response returns the raw server response from the last page request.
func (SourceControlListIterator) Value ¶
func (iter SourceControlListIterator) Value() SourceControl
Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.
type SourceControlListPage ¶
type SourceControlListPage struct {
// contains filtered or unexported fields
}
SourceControlListPage contains a page of SourceControl values.
func NewSourceControlListPage ¶
func NewSourceControlListPage(cur SourceControlList, getNextPage func(context.Context, SourceControlList) (SourceControlList, error)) SourceControlListPage
Creates a new instance of the SourceControlListPage type.
func (*SourceControlListPage) Next ¶
func (page *SourceControlListPage) Next() error
Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*SourceControlListPage) NextWithContext ¶
func (page *SourceControlListPage) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.
func (SourceControlListPage) NotDone ¶
func (page SourceControlListPage) NotDone() bool
NotDone returns true if the page enumeration should be started or is not yet complete.
func (SourceControlListPage) Response ¶
func (page SourceControlListPage) Response() SourceControlList
Response returns the raw server response from the last page request.
func (SourceControlListPage) Values ¶
func (page SourceControlListPage) Values() []SourceControl
Values returns the slice of values for the current page or nil if there are no values.
type SourceControlProperties ¶
type SourceControlProperties struct { // ID - The id (a Guid) of the source control ID *string `json:"id,omitempty"` // DisplayName - The display name of the source control DisplayName *string `json:"displayName,omitempty"` // Description - A description of the source control Description *string `json:"description,omitempty"` // RepoType - The repository type of the source control. Possible values include: 'RepoTypeGithub', 'RepoTypeDevOps' RepoType RepoType `json:"repoType,omitempty"` // ContentTypes - Array of source control content types. ContentTypes *[]ContentType `json:"contentTypes,omitempty"` // Repository - Repository metadata. Repository *Repository `json:"repository,omitempty"` }
SourceControlProperties describes source control properties
type SourceControlsClient ¶
type SourceControlsClient struct {
BaseClient
}
SourceControlsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewSourceControlsClient ¶
func NewSourceControlsClient(subscriptionID string) SourceControlsClient
NewSourceControlsClient creates an instance of the SourceControlsClient client.
func NewSourceControlsClientWithBaseURI ¶
func NewSourceControlsClientWithBaseURI(baseURI string, subscriptionID string) SourceControlsClient
NewSourceControlsClientWithBaseURI creates an instance of the SourceControlsClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (SourceControlsClient) Create ¶
func (client SourceControlsClient) Create(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string, sourceControl SourceControl) (result SourceControl, err error)
Create creates a source control. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. sourceControlID - source control Id sourceControl - the SourceControl
func (SourceControlsClient) CreatePreparer ¶
func (client SourceControlsClient) CreatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string, sourceControl SourceControl) (*http.Request, error)
CreatePreparer prepares the Create request.
func (SourceControlsClient) CreateResponder ¶
func (client SourceControlsClient) CreateResponder(resp *http.Response) (result SourceControl, err error)
CreateResponder handles the response to the Create request. The method always closes the http.Response Body.
func (SourceControlsClient) CreateSender ¶
CreateSender sends the Create request. The method will close the http.Response Body if it receives an error.
func (SourceControlsClient) Delete ¶
func (client SourceControlsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string) (result autorest.Response, err error)
Delete delete a source control. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. sourceControlID - source control Id
func (SourceControlsClient) DeletePreparer ¶
func (client SourceControlsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string) (*http.Request, error)
DeletePreparer prepares the Delete request.
func (SourceControlsClient) DeleteResponder ¶
func (client SourceControlsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
DeleteResponder handles the response to the Delete request. The method always closes the http.Response Body.
func (SourceControlsClient) DeleteSender ¶
DeleteSender sends the Delete request. The method will close the http.Response Body if it receives an error.
func (SourceControlsClient) Get ¶
func (client SourceControlsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string) (result SourceControl, err error)
Get gets a source control byt its identifier. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. sourceControlID - source control Id
func (SourceControlsClient) GetPreparer ¶
func (client SourceControlsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string) (*http.Request, error)
GetPreparer prepares the Get request.
func (SourceControlsClient) GetResponder ¶
func (client SourceControlsClient) GetResponder(resp *http.Response) (result SourceControl, err error)
GetResponder handles the response to the Get request. The method always closes the http.Response Body.
func (SourceControlsClient) GetSender ¶
GetSender sends the Get request. The method will close the http.Response Body if it receives an error.
func (SourceControlsClient) List ¶
func (client SourceControlsClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result SourceControlListPage, err error)
List gets all source controls, without source control items. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace.
func (SourceControlsClient) ListComplete ¶
func (client SourceControlsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result SourceControlListIterator, err error)
ListComplete enumerates all values, automatically crossing page boundaries as required.
func (SourceControlsClient) ListPreparer ¶
func (client SourceControlsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
ListPreparer prepares the List request.
func (SourceControlsClient) ListResponder ¶
func (client SourceControlsClient) ListResponder(resp *http.Response) (result SourceControlList, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (SourceControlsClient) ListSender ¶
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
type SourceKind ¶
type SourceKind string
SourceKind enumerates the values for source kind.
const ( // SourceKindCommunity ... SourceKindCommunity SourceKind = "Community" // SourceKindLocalWorkspace ... SourceKindLocalWorkspace SourceKind = "LocalWorkspace" // SourceKindSolution ... SourceKindSolution SourceKind = "Solution" // SourceKindSourceRepository ... SourceKindSourceRepository SourceKind = "SourceRepository" )
func PossibleSourceKindValues ¶
func PossibleSourceKindValues() []SourceKind
PossibleSourceKindValues returns an array of possible values for the SourceKind const type.
type SubmissionMailEntity ¶
type SubmissionMailEntity struct { // SubmissionMailEntityProperties - Submission mail entity properties *SubmissionMailEntityProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' Kind KindBasicEntity `json:"kind,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
SubmissionMailEntity represents a submission mail entity.
func (SubmissionMailEntity) AsAccountEntity ¶
func (sme SubmissionMailEntity) AsAccountEntity() (*AccountEntity, bool)
AsAccountEntity is the BasicEntity implementation for SubmissionMailEntity.
func (SubmissionMailEntity) AsAzureResourceEntity ¶
func (sme SubmissionMailEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
AsAzureResourceEntity is the BasicEntity implementation for SubmissionMailEntity.
func (SubmissionMailEntity) AsBasicEntity ¶
func (sme SubmissionMailEntity) AsBasicEntity() (BasicEntity, bool)
AsBasicEntity is the BasicEntity implementation for SubmissionMailEntity.
func (SubmissionMailEntity) AsCloudApplicationEntity ¶
func (sme SubmissionMailEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
AsCloudApplicationEntity is the BasicEntity implementation for SubmissionMailEntity.
func (SubmissionMailEntity) AsDNSEntity ¶
func (sme SubmissionMailEntity) AsDNSEntity() (*DNSEntity, bool)
AsDNSEntity is the BasicEntity implementation for SubmissionMailEntity.
func (SubmissionMailEntity) AsEntity ¶
func (sme SubmissionMailEntity) AsEntity() (*Entity, bool)
AsEntity is the BasicEntity implementation for SubmissionMailEntity.
func (SubmissionMailEntity) AsFileEntity ¶
func (sme SubmissionMailEntity) AsFileEntity() (*FileEntity, bool)
AsFileEntity is the BasicEntity implementation for SubmissionMailEntity.
func (SubmissionMailEntity) AsFileHashEntity ¶
func (sme SubmissionMailEntity) AsFileHashEntity() (*FileHashEntity, bool)
AsFileHashEntity is the BasicEntity implementation for SubmissionMailEntity.
func (SubmissionMailEntity) AsHostEntity ¶
func (sme SubmissionMailEntity) AsHostEntity() (*HostEntity, bool)
AsHostEntity is the BasicEntity implementation for SubmissionMailEntity.
func (SubmissionMailEntity) AsHuntingBookmark ¶
func (sme SubmissionMailEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
AsHuntingBookmark is the BasicEntity implementation for SubmissionMailEntity.
func (SubmissionMailEntity) AsIPEntity ¶
func (sme SubmissionMailEntity) AsIPEntity() (*IPEntity, bool)
AsIPEntity is the BasicEntity implementation for SubmissionMailEntity.
func (SubmissionMailEntity) AsIoTDeviceEntity ¶
func (sme SubmissionMailEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
AsIoTDeviceEntity is the BasicEntity implementation for SubmissionMailEntity.
func (SubmissionMailEntity) AsMailClusterEntity ¶
func (sme SubmissionMailEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
AsMailClusterEntity is the BasicEntity implementation for SubmissionMailEntity.
func (SubmissionMailEntity) AsMailMessageEntity ¶
func (sme SubmissionMailEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
AsMailMessageEntity is the BasicEntity implementation for SubmissionMailEntity.
func (SubmissionMailEntity) AsMailboxEntity ¶
func (sme SubmissionMailEntity) AsMailboxEntity() (*MailboxEntity, bool)
AsMailboxEntity is the BasicEntity implementation for SubmissionMailEntity.
func (SubmissionMailEntity) AsMalwareEntity ¶
func (sme SubmissionMailEntity) AsMalwareEntity() (*MalwareEntity, bool)
AsMalwareEntity is the BasicEntity implementation for SubmissionMailEntity.
func (SubmissionMailEntity) AsProcessEntity ¶
func (sme SubmissionMailEntity) AsProcessEntity() (*ProcessEntity, bool)
AsProcessEntity is the BasicEntity implementation for SubmissionMailEntity.
func (SubmissionMailEntity) AsRegistryKeyEntity ¶
func (sme SubmissionMailEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
AsRegistryKeyEntity is the BasicEntity implementation for SubmissionMailEntity.
func (SubmissionMailEntity) AsRegistryValueEntity ¶
func (sme SubmissionMailEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
AsRegistryValueEntity is the BasicEntity implementation for SubmissionMailEntity.
func (SubmissionMailEntity) AsSecurityAlert ¶
func (sme SubmissionMailEntity) AsSecurityAlert() (*SecurityAlert, bool)
AsSecurityAlert is the BasicEntity implementation for SubmissionMailEntity.
func (SubmissionMailEntity) AsSecurityGroupEntity ¶
func (sme SubmissionMailEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
AsSecurityGroupEntity is the BasicEntity implementation for SubmissionMailEntity.
func (SubmissionMailEntity) AsSubmissionMailEntity ¶
func (sme SubmissionMailEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
AsSubmissionMailEntity is the BasicEntity implementation for SubmissionMailEntity.
func (SubmissionMailEntity) AsURLEntity ¶
func (sme SubmissionMailEntity) AsURLEntity() (*URLEntity, bool)
AsURLEntity is the BasicEntity implementation for SubmissionMailEntity.
func (SubmissionMailEntity) MarshalJSON ¶
func (sme SubmissionMailEntity) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for SubmissionMailEntity.
func (*SubmissionMailEntity) UnmarshalJSON ¶
func (sme *SubmissionMailEntity) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for SubmissionMailEntity struct.
type SubmissionMailEntityProperties ¶
type SubmissionMailEntityProperties struct { // NetworkMessageID - READ-ONLY; The network message id of email to which submission belongs NetworkMessageID *uuid.UUID `json:"networkMessageId,omitempty"` // SubmissionID - READ-ONLY; The submission id SubmissionID *uuid.UUID `json:"submissionId,omitempty"` // Submitter - READ-ONLY; The submitter Submitter *string `json:"submitter,omitempty"` // SubmissionDate - READ-ONLY; The submission date SubmissionDate *date.Time `json:"submissionDate,omitempty"` // Timestamp - READ-ONLY; The Time stamp when the message is received (Mail) Timestamp *date.Time `json:"timestamp,omitempty"` // Recipient - READ-ONLY; The recipient of the mail Recipient *string `json:"recipient,omitempty"` // Sender - READ-ONLY; The sender of the mail Sender *string `json:"sender,omitempty"` // SenderIP - READ-ONLY; The sender's IP SenderIP *string `json:"senderIp,omitempty"` // Subject - READ-ONLY; The subject of submission mail Subject *string `json:"subject,omitempty"` // ReportType - READ-ONLY; The submission type for the given instance. This maps to Junk, Phish, Malware or NotJunk. ReportType *string `json:"reportType,omitempty"` // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]interface{} `json:"additionalData"` // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. FriendlyName *string `json:"friendlyName,omitempty"` }
SubmissionMailEntityProperties submission mail entity property bag.
func (SubmissionMailEntityProperties) MarshalJSON ¶
func (smep SubmissionMailEntityProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for SubmissionMailEntityProperties.
type SupportTier ¶
type SupportTier string
SupportTier enumerates the values for support tier.
const ( // SupportTierCommunity ... SupportTierCommunity SupportTier = "Community" // SupportTierMicrosoft ... SupportTierMicrosoft SupportTier = "Microsoft" // SupportTierPartner ... SupportTierPartner SupportTier = "Partner" )
func PossibleSupportTierValues ¶
func PossibleSupportTierValues() []SupportTier
PossibleSupportTierValues returns an array of possible values for the SupportTier const type.
type SystemData ¶
type SystemData struct { // CreatedBy - The identity that created the resource. CreatedBy *string `json:"createdBy,omitempty"` // CreatedByType - The type of identity that created the resource. Possible values include: 'CreatedByTypeUser', 'CreatedByTypeApplication', 'CreatedByTypeManagedIdentity', 'CreatedByTypeKey' CreatedByType CreatedByType `json:"createdByType,omitempty"` // CreatedAt - The timestamp of resource creation (UTC). CreatedAt *date.Time `json:"createdAt,omitempty"` // LastModifiedBy - The identity that last modified the resource. LastModifiedBy *string `json:"lastModifiedBy,omitempty"` // LastModifiedByType - The type of identity that last modified the resource. Possible values include: 'CreatedByTypeUser', 'CreatedByTypeApplication', 'CreatedByTypeManagedIdentity', 'CreatedByTypeKey' LastModifiedByType CreatedByType `json:"lastModifiedByType,omitempty"` // LastModifiedAt - The timestamp of resource last modification (UTC) LastModifiedAt *date.Time `json:"lastModifiedAt,omitempty"` }
SystemData metadata pertaining to creation and last modification of the resource.
type TICheckRequirements ¶
type TICheckRequirements struct { // TICheckRequirementsProperties - Threat Intelligence Platforms data connector check required properties *TICheckRequirementsProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` }
TICheckRequirements threat Intelligence Platforms data connector check requirements
func (TICheckRequirements) AsAADCheckRequirements ¶
func (tcr TICheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TICheckRequirements.
func (TICheckRequirements) AsAATPCheckRequirements ¶
func (tcr TICheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TICheckRequirements.
func (TICheckRequirements) AsASCCheckRequirements ¶
func (tcr TICheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TICheckRequirements.
func (TICheckRequirements) AsAwsCloudTrailCheckRequirements ¶
func (tcr TICheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TICheckRequirements.
func (TICheckRequirements) AsAwsS3CheckRequirements ¶
func (tcr TICheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TICheckRequirements.
func (TICheckRequirements) AsBasicDataConnectorsCheckRequirements ¶
func (tcr TICheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TICheckRequirements.
func (TICheckRequirements) AsDataConnectorsCheckRequirements ¶
func (tcr TICheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TICheckRequirements.
func (TICheckRequirements) AsDynamics365CheckRequirements ¶
func (tcr TICheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TICheckRequirements.
func (TICheckRequirements) AsMCASCheckRequirements ¶
func (tcr TICheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TICheckRequirements.
func (TICheckRequirements) AsMDATPCheckRequirements ¶
func (tcr TICheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TICheckRequirements.
func (TICheckRequirements) AsMSTICheckRequirements ¶
func (tcr TICheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TICheckRequirements.
func (TICheckRequirements) AsMtpCheckRequirements ¶
func (tcr TICheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TICheckRequirements.
func (TICheckRequirements) AsOfficeATPCheckRequirements ¶
func (tcr TICheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TICheckRequirements.
func (TICheckRequirements) AsOfficeIRMCheckRequirements ¶
func (tcr TICheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TICheckRequirements.
func (TICheckRequirements) AsTICheckRequirements ¶
func (tcr TICheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TICheckRequirements.
func (TICheckRequirements) AsTiTaxiiCheckRequirements ¶
func (tcr TICheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TICheckRequirements.
func (TICheckRequirements) MarshalJSON ¶
func (tcr TICheckRequirements) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for TICheckRequirements.
func (*TICheckRequirements) UnmarshalJSON ¶
func (tcr *TICheckRequirements) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for TICheckRequirements struct.
type TICheckRequirementsProperties ¶
type TICheckRequirementsProperties struct { // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` }
TICheckRequirementsProperties threat Intelligence Platforms data connector required properties.
type TIDataConnector ¶
type TIDataConnector struct { // TIDataConnectorProperties - TI (Threat Intelligence) data connector properties. *TIDataConnectorProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' Kind KindBasicDataConnector `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
TIDataConnector represents threat intelligence data connector.
func (TIDataConnector) AsAADDataConnector ¶
func (tdc TIDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
AsAADDataConnector is the BasicDataConnector implementation for TIDataConnector.
func (TIDataConnector) AsAATPDataConnector ¶
func (tdc TIDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
AsAATPDataConnector is the BasicDataConnector implementation for TIDataConnector.
func (TIDataConnector) AsASCDataConnector ¶
func (tdc TIDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
AsASCDataConnector is the BasicDataConnector implementation for TIDataConnector.
func (TIDataConnector) AsAwsCloudTrailDataConnector ¶
func (tdc TIDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for TIDataConnector.
func (TIDataConnector) AsAwsS3DataConnector ¶
func (tdc TIDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
AsAwsS3DataConnector is the BasicDataConnector implementation for TIDataConnector.
func (TIDataConnector) AsBasicDataConnector ¶
func (tdc TIDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
AsBasicDataConnector is the BasicDataConnector implementation for TIDataConnector.
func (TIDataConnector) AsCodelessAPIPollingDataConnector ¶
func (tdc TIDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for TIDataConnector.
func (TIDataConnector) AsCodelessUIDataConnector ¶
func (tdc TIDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
AsCodelessUIDataConnector is the BasicDataConnector implementation for TIDataConnector.
func (TIDataConnector) AsDataConnector ¶
func (tdc TIDataConnector) AsDataConnector() (*DataConnector, bool)
AsDataConnector is the BasicDataConnector implementation for TIDataConnector.
func (TIDataConnector) AsDynamics365DataConnector ¶
func (tdc TIDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
AsDynamics365DataConnector is the BasicDataConnector implementation for TIDataConnector.
func (TIDataConnector) AsMCASDataConnector ¶
func (tdc TIDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
AsMCASDataConnector is the BasicDataConnector implementation for TIDataConnector.
func (TIDataConnector) AsMDATPDataConnector ¶
func (tdc TIDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
AsMDATPDataConnector is the BasicDataConnector implementation for TIDataConnector.
func (TIDataConnector) AsMSTIDataConnector ¶
func (tdc TIDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
AsMSTIDataConnector is the BasicDataConnector implementation for TIDataConnector.
func (TIDataConnector) AsMTPDataConnector ¶
func (tdc TIDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
AsMTPDataConnector is the BasicDataConnector implementation for TIDataConnector.
func (TIDataConnector) AsOfficeATPDataConnector ¶
func (tdc TIDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
AsOfficeATPDataConnector is the BasicDataConnector implementation for TIDataConnector.
func (TIDataConnector) AsOfficeDataConnector ¶
func (tdc TIDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
AsOfficeDataConnector is the BasicDataConnector implementation for TIDataConnector.
func (TIDataConnector) AsOfficeIRMDataConnector ¶
func (tdc TIDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
AsOfficeIRMDataConnector is the BasicDataConnector implementation for TIDataConnector.
func (TIDataConnector) AsTIDataConnector ¶
func (tdc TIDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
AsTIDataConnector is the BasicDataConnector implementation for TIDataConnector.
func (TIDataConnector) AsTiTaxiiDataConnector ¶
func (tdc TIDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
AsTiTaxiiDataConnector is the BasicDataConnector implementation for TIDataConnector.
func (TIDataConnector) MarshalJSON ¶
func (tdc TIDataConnector) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for TIDataConnector.
func (*TIDataConnector) UnmarshalJSON ¶
func (tdc *TIDataConnector) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for TIDataConnector struct.
type TIDataConnectorDataTypes ¶
type TIDataConnectorDataTypes struct { // Indicators - Data type for indicators connection. Indicators *TIDataConnectorDataTypesIndicators `json:"indicators,omitempty"` }
TIDataConnectorDataTypes the available data types for TI (Threat Intelligence) data connector.
type TIDataConnectorDataTypesIndicators ¶
type TIDataConnectorDataTypesIndicators struct { // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' State DataTypeState `json:"state,omitempty"` }
TIDataConnectorDataTypesIndicators data type for indicators connection.
type TIDataConnectorProperties ¶
type TIDataConnectorProperties struct { // TipLookbackPeriod - The lookback period for the feed to be imported. TipLookbackPeriod *date.Time `json:"tipLookbackPeriod,omitempty"` // DataTypes - The available data types for the connector. DataTypes *TIDataConnectorDataTypes `json:"dataTypes,omitempty"` // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` }
TIDataConnectorProperties TI (Threat Intelligence) data connector properties.
type TeamInformation ¶
type TeamInformation struct { autorest.Response `json:"-"` // TeamID - READ-ONLY; Team ID TeamID *string `json:"teamId,omitempty"` // PrimaryChannelURL - READ-ONLY; The primary channel URL of the team PrimaryChannelURL *string `json:"primaryChannelUrl,omitempty"` // TeamCreationTimeUtc - READ-ONLY; The time the team was created TeamCreationTimeUtc *date.Time `json:"teamCreationTimeUtc,omitempty"` // Name - READ-ONLY; The name of the team Name *string `json:"name,omitempty"` // Description - READ-ONLY; The description of the team Description *string `json:"description,omitempty"` }
TeamInformation describes team information
func (TeamInformation) MarshalJSON ¶
func (ti TeamInformation) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for TeamInformation.
type TeamProperties ¶
type TeamProperties struct { // TeamName - The name of the team TeamName *string `json:"teamName,omitempty"` // TeamDescription - The description of the team TeamDescription *string `json:"teamDescription,omitempty"` // MemberIds - List of member IDs to add to the team MemberIds *[]uuid.UUID `json:"memberIds,omitempty"` // GroupIds - List of group IDs to add their members to the team GroupIds *[]uuid.UUID `json:"groupIds,omitempty"` }
TeamProperties describes team properties
type TemplateStatus ¶
type TemplateStatus string
TemplateStatus enumerates the values for template status.
const ( // TemplateStatusAvailable Alert rule template is available. TemplateStatusAvailable TemplateStatus = "Available" // TemplateStatusInstalled Alert rule template installed. and can not use more then once TemplateStatusInstalled TemplateStatus = "Installed" // TemplateStatusNotAvailable Alert rule template is not available TemplateStatusNotAvailable TemplateStatus = "NotAvailable" )
func PossibleTemplateStatusValues ¶
func PossibleTemplateStatusValues() []TemplateStatus
PossibleTemplateStatusValues returns an array of possible values for the TemplateStatus const type.
type ThreatIntelligence ¶
type ThreatIntelligence struct { // Confidence - READ-ONLY; Confidence (must be between 0 and 1) Confidence *float64 `json:"confidence,omitempty"` // ProviderName - READ-ONLY; Name of the provider from whom this Threat Intelligence information was received ProviderName *string `json:"providerName,omitempty"` // ReportLink - READ-ONLY; Report link ReportLink *string `json:"reportLink,omitempty"` // ThreatDescription - READ-ONLY; Threat description (free text) ThreatDescription *string `json:"threatDescription,omitempty"` // ThreatName - READ-ONLY; Threat name (e.g. "Jedobot malware") ThreatName *string `json:"threatName,omitempty"` // ThreatType - READ-ONLY; Threat type (e.g. "Botnet") ThreatType *string `json:"threatType,omitempty"` }
ThreatIntelligence threatIntelligence property bag.
func (ThreatIntelligence) MarshalJSON ¶
func (ti ThreatIntelligence) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ThreatIntelligence.
type ThreatIntelligenceAlertRule ¶
type ThreatIntelligenceAlertRule struct { // ThreatIntelligenceAlertRuleProperties - Threat Intelligence alert rule properties *ThreatIntelligenceAlertRuleProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicAlertRuleKindAlertRule', 'KindBasicAlertRuleKindMLBehaviorAnalytics', 'KindBasicAlertRuleKindFusion', 'KindBasicAlertRuleKindThreatIntelligence', 'KindBasicAlertRuleKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleKindScheduled', 'KindBasicAlertRuleKindNRT' Kind KindBasicAlertRule `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
ThreatIntelligenceAlertRule represents Threat Intelligence alert rule.
func (ThreatIntelligenceAlertRule) AsAlertRule ¶
func (tiar ThreatIntelligenceAlertRule) AsAlertRule() (*AlertRule, bool)
AsAlertRule is the BasicAlertRule implementation for ThreatIntelligenceAlertRule.
func (ThreatIntelligenceAlertRule) AsBasicAlertRule ¶
func (tiar ThreatIntelligenceAlertRule) AsBasicAlertRule() (BasicAlertRule, bool)
AsBasicAlertRule is the BasicAlertRule implementation for ThreatIntelligenceAlertRule.
func (ThreatIntelligenceAlertRule) AsFusionAlertRule ¶
func (tiar ThreatIntelligenceAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)
AsFusionAlertRule is the BasicAlertRule implementation for ThreatIntelligenceAlertRule.
func (ThreatIntelligenceAlertRule) AsMLBehaviorAnalyticsAlertRule ¶
func (tiar ThreatIntelligenceAlertRule) AsMLBehaviorAnalyticsAlertRule() (*MLBehaviorAnalyticsAlertRule, bool)
AsMLBehaviorAnalyticsAlertRule is the BasicAlertRule implementation for ThreatIntelligenceAlertRule.
func (ThreatIntelligenceAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule ¶
func (tiar ThreatIntelligenceAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)
AsMicrosoftSecurityIncidentCreationAlertRule is the BasicAlertRule implementation for ThreatIntelligenceAlertRule.
func (ThreatIntelligenceAlertRule) AsNrtAlertRule ¶
func (tiar ThreatIntelligenceAlertRule) AsNrtAlertRule() (*NrtAlertRule, bool)
AsNrtAlertRule is the BasicAlertRule implementation for ThreatIntelligenceAlertRule.
func (ThreatIntelligenceAlertRule) AsScheduledAlertRule ¶
func (tiar ThreatIntelligenceAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)
AsScheduledAlertRule is the BasicAlertRule implementation for ThreatIntelligenceAlertRule.
func (ThreatIntelligenceAlertRule) AsThreatIntelligenceAlertRule ¶
func (tiar ThreatIntelligenceAlertRule) AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool)
AsThreatIntelligenceAlertRule is the BasicAlertRule implementation for ThreatIntelligenceAlertRule.
func (ThreatIntelligenceAlertRule) MarshalJSON ¶
func (tiar ThreatIntelligenceAlertRule) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ThreatIntelligenceAlertRule.
func (*ThreatIntelligenceAlertRule) UnmarshalJSON ¶
func (tiar *ThreatIntelligenceAlertRule) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for ThreatIntelligenceAlertRule struct.
type ThreatIntelligenceAlertRuleProperties ¶
type ThreatIntelligenceAlertRuleProperties struct { // AlertRuleTemplateName - The Name of the alert rule template used to create this rule. AlertRuleTemplateName *string `json:"alertRuleTemplateName,omitempty"` // Description - READ-ONLY; The description of the alert rule. Description *string `json:"description,omitempty"` // DisplayName - READ-ONLY; The display name for alerts created by this alert rule. DisplayName *string `json:"displayName,omitempty"` // Enabled - Determines whether this alert rule is enabled or disabled. Enabled *bool `json:"enabled,omitempty"` // LastModifiedUtc - READ-ONLY; The last time that this alert has been modified. LastModifiedUtc *date.Time `json:"lastModifiedUtc,omitempty"` // Severity - READ-ONLY; The severity for alerts created by this alert rule. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' Severity AlertSeverity `json:"severity,omitempty"` // Tactics - READ-ONLY; The tactics of the alert rule Tactics *[]AttackTactic `json:"tactics,omitempty"` }
ThreatIntelligenceAlertRuleProperties threat Intelligence alert rule base property bag.
func (ThreatIntelligenceAlertRuleProperties) MarshalJSON ¶
func (tiarp ThreatIntelligenceAlertRuleProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ThreatIntelligenceAlertRuleProperties.
type ThreatIntelligenceAlertRuleTemplate ¶
type ThreatIntelligenceAlertRuleTemplate struct { // ThreatIntelligenceAlertRuleTemplateProperties - Threat Intelligence alert rule template properties *ThreatIntelligenceAlertRuleTemplateProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindMLBehaviorAnalytics', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindThreatIntelligence', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled', 'KindBasicAlertRuleTemplateKindNRT' Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
ThreatIntelligenceAlertRuleTemplate represents Threat Intelligence alert rule template.
func (ThreatIntelligenceAlertRuleTemplate) AsAlertRuleTemplate ¶
func (tiart ThreatIntelligenceAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)
AsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ThreatIntelligenceAlertRuleTemplate.
func (ThreatIntelligenceAlertRuleTemplate) AsBasicAlertRuleTemplate ¶
func (tiart ThreatIntelligenceAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)
AsBasicAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ThreatIntelligenceAlertRuleTemplate.
func (ThreatIntelligenceAlertRuleTemplate) AsFusionAlertRuleTemplate ¶
func (tiart ThreatIntelligenceAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)
AsFusionAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ThreatIntelligenceAlertRuleTemplate.
func (ThreatIntelligenceAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate ¶
func (tiart ThreatIntelligenceAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate() (*MLBehaviorAnalyticsAlertRuleTemplate, bool)
AsMLBehaviorAnalyticsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ThreatIntelligenceAlertRuleTemplate.
func (ThreatIntelligenceAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate ¶
func (tiart ThreatIntelligenceAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)
AsMicrosoftSecurityIncidentCreationAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ThreatIntelligenceAlertRuleTemplate.
func (ThreatIntelligenceAlertRuleTemplate) AsNrtAlertRuleTemplate ¶
func (tiart ThreatIntelligenceAlertRuleTemplate) AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool)
AsNrtAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ThreatIntelligenceAlertRuleTemplate.
func (ThreatIntelligenceAlertRuleTemplate) AsScheduledAlertRuleTemplate ¶
func (tiart ThreatIntelligenceAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)
AsScheduledAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ThreatIntelligenceAlertRuleTemplate.
func (ThreatIntelligenceAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate ¶
func (tiart ThreatIntelligenceAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool)
AsThreatIntelligenceAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ThreatIntelligenceAlertRuleTemplate.
func (ThreatIntelligenceAlertRuleTemplate) MarshalJSON ¶
func (tiart ThreatIntelligenceAlertRuleTemplate) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ThreatIntelligenceAlertRuleTemplate.
func (*ThreatIntelligenceAlertRuleTemplate) UnmarshalJSON ¶
func (tiart *ThreatIntelligenceAlertRuleTemplate) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for ThreatIntelligenceAlertRuleTemplate struct.
type ThreatIntelligenceAlertRuleTemplateProperties ¶
type ThreatIntelligenceAlertRuleTemplateProperties struct { // Severity - The severity for alerts created by this alert rule. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' Severity AlertSeverity `json:"severity,omitempty"` // Tactics - The tactics of the alert rule template Tactics *[]AttackTactic `json:"tactics,omitempty"` // AlertRulesCreatedByTemplateCount - the number of alert rules that were created by this template AlertRulesCreatedByTemplateCount *int32 `json:"alertRulesCreatedByTemplateCount,omitempty"` // LastUpdatedDateUTC - READ-ONLY; The last time that this alert rule template has been updated. LastUpdatedDateUTC *date.Time `json:"lastUpdatedDateUTC,omitempty"` // CreatedDateUTC - READ-ONLY; The time that this alert rule template has been added. CreatedDateUTC *date.Time `json:"createdDateUTC,omitempty"` // Description - The description of the alert rule template. Description *string `json:"description,omitempty"` // DisplayName - The display name for alert rule template. DisplayName *string `json:"displayName,omitempty"` // RequiredDataConnectors - The required data sources for this template RequiredDataConnectors *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"` // Status - The alert rule template status. Possible values include: 'TemplateStatusInstalled', 'TemplateStatusAvailable', 'TemplateStatusNotAvailable' Status TemplateStatus `json:"status,omitempty"` }
ThreatIntelligenceAlertRuleTemplateProperties threat Intelligence alert rule template properties
func (ThreatIntelligenceAlertRuleTemplateProperties) MarshalJSON ¶
func (tiart ThreatIntelligenceAlertRuleTemplateProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ThreatIntelligenceAlertRuleTemplateProperties.
type ThreatIntelligenceAppendTags ¶
type ThreatIntelligenceAppendTags struct { // ThreatIntelligenceTags - List of tags to be appended. ThreatIntelligenceTags *[]string `json:"threatIntelligenceTags,omitempty"` }
ThreatIntelligenceAppendTags array of tags to be appended to the threat intelligence indicator.
type ThreatIntelligenceExternalReference ¶
type ThreatIntelligenceExternalReference struct { // Description - External reference description Description *string `json:"description,omitempty"` // ExternalID - External reference ID ExternalID *string `json:"externalId,omitempty"` // SourceName - External reference source name SourceName *string `json:"sourceName,omitempty"` // URL - External reference URL URL *string `json:"url,omitempty"` // Hashes - External reference hashes Hashes map[string]*string `json:"hashes"` }
ThreatIntelligenceExternalReference describes external reference
func (ThreatIntelligenceExternalReference) MarshalJSON ¶
func (tier ThreatIntelligenceExternalReference) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ThreatIntelligenceExternalReference.
type ThreatIntelligenceFilteringCriteria ¶
type ThreatIntelligenceFilteringCriteria struct { // PageSize - Page size PageSize *int32 `json:"pageSize,omitempty"` // MinConfidence - Minimum confidence. MinConfidence *int32 `json:"minConfidence,omitempty"` // MaxConfidence - Maximum confidence. MaxConfidence *int32 `json:"maxConfidence,omitempty"` // MinValidUntil - Start time for ValidUntil filter. MinValidUntil *string `json:"minValidUntil,omitempty"` // MaxValidUntil - End time for ValidUntil filter. MaxValidUntil *string `json:"maxValidUntil,omitempty"` // IncludeDisabled - Parameter to include/exclude disabled indicators. IncludeDisabled *bool `json:"includeDisabled,omitempty"` // SortBy - Columns to sort by and sorting order SortBy *[]ThreatIntelligenceSortingCriteria `json:"sortBy,omitempty"` // Sources - Sources of threat intelligence indicators Sources *[]string `json:"sources,omitempty"` // PatternTypes - Pattern types PatternTypes *[]string `json:"patternTypes,omitempty"` // ThreatTypes - Threat types of threat intelligence indicators ThreatTypes *[]string `json:"threatTypes,omitempty"` // Ids - Ids of threat intelligence indicators Ids *[]string `json:"ids,omitempty"` // Keywords - Keywords for searching threat intelligence indicators Keywords *[]string `json:"keywords,omitempty"` // SkipToken - Skip token. SkipToken *string `json:"skipToken,omitempty"` }
ThreatIntelligenceFilteringCriteria filtering criteria for querying threat intelligence indicators.
type ThreatIntelligenceGranularMarkingModel ¶
type ThreatIntelligenceGranularMarkingModel struct { // Language - Language granular marking model Language *string `json:"language,omitempty"` // MarkingRef - marking reference granular marking model MarkingRef *int32 `json:"markingRef,omitempty"` // Selectors - granular marking model selectors Selectors *[]string `json:"selectors,omitempty"` }
ThreatIntelligenceGranularMarkingModel describes threat granular marking model entity
type ThreatIntelligenceIndicatorClient ¶
type ThreatIntelligenceIndicatorClient struct {
BaseClient
}
ThreatIntelligenceIndicatorClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewThreatIntelligenceIndicatorClient ¶
func NewThreatIntelligenceIndicatorClient(subscriptionID string) ThreatIntelligenceIndicatorClient
NewThreatIntelligenceIndicatorClient creates an instance of the ThreatIntelligenceIndicatorClient client.
func NewThreatIntelligenceIndicatorClientWithBaseURI ¶
func NewThreatIntelligenceIndicatorClientWithBaseURI(baseURI string, subscriptionID string) ThreatIntelligenceIndicatorClient
NewThreatIntelligenceIndicatorClientWithBaseURI creates an instance of the ThreatIntelligenceIndicatorClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (ThreatIntelligenceIndicatorClient) AppendTags ¶
func (client ThreatIntelligenceIndicatorClient) AppendTags(ctx context.Context, resourceGroupName string, workspaceName string, name string, threatIntelligenceAppendTags ThreatIntelligenceAppendTags) (result autorest.Response, err error)
AppendTags append tags to a threat intelligence indicator. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. name - threat intelligence indicator name field. threatIntelligenceAppendTags - the threat intelligence append tags request body
func (ThreatIntelligenceIndicatorClient) AppendTagsPreparer ¶
func (client ThreatIntelligenceIndicatorClient) AppendTagsPreparer(ctx context.Context, resourceGroupName string, workspaceName string, name string, threatIntelligenceAppendTags ThreatIntelligenceAppendTags) (*http.Request, error)
AppendTagsPreparer prepares the AppendTags request.
func (ThreatIntelligenceIndicatorClient) AppendTagsResponder ¶
func (client ThreatIntelligenceIndicatorClient) AppendTagsResponder(resp *http.Response) (result autorest.Response, err error)
AppendTagsResponder handles the response to the AppendTags request. The method always closes the http.Response Body.
func (ThreatIntelligenceIndicatorClient) AppendTagsSender ¶
func (client ThreatIntelligenceIndicatorClient) AppendTagsSender(req *http.Request) (*http.Response, error)
AppendTagsSender sends the AppendTags request. The method will close the http.Response Body if it receives an error.
func (ThreatIntelligenceIndicatorClient) Create ¶
func (client ThreatIntelligenceIndicatorClient) Create(ctx context.Context, resourceGroupName string, workspaceName string, name string, threatIntelligenceProperties ThreatIntelligenceIndicatorModelForRequestBody) (result ThreatIntelligenceInformationModel, err error)
Create update a threat Intelligence indicator. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. name - threat intelligence indicator name field. threatIntelligenceProperties - properties of threat intelligence indicators to create and update.
func (ThreatIntelligenceIndicatorClient) CreateIndicator ¶
func (client ThreatIntelligenceIndicatorClient) CreateIndicator(ctx context.Context, resourceGroupName string, workspaceName string, threatIntelligenceProperties ThreatIntelligenceIndicatorModelForRequestBody) (result ThreatIntelligenceInformationModel, err error)
CreateIndicator create a new threat intelligence indicator. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. threatIntelligenceProperties - properties of threat intelligence indicators to create and update.
func (ThreatIntelligenceIndicatorClient) CreateIndicatorPreparer ¶
func (client ThreatIntelligenceIndicatorClient) CreateIndicatorPreparer(ctx context.Context, resourceGroupName string, workspaceName string, threatIntelligenceProperties ThreatIntelligenceIndicatorModelForRequestBody) (*http.Request, error)
CreateIndicatorPreparer prepares the CreateIndicator request.
func (ThreatIntelligenceIndicatorClient) CreateIndicatorResponder ¶
func (client ThreatIntelligenceIndicatorClient) CreateIndicatorResponder(resp *http.Response) (result ThreatIntelligenceInformationModel, err error)
CreateIndicatorResponder handles the response to the CreateIndicator request. The method always closes the http.Response Body.
func (ThreatIntelligenceIndicatorClient) CreateIndicatorSender ¶
func (client ThreatIntelligenceIndicatorClient) CreateIndicatorSender(req *http.Request) (*http.Response, error)
CreateIndicatorSender sends the CreateIndicator request. The method will close the http.Response Body if it receives an error.
func (ThreatIntelligenceIndicatorClient) CreatePreparer ¶
func (client ThreatIntelligenceIndicatorClient) CreatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, name string, threatIntelligenceProperties ThreatIntelligenceIndicatorModelForRequestBody) (*http.Request, error)
CreatePreparer prepares the Create request.
func (ThreatIntelligenceIndicatorClient) CreateResponder ¶
func (client ThreatIntelligenceIndicatorClient) CreateResponder(resp *http.Response) (result ThreatIntelligenceInformationModel, err error)
CreateResponder handles the response to the Create request. The method always closes the http.Response Body.
func (ThreatIntelligenceIndicatorClient) CreateSender ¶
func (client ThreatIntelligenceIndicatorClient) CreateSender(req *http.Request) (*http.Response, error)
CreateSender sends the Create request. The method will close the http.Response Body if it receives an error.
func (ThreatIntelligenceIndicatorClient) Delete ¶
func (client ThreatIntelligenceIndicatorClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, name string) (result autorest.Response, err error)
Delete delete a threat intelligence indicator. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. name - threat intelligence indicator name field.
func (ThreatIntelligenceIndicatorClient) DeletePreparer ¶
func (client ThreatIntelligenceIndicatorClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, name string) (*http.Request, error)
DeletePreparer prepares the Delete request.
func (ThreatIntelligenceIndicatorClient) DeleteResponder ¶
func (client ThreatIntelligenceIndicatorClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
DeleteResponder handles the response to the Delete request. The method always closes the http.Response Body.
func (ThreatIntelligenceIndicatorClient) DeleteSender ¶
func (client ThreatIntelligenceIndicatorClient) DeleteSender(req *http.Request) (*http.Response, error)
DeleteSender sends the Delete request. The method will close the http.Response Body if it receives an error.
func (ThreatIntelligenceIndicatorClient) Get ¶
func (client ThreatIntelligenceIndicatorClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, name string) (result ThreatIntelligenceInformationModel, err error)
Get view a threat intelligence indicator by name. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. name - threat intelligence indicator name field.
func (ThreatIntelligenceIndicatorClient) GetPreparer ¶
func (client ThreatIntelligenceIndicatorClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, name string) (*http.Request, error)
GetPreparer prepares the Get request.
func (ThreatIntelligenceIndicatorClient) GetResponder ¶
func (client ThreatIntelligenceIndicatorClient) GetResponder(resp *http.Response) (result ThreatIntelligenceInformationModel, err error)
GetResponder handles the response to the Get request. The method always closes the http.Response Body.
func (ThreatIntelligenceIndicatorClient) GetSender ¶
func (client ThreatIntelligenceIndicatorClient) GetSender(req *http.Request) (*http.Response, error)
GetSender sends the Get request. The method will close the http.Response Body if it receives an error.
func (ThreatIntelligenceIndicatorClient) QueryIndicators ¶
func (client ThreatIntelligenceIndicatorClient) QueryIndicators(ctx context.Context, resourceGroupName string, workspaceName string, threatIntelligenceFilteringCriteria ThreatIntelligenceFilteringCriteria) (result ThreatIntelligenceInformationListPage, err error)
QueryIndicators query threat intelligence indicators as per filtering criteria. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. threatIntelligenceFilteringCriteria - filtering criteria for querying threat intelligence indicators.
func (ThreatIntelligenceIndicatorClient) QueryIndicatorsComplete ¶
func (client ThreatIntelligenceIndicatorClient) QueryIndicatorsComplete(ctx context.Context, resourceGroupName string, workspaceName string, threatIntelligenceFilteringCriteria ThreatIntelligenceFilteringCriteria) (result ThreatIntelligenceInformationListIterator, err error)
QueryIndicatorsComplete enumerates all values, automatically crossing page boundaries as required.
func (ThreatIntelligenceIndicatorClient) QueryIndicatorsPreparer ¶
func (client ThreatIntelligenceIndicatorClient) QueryIndicatorsPreparer(ctx context.Context, resourceGroupName string, workspaceName string, threatIntelligenceFilteringCriteria ThreatIntelligenceFilteringCriteria) (*http.Request, error)
QueryIndicatorsPreparer prepares the QueryIndicators request.
func (ThreatIntelligenceIndicatorClient) QueryIndicatorsResponder ¶
func (client ThreatIntelligenceIndicatorClient) QueryIndicatorsResponder(resp *http.Response) (result ThreatIntelligenceInformationList, err error)
QueryIndicatorsResponder handles the response to the QueryIndicators request. The method always closes the http.Response Body.
func (ThreatIntelligenceIndicatorClient) QueryIndicatorsSender ¶
func (client ThreatIntelligenceIndicatorClient) QueryIndicatorsSender(req *http.Request) (*http.Response, error)
QueryIndicatorsSender sends the QueryIndicators request. The method will close the http.Response Body if it receives an error.
func (ThreatIntelligenceIndicatorClient) ReplaceTags ¶
func (client ThreatIntelligenceIndicatorClient) ReplaceTags(ctx context.Context, resourceGroupName string, workspaceName string, name string, threatIntelligenceReplaceTags ThreatIntelligenceIndicatorModelForRequestBody) (result ThreatIntelligenceInformationModel, err error)
ReplaceTags replace tags added to a threat intelligence indicator. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. name - threat intelligence indicator name field. threatIntelligenceReplaceTags - tags in the threat intelligence indicator to be replaced.
func (ThreatIntelligenceIndicatorClient) ReplaceTagsPreparer ¶
func (client ThreatIntelligenceIndicatorClient) ReplaceTagsPreparer(ctx context.Context, resourceGroupName string, workspaceName string, name string, threatIntelligenceReplaceTags ThreatIntelligenceIndicatorModelForRequestBody) (*http.Request, error)
ReplaceTagsPreparer prepares the ReplaceTags request.
func (ThreatIntelligenceIndicatorClient) ReplaceTagsResponder ¶
func (client ThreatIntelligenceIndicatorClient) ReplaceTagsResponder(resp *http.Response) (result ThreatIntelligenceInformationModel, err error)
ReplaceTagsResponder handles the response to the ReplaceTags request. The method always closes the http.Response Body.
func (ThreatIntelligenceIndicatorClient) ReplaceTagsSender ¶
func (client ThreatIntelligenceIndicatorClient) ReplaceTagsSender(req *http.Request) (*http.Response, error)
ReplaceTagsSender sends the ReplaceTags request. The method will close the http.Response Body if it receives an error.
type ThreatIntelligenceIndicatorMetricsClient ¶
type ThreatIntelligenceIndicatorMetricsClient struct {
BaseClient
}
ThreatIntelligenceIndicatorMetricsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewThreatIntelligenceIndicatorMetricsClient ¶
func NewThreatIntelligenceIndicatorMetricsClient(subscriptionID string) ThreatIntelligenceIndicatorMetricsClient
NewThreatIntelligenceIndicatorMetricsClient creates an instance of the ThreatIntelligenceIndicatorMetricsClient client.
func NewThreatIntelligenceIndicatorMetricsClientWithBaseURI ¶
func NewThreatIntelligenceIndicatorMetricsClientWithBaseURI(baseURI string, subscriptionID string) ThreatIntelligenceIndicatorMetricsClient
NewThreatIntelligenceIndicatorMetricsClientWithBaseURI creates an instance of the ThreatIntelligenceIndicatorMetricsClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (ThreatIntelligenceIndicatorMetricsClient) List ¶
func (client ThreatIntelligenceIndicatorMetricsClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result ThreatIntelligenceMetricsList, err error)
List get threat intelligence indicators metrics (Indicators counts by Type, Threat Type, Source). Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace.
func (ThreatIntelligenceIndicatorMetricsClient) ListPreparer ¶
func (client ThreatIntelligenceIndicatorMetricsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
ListPreparer prepares the List request.
func (ThreatIntelligenceIndicatorMetricsClient) ListResponder ¶
func (client ThreatIntelligenceIndicatorMetricsClient) ListResponder(resp *http.Response) (result ThreatIntelligenceMetricsList, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (ThreatIntelligenceIndicatorMetricsClient) ListSender ¶
func (client ThreatIntelligenceIndicatorMetricsClient) ListSender(req *http.Request) (*http.Response, error)
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
type ThreatIntelligenceIndicatorModel ¶
type ThreatIntelligenceIndicatorModel struct { // ThreatIntelligenceIndicatorProperties - Threat Intelligence Entity properties *ThreatIntelligenceIndicatorProperties `json:"properties,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // Kind - Possible values include: 'KindBasicThreatIntelligenceInformationKindThreatIntelligenceInformation', 'KindBasicThreatIntelligenceInformationKindIndicator' Kind KindBasicThreatIntelligenceInformation `json:"kind,omitempty"` }
ThreatIntelligenceIndicatorModel threat intelligence indicator entity.
func (ThreatIntelligenceIndicatorModel) AsBasicThreatIntelligenceInformation ¶
func (tiim ThreatIntelligenceIndicatorModel) AsBasicThreatIntelligenceInformation() (BasicThreatIntelligenceInformation, bool)
AsBasicThreatIntelligenceInformation is the BasicThreatIntelligenceInformation implementation for ThreatIntelligenceIndicatorModel.
func (ThreatIntelligenceIndicatorModel) AsThreatIntelligenceIndicatorModel ¶
func (tiim ThreatIntelligenceIndicatorModel) AsThreatIntelligenceIndicatorModel() (*ThreatIntelligenceIndicatorModel, bool)
AsThreatIntelligenceIndicatorModel is the BasicThreatIntelligenceInformation implementation for ThreatIntelligenceIndicatorModel.
func (ThreatIntelligenceIndicatorModel) AsThreatIntelligenceInformation ¶
func (tiim ThreatIntelligenceIndicatorModel) AsThreatIntelligenceInformation() (*ThreatIntelligenceInformation, bool)
AsThreatIntelligenceInformation is the BasicThreatIntelligenceInformation implementation for ThreatIntelligenceIndicatorModel.
func (ThreatIntelligenceIndicatorModel) MarshalJSON ¶
func (tiim ThreatIntelligenceIndicatorModel) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ThreatIntelligenceIndicatorModel.
func (*ThreatIntelligenceIndicatorModel) UnmarshalJSON ¶
func (tiim *ThreatIntelligenceIndicatorModel) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for ThreatIntelligenceIndicatorModel struct.
type ThreatIntelligenceIndicatorModelForRequestBody ¶
type ThreatIntelligenceIndicatorModelForRequestBody struct { // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ThreatIntelligenceIndicatorProperties - Threat Intelligence Entity properties *ThreatIntelligenceIndicatorProperties `json:"properties,omitempty"` // Kind - The kind of the entity. Kind *string `json:"kind,omitempty"` }
ThreatIntelligenceIndicatorModelForRequestBody threat intelligence indicator entity used in request body.
func (ThreatIntelligenceIndicatorModelForRequestBody) MarshalJSON ¶
func (tiimfrb ThreatIntelligenceIndicatorModelForRequestBody) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ThreatIntelligenceIndicatorModelForRequestBody.
func (*ThreatIntelligenceIndicatorModelForRequestBody) UnmarshalJSON ¶
func (tiimfrb *ThreatIntelligenceIndicatorModelForRequestBody) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for ThreatIntelligenceIndicatorModelForRequestBody struct.
type ThreatIntelligenceIndicatorProperties ¶
type ThreatIntelligenceIndicatorProperties struct { // ThreatIntelligenceTags - List of tags ThreatIntelligenceTags *[]string `json:"threatIntelligenceTags,omitempty"` // LastUpdatedTimeUtc - Last updated time in UTC LastUpdatedTimeUtc *string `json:"lastUpdatedTimeUtc,omitempty"` // Source - Source of a threat intelligence entity Source *string `json:"source,omitempty"` // DisplayName - Display name of a threat intelligence entity DisplayName *string `json:"displayName,omitempty"` // Description - Description of a threat intelligence entity Description *string `json:"description,omitempty"` // IndicatorTypes - Indicator types of threat intelligence entities IndicatorTypes *[]string `json:"indicatorTypes,omitempty"` // Pattern - Pattern of a threat intelligence entity Pattern *string `json:"pattern,omitempty"` // PatternType - Pattern type of a threat intelligence entity PatternType *string `json:"patternType,omitempty"` // PatternVersion - Pattern version of a threat intelligence entity PatternVersion *string `json:"patternVersion,omitempty"` // KillChainPhases - Kill chain phases KillChainPhases *[]ThreatIntelligenceKillChainPhase `json:"killChainPhases,omitempty"` // ParsedPattern - Parsed patterns ParsedPattern *[]ThreatIntelligenceParsedPattern `json:"parsedPattern,omitempty"` // ExternalID - External ID of threat intelligence entity ExternalID *string `json:"externalId,omitempty"` // CreatedByRef - Created by reference of threat intelligence entity CreatedByRef *string `json:"createdByRef,omitempty"` // Defanged - Is threat intelligence entity defanged Defanged *bool `json:"defanged,omitempty"` // ExternalLastUpdatedTimeUtc - External last updated time in UTC ExternalLastUpdatedTimeUtc *string `json:"externalLastUpdatedTimeUtc,omitempty"` // ExternalReferences - External References ExternalReferences *[]ThreatIntelligenceExternalReference `json:"externalReferences,omitempty"` // GranularMarkings - Granular Markings GranularMarkings *[]ThreatIntelligenceGranularMarkingModel `json:"granularMarkings,omitempty"` // Labels - Labels of threat intelligence entity Labels *[]string `json:"labels,omitempty"` // Revoked - Is threat intelligence entity revoked Revoked *bool `json:"revoked,omitempty"` // Confidence - Confidence of threat intelligence entity Confidence *int32 `json:"confidence,omitempty"` // ObjectMarkingRefs - Threat intelligence entity object marking references ObjectMarkingRefs *[]string `json:"objectMarkingRefs,omitempty"` // Language - Language of threat intelligence entity Language *string `json:"language,omitempty"` // ThreatTypes - Threat types ThreatTypes *[]string `json:"threatTypes,omitempty"` // ValidFrom - Valid from ValidFrom *string `json:"validFrom,omitempty"` // ValidUntil - Valid until ValidUntil *string `json:"validUntil,omitempty"` // Created - Created by Created *string `json:"created,omitempty"` // Modified - Modified by Modified *string `json:"modified,omitempty"` // Extensions - Extensions map Extensions map[string]interface{} `json:"extensions"` // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]interface{} `json:"additionalData"` // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. FriendlyName *string `json:"friendlyName,omitempty"` }
ThreatIntelligenceIndicatorProperties describes threat intelligence entity properties
func (ThreatIntelligenceIndicatorProperties) MarshalJSON ¶
func (tiip ThreatIntelligenceIndicatorProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ThreatIntelligenceIndicatorProperties.
type ThreatIntelligenceIndicatorsClient ¶
type ThreatIntelligenceIndicatorsClient struct {
BaseClient
}
ThreatIntelligenceIndicatorsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewThreatIntelligenceIndicatorsClient ¶
func NewThreatIntelligenceIndicatorsClient(subscriptionID string) ThreatIntelligenceIndicatorsClient
NewThreatIntelligenceIndicatorsClient creates an instance of the ThreatIntelligenceIndicatorsClient client.
func NewThreatIntelligenceIndicatorsClientWithBaseURI ¶
func NewThreatIntelligenceIndicatorsClientWithBaseURI(baseURI string, subscriptionID string) ThreatIntelligenceIndicatorsClient
NewThreatIntelligenceIndicatorsClientWithBaseURI creates an instance of the ThreatIntelligenceIndicatorsClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (ThreatIntelligenceIndicatorsClient) List ¶
func (client ThreatIntelligenceIndicatorsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (result ThreatIntelligenceInformationListPage, err error)
List get all threat intelligence indicators. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. filter - filters the results, based on a Boolean condition. Optional. orderby - sorts the results. Optional. top - returns only the first n results. Optional. skipToken - skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional.
func (ThreatIntelligenceIndicatorsClient) ListComplete ¶
func (client ThreatIntelligenceIndicatorsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (result ThreatIntelligenceInformationListIterator, err error)
ListComplete enumerates all values, automatically crossing page boundaries as required.
func (ThreatIntelligenceIndicatorsClient) ListPreparer ¶
func (client ThreatIntelligenceIndicatorsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error)
ListPreparer prepares the List request.
func (ThreatIntelligenceIndicatorsClient) ListResponder ¶
func (client ThreatIntelligenceIndicatorsClient) ListResponder(resp *http.Response) (result ThreatIntelligenceInformationList, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (ThreatIntelligenceIndicatorsClient) ListSender ¶
func (client ThreatIntelligenceIndicatorsClient) ListSender(req *http.Request) (*http.Response, error)
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
type ThreatIntelligenceInformation ¶
type ThreatIntelligenceInformation struct { autorest.Response `json:"-"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // Kind - Possible values include: 'KindBasicThreatIntelligenceInformationKindThreatIntelligenceInformation', 'KindBasicThreatIntelligenceInformationKindIndicator' Kind KindBasicThreatIntelligenceInformation `json:"kind,omitempty"` }
ThreatIntelligenceInformation threat intelligence information object.
func (ThreatIntelligenceInformation) AsBasicThreatIntelligenceInformation ¶
func (tii ThreatIntelligenceInformation) AsBasicThreatIntelligenceInformation() (BasicThreatIntelligenceInformation, bool)
AsBasicThreatIntelligenceInformation is the BasicThreatIntelligenceInformation implementation for ThreatIntelligenceInformation.
func (ThreatIntelligenceInformation) AsThreatIntelligenceIndicatorModel ¶
func (tii ThreatIntelligenceInformation) AsThreatIntelligenceIndicatorModel() (*ThreatIntelligenceIndicatorModel, bool)
AsThreatIntelligenceIndicatorModel is the BasicThreatIntelligenceInformation implementation for ThreatIntelligenceInformation.
func (ThreatIntelligenceInformation) AsThreatIntelligenceInformation ¶
func (tii ThreatIntelligenceInformation) AsThreatIntelligenceInformation() (*ThreatIntelligenceInformation, bool)
AsThreatIntelligenceInformation is the BasicThreatIntelligenceInformation implementation for ThreatIntelligenceInformation.
func (ThreatIntelligenceInformation) MarshalJSON ¶
func (tii ThreatIntelligenceInformation) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ThreatIntelligenceInformation.
type ThreatIntelligenceInformationList ¶
type ThreatIntelligenceInformationList struct { autorest.Response `json:"-"` // NextLink - READ-ONLY; URL to fetch the next set of information objects. NextLink *string `json:"nextLink,omitempty"` // Value - Array of threat intelligence information objects. Value *[]BasicThreatIntelligenceInformation `json:"value,omitempty"` }
ThreatIntelligenceInformationList list of all the threat intelligence information objects.
func (ThreatIntelligenceInformationList) IsEmpty ¶
func (tiil ThreatIntelligenceInformationList) IsEmpty() bool
IsEmpty returns true if the ListResult contains no values.
func (ThreatIntelligenceInformationList) MarshalJSON ¶
func (tiil ThreatIntelligenceInformationList) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ThreatIntelligenceInformationList.
func (*ThreatIntelligenceInformationList) UnmarshalJSON ¶
func (tiil *ThreatIntelligenceInformationList) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for ThreatIntelligenceInformationList struct.
type ThreatIntelligenceInformationListIterator ¶
type ThreatIntelligenceInformationListIterator struct {
// contains filtered or unexported fields
}
ThreatIntelligenceInformationListIterator provides access to a complete listing of ThreatIntelligenceInformation values.
func NewThreatIntelligenceInformationListIterator ¶
func NewThreatIntelligenceInformationListIterator(page ThreatIntelligenceInformationListPage) ThreatIntelligenceInformationListIterator
Creates a new instance of the ThreatIntelligenceInformationListIterator type.
func (*ThreatIntelligenceInformationListIterator) Next ¶
func (iter *ThreatIntelligenceInformationListIterator) Next() error
Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*ThreatIntelligenceInformationListIterator) NextWithContext ¶
func (iter *ThreatIntelligenceInformationListIterator) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.
func (ThreatIntelligenceInformationListIterator) NotDone ¶
func (iter ThreatIntelligenceInformationListIterator) NotDone() bool
NotDone returns true if the enumeration should be started or is not yet complete.
func (ThreatIntelligenceInformationListIterator) Response ¶
func (iter ThreatIntelligenceInformationListIterator) Response() ThreatIntelligenceInformationList
Response returns the raw server response from the last page request.
func (ThreatIntelligenceInformationListIterator) Value ¶
func (iter ThreatIntelligenceInformationListIterator) Value() BasicThreatIntelligenceInformation
Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.
type ThreatIntelligenceInformationListPage ¶
type ThreatIntelligenceInformationListPage struct {
// contains filtered or unexported fields
}
ThreatIntelligenceInformationListPage contains a page of BasicThreatIntelligenceInformation values.
func NewThreatIntelligenceInformationListPage ¶
func NewThreatIntelligenceInformationListPage(cur ThreatIntelligenceInformationList, getNextPage func(context.Context, ThreatIntelligenceInformationList) (ThreatIntelligenceInformationList, error)) ThreatIntelligenceInformationListPage
Creates a new instance of the ThreatIntelligenceInformationListPage type.
func (*ThreatIntelligenceInformationListPage) Next ¶
func (page *ThreatIntelligenceInformationListPage) Next() error
Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*ThreatIntelligenceInformationListPage) NextWithContext ¶
func (page *ThreatIntelligenceInformationListPage) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.
func (ThreatIntelligenceInformationListPage) NotDone ¶
func (page ThreatIntelligenceInformationListPage) NotDone() bool
NotDone returns true if the page enumeration should be started or is not yet complete.
func (ThreatIntelligenceInformationListPage) Response ¶
func (page ThreatIntelligenceInformationListPage) Response() ThreatIntelligenceInformationList
Response returns the raw server response from the last page request.
func (ThreatIntelligenceInformationListPage) Values ¶
func (page ThreatIntelligenceInformationListPage) Values() []BasicThreatIntelligenceInformation
Values returns the slice of values for the current page or nil if there are no values.
type ThreatIntelligenceInformationModel ¶
type ThreatIntelligenceInformationModel struct { autorest.Response `json:"-"` Value BasicThreatIntelligenceInformation `json:"value,omitempty"` }
ThreatIntelligenceInformationModel ...
func (*ThreatIntelligenceInformationModel) UnmarshalJSON ¶
func (tiim *ThreatIntelligenceInformationModel) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for ThreatIntelligenceInformationModel struct.
type ThreatIntelligenceKillChainPhase ¶
type ThreatIntelligenceKillChainPhase struct { // KillChainName - Kill chainName name KillChainName *string `json:"killChainName,omitempty"` // PhaseName - Phase name PhaseName *string `json:"phaseName,omitempty"` }
ThreatIntelligenceKillChainPhase describes threat kill chain phase entity
type ThreatIntelligenceMetric ¶
type ThreatIntelligenceMetric struct { // LastUpdatedTimeUtc - Last updated indicator metric LastUpdatedTimeUtc *string `json:"lastUpdatedTimeUtc,omitempty"` // ThreatTypeMetrics - Threat type metrics ThreatTypeMetrics *[]ThreatIntelligenceMetricEntity `json:"threatTypeMetrics,omitempty"` // PatternTypeMetrics - Pattern type metrics PatternTypeMetrics *[]ThreatIntelligenceMetricEntity `json:"patternTypeMetrics,omitempty"` // SourceMetrics - Source metrics SourceMetrics *[]ThreatIntelligenceMetricEntity `json:"sourceMetrics,omitempty"` }
ThreatIntelligenceMetric describes threat intelligence metric
type ThreatIntelligenceMetricEntity ¶
type ThreatIntelligenceMetricEntity struct { // MetricName - Metric name MetricName *string `json:"metricName,omitempty"` // MetricValue - Metric value MetricValue *int32 `json:"metricValue,omitempty"` }
ThreatIntelligenceMetricEntity describes threat intelligence metric entity
type ThreatIntelligenceMetrics ¶
type ThreatIntelligenceMetrics struct { // Properties - Threat intelligence metrics. Properties *ThreatIntelligenceMetric `json:"properties,omitempty"` }
ThreatIntelligenceMetrics threat intelligence metrics.
type ThreatIntelligenceMetricsList ¶
type ThreatIntelligenceMetricsList struct { autorest.Response `json:"-"` // Value - Array of threat intelligence metric fields (type/threat type/source). Value *[]ThreatIntelligenceMetrics `json:"value,omitempty"` }
ThreatIntelligenceMetricsList list of all the threat intelligence metric fields (type/threat type/source).
type ThreatIntelligenceParsedPattern ¶
type ThreatIntelligenceParsedPattern struct { // PatternTypeKey - Pattern type key PatternTypeKey *string `json:"patternTypeKey,omitempty"` // PatternTypeValues - Pattern type keys PatternTypeValues *[]ThreatIntelligenceParsedPatternTypeValue `json:"patternTypeValues,omitempty"` }
ThreatIntelligenceParsedPattern describes parsed pattern entity
type ThreatIntelligenceParsedPatternTypeValue ¶
type ThreatIntelligenceParsedPatternTypeValue struct { // ValueType - Type of the value ValueType *string `json:"valueType,omitempty"` // Value - Value of parsed pattern Value *string `json:"value,omitempty"` }
ThreatIntelligenceParsedPatternTypeValue describes threat kill chain phase entity
type ThreatIntelligenceResourceKind ¶
type ThreatIntelligenceResourceKind struct { // Kind - The kind of the entity. Kind *string `json:"kind,omitempty"` }
ThreatIntelligenceResourceKind describes an entity with kind.
type ThreatIntelligenceResourceKindEnum ¶
type ThreatIntelligenceResourceKindEnum string
ThreatIntelligenceResourceKindEnum enumerates the values for threat intelligence resource kind enum.
const ( // ThreatIntelligenceResourceKindEnumIndicator Entity represents threat intelligence indicator in the // system. ThreatIntelligenceResourceKindEnumIndicator ThreatIntelligenceResourceKindEnum = "indicator" )
func PossibleThreatIntelligenceResourceKindEnumValues ¶
func PossibleThreatIntelligenceResourceKindEnumValues() []ThreatIntelligenceResourceKindEnum
PossibleThreatIntelligenceResourceKindEnumValues returns an array of possible values for the ThreatIntelligenceResourceKindEnum const type.
type ThreatIntelligenceSortingCriteria ¶
type ThreatIntelligenceSortingCriteria struct { // ItemKey - Column name ItemKey *string `json:"itemKey,omitempty"` // SortOrder - Sorting order (ascending/descending/unsorted). Possible values include: 'ThreatIntelligenceSortingCriteriaEnumUnsorted', 'ThreatIntelligenceSortingCriteriaEnumAscending', 'ThreatIntelligenceSortingCriteriaEnumDescending' SortOrder ThreatIntelligenceSortingCriteriaEnum `json:"sortOrder,omitempty"` }
ThreatIntelligenceSortingCriteria list of available columns for sorting
type ThreatIntelligenceSortingCriteriaEnum ¶
type ThreatIntelligenceSortingCriteriaEnum string
ThreatIntelligenceSortingCriteriaEnum enumerates the values for threat intelligence sorting criteria enum.
const ( // ThreatIntelligenceSortingCriteriaEnumAscending ... ThreatIntelligenceSortingCriteriaEnumAscending ThreatIntelligenceSortingCriteriaEnum = "ascending" // ThreatIntelligenceSortingCriteriaEnumDescending ... ThreatIntelligenceSortingCriteriaEnumDescending ThreatIntelligenceSortingCriteriaEnum = "descending" // ThreatIntelligenceSortingCriteriaEnumUnsorted ... ThreatIntelligenceSortingCriteriaEnumUnsorted ThreatIntelligenceSortingCriteriaEnum = "unsorted" )
func PossibleThreatIntelligenceSortingCriteriaEnumValues ¶
func PossibleThreatIntelligenceSortingCriteriaEnumValues() []ThreatIntelligenceSortingCriteriaEnum
PossibleThreatIntelligenceSortingCriteriaEnumValues returns an array of possible values for the ThreatIntelligenceSortingCriteriaEnum const type.
type TiTaxiiCheckRequirements ¶
type TiTaxiiCheckRequirements struct { // TiTaxiiCheckRequirementsProperties - Threat Intelligence TAXII check required properties. *TiTaxiiCheckRequirementsProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` }
TiTaxiiCheckRequirements threat Intelligence TAXII data connector check requirements
func (TiTaxiiCheckRequirements) AsAADCheckRequirements ¶
func (ttcr TiTaxiiCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)
AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TiTaxiiCheckRequirements.
func (TiTaxiiCheckRequirements) AsAATPCheckRequirements ¶
func (ttcr TiTaxiiCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)
AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TiTaxiiCheckRequirements.
func (TiTaxiiCheckRequirements) AsASCCheckRequirements ¶
func (ttcr TiTaxiiCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)
AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TiTaxiiCheckRequirements.
func (TiTaxiiCheckRequirements) AsAwsCloudTrailCheckRequirements ¶
func (ttcr TiTaxiiCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)
AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TiTaxiiCheckRequirements.
func (TiTaxiiCheckRequirements) AsAwsS3CheckRequirements ¶
func (ttcr TiTaxiiCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)
AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TiTaxiiCheckRequirements.
func (TiTaxiiCheckRequirements) AsBasicDataConnectorsCheckRequirements ¶
func (ttcr TiTaxiiCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)
AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TiTaxiiCheckRequirements.
func (TiTaxiiCheckRequirements) AsDataConnectorsCheckRequirements ¶
func (ttcr TiTaxiiCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)
AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TiTaxiiCheckRequirements.
func (TiTaxiiCheckRequirements) AsDynamics365CheckRequirements ¶
func (ttcr TiTaxiiCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)
AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TiTaxiiCheckRequirements.
func (TiTaxiiCheckRequirements) AsMCASCheckRequirements ¶
func (ttcr TiTaxiiCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)
AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TiTaxiiCheckRequirements.
func (TiTaxiiCheckRequirements) AsMDATPCheckRequirements ¶
func (ttcr TiTaxiiCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)
AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TiTaxiiCheckRequirements.
func (TiTaxiiCheckRequirements) AsMSTICheckRequirements ¶
func (ttcr TiTaxiiCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)
AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TiTaxiiCheckRequirements.
func (TiTaxiiCheckRequirements) AsMtpCheckRequirements ¶
func (ttcr TiTaxiiCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)
AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TiTaxiiCheckRequirements.
func (TiTaxiiCheckRequirements) AsOfficeATPCheckRequirements ¶
func (ttcr TiTaxiiCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)
AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TiTaxiiCheckRequirements.
func (TiTaxiiCheckRequirements) AsOfficeIRMCheckRequirements ¶
func (ttcr TiTaxiiCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)
AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TiTaxiiCheckRequirements.
func (TiTaxiiCheckRequirements) AsTICheckRequirements ¶
func (ttcr TiTaxiiCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)
AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TiTaxiiCheckRequirements.
func (TiTaxiiCheckRequirements) AsTiTaxiiCheckRequirements ¶
func (ttcr TiTaxiiCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)
AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TiTaxiiCheckRequirements.
func (TiTaxiiCheckRequirements) MarshalJSON ¶
func (ttcr TiTaxiiCheckRequirements) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for TiTaxiiCheckRequirements.
func (*TiTaxiiCheckRequirements) UnmarshalJSON ¶
func (ttcr *TiTaxiiCheckRequirements) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for TiTaxiiCheckRequirements struct.
type TiTaxiiCheckRequirementsProperties ¶
type TiTaxiiCheckRequirementsProperties struct { // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` }
TiTaxiiCheckRequirementsProperties threat Intelligence TAXII data connector required properties.
type TiTaxiiDataConnector ¶
type TiTaxiiDataConnector struct { // TiTaxiiDataConnectorProperties - Threat intelligence TAXII data connector properties. *TiTaxiiDataConnectorProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' Kind KindBasicDataConnector `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
TiTaxiiDataConnector data connector to pull Threat intelligence data from TAXII 2.0/2.1 server
func (TiTaxiiDataConnector) AsAADDataConnector ¶
func (ttdc TiTaxiiDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
AsAADDataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector.
func (TiTaxiiDataConnector) AsAATPDataConnector ¶
func (ttdc TiTaxiiDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
AsAATPDataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector.
func (TiTaxiiDataConnector) AsASCDataConnector ¶
func (ttdc TiTaxiiDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
AsASCDataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector.
func (TiTaxiiDataConnector) AsAwsCloudTrailDataConnector ¶
func (ttdc TiTaxiiDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector.
func (TiTaxiiDataConnector) AsAwsS3DataConnector ¶
func (ttdc TiTaxiiDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)
AsAwsS3DataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector.
func (TiTaxiiDataConnector) AsBasicDataConnector ¶
func (ttdc TiTaxiiDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
AsBasicDataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector.
func (TiTaxiiDataConnector) AsCodelessAPIPollingDataConnector ¶
func (ttdc TiTaxiiDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)
AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector.
func (TiTaxiiDataConnector) AsCodelessUIDataConnector ¶
func (ttdc TiTaxiiDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)
AsCodelessUIDataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector.
func (TiTaxiiDataConnector) AsDataConnector ¶
func (ttdc TiTaxiiDataConnector) AsDataConnector() (*DataConnector, bool)
AsDataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector.
func (TiTaxiiDataConnector) AsDynamics365DataConnector ¶
func (ttdc TiTaxiiDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)
AsDynamics365DataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector.
func (TiTaxiiDataConnector) AsMCASDataConnector ¶
func (ttdc TiTaxiiDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
AsMCASDataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector.
func (TiTaxiiDataConnector) AsMDATPDataConnector ¶
func (ttdc TiTaxiiDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
AsMDATPDataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector.
func (TiTaxiiDataConnector) AsMSTIDataConnector ¶
func (ttdc TiTaxiiDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)
AsMSTIDataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector.
func (TiTaxiiDataConnector) AsMTPDataConnector ¶
func (ttdc TiTaxiiDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)
AsMTPDataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector.
func (TiTaxiiDataConnector) AsOfficeATPDataConnector ¶
func (ttdc TiTaxiiDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)
AsOfficeATPDataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector.
func (TiTaxiiDataConnector) AsOfficeDataConnector ¶
func (ttdc TiTaxiiDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
AsOfficeDataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector.
func (TiTaxiiDataConnector) AsOfficeIRMDataConnector ¶
func (ttdc TiTaxiiDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)
AsOfficeIRMDataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector.
func (TiTaxiiDataConnector) AsTIDataConnector ¶
func (ttdc TiTaxiiDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
AsTIDataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector.
func (TiTaxiiDataConnector) AsTiTaxiiDataConnector ¶
func (ttdc TiTaxiiDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)
AsTiTaxiiDataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector.
func (TiTaxiiDataConnector) MarshalJSON ¶
func (ttdc TiTaxiiDataConnector) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for TiTaxiiDataConnector.
func (*TiTaxiiDataConnector) UnmarshalJSON ¶
func (ttdc *TiTaxiiDataConnector) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for TiTaxiiDataConnector struct.
type TiTaxiiDataConnectorDataTypes ¶
type TiTaxiiDataConnectorDataTypes struct { // TaxiiClient - Data type for TAXII connector. TaxiiClient *TiTaxiiDataConnectorDataTypesTaxiiClient `json:"taxiiClient,omitempty"` }
TiTaxiiDataConnectorDataTypes the available data types for Threat Intelligence TAXII data connector.
type TiTaxiiDataConnectorDataTypesTaxiiClient ¶
type TiTaxiiDataConnectorDataTypesTaxiiClient struct { // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' State DataTypeState `json:"state,omitempty"` }
TiTaxiiDataConnectorDataTypesTaxiiClient data type for TAXII connector.
type TiTaxiiDataConnectorProperties ¶
type TiTaxiiDataConnectorProperties struct { // WorkspaceID - The workspace id. WorkspaceID *string `json:"workspaceId,omitempty"` // FriendlyName - The friendly name for the TAXII server. FriendlyName *string `json:"friendlyName,omitempty"` // TaxiiServer - The API root for the TAXII server. TaxiiServer *string `json:"taxiiServer,omitempty"` // CollectionID - The collection id of the TAXII server. CollectionID *string `json:"collectionId,omitempty"` // UserName - The userName for the TAXII server. UserName *string `json:"userName,omitempty"` // Password - The password for the TAXII server. Password *string `json:"password,omitempty"` // TaxiiLookbackPeriod - The lookback period for the TAXII server. TaxiiLookbackPeriod *date.Time `json:"taxiiLookbackPeriod,omitempty"` // PollingFrequency - The polling frequency for the TAXII server. Possible values include: 'PollingFrequencyOnceAMinute', 'PollingFrequencyOnceAnHour', 'PollingFrequencyOnceADay' PollingFrequency PollingFrequency `json:"pollingFrequency,omitempty"` // DataTypes - The available data types for Threat Intelligence TAXII data connector. DataTypes *TiTaxiiDataConnectorDataTypes `json:"dataTypes,omitempty"` // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` }
TiTaxiiDataConnectorProperties threat Intelligence TAXII data connector properties.
type TimelineAggregation ¶
type TimelineAggregation struct { // Count - the total items found for a kind Count *int32 `json:"count,omitempty"` // Kind - the query kind. Possible values include: 'EntityTimelineKindActivity', 'EntityTimelineKindBookmark', 'EntityTimelineKindSecurityAlert' Kind EntityTimelineKind `json:"kind,omitempty"` }
TimelineAggregation timeline aggregation information per kind
type TimelineError ¶
type TimelineError struct { // Kind - the query kind. Possible values include: 'EntityTimelineKindActivity', 'EntityTimelineKindBookmark', 'EntityTimelineKindSecurityAlert' Kind EntityTimelineKind `json:"kind,omitempty"` // QueryID - the query id QueryID *string `json:"queryId,omitempty"` // ErrorMessage - the error message ErrorMessage *string `json:"errorMessage,omitempty"` }
TimelineError timeline Query Errors.
type TimelineResultsMetadata ¶
type TimelineResultsMetadata struct { // TotalCount - the total items found for the timeline request TotalCount *int32 `json:"totalCount,omitempty"` // Aggregations - timeline aggregation per kind Aggregations *[]TimelineAggregation `json:"aggregations,omitempty"` // Errors - information about the failure queries Errors *[]TimelineError `json:"errors,omitempty"` }
TimelineResultsMetadata expansion result metadata.
type TrackedResource ¶
type TrackedResource struct { // Tags - Resource tags. Tags map[string]*string `json:"tags"` // Location - The geo-location where the resource lives Location *string `json:"location,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
TrackedResource the resource model definition for an Azure Resource Manager tracked top level resource which has 'tags' and a 'location'
func (TrackedResource) MarshalJSON ¶
func (tr TrackedResource) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for TrackedResource.
type TriggerOperator ¶
type TriggerOperator string
TriggerOperator enumerates the values for trigger operator.
const ( // TriggerOperatorEqual ... TriggerOperatorEqual TriggerOperator = "Equal" // TriggerOperatorGreaterThan ... TriggerOperatorGreaterThan TriggerOperator = "GreaterThan" // TriggerOperatorLessThan ... TriggerOperatorLessThan TriggerOperator = "LessThan" // TriggerOperatorNotEqual ... TriggerOperatorNotEqual TriggerOperator = "NotEqual" )
func PossibleTriggerOperatorValues ¶
func PossibleTriggerOperatorValues() []TriggerOperator
PossibleTriggerOperatorValues returns an array of possible values for the TriggerOperator const type.
type URLEntity ¶
type URLEntity struct { // URLEntityProperties - Url entity properties *URLEntityProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' Kind KindBasicEntity `json:"kind,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
URLEntity represents a url entity.
func (URLEntity) AsAccountEntity ¶
func (ue URLEntity) AsAccountEntity() (*AccountEntity, bool)
AsAccountEntity is the BasicEntity implementation for URLEntity.
func (URLEntity) AsAzureResourceEntity ¶
func (ue URLEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)
AsAzureResourceEntity is the BasicEntity implementation for URLEntity.
func (URLEntity) AsBasicEntity ¶
func (ue URLEntity) AsBasicEntity() (BasicEntity, bool)
AsBasicEntity is the BasicEntity implementation for URLEntity.
func (URLEntity) AsCloudApplicationEntity ¶
func (ue URLEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)
AsCloudApplicationEntity is the BasicEntity implementation for URLEntity.
func (URLEntity) AsDNSEntity ¶
AsDNSEntity is the BasicEntity implementation for URLEntity.
func (URLEntity) AsFileEntity ¶
func (ue URLEntity) AsFileEntity() (*FileEntity, bool)
AsFileEntity is the BasicEntity implementation for URLEntity.
func (URLEntity) AsFileHashEntity ¶
func (ue URLEntity) AsFileHashEntity() (*FileHashEntity, bool)
AsFileHashEntity is the BasicEntity implementation for URLEntity.
func (URLEntity) AsHostEntity ¶
func (ue URLEntity) AsHostEntity() (*HostEntity, bool)
AsHostEntity is the BasicEntity implementation for URLEntity.
func (URLEntity) AsHuntingBookmark ¶
func (ue URLEntity) AsHuntingBookmark() (*HuntingBookmark, bool)
AsHuntingBookmark is the BasicEntity implementation for URLEntity.
func (URLEntity) AsIPEntity ¶
AsIPEntity is the BasicEntity implementation for URLEntity.
func (URLEntity) AsIoTDeviceEntity ¶
func (ue URLEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)
AsIoTDeviceEntity is the BasicEntity implementation for URLEntity.
func (URLEntity) AsMailClusterEntity ¶
func (ue URLEntity) AsMailClusterEntity() (*MailClusterEntity, bool)
AsMailClusterEntity is the BasicEntity implementation for URLEntity.
func (URLEntity) AsMailMessageEntity ¶
func (ue URLEntity) AsMailMessageEntity() (*MailMessageEntity, bool)
AsMailMessageEntity is the BasicEntity implementation for URLEntity.
func (URLEntity) AsMailboxEntity ¶
func (ue URLEntity) AsMailboxEntity() (*MailboxEntity, bool)
AsMailboxEntity is the BasicEntity implementation for URLEntity.
func (URLEntity) AsMalwareEntity ¶
func (ue URLEntity) AsMalwareEntity() (*MalwareEntity, bool)
AsMalwareEntity is the BasicEntity implementation for URLEntity.
func (URLEntity) AsProcessEntity ¶
func (ue URLEntity) AsProcessEntity() (*ProcessEntity, bool)
AsProcessEntity is the BasicEntity implementation for URLEntity.
func (URLEntity) AsRegistryKeyEntity ¶
func (ue URLEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)
AsRegistryKeyEntity is the BasicEntity implementation for URLEntity.
func (URLEntity) AsRegistryValueEntity ¶
func (ue URLEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)
AsRegistryValueEntity is the BasicEntity implementation for URLEntity.
func (URLEntity) AsSecurityAlert ¶
func (ue URLEntity) AsSecurityAlert() (*SecurityAlert, bool)
AsSecurityAlert is the BasicEntity implementation for URLEntity.
func (URLEntity) AsSecurityGroupEntity ¶
func (ue URLEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)
AsSecurityGroupEntity is the BasicEntity implementation for URLEntity.
func (URLEntity) AsSubmissionMailEntity ¶
func (ue URLEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)
AsSubmissionMailEntity is the BasicEntity implementation for URLEntity.
func (URLEntity) AsURLEntity ¶
AsURLEntity is the BasicEntity implementation for URLEntity.
func (URLEntity) MarshalJSON ¶
MarshalJSON is the custom marshaler for URLEntity.
func (*URLEntity) UnmarshalJSON ¶
UnmarshalJSON is the custom unmarshaler for URLEntity struct.
type URLEntityProperties ¶
type URLEntityProperties struct { // URL - READ-ONLY; A full URL the entity points to URL *string `json:"url,omitempty"` // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]interface{} `json:"additionalData"` // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. FriendlyName *string `json:"friendlyName,omitempty"` }
URLEntityProperties url entity property bag.
func (URLEntityProperties) MarshalJSON ¶
func (uep URLEntityProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for URLEntityProperties.
type Ueba ¶
type Ueba struct { // UebaProperties - Ueba properties *UebaProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicSettingsKindSettings', 'KindBasicSettingsKindAnomalies', 'KindBasicSettingsKindEyesOn', 'KindBasicSettingsKindEntityAnalytics', 'KindBasicSettingsKindUeba' Kind KindBasicSettings `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
Ueba settings with single toggle.
func (Ueba) AsAnomalies ¶
AsAnomalies is the BasicSettings implementation for Ueba.
func (Ueba) AsBasicSettings ¶
func (u Ueba) AsBasicSettings() (BasicSettings, bool)
AsBasicSettings is the BasicSettings implementation for Ueba.
func (Ueba) AsEntityAnalytics ¶
func (u Ueba) AsEntityAnalytics() (*EntityAnalytics, bool)
AsEntityAnalytics is the BasicSettings implementation for Ueba.
func (Ueba) AsSettings ¶
AsSettings is the BasicSettings implementation for Ueba.
func (Ueba) MarshalJSON ¶
MarshalJSON is the custom marshaler for Ueba.
func (*Ueba) UnmarshalJSON ¶
UnmarshalJSON is the custom unmarshaler for Ueba struct.
type UebaDataSources ¶
type UebaDataSources string
UebaDataSources enumerates the values for ueba data sources.
const ( // UebaDataSourcesAuditLogs ... UebaDataSourcesAuditLogs UebaDataSources = "AuditLogs" // UebaDataSourcesAzureActivity ... UebaDataSourcesAzureActivity UebaDataSources = "AzureActivity" // UebaDataSourcesSecurityEvent ... UebaDataSourcesSecurityEvent UebaDataSources = "SecurityEvent" // UebaDataSourcesSigninLogs ... UebaDataSourcesSigninLogs UebaDataSources = "SigninLogs" )
func PossibleUebaDataSourcesValues ¶
func PossibleUebaDataSourcesValues() []UebaDataSources
PossibleUebaDataSourcesValues returns an array of possible values for the UebaDataSources const type.
type UebaProperties ¶
type UebaProperties struct { // DataSources - The relevant data sources that enriched by ueba DataSources *[]UebaDataSources `json:"dataSources,omitempty"` }
UebaProperties ueba property bag.
type UserInfo ¶
type UserInfo struct { // Email - READ-ONLY; The email of the user. Email *string `json:"email,omitempty"` // Name - READ-ONLY; The name of the user. Name *string `json:"name,omitempty"` // ObjectID - The object id of the user. ObjectID *uuid.UUID `json:"objectId,omitempty"` }
UserInfo user information that made some action
func (UserInfo) MarshalJSON ¶
MarshalJSON is the custom marshaler for UserInfo.
type Watchlist ¶
type Watchlist struct { autorest.Response `json:"-"` // WatchlistProperties - Watchlist properties *WatchlistProperties `json:"properties,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
Watchlist represents a Watchlist in Azure Security Insights.
func (Watchlist) MarshalJSON ¶
MarshalJSON is the custom marshaler for Watchlist.
func (*Watchlist) UnmarshalJSON ¶
UnmarshalJSON is the custom unmarshaler for Watchlist struct.
type WatchlistItem ¶
type WatchlistItem struct { autorest.Response `json:"-"` // WatchlistItemProperties - Watchlist Item properties *WatchlistItemProperties `json:"properties,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. SystemData *SystemData `json:"systemData,omitempty"` }
WatchlistItem represents a Watchlist item in Azure Security Insights.
func (WatchlistItem) MarshalJSON ¶
func (wi WatchlistItem) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for WatchlistItem.
func (*WatchlistItem) UnmarshalJSON ¶
func (wi *WatchlistItem) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for WatchlistItem struct.
type WatchlistItemList ¶
type WatchlistItemList struct { autorest.Response `json:"-"` // NextLink - READ-ONLY; URL to fetch the next set of watchlist item. NextLink *string `json:"nextLink,omitempty"` // Value - Array of watchlist items. Value *[]WatchlistItem `json:"value,omitempty"` }
WatchlistItemList list all the watchlist items.
func (WatchlistItemList) IsEmpty ¶
func (wil WatchlistItemList) IsEmpty() bool
IsEmpty returns true if the ListResult contains no values.
func (WatchlistItemList) MarshalJSON ¶
func (wil WatchlistItemList) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for WatchlistItemList.
type WatchlistItemListIterator ¶
type WatchlistItemListIterator struct {
// contains filtered or unexported fields
}
WatchlistItemListIterator provides access to a complete listing of WatchlistItem values.
func NewWatchlistItemListIterator ¶
func NewWatchlistItemListIterator(page WatchlistItemListPage) WatchlistItemListIterator
Creates a new instance of the WatchlistItemListIterator type.
func (*WatchlistItemListIterator) Next ¶
func (iter *WatchlistItemListIterator) Next() error
Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*WatchlistItemListIterator) NextWithContext ¶
func (iter *WatchlistItemListIterator) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.
func (WatchlistItemListIterator) NotDone ¶
func (iter WatchlistItemListIterator) NotDone() bool
NotDone returns true if the enumeration should be started or is not yet complete.
func (WatchlistItemListIterator) Response ¶
func (iter WatchlistItemListIterator) Response() WatchlistItemList
Response returns the raw server response from the last page request.
func (WatchlistItemListIterator) Value ¶
func (iter WatchlistItemListIterator) Value() WatchlistItem
Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.
type WatchlistItemListPage ¶
type WatchlistItemListPage struct {
// contains filtered or unexported fields
}
WatchlistItemListPage contains a page of WatchlistItem values.
func NewWatchlistItemListPage ¶
func NewWatchlistItemListPage(cur WatchlistItemList, getNextPage func(context.Context, WatchlistItemList) (WatchlistItemList, error)) WatchlistItemListPage
Creates a new instance of the WatchlistItemListPage type.
func (*WatchlistItemListPage) Next ¶
func (page *WatchlistItemListPage) Next() error
Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*WatchlistItemListPage) NextWithContext ¶
func (page *WatchlistItemListPage) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.
func (WatchlistItemListPage) NotDone ¶
func (page WatchlistItemListPage) NotDone() bool
NotDone returns true if the page enumeration should be started or is not yet complete.
func (WatchlistItemListPage) Response ¶
func (page WatchlistItemListPage) Response() WatchlistItemList
Response returns the raw server response from the last page request.
func (WatchlistItemListPage) Values ¶
func (page WatchlistItemListPage) Values() []WatchlistItem
Values returns the slice of values for the current page or nil if there are no values.
type WatchlistItemProperties ¶
type WatchlistItemProperties struct { // WatchlistItemType - The type of the watchlist item WatchlistItemType *string `json:"watchlistItemType,omitempty"` // WatchlistItemID - The id (a Guid) of the watchlist item WatchlistItemID *string `json:"watchlistItemId,omitempty"` // TenantID - The tenantId to which the watchlist item belongs to TenantID *string `json:"tenantId,omitempty"` // IsDeleted - A flag that indicates if the watchlist item is deleted or not IsDeleted *bool `json:"isDeleted,omitempty"` // Created - The time the watchlist item was created Created *date.Time `json:"created,omitempty"` // Updated - The last time the watchlist item was updated Updated *date.Time `json:"updated,omitempty"` // CreatedBy - Describes a user that created the watchlist item CreatedBy *UserInfo `json:"createdBy,omitempty"` // UpdatedBy - Describes a user that updated the watchlist item UpdatedBy *UserInfo `json:"updatedBy,omitempty"` // ItemsKeyValue - key-value pairs for a watchlist item ItemsKeyValue interface{} `json:"itemsKeyValue,omitempty"` // EntityMapping - key-value pairs for a watchlist item entity mapping EntityMapping interface{} `json:"entityMapping,omitempty"` }
WatchlistItemProperties describes watchlist item properties
type WatchlistItemsClient ¶
type WatchlistItemsClient struct {
BaseClient
}
WatchlistItemsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewWatchlistItemsClient ¶
func NewWatchlistItemsClient(subscriptionID string) WatchlistItemsClient
NewWatchlistItemsClient creates an instance of the WatchlistItemsClient client.
func NewWatchlistItemsClientWithBaseURI ¶
func NewWatchlistItemsClientWithBaseURI(baseURI string, subscriptionID string) WatchlistItemsClient
NewWatchlistItemsClientWithBaseURI creates an instance of the WatchlistItemsClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (WatchlistItemsClient) CreateOrUpdate ¶
func (client WatchlistItemsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlistItemID string, watchlistItem WatchlistItem) (result WatchlistItem, err error)
CreateOrUpdate creates or updates a watchlist item. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. watchlistAlias - watchlist Alias watchlistItemID - watchlist Item Id (GUID) watchlistItem - the watchlist item
func (WatchlistItemsClient) CreateOrUpdatePreparer ¶
func (client WatchlistItemsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlistItemID string, watchlistItem WatchlistItem) (*http.Request, error)
CreateOrUpdatePreparer prepares the CreateOrUpdate request.
func (WatchlistItemsClient) CreateOrUpdateResponder ¶
func (client WatchlistItemsClient) CreateOrUpdateResponder(resp *http.Response) (result WatchlistItem, err error)
CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always closes the http.Response Body.
func (WatchlistItemsClient) CreateOrUpdateSender ¶
CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the http.Response Body if it receives an error.
func (WatchlistItemsClient) Delete ¶
func (client WatchlistItemsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlistItemID string) (result autorest.Response, err error)
Delete delete a watchlist item. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. watchlistAlias - watchlist Alias watchlistItemID - watchlist Item Id (GUID)
func (WatchlistItemsClient) DeletePreparer ¶
func (client WatchlistItemsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlistItemID string) (*http.Request, error)
DeletePreparer prepares the Delete request.
func (WatchlistItemsClient) DeleteResponder ¶
func (client WatchlistItemsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
DeleteResponder handles the response to the Delete request. The method always closes the http.Response Body.
func (WatchlistItemsClient) DeleteSender ¶
DeleteSender sends the Delete request. The method will close the http.Response Body if it receives an error.
func (WatchlistItemsClient) Get ¶
func (client WatchlistItemsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlistItemID string) (result WatchlistItem, err error)
Get gets a watchlist, without its watchlist items. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. watchlistAlias - watchlist Alias watchlistItemID - watchlist Item Id (GUID)
func (WatchlistItemsClient) GetPreparer ¶
func (client WatchlistItemsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlistItemID string) (*http.Request, error)
GetPreparer prepares the Get request.
func (WatchlistItemsClient) GetResponder ¶
func (client WatchlistItemsClient) GetResponder(resp *http.Response) (result WatchlistItem, err error)
GetResponder handles the response to the Get request. The method always closes the http.Response Body.
func (WatchlistItemsClient) GetSender ¶
GetSender sends the Get request. The method will close the http.Response Body if it receives an error.
func (WatchlistItemsClient) List ¶
func (client WatchlistItemsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string) (result WatchlistItemListPage, err error)
List gets all watchlist Items. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. watchlistAlias - watchlist Alias
func (WatchlistItemsClient) ListComplete ¶
func (client WatchlistItemsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string) (result WatchlistItemListIterator, err error)
ListComplete enumerates all values, automatically crossing page boundaries as required.
func (WatchlistItemsClient) ListPreparer ¶
func (client WatchlistItemsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string) (*http.Request, error)
ListPreparer prepares the List request.
func (WatchlistItemsClient) ListResponder ¶
func (client WatchlistItemsClient) ListResponder(resp *http.Response) (result WatchlistItemList, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (WatchlistItemsClient) ListSender ¶
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
type WatchlistList ¶
type WatchlistList struct { autorest.Response `json:"-"` // NextLink - READ-ONLY; URL to fetch the next set of watchlists. NextLink *string `json:"nextLink,omitempty"` // Value - Array of watchlist. Value *[]Watchlist `json:"value,omitempty"` }
WatchlistList list all the watchlists.
func (WatchlistList) IsEmpty ¶
func (wl WatchlistList) IsEmpty() bool
IsEmpty returns true if the ListResult contains no values.
func (WatchlistList) MarshalJSON ¶
func (wl WatchlistList) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for WatchlistList.
type WatchlistListIterator ¶
type WatchlistListIterator struct {
// contains filtered or unexported fields
}
WatchlistListIterator provides access to a complete listing of Watchlist values.
func NewWatchlistListIterator ¶
func NewWatchlistListIterator(page WatchlistListPage) WatchlistListIterator
Creates a new instance of the WatchlistListIterator type.
func (*WatchlistListIterator) Next ¶
func (iter *WatchlistListIterator) Next() error
Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*WatchlistListIterator) NextWithContext ¶
func (iter *WatchlistListIterator) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.
func (WatchlistListIterator) NotDone ¶
func (iter WatchlistListIterator) NotDone() bool
NotDone returns true if the enumeration should be started or is not yet complete.
func (WatchlistListIterator) Response ¶
func (iter WatchlistListIterator) Response() WatchlistList
Response returns the raw server response from the last page request.
func (WatchlistListIterator) Value ¶
func (iter WatchlistListIterator) Value() Watchlist
Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.
type WatchlistListPage ¶
type WatchlistListPage struct {
// contains filtered or unexported fields
}
WatchlistListPage contains a page of Watchlist values.
func NewWatchlistListPage ¶
func NewWatchlistListPage(cur WatchlistList, getNextPage func(context.Context, WatchlistList) (WatchlistList, error)) WatchlistListPage
Creates a new instance of the WatchlistListPage type.
func (*WatchlistListPage) Next ¶
func (page *WatchlistListPage) Next() error
Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*WatchlistListPage) NextWithContext ¶
func (page *WatchlistListPage) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.
func (WatchlistListPage) NotDone ¶
func (page WatchlistListPage) NotDone() bool
NotDone returns true if the page enumeration should be started or is not yet complete.
func (WatchlistListPage) Response ¶
func (page WatchlistListPage) Response() WatchlistList
Response returns the raw server response from the last page request.
func (WatchlistListPage) Values ¶
func (page WatchlistListPage) Values() []Watchlist
Values returns the slice of values for the current page or nil if there are no values.
type WatchlistProperties ¶
type WatchlistProperties struct { // WatchlistID - The id (a Guid) of the watchlist WatchlistID *string `json:"watchlistId,omitempty"` // DisplayName - The display name of the watchlist DisplayName *string `json:"displayName,omitempty"` // Provider - The provider of the watchlist Provider *string `json:"provider,omitempty"` // Source - The source of the watchlist. Possible values include: 'SourceLocalfile', 'SourceRemotestorage' Source Source `json:"source,omitempty"` // Created - The time the watchlist was created Created *date.Time `json:"created,omitempty"` // Updated - The last time the watchlist was updated Updated *date.Time `json:"updated,omitempty"` // CreatedBy - Describes a user that created the watchlist CreatedBy *UserInfo `json:"createdBy,omitempty"` // UpdatedBy - Describes a user that updated the watchlist UpdatedBy *UserInfo `json:"updatedBy,omitempty"` // Description - A description of the watchlist Description *string `json:"description,omitempty"` // WatchlistType - The type of the watchlist WatchlistType *string `json:"watchlistType,omitempty"` // WatchlistAlias - The alias of the watchlist WatchlistAlias *string `json:"watchlistAlias,omitempty"` // IsDeleted - A flag that indicates if the watchlist is deleted or not IsDeleted *bool `json:"isDeleted,omitempty"` // Labels - List of labels relevant to this watchlist Labels *[]string `json:"labels,omitempty"` // DefaultDuration - The default duration of a watchlist (in ISO 8601 duration format) DefaultDuration *string `json:"defaultDuration,omitempty"` // TenantID - The tenantId where the watchlist belongs to TenantID *string `json:"tenantId,omitempty"` // NumberOfLinesToSkip - The number of lines in a csv/tsv content to skip before the header NumberOfLinesToSkip *int32 `json:"numberOfLinesToSkip,omitempty"` // RawContent - The raw content that represents to watchlist items to create. In case of csv/tsv content type, it's the content of the file that will parsed by the endpoint RawContent *string `json:"rawContent,omitempty"` // ItemsSearchKey - The search key is used to optimize query performance when using watchlists for joins with other data. For example, enable a column with IP addresses to be the designated SearchKey field, then use this field as the key field when joining to other event data by IP address. ItemsSearchKey *string `json:"itemsSearchKey,omitempty"` // ContentType - The content type of the raw content. Example : text/csv or text/tsv ContentType *string `json:"contentType,omitempty"` // UploadStatus - The status of the Watchlist upload : New, InProgress or Complete. Pls note : When a Watchlist upload status is equal to InProgress, the Watchlist cannot be deleted UploadStatus *string `json:"uploadStatus,omitempty"` // WatchlistItemsCount - The number of Watchlist Items in the Watchlist WatchlistItemsCount *int32 `json:"watchlistItemsCount,omitempty"` }
WatchlistProperties describes watchlist properties
type WatchlistsClient ¶
type WatchlistsClient struct {
BaseClient
}
WatchlistsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewWatchlistsClient ¶
func NewWatchlistsClient(subscriptionID string) WatchlistsClient
NewWatchlistsClient creates an instance of the WatchlistsClient client.
func NewWatchlistsClientWithBaseURI ¶
func NewWatchlistsClientWithBaseURI(baseURI string, subscriptionID string) WatchlistsClient
NewWatchlistsClientWithBaseURI creates an instance of the WatchlistsClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (WatchlistsClient) CreateOrUpdate ¶
func (client WatchlistsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlist Watchlist) (result Watchlist, err error)
CreateOrUpdate creates or updates a watchlist and its watchlist items (bulk creation, e.g. through text/csv content type). To create a Watchlist and its items, we should call this endpoint with rawContent and contentType properties. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. watchlistAlias - watchlist Alias watchlist - the watchlist
func (WatchlistsClient) CreateOrUpdatePreparer ¶
func (client WatchlistsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlist Watchlist) (*http.Request, error)
CreateOrUpdatePreparer prepares the CreateOrUpdate request.
func (WatchlistsClient) CreateOrUpdateResponder ¶
func (client WatchlistsClient) CreateOrUpdateResponder(resp *http.Response) (result Watchlist, err error)
CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always closes the http.Response Body.
func (WatchlistsClient) CreateOrUpdateSender ¶
CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the http.Response Body if it receives an error.
func (WatchlistsClient) Delete ¶
func (client WatchlistsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string) (result autorest.Response, err error)
Delete delete a watchlist. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. watchlistAlias - watchlist Alias
func (WatchlistsClient) DeletePreparer ¶
func (client WatchlistsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string) (*http.Request, error)
DeletePreparer prepares the Delete request.
func (WatchlistsClient) DeleteResponder ¶
func (client WatchlistsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
DeleteResponder handles the response to the Delete request. The method always closes the http.Response Body.
func (WatchlistsClient) DeleteSender ¶
DeleteSender sends the Delete request. The method will close the http.Response Body if it receives an error.
func (WatchlistsClient) Get ¶
func (client WatchlistsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string) (result Watchlist, err error)
Get gets a watchlist, without its watchlist items. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace. watchlistAlias - watchlist Alias
func (WatchlistsClient) GetPreparer ¶
func (client WatchlistsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string) (*http.Request, error)
GetPreparer prepares the Get request.
func (WatchlistsClient) GetResponder ¶
func (client WatchlistsClient) GetResponder(resp *http.Response) (result Watchlist, err error)
GetResponder handles the response to the Get request. The method always closes the http.Response Body.
func (WatchlistsClient) GetSender ¶
GetSender sends the Get request. The method will close the http.Response Body if it receives an error.
func (WatchlistsClient) List ¶
func (client WatchlistsClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result WatchlistListPage, err error)
List gets all watchlists, without watchlist items. Parameters: resourceGroupName - the name of the resource group. The name is case insensitive. workspaceName - the name of the workspace.
func (WatchlistsClient) ListComplete ¶
func (client WatchlistsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result WatchlistListIterator, err error)
ListComplete enumerates all values, automatically crossing page boundaries as required.
func (WatchlistsClient) ListPreparer ¶
func (client WatchlistsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
ListPreparer prepares the List request.
func (WatchlistsClient) ListResponder ¶
func (client WatchlistsClient) ListResponder(resp *http.Response) (result WatchlistList, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (WatchlistsClient) ListSender ¶
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
Source Files ¶
- actions.go
- alertrules.go
- alertruletemplates.go
- automationrules.go
- bookmark.go
- bookmarkrelations.go
- bookmarks.go
- client.go
- dataconnectors.go
- dataconnectorscheckrequirements.go
- domainwhois.go
- entities.go
- entitiesgettimeline.go
- entitiesrelations.go
- entityqueries.go
- entityquerytemplates.go
- entityrelations.go
- enums.go
- incidentcomments.go
- incidentrelations.go
- incidents.go
- ipgeodata.go
- metadata.go
- models.go
- officeconsents.go
- operations.go
- productsettings.go
- sentinelonboardingstates.go
- sourcecontrol.go
- sourcecontrols.go
- threatintelligenceindicator.go
- threatintelligenceindicatormetrics.go
- threatintelligenceindicators.go
- version.go
- watchlistitems.go
- watchlists.go