Why Go
- Case Studies
  
  Common problems companies solve with Go
- Use Cases
  
  Stories about how and why companies use Go
- Security Policy
  
  How Go can help keep you secure by default
Learn
Docs
- Effective Go
  
  Tips for writing clear, performant, and idiomatic Go code
- Go User Manual
  
  A complete introduction to building software with Go
- Standard library
  
  Reference documentation for Go's standard library
- Release Notes
  
  Learn what's new in each Go release
Packages
Community
- Recorded Talks
  
  Videos from prior events
- Meetups
  
  Meet other local Go developers
- Conferences
  
  Learn and network with Go developers from around the world
- Go blog
  
  The Go project's official blog.
- Go project
  
  Get help and stay informed from Go
- Get connected

securityinsight

package

Go to main page

Versions in this module

v0

v0.2.1

Jan 1, 2022

Changes in this version

+ const DefaultBaseURI

+ func UserAgent() string

+ func Version() string

+ type AADCheckRequirements struct

+ Kind KindBasicDataConnectorsCheckRequirements

+ func (acr *AADCheckRequirements) UnmarshalJSON(body []byte) error

+ func (acr AADCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)

+ func (acr AADCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)

+ func (acr AADCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)

+ func (acr AADCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)

+ func (acr AADCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)

+ func (acr AADCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)

+ func (acr AADCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)

+ func (acr AADCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)

+ func (acr AADCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)

+ func (acr AADCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)

+ func (acr AADCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)

+ func (acr AADCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)

+ func (acr AADCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)

+ func (acr AADCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)

+ func (acr AADCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)

+ func (acr AADCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)

+ func (acr AADCheckRequirements) MarshalJSON() ([]byte, error)

+ type AADCheckRequirementsProperties struct

+ TenantID *string

+ type AADDataConnector struct

+ Etag *string

+ ID *string

+ Kind KindBasicDataConnector

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (adc *AADDataConnector) UnmarshalJSON(body []byte) error

+ func (adc AADDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

+ func (adc AADDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

+ func (adc AADDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

+ func (adc AADDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

+ func (adc AADDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)

+ func (adc AADDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

+ func (adc AADDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)

+ func (adc AADDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)

+ func (adc AADDataConnector) AsDataConnector() (*DataConnector, bool)

+ func (adc AADDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)

+ func (adc AADDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

+ func (adc AADDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

+ func (adc AADDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)

+ func (adc AADDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)

+ func (adc AADDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)

+ func (adc AADDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

+ func (adc AADDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)

+ func (adc AADDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

+ func (adc AADDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)

+ func (adc AADDataConnector) MarshalJSON() ([]byte, error)

+ type AADDataConnectorProperties struct

+ DataTypes *AlertsDataTypeOfDataConnector

+ TenantID *string

+ type AATPCheckRequirements struct

+ Kind KindBasicDataConnectorsCheckRequirements

+ func (acr *AATPCheckRequirements) UnmarshalJSON(body []byte) error

+ func (acr AATPCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)

+ func (acr AATPCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)

+ func (acr AATPCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)

+ func (acr AATPCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)

+ func (acr AATPCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)

+ func (acr AATPCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)

+ func (acr AATPCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)

+ func (acr AATPCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)

+ func (acr AATPCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)

+ func (acr AATPCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)

+ func (acr AATPCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)

+ func (acr AATPCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)

+ func (acr AATPCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)

+ func (acr AATPCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)

+ func (acr AATPCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)

+ func (acr AATPCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)

+ func (acr AATPCheckRequirements) MarshalJSON() ([]byte, error)

+ type AATPCheckRequirementsProperties struct

+ TenantID *string

+ type AATPDataConnector struct

+ Etag *string

+ ID *string

+ Kind KindBasicDataConnector

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (adc *AATPDataConnector) UnmarshalJSON(body []byte) error

+ func (adc AATPDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

+ func (adc AATPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

+ func (adc AATPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

+ func (adc AATPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

+ func (adc AATPDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)

+ func (adc AATPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

+ func (adc AATPDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)

+ func (adc AATPDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)

+ func (adc AATPDataConnector) AsDataConnector() (*DataConnector, bool)

+ func (adc AATPDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)

+ func (adc AATPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

+ func (adc AATPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

+ func (adc AATPDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)

+ func (adc AATPDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)

+ func (adc AATPDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)

+ func (adc AATPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

+ func (adc AATPDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)

+ func (adc AATPDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

+ func (adc AATPDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)

+ func (adc AATPDataConnector) MarshalJSON() ([]byte, error)

+ type AATPDataConnectorProperties struct

+ DataTypes *AlertsDataTypeOfDataConnector

+ TenantID *string

+ type APIPollingParameters struct

+ ConnectorUIConfig *CodelessUIConnectorConfigProperties

+ PollingConfig *CodelessConnectorPollingConfigProperties

+ type ASCCheckRequirements struct

+ Kind KindBasicDataConnectorsCheckRequirements

+ func (acr *ASCCheckRequirements) UnmarshalJSON(body []byte) error

+ func (acr ASCCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)

+ func (acr ASCCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)

+ func (acr ASCCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)

+ func (acr ASCCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)

+ func (acr ASCCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)

+ func (acr ASCCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)

+ func (acr ASCCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)

+ func (acr ASCCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)

+ func (acr ASCCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)

+ func (acr ASCCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)

+ func (acr ASCCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)

+ func (acr ASCCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)

+ func (acr ASCCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)

+ func (acr ASCCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)

+ func (acr ASCCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)

+ func (acr ASCCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)

+ func (acr ASCCheckRequirements) MarshalJSON() ([]byte, error)

+ type ASCCheckRequirementsProperties struct

+ SubscriptionID *string

+ type ASCDataConnector struct

+ Etag *string

+ ID *string

+ Kind KindBasicDataConnector

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (adc *ASCDataConnector) UnmarshalJSON(body []byte) error

+ func (adc ASCDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

+ func (adc ASCDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

+ func (adc ASCDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

+ func (adc ASCDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

+ func (adc ASCDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)

+ func (adc ASCDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

+ func (adc ASCDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)

+ func (adc ASCDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)

+ func (adc ASCDataConnector) AsDataConnector() (*DataConnector, bool)

+ func (adc ASCDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)

+ func (adc ASCDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

+ func (adc ASCDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

+ func (adc ASCDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)

+ func (adc ASCDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)

+ func (adc ASCDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)

+ func (adc ASCDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

+ func (adc ASCDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)

+ func (adc ASCDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

+ func (adc ASCDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)

+ func (adc ASCDataConnector) MarshalJSON() ([]byte, error)

+ type ASCDataConnectorProperties struct

+ DataTypes *AlertsDataTypeOfDataConnector

+ SubscriptionID *string

+ type AccountEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (ae *AccountEntity) UnmarshalJSON(body []byte) error

+ func (ae AccountEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (ae AccountEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (ae AccountEntity) AsBasicEntity() (BasicEntity, bool)

+ func (ae AccountEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (ae AccountEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (ae AccountEntity) AsEntity() (*Entity, bool)

+ func (ae AccountEntity) AsFileEntity() (*FileEntity, bool)

+ func (ae AccountEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (ae AccountEntity) AsHostEntity() (*HostEntity, bool)

+ func (ae AccountEntity) AsHuntingBookmark() (*HuntingBookmark, bool)

+ func (ae AccountEntity) AsIPEntity() (*IPEntity, bool)

+ func (ae AccountEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (ae AccountEntity) AsMailClusterEntity() (*MailClusterEntity, bool)

+ func (ae AccountEntity) AsMailMessageEntity() (*MailMessageEntity, bool)

+ func (ae AccountEntity) AsMailboxEntity() (*MailboxEntity, bool)

+ func (ae AccountEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (ae AccountEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (ae AccountEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (ae AccountEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (ae AccountEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (ae AccountEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (ae AccountEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)

+ func (ae AccountEntity) AsURLEntity() (*URLEntity, bool)

+ func (ae AccountEntity) MarshalJSON() ([]byte, error)

+ type AccountEntityProperties struct

+ AadTenantID *string

+ AadUserID *string

+ AccountName *string

+ AdditionalData map[string]interface{}

+ DNSDomain *string

+ DisplayName *string

+ FriendlyName *string

+ HostEntityID *string

+ IsDomainJoined *bool

+ NtDomain *string

+ ObjectGUID *uuid.UUID

+ Puid *string

+ Sid *string

+ UpnSuffix *string

+ func (aep AccountEntityProperties) MarshalJSON() ([]byte, error)

+ type ActionPropertiesBase struct

+ LogicAppResourceID *string

+ type ActionRequest struct

+ Etag *string

+ ID *string

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (ar *ActionRequest) UnmarshalJSON(body []byte) error

+ func (ar ActionRequest) MarshalJSON() ([]byte, error)

+ type ActionRequestProperties struct

+ LogicAppResourceID *string

+ TriggerURI *string

+ type ActionResponse struct

+ Etag *string

+ ID *string

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (ar *ActionResponse) UnmarshalJSON(body []byte) error

+ func (ar ActionResponse) MarshalJSON() ([]byte, error)

+ type ActionResponseProperties struct

+ LogicAppResourceID *string

+ WorkflowID *string

+ type ActionType string

+ const ActionTypeAutomationRuleAction

+ const ActionTypeModifyProperties

+ const ActionTypeRunPlaybook

+ func PossibleActionTypeValues() []ActionType

+ type ActionsClient struct

+ func NewActionsClient(subscriptionID string) ActionsClient

+ func NewActionsClientWithBaseURI(baseURI string, subscriptionID string) ActionsClient

+ func (client ActionsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ActionResponse, err error)

+ func (client ActionsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client ActionsClient) CreateOrUpdateResponder(resp *http.Response) (result ActionResponse, err error)

+ func (client ActionsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)

+ func (client ActionsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)

+ func (client ActionsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client ActionsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client ActionsClient) DeleteSender(req *http.Request) (*http.Response, error)

+ func (client ActionsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ActionResponse, err error)

+ func (client ActionsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client ActionsClient) GetResponder(resp *http.Response) (result ActionResponse, err error)

+ func (client ActionsClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client ActionsClient) ListByAlertRule(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ActionsListPage, err error)

+ func (client ActionsClient) ListByAlertRuleComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ActionsListIterator, err error)

+ func (client ActionsClient) ListByAlertRulePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client ActionsClient) ListByAlertRuleResponder(resp *http.Response) (result ActionsList, err error)

+ func (client ActionsClient) ListByAlertRuleSender(req *http.Request) (*http.Response, error)

+ type ActionsList struct

+ NextLink *string

+ Value *[]ActionResponse

+ func (al ActionsList) IsEmpty() bool

+ func (al ActionsList) MarshalJSON() ([]byte, error)

+ type ActionsListIterator struct

+ func NewActionsListIterator(page ActionsListPage) ActionsListIterator

+ func (iter *ActionsListIterator) Next() error

+ func (iter *ActionsListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter ActionsListIterator) NotDone() bool

+ func (iter ActionsListIterator) Response() ActionsList

+ func (iter ActionsListIterator) Value() ActionResponse

+ type ActionsListPage struct

+ func NewActionsListPage(cur ActionsList, ...) ActionsListPage

+ func (page *ActionsListPage) Next() error

+ func (page *ActionsListPage) NextWithContext(ctx context.Context) (err error)

+ func (page ActionsListPage) NotDone() bool

+ func (page ActionsListPage) Response() ActionsList

+ func (page ActionsListPage) Values() []ActionResponse

+ type ActivityCustomEntityQuery struct

+ Etag *string

+ ID *string

+ Kind KindBasicCustomEntityQuery

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (aceq *ActivityCustomEntityQuery) UnmarshalJSON(body []byte) error

+ func (aceq ActivityCustomEntityQuery) AsActivityCustomEntityQuery() (*ActivityCustomEntityQuery, bool)

+ func (aceq ActivityCustomEntityQuery) AsBasicCustomEntityQuery() (BasicCustomEntityQuery, bool)

+ func (aceq ActivityCustomEntityQuery) AsCustomEntityQuery() (*CustomEntityQuery, bool)

+ func (aceq ActivityCustomEntityQuery) MarshalJSON() ([]byte, error)

+ type ActivityEntityQueriesProperties struct

+ Content *string

+ CreatedTimeUtc *date.Time

+ Description *string

+ Enabled *bool

+ EntitiesFilter map[string][]string

+ InputEntityType EntityType

+ LastModifiedTimeUtc *date.Time

+ QueryDefinitions *ActivityEntityQueriesPropertiesQueryDefinitions

+ RequiredInputFieldsSets *[][]string

+ TemplateName *string

+ Title *string

+ func (aeqp ActivityEntityQueriesProperties) MarshalJSON() ([]byte, error)

+ type ActivityEntityQueriesPropertiesQueryDefinitions struct

+ Query *string

+ type ActivityEntityQuery struct

+ Etag *string

+ ID *string

+ Kind KindBasicEntityQuery

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (aeq *ActivityEntityQuery) UnmarshalJSON(body []byte) error

+ func (aeq ActivityEntityQuery) AsActivityEntityQuery() (*ActivityEntityQuery, bool)

+ func (aeq ActivityEntityQuery) AsBasicEntityQuery() (BasicEntityQuery, bool)

+ func (aeq ActivityEntityQuery) AsEntityQuery() (*EntityQuery, bool)

+ func (aeq ActivityEntityQuery) AsExpansionEntityQuery() (*ExpansionEntityQuery, bool)

+ func (aeq ActivityEntityQuery) MarshalJSON() ([]byte, error)

+ type ActivityEntityQueryTemplate struct

+ ID *string

+ Kind KindBasicEntityQueryTemplate

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (aeqt *ActivityEntityQueryTemplate) UnmarshalJSON(body []byte) error

+ func (aeqt ActivityEntityQueryTemplate) AsActivityEntityQueryTemplate() (*ActivityEntityQueryTemplate, bool)

+ func (aeqt ActivityEntityQueryTemplate) AsBasicEntityQueryTemplate() (BasicEntityQueryTemplate, bool)

+ func (aeqt ActivityEntityQueryTemplate) AsEntityQueryTemplate() (*EntityQueryTemplate, bool)

+ func (aeqt ActivityEntityQueryTemplate) MarshalJSON() ([]byte, error)

+ type ActivityEntityQueryTemplateProperties struct

+ Content *string

+ DataTypes *[]DataTypeDefinitions

+ Description *string

+ EntitiesFilter map[string][]string

+ InputEntityType EntityType

+ QueryDefinitions *ActivityEntityQueryTemplatePropertiesQueryDefinitions

+ RequiredInputFieldsSets *[][]string

+ Title *string

+ func (aeqtp ActivityEntityQueryTemplateProperties) MarshalJSON() ([]byte, error)

+ type ActivityEntityQueryTemplatePropertiesQueryDefinitions struct

+ Query *string

+ SummarizeBy *string

+ type ActivityTimelineItem struct

+ BucketEndTimeUTC *date.Time

+ BucketStartTimeUTC *date.Time

+ Content *string

+ FirstActivityTimeUTC *date.Time

+ Kind KindBasicEntityTimelineItem

+ LastActivityTimeUTC *date.Time

+ QueryID *string

+ Title *string

+ func (ati ActivityTimelineItem) AsActivityTimelineItem() (*ActivityTimelineItem, bool)

+ func (ati ActivityTimelineItem) AsBasicEntityTimelineItem() (BasicEntityTimelineItem, bool)

+ func (ati ActivityTimelineItem) AsBookmarkTimelineItem() (*BookmarkTimelineItem, bool)

+ func (ati ActivityTimelineItem) AsEntityTimelineItem() (*EntityTimelineItem, bool)

+ func (ati ActivityTimelineItem) AsSecurityAlertTimelineItem() (*SecurityAlertTimelineItem, bool)

+ func (ati ActivityTimelineItem) MarshalJSON() ([]byte, error)

+ type AlertDetail string

+ const AlertDetailDisplayName

+ const AlertDetailSeverity

+ func PossibleAlertDetailValues() []AlertDetail

+ type AlertDetailsOverride struct

+ AlertDescriptionFormat *string

+ AlertDisplayNameFormat *string

+ AlertSeverityColumnName *string

+ AlertTacticsColumnName *string

+ type AlertRule struct

+ Etag *string

+ ID *string

+ Kind KindBasicAlertRule

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (ar AlertRule) AsAlertRule() (*AlertRule, bool)

+ func (ar AlertRule) AsBasicAlertRule() (BasicAlertRule, bool)

+ func (ar AlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)

+ func (ar AlertRule) AsMLBehaviorAnalyticsAlertRule() (*MLBehaviorAnalyticsAlertRule, bool)

+ func (ar AlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)

+ func (ar AlertRule) AsNrtAlertRule() (*NrtAlertRule, bool)

+ func (ar AlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)

+ func (ar AlertRule) AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool)

+ func (ar AlertRule) MarshalJSON() ([]byte, error)

+ type AlertRuleKind string

+ const AlertRuleKindFusion

+ const AlertRuleKindMLBehaviorAnalytics

+ const AlertRuleKindMicrosoftSecurityIncidentCreation

+ const AlertRuleKindNRT

+ const AlertRuleKindScheduled

+ const AlertRuleKindThreatIntelligence

+ func PossibleAlertRuleKindValues() []AlertRuleKind

+ type AlertRuleModel struct

+ Value BasicAlertRule

+ func (arm *AlertRuleModel) UnmarshalJSON(body []byte) error

+ type AlertRuleTemplate struct

+ ID *string

+ Kind KindBasicAlertRuleTemplate

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (art AlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)

+ func (art AlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)

+ func (art AlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)

+ func (art AlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate() (*MLBehaviorAnalyticsAlertRuleTemplate, bool)

+ func (art AlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)

+ func (art AlertRuleTemplate) AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool)

+ func (art AlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)

+ func (art AlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool)

+ func (art AlertRuleTemplate) MarshalJSON() ([]byte, error)

+ type AlertRuleTemplateDataSource struct

+ ConnectorID *string

+ DataTypes *[]string

+ type AlertRuleTemplateModel struct

+ Value BasicAlertRuleTemplate

+ func (artm *AlertRuleTemplateModel) UnmarshalJSON(body []byte) error

+ type AlertRuleTemplatePropertiesBase struct

+ AlertRulesCreatedByTemplateCount *int32

+ CreatedDateUTC *date.Time

+ Description *string

+ DisplayName *string

+ LastUpdatedDateUTC *date.Time

+ RequiredDataConnectors *[]AlertRuleTemplateDataSource

+ Status TemplateStatus

+ func (artpb AlertRuleTemplatePropertiesBase) MarshalJSON() ([]byte, error)

+ type AlertRuleTemplatesClient struct

+ func NewAlertRuleTemplatesClient(subscriptionID string) AlertRuleTemplatesClient

+ func NewAlertRuleTemplatesClientWithBaseURI(baseURI string, subscriptionID string) AlertRuleTemplatesClient

+ func (client AlertRuleTemplatesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result AlertRuleTemplateModel, err error)

+ func (client AlertRuleTemplatesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client AlertRuleTemplatesClient) GetResponder(resp *http.Response) (result AlertRuleTemplateModel, err error)

+ func (client AlertRuleTemplatesClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client AlertRuleTemplatesClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRuleTemplatesListPage, err error)

+ func (client AlertRuleTemplatesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRuleTemplatesListIterator, err error)

+ func (client AlertRuleTemplatesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)

+ func (client AlertRuleTemplatesClient) ListResponder(resp *http.Response) (result AlertRuleTemplatesList, err error)

+ func (client AlertRuleTemplatesClient) ListSender(req *http.Request) (*http.Response, error)

+ type AlertRuleTemplatesList struct

+ NextLink *string

+ Value *[]BasicAlertRuleTemplate

+ func (artl *AlertRuleTemplatesList) UnmarshalJSON(body []byte) error

+ func (artl AlertRuleTemplatesList) IsEmpty() bool

+ func (artl AlertRuleTemplatesList) MarshalJSON() ([]byte, error)

+ type AlertRuleTemplatesListIterator struct

+ func NewAlertRuleTemplatesListIterator(page AlertRuleTemplatesListPage) AlertRuleTemplatesListIterator

+ func (iter *AlertRuleTemplatesListIterator) Next() error

+ func (iter *AlertRuleTemplatesListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter AlertRuleTemplatesListIterator) NotDone() bool

+ func (iter AlertRuleTemplatesListIterator) Response() AlertRuleTemplatesList

+ func (iter AlertRuleTemplatesListIterator) Value() BasicAlertRuleTemplate

+ type AlertRuleTemplatesListPage struct

+ func NewAlertRuleTemplatesListPage(cur AlertRuleTemplatesList, ...) AlertRuleTemplatesListPage

+ func (page *AlertRuleTemplatesListPage) Next() error

+ func (page *AlertRuleTemplatesListPage) NextWithContext(ctx context.Context) (err error)

+ func (page AlertRuleTemplatesListPage) NotDone() bool

+ func (page AlertRuleTemplatesListPage) Response() AlertRuleTemplatesList

+ func (page AlertRuleTemplatesListPage) Values() []BasicAlertRuleTemplate

+ type AlertRulesClient struct

+ func NewAlertRulesClient(subscriptionID string) AlertRulesClient

+ func NewAlertRulesClientWithBaseURI(baseURI string, subscriptionID string) AlertRulesClient

+ func (client AlertRulesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result AlertRuleModel, err error)

+ func (client AlertRulesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client AlertRulesClient) CreateOrUpdateResponder(resp *http.Response) (result AlertRuleModel, err error)

+ func (client AlertRulesClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)

+ func (client AlertRulesClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)

+ func (client AlertRulesClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client AlertRulesClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client AlertRulesClient) DeleteSender(req *http.Request) (*http.Response, error)

+ func (client AlertRulesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result AlertRuleModel, err error)

+ func (client AlertRulesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client AlertRulesClient) GetResponder(resp *http.Response) (result AlertRuleModel, err error)

+ func (client AlertRulesClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client AlertRulesClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRulesListPage, err error)

+ func (client AlertRulesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRulesListIterator, err error)

+ func (client AlertRulesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)

+ func (client AlertRulesClient) ListResponder(resp *http.Response) (result AlertRulesList, err error)

+ func (client AlertRulesClient) ListSender(req *http.Request) (*http.Response, error)

+ type AlertRulesList struct

+ NextLink *string

+ Value *[]BasicAlertRule

+ func (arl *AlertRulesList) UnmarshalJSON(body []byte) error

+ func (arl AlertRulesList) IsEmpty() bool

+ func (arl AlertRulesList) MarshalJSON() ([]byte, error)

+ type AlertRulesListIterator struct

+ func NewAlertRulesListIterator(page AlertRulesListPage) AlertRulesListIterator

+ func (iter *AlertRulesListIterator) Next() error

+ func (iter *AlertRulesListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter AlertRulesListIterator) NotDone() bool

+ func (iter AlertRulesListIterator) Response() AlertRulesList

+ func (iter AlertRulesListIterator) Value() BasicAlertRule

+ type AlertRulesListPage struct

+ func NewAlertRulesListPage(cur AlertRulesList, ...) AlertRulesListPage

+ func (page *AlertRulesListPage) Next() error

+ func (page *AlertRulesListPage) NextWithContext(ctx context.Context) (err error)

+ func (page AlertRulesListPage) NotDone() bool

+ func (page AlertRulesListPage) Response() AlertRulesList

+ func (page AlertRulesListPage) Values() []BasicAlertRule

+ type AlertSeverity string

+ const AlertSeverityHigh

+ const AlertSeverityInformational

+ const AlertSeverityLow

+ const AlertSeverityMedium

+ func PossibleAlertSeverityValues() []AlertSeverity

+ type AlertStatus string

+ const AlertStatusDismissed

+ const AlertStatusInProgress

+ const AlertStatusNew

+ const AlertStatusResolved

+ const AlertStatusUnknown

+ func PossibleAlertStatusValues() []AlertStatus

+ type AlertsDataTypeOfDataConnector struct

+ Alerts *DataConnectorDataTypeCommon

+ type Anomalies struct

+ Etag *string

+ ID *string

+ Kind KindBasicSettings

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (a *Anomalies) UnmarshalJSON(body []byte) error

+ func (a Anomalies) AsAnomalies() (*Anomalies, bool)

+ func (a Anomalies) AsBasicSettings() (BasicSettings, bool)

+ func (a Anomalies) AsEntityAnalytics() (*EntityAnalytics, bool)

+ func (a Anomalies) AsEyesOn() (*EyesOn, bool)

+ func (a Anomalies) AsSettings() (*Settings, bool)

+ func (a Anomalies) AsUeba() (*Ueba, bool)

+ func (a Anomalies) MarshalJSON() ([]byte, error)

+ type AnomaliesSettingsProperties struct

+ IsEnabled *bool

+ func (asp AnomaliesSettingsProperties) MarshalJSON() ([]byte, error)

+ type AntispamMailDirection string

+ const AntispamMailDirectionInbound

+ const AntispamMailDirectionIntraorg

+ const AntispamMailDirectionOutbound

+ const AntispamMailDirectionUnknown

+ func PossibleAntispamMailDirectionValues() []AntispamMailDirection

+ type AttackTactic string

+ const AttackTacticCollection

+ const AttackTacticCommandAndControl

+ const AttackTacticCredentialAccess

+ const AttackTacticDefenseEvasion

+ const AttackTacticDiscovery

+ const AttackTacticExecution

+ const AttackTacticExfiltration

+ const AttackTacticImpact

+ const AttackTacticInitialAccess

+ const AttackTacticLateralMovement

+ const AttackTacticPersistence

+ const AttackTacticPreAttack

+ const AttackTacticPrivilegeEscalation

+ func PossibleAttackTacticValues() []AttackTactic

+ type AutomationRule struct

+ Etag *string

+ ID *string

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (ar *AutomationRule) UnmarshalJSON(body []byte) error

+ func (ar AutomationRule) MarshalJSON() ([]byte, error)

+ type AutomationRuleAction struct

+ ActionType ActionType

+ Order *int32

+ func (ara AutomationRuleAction) AsAutomationRuleAction() (*AutomationRuleAction, bool)

+ func (ara AutomationRuleAction) AsAutomationRuleModifyPropertiesAction() (*AutomationRuleModifyPropertiesAction, bool)

+ func (ara AutomationRuleAction) AsAutomationRuleRunPlaybookAction() (*AutomationRuleRunPlaybookAction, bool)

+ func (ara AutomationRuleAction) AsBasicAutomationRuleAction() (BasicAutomationRuleAction, bool)

+ func (ara AutomationRuleAction) MarshalJSON() ([]byte, error)

+ type AutomationRuleCondition struct

+ ConditionType ConditionType

+ func (arc AutomationRuleCondition) AsAutomationRuleCondition() (*AutomationRuleCondition, bool)

+ func (arc AutomationRuleCondition) AsAutomationRulePropertyValuesCondition() (*AutomationRulePropertyValuesCondition, bool)

+ func (arc AutomationRuleCondition) AsBasicAutomationRuleCondition() (BasicAutomationRuleCondition, bool)

+ func (arc AutomationRuleCondition) MarshalJSON() ([]byte, error)

+ type AutomationRuleModifyPropertiesAction struct

+ ActionConfiguration *AutomationRuleModifyPropertiesActionActionConfiguration

+ ActionType ActionType

+ Order *int32

+ func (armpa AutomationRuleModifyPropertiesAction) AsAutomationRuleAction() (*AutomationRuleAction, bool)

+ func (armpa AutomationRuleModifyPropertiesAction) AsAutomationRuleModifyPropertiesAction() (*AutomationRuleModifyPropertiesAction, bool)

+ func (armpa AutomationRuleModifyPropertiesAction) AsAutomationRuleRunPlaybookAction() (*AutomationRuleRunPlaybookAction, bool)

+ func (armpa AutomationRuleModifyPropertiesAction) AsBasicAutomationRuleAction() (BasicAutomationRuleAction, bool)

+ func (armpa AutomationRuleModifyPropertiesAction) MarshalJSON() ([]byte, error)

+ type AutomationRuleModifyPropertiesActionActionConfiguration struct

+ Classification IncidentClassification

+ ClassificationComment *string

+ ClassificationReason IncidentClassificationReason

+ Labels *[]IncidentLabel

+ Owner *IncidentOwnerInfo

+ Severity IncidentSeverity

+ Status IncidentStatus

+ type AutomationRuleProperties struct

+ Actions *[]BasicAutomationRuleAction

+ CreatedBy *ClientInfo

+ CreatedTimeUtc *date.Time

+ DisplayName *string

+ LastModifiedBy *ClientInfo

+ LastModifiedTimeUtc *date.Time

+ Order *int32

+ TriggeringLogic *AutomationRuleTriggeringLogic

+ func (arp *AutomationRuleProperties) UnmarshalJSON(body []byte) error

+ func (arp AutomationRuleProperties) MarshalJSON() ([]byte, error)

+ type AutomationRulePropertyConditionSupportedOperator string

+ const AutomationRulePropertyConditionSupportedOperatorContains

+ const AutomationRulePropertyConditionSupportedOperatorEndsWith

+ const AutomationRulePropertyConditionSupportedOperatorEquals

+ const AutomationRulePropertyConditionSupportedOperatorNotContains

+ const AutomationRulePropertyConditionSupportedOperatorNotEndsWith

+ const AutomationRulePropertyConditionSupportedOperatorNotEquals

+ const AutomationRulePropertyConditionSupportedOperatorNotStartsWith

+ const AutomationRulePropertyConditionSupportedOperatorStartsWith

+ func PossibleAutomationRulePropertyConditionSupportedOperatorValues() []AutomationRulePropertyConditionSupportedOperator

+ type AutomationRulePropertyConditionSupportedProperty string

+ const AutomationRulePropertyConditionSupportedPropertyAccountAadTenantID

+ const AutomationRulePropertyConditionSupportedPropertyAccountAadUserID

+ const AutomationRulePropertyConditionSupportedPropertyAccountNTDomain

+ const AutomationRulePropertyConditionSupportedPropertyAccountName

+ const AutomationRulePropertyConditionSupportedPropertyAccountObjectGUID

+ const AutomationRulePropertyConditionSupportedPropertyAccountPUID

+ const AutomationRulePropertyConditionSupportedPropertyAccountSid

+ const AutomationRulePropertyConditionSupportedPropertyAccountUPNSuffix

+ const AutomationRulePropertyConditionSupportedPropertyAzureResourceResourceID

+ const AutomationRulePropertyConditionSupportedPropertyAzureResourceSubscriptionID

+ const AutomationRulePropertyConditionSupportedPropertyCloudApplicationAppID

+ const AutomationRulePropertyConditionSupportedPropertyCloudApplicationAppName

+ const AutomationRulePropertyConditionSupportedPropertyDNSDomainName

+ const AutomationRulePropertyConditionSupportedPropertyFileDirectory

+ const AutomationRulePropertyConditionSupportedPropertyFileHashValue

+ const AutomationRulePropertyConditionSupportedPropertyFileName

+ const AutomationRulePropertyConditionSupportedPropertyHostAzureID

+ const AutomationRulePropertyConditionSupportedPropertyHostNTDomain

+ const AutomationRulePropertyConditionSupportedPropertyHostName

+ const AutomationRulePropertyConditionSupportedPropertyHostNetBiosName

+ const AutomationRulePropertyConditionSupportedPropertyHostOSVersion

+ const AutomationRulePropertyConditionSupportedPropertyIPAddress

+ const AutomationRulePropertyConditionSupportedPropertyIncidentDescription

+ const AutomationRulePropertyConditionSupportedPropertyIncidentProviderName

+ const AutomationRulePropertyConditionSupportedPropertyIncidentRelatedAnalyticRuleIds

+ const AutomationRulePropertyConditionSupportedPropertyIncidentSeverity

+ const AutomationRulePropertyConditionSupportedPropertyIncidentStatus

+ const AutomationRulePropertyConditionSupportedPropertyIncidentTactics

+ const AutomationRulePropertyConditionSupportedPropertyIncidentTitle

+ const AutomationRulePropertyConditionSupportedPropertyIoTDeviceID

+ const AutomationRulePropertyConditionSupportedPropertyIoTDeviceModel

+ const AutomationRulePropertyConditionSupportedPropertyIoTDeviceName

+ const AutomationRulePropertyConditionSupportedPropertyIoTDeviceOperatingSystem

+ const AutomationRulePropertyConditionSupportedPropertyIoTDeviceType

+ const AutomationRulePropertyConditionSupportedPropertyIoTDeviceVendor

+ const AutomationRulePropertyConditionSupportedPropertyMailMessageDeliveryAction

+ const AutomationRulePropertyConditionSupportedPropertyMailMessageDeliveryLocation

+ const AutomationRulePropertyConditionSupportedPropertyMailMessageP1Sender

+ const AutomationRulePropertyConditionSupportedPropertyMailMessageP2Sender

+ const AutomationRulePropertyConditionSupportedPropertyMailMessageRecipient

+ const AutomationRulePropertyConditionSupportedPropertyMailMessageSenderIP

+ const AutomationRulePropertyConditionSupportedPropertyMailMessageSubject

+ const AutomationRulePropertyConditionSupportedPropertyMailboxDisplayName

+ const AutomationRulePropertyConditionSupportedPropertyMailboxPrimaryAddress

+ const AutomationRulePropertyConditionSupportedPropertyMailboxUPN

+ const AutomationRulePropertyConditionSupportedPropertyMalwareCategory

+ const AutomationRulePropertyConditionSupportedPropertyMalwareName

+ const AutomationRulePropertyConditionSupportedPropertyProcessCommandLine

+ const AutomationRulePropertyConditionSupportedPropertyProcessID

+ const AutomationRulePropertyConditionSupportedPropertyRegistryKey

+ const AutomationRulePropertyConditionSupportedPropertyRegistryValueData

+ const AutomationRulePropertyConditionSupportedPropertyURL

+ func PossibleAutomationRulePropertyConditionSupportedPropertyValues() []AutomationRulePropertyConditionSupportedProperty

+ type AutomationRulePropertyValuesCondition struct

+ ConditionProperties *AutomationRulePropertyValuesConditionConditionProperties

+ ConditionType ConditionType

+ func (arpvc AutomationRulePropertyValuesCondition) AsAutomationRuleCondition() (*AutomationRuleCondition, bool)

+ func (arpvc AutomationRulePropertyValuesCondition) AsAutomationRulePropertyValuesCondition() (*AutomationRulePropertyValuesCondition, bool)

+ func (arpvc AutomationRulePropertyValuesCondition) AsBasicAutomationRuleCondition() (BasicAutomationRuleCondition, bool)

+ func (arpvc AutomationRulePropertyValuesCondition) MarshalJSON() ([]byte, error)

+ type AutomationRulePropertyValuesConditionConditionProperties struct

+ Operator AutomationRulePropertyConditionSupportedOperator

+ PropertyName AutomationRulePropertyConditionSupportedProperty

+ PropertyValues *[]string

+ type AutomationRuleRunPlaybookAction struct

+ ActionConfiguration *AutomationRuleRunPlaybookActionActionConfiguration

+ ActionType ActionType

+ Order *int32

+ func (arrpa AutomationRuleRunPlaybookAction) AsAutomationRuleAction() (*AutomationRuleAction, bool)

+ func (arrpa AutomationRuleRunPlaybookAction) AsAutomationRuleModifyPropertiesAction() (*AutomationRuleModifyPropertiesAction, bool)

+ func (arrpa AutomationRuleRunPlaybookAction) AsAutomationRuleRunPlaybookAction() (*AutomationRuleRunPlaybookAction, bool)

+ func (arrpa AutomationRuleRunPlaybookAction) AsBasicAutomationRuleAction() (BasicAutomationRuleAction, bool)

+ func (arrpa AutomationRuleRunPlaybookAction) MarshalJSON() ([]byte, error)

+ type AutomationRuleRunPlaybookActionActionConfiguration struct

+ LogicAppResourceID *string

+ TenantID *string

+ type AutomationRuleTriggeringLogic struct

+ Conditions *[]BasicAutomationRuleCondition

+ ExpirationTimeUtc *date.Time

+ IsEnabled *bool

+ TriggersOn *string

+ TriggersWhen *string

+ func (artl *AutomationRuleTriggeringLogic) UnmarshalJSON(body []byte) error

+ type AutomationRulesClient struct

+ func NewAutomationRulesClient(subscriptionID string) AutomationRulesClient

+ func NewAutomationRulesClientWithBaseURI(baseURI string, subscriptionID string) AutomationRulesClient

+ func (client AutomationRulesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result AutomationRule, err error)

+ func (client AutomationRulesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client AutomationRulesClient) CreateOrUpdateResponder(resp *http.Response) (result AutomationRule, err error)

+ func (client AutomationRulesClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)

+ func (client AutomationRulesClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)

+ func (client AutomationRulesClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client AutomationRulesClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client AutomationRulesClient) DeleteSender(req *http.Request) (*http.Response, error)

+ func (client AutomationRulesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result AutomationRule, err error)

+ func (client AutomationRulesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client AutomationRulesClient) GetResponder(resp *http.Response) (result AutomationRule, err error)

+ func (client AutomationRulesClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client AutomationRulesClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result AutomationRulesListPage, err error)

+ func (client AutomationRulesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result AutomationRulesListIterator, err error)

+ func (client AutomationRulesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)

+ func (client AutomationRulesClient) ListResponder(resp *http.Response) (result AutomationRulesList, err error)

+ func (client AutomationRulesClient) ListSender(req *http.Request) (*http.Response, error)

+ type AutomationRulesList struct

+ NextLink *string

+ Value *[]AutomationRule

+ func (arl AutomationRulesList) IsEmpty() bool

+ func (arl AutomationRulesList) MarshalJSON() ([]byte, error)

+ type AutomationRulesListIterator struct

+ func NewAutomationRulesListIterator(page AutomationRulesListPage) AutomationRulesListIterator

+ func (iter *AutomationRulesListIterator) Next() error

+ func (iter *AutomationRulesListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter AutomationRulesListIterator) NotDone() bool

+ func (iter AutomationRulesListIterator) Response() AutomationRulesList

+ func (iter AutomationRulesListIterator) Value() AutomationRule

+ type AutomationRulesListPage struct

+ func NewAutomationRulesListPage(cur AutomationRulesList, ...) AutomationRulesListPage

+ func (page *AutomationRulesListPage) Next() error

+ func (page *AutomationRulesListPage) NextWithContext(ctx context.Context) (err error)

+ func (page AutomationRulesListPage) NotDone() bool

+ func (page AutomationRulesListPage) Response() AutomationRulesList

+ func (page AutomationRulesListPage) Values() []AutomationRule

+ type Availability struct

+ IsPreview *bool

+ Status *int32

+ type AwsCloudTrailCheckRequirements struct

+ Kind KindBasicDataConnectorsCheckRequirements

+ func (actcr AwsCloudTrailCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)

+ func (actcr AwsCloudTrailCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)

+ func (actcr AwsCloudTrailCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)

+ func (actcr AwsCloudTrailCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)

+ func (actcr AwsCloudTrailCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)

+ func (actcr AwsCloudTrailCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)

+ func (actcr AwsCloudTrailCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)

+ func (actcr AwsCloudTrailCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)

+ func (actcr AwsCloudTrailCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)

+ func (actcr AwsCloudTrailCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)

+ func (actcr AwsCloudTrailCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)

+ func (actcr AwsCloudTrailCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)

+ func (actcr AwsCloudTrailCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)

+ func (actcr AwsCloudTrailCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)

+ func (actcr AwsCloudTrailCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)

+ func (actcr AwsCloudTrailCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)

+ func (actcr AwsCloudTrailCheckRequirements) MarshalJSON() ([]byte, error)

+ type AwsCloudTrailDataConnector struct

+ Etag *string

+ ID *string

+ Kind KindBasicDataConnector

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (actdc *AwsCloudTrailDataConnector) UnmarshalJSON(body []byte) error

+ func (actdc AwsCloudTrailDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) AsDataConnector() (*DataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) MarshalJSON() ([]byte, error)

+ type AwsCloudTrailDataConnectorDataTypes struct

+ Logs *AwsCloudTrailDataConnectorDataTypesLogs

+ type AwsCloudTrailDataConnectorDataTypesLogs struct

+ State DataTypeState

+ type AwsCloudTrailDataConnectorProperties struct

+ AwsRoleArn *string

+ DataTypes *AwsCloudTrailDataConnectorDataTypes

+ type AwsS3CheckRequirements struct

+ Kind KindBasicDataConnectorsCheckRequirements

+ func (ascr AwsS3CheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)

+ func (ascr AwsS3CheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)

+ func (ascr AwsS3CheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)

+ func (ascr AwsS3CheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)

+ func (ascr AwsS3CheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)

+ func (ascr AwsS3CheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)

+ func (ascr AwsS3CheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)

+ func (ascr AwsS3CheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)

+ func (ascr AwsS3CheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)

+ func (ascr AwsS3CheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)

+ func (ascr AwsS3CheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)

+ func (ascr AwsS3CheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)

+ func (ascr AwsS3CheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)

+ func (ascr AwsS3CheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)

+ func (ascr AwsS3CheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)

+ func (ascr AwsS3CheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)

+ func (ascr AwsS3CheckRequirements) MarshalJSON() ([]byte, error)

+ type AwsS3DataConnector struct

+ Etag *string

+ ID *string

+ Kind KindBasicDataConnector

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (asdc *AwsS3DataConnector) UnmarshalJSON(body []byte) error

+ func (asdc AwsS3DataConnector) AsAADDataConnector() (*AADDataConnector, bool)

+ func (asdc AwsS3DataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

+ func (asdc AwsS3DataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

+ func (asdc AwsS3DataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

+ func (asdc AwsS3DataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)

+ func (asdc AwsS3DataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

+ func (asdc AwsS3DataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)

+ func (asdc AwsS3DataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)

+ func (asdc AwsS3DataConnector) AsDataConnector() (*DataConnector, bool)

+ func (asdc AwsS3DataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)

+ func (asdc AwsS3DataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

+ func (asdc AwsS3DataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

+ func (asdc AwsS3DataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)

+ func (asdc AwsS3DataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)

+ func (asdc AwsS3DataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)

+ func (asdc AwsS3DataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

+ func (asdc AwsS3DataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)

+ func (asdc AwsS3DataConnector) AsTIDataConnector() (*TIDataConnector, bool)

+ func (asdc AwsS3DataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)

+ func (asdc AwsS3DataConnector) MarshalJSON() ([]byte, error)

+ type AwsS3DataConnectorDataTypes struct

+ Logs *AwsS3DataConnectorDataTypesLogs

+ type AwsS3DataConnectorDataTypesLogs struct

+ State DataTypeState

+ type AwsS3DataConnectorProperties struct

+ DataTypes *AwsS3DataConnectorDataTypes

+ DestinationTable *string

+ RoleArn *string

+ SqsUrls *[]string

+ type AzureEntityResource struct

+ Etag *string

+ ID *string

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (aer AzureEntityResource) MarshalJSON() ([]byte, error)

+ type AzureResourceEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (are *AzureResourceEntity) UnmarshalJSON(body []byte) error

+ func (are AzureResourceEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (are AzureResourceEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (are AzureResourceEntity) AsBasicEntity() (BasicEntity, bool)

+ func (are AzureResourceEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (are AzureResourceEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (are AzureResourceEntity) AsEntity() (*Entity, bool)

+ func (are AzureResourceEntity) AsFileEntity() (*FileEntity, bool)

+ func (are AzureResourceEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (are AzureResourceEntity) AsHostEntity() (*HostEntity, bool)

+ func (are AzureResourceEntity) AsHuntingBookmark() (*HuntingBookmark, bool)

+ func (are AzureResourceEntity) AsIPEntity() (*IPEntity, bool)

+ func (are AzureResourceEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (are AzureResourceEntity) AsMailClusterEntity() (*MailClusterEntity, bool)

+ func (are AzureResourceEntity) AsMailMessageEntity() (*MailMessageEntity, bool)

+ func (are AzureResourceEntity) AsMailboxEntity() (*MailboxEntity, bool)

+ func (are AzureResourceEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (are AzureResourceEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (are AzureResourceEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (are AzureResourceEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (are AzureResourceEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (are AzureResourceEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (are AzureResourceEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)

+ func (are AzureResourceEntity) AsURLEntity() (*URLEntity, bool)

+ func (are AzureResourceEntity) MarshalJSON() ([]byte, error)

+ type AzureResourceEntityProperties struct

+ AdditionalData map[string]interface{}

+ FriendlyName *string

+ ResourceID *string

+ SubscriptionID *string

+ func (arep AzureResourceEntityProperties) MarshalJSON() ([]byte, error)

+ type BaseClient struct

+ BaseURI string

+ SubscriptionID string

+ func New(subscriptionID string) BaseClient

+ func NewWithBaseURI(baseURI string, subscriptionID string) BaseClient

+ type BasicAlertRule interface

+ AsAlertRule func() (*AlertRule, bool)

+ AsFusionAlertRule func() (*FusionAlertRule, bool)

+ AsMLBehaviorAnalyticsAlertRule func() (*MLBehaviorAnalyticsAlertRule, bool)

+ AsMicrosoftSecurityIncidentCreationAlertRule func() (*MicrosoftSecurityIncidentCreationAlertRule, bool)

+ AsNrtAlertRule func() (*NrtAlertRule, bool)

+ AsScheduledAlertRule func() (*ScheduledAlertRule, bool)

+ AsThreatIntelligenceAlertRule func() (*ThreatIntelligenceAlertRule, bool)

+ type BasicAlertRuleTemplate interface

+ AsAlertRuleTemplate func() (*AlertRuleTemplate, bool)

+ AsFusionAlertRuleTemplate func() (*FusionAlertRuleTemplate, bool)

+ AsMLBehaviorAnalyticsAlertRuleTemplate func() (*MLBehaviorAnalyticsAlertRuleTemplate, bool)

+ AsMicrosoftSecurityIncidentCreationAlertRuleTemplate func() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)

+ AsNrtAlertRuleTemplate func() (*NrtAlertRuleTemplate, bool)

+ AsScheduledAlertRuleTemplate func() (*ScheduledAlertRuleTemplate, bool)

+ AsThreatIntelligenceAlertRuleTemplate func() (*ThreatIntelligenceAlertRuleTemplate, bool)

+ type BasicAutomationRuleAction interface

+ AsAutomationRuleAction func() (*AutomationRuleAction, bool)

+ AsAutomationRuleModifyPropertiesAction func() (*AutomationRuleModifyPropertiesAction, bool)

+ AsAutomationRuleRunPlaybookAction func() (*AutomationRuleRunPlaybookAction, bool)

+ type BasicAutomationRuleCondition interface

+ AsAutomationRuleCondition func() (*AutomationRuleCondition, bool)

+ AsAutomationRulePropertyValuesCondition func() (*AutomationRulePropertyValuesCondition, bool)

+ type BasicCustomEntityQuery interface

+ AsActivityCustomEntityQuery func() (*ActivityCustomEntityQuery, bool)

+ AsCustomEntityQuery func() (*CustomEntityQuery, bool)

+ type BasicDataConnector interface

+ AsAADDataConnector func() (*AADDataConnector, bool)

+ AsAATPDataConnector func() (*AATPDataConnector, bool)

+ AsASCDataConnector func() (*ASCDataConnector, bool)

+ AsAwsCloudTrailDataConnector func() (*AwsCloudTrailDataConnector, bool)

+ AsAwsS3DataConnector func() (*AwsS3DataConnector, bool)

+ AsCodelessAPIPollingDataConnector func() (*CodelessAPIPollingDataConnector, bool)

+ AsCodelessUIDataConnector func() (*CodelessUIDataConnector, bool)

+ AsDataConnector func() (*DataConnector, bool)

+ AsDynamics365DataConnector func() (*Dynamics365DataConnector, bool)

+ AsMCASDataConnector func() (*MCASDataConnector, bool)

+ AsMDATPDataConnector func() (*MDATPDataConnector, bool)

+ AsMSTIDataConnector func() (*MSTIDataConnector, bool)

+ AsMTPDataConnector func() (*MTPDataConnector, bool)

+ AsOfficeATPDataConnector func() (*OfficeATPDataConnector, bool)

+ AsOfficeDataConnector func() (*OfficeDataConnector, bool)

+ AsOfficeIRMDataConnector func() (*OfficeIRMDataConnector, bool)

+ AsTIDataConnector func() (*TIDataConnector, bool)

+ AsTiTaxiiDataConnector func() (*TiTaxiiDataConnector, bool)

+ type BasicDataConnectorsCheckRequirements interface

+ AsAADCheckRequirements func() (*AADCheckRequirements, bool)

+ AsAATPCheckRequirements func() (*AATPCheckRequirements, bool)

+ AsASCCheckRequirements func() (*ASCCheckRequirements, bool)

+ AsAwsCloudTrailCheckRequirements func() (*AwsCloudTrailCheckRequirements, bool)

+ AsAwsS3CheckRequirements func() (*AwsS3CheckRequirements, bool)

+ AsDataConnectorsCheckRequirements func() (*DataConnectorsCheckRequirements, bool)

+ AsDynamics365CheckRequirements func() (*Dynamics365CheckRequirements, bool)

+ AsMCASCheckRequirements func() (*MCASCheckRequirements, bool)

+ AsMDATPCheckRequirements func() (*MDATPCheckRequirements, bool)

+ AsMSTICheckRequirements func() (*MSTICheckRequirements, bool)

+ AsMtpCheckRequirements func() (*MtpCheckRequirements, bool)

+ AsOfficeATPCheckRequirements func() (*OfficeATPCheckRequirements, bool)

+ AsOfficeIRMCheckRequirements func() (*OfficeIRMCheckRequirements, bool)

+ AsTICheckRequirements func() (*TICheckRequirements, bool)

+ AsTiTaxiiCheckRequirements func() (*TiTaxiiCheckRequirements, bool)

+ type BasicEntity interface

+ AsAccountEntity func() (*AccountEntity, bool)

+ AsAzureResourceEntity func() (*AzureResourceEntity, bool)

+ AsCloudApplicationEntity func() (*CloudApplicationEntity, bool)

+ AsDNSEntity func() (*DNSEntity, bool)

+ AsEntity func() (*Entity, bool)

+ AsFileEntity func() (*FileEntity, bool)

+ AsFileHashEntity func() (*FileHashEntity, bool)

+ AsHostEntity func() (*HostEntity, bool)

+ AsHuntingBookmark func() (*HuntingBookmark, bool)

+ AsIPEntity func() (*IPEntity, bool)

+ AsIoTDeviceEntity func() (*IoTDeviceEntity, bool)

+ AsMailClusterEntity func() (*MailClusterEntity, bool)

+ AsMailMessageEntity func() (*MailMessageEntity, bool)

+ AsMailboxEntity func() (*MailboxEntity, bool)

+ AsMalwareEntity func() (*MalwareEntity, bool)

+ AsProcessEntity func() (*ProcessEntity, bool)

+ AsRegistryKeyEntity func() (*RegistryKeyEntity, bool)

+ AsRegistryValueEntity func() (*RegistryValueEntity, bool)

+ AsSecurityAlert func() (*SecurityAlert, bool)

+ AsSecurityGroupEntity func() (*SecurityGroupEntity, bool)

+ AsSubmissionMailEntity func() (*SubmissionMailEntity, bool)

+ AsURLEntity func() (*URLEntity, bool)

+ type BasicEntityQuery interface

+ AsActivityEntityQuery func() (*ActivityEntityQuery, bool)

+ AsEntityQuery func() (*EntityQuery, bool)

+ AsExpansionEntityQuery func() (*ExpansionEntityQuery, bool)

+ type BasicEntityQueryItem interface

+ AsEntityQueryItem func() (*EntityQueryItem, bool)

+ AsInsightQueryItem func() (*InsightQueryItem, bool)

+ type BasicEntityQueryTemplate interface

+ AsActivityEntityQueryTemplate func() (*ActivityEntityQueryTemplate, bool)

+ AsEntityQueryTemplate func() (*EntityQueryTemplate, bool)

+ type BasicEntityTimelineItem interface

+ AsActivityTimelineItem func() (*ActivityTimelineItem, bool)

+ AsBookmarkTimelineItem func() (*BookmarkTimelineItem, bool)

+ AsEntityTimelineItem func() (*EntityTimelineItem, bool)

+ AsSecurityAlertTimelineItem func() (*SecurityAlertTimelineItem, bool)

+ type BasicSettings interface

+ AsAnomalies func() (*Anomalies, bool)

+ AsEntityAnalytics func() (*EntityAnalytics, bool)

+ AsEyesOn func() (*EyesOn, bool)

+ AsSettings func() (*Settings, bool)

+ AsUeba func() (*Ueba, bool)

+ type BasicThreatIntelligenceInformation interface

+ AsThreatIntelligenceIndicatorModel func() (*ThreatIntelligenceIndicatorModel, bool)

+ AsThreatIntelligenceInformation func() (*ThreatIntelligenceInformation, bool)

+ type Bookmark struct

+ Etag *string

+ ID *string

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (b *Bookmark) UnmarshalJSON(body []byte) error

+ func (b Bookmark) MarshalJSON() ([]byte, error)

+ type BookmarkClient struct

+ func NewBookmarkClient(subscriptionID string) BookmarkClient

+ func NewBookmarkClientWithBaseURI(baseURI string, subscriptionID string) BookmarkClient

+ func (client BookmarkClient) Expand(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result BookmarkExpandResponse, err error)

+ func (client BookmarkClient) ExpandPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client BookmarkClient) ExpandResponder(resp *http.Response) (result BookmarkExpandResponse, err error)

+ func (client BookmarkClient) ExpandSender(req *http.Request) (*http.Response, error)

+ type BookmarkExpandParameters struct

+ EndTime *date.Time

+ ExpansionID *uuid.UUID

+ StartTime *date.Time

+ type BookmarkExpandResponse struct

+ MetaData *ExpansionResultsMetadata

+ Value *BookmarkExpandResponseValue

+ type BookmarkExpandResponseValue struct

+ Edges *[]ConnectedEntity

+ Entities *[]BasicEntity

+ func (ber *BookmarkExpandResponseValue) UnmarshalJSON(body []byte) error

+ type BookmarkList struct

+ NextLink *string

+ Value *[]Bookmark

+ func (bl BookmarkList) IsEmpty() bool

+ func (bl BookmarkList) MarshalJSON() ([]byte, error)

+ type BookmarkListIterator struct

+ func NewBookmarkListIterator(page BookmarkListPage) BookmarkListIterator

+ func (iter *BookmarkListIterator) Next() error

+ func (iter *BookmarkListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter BookmarkListIterator) NotDone() bool

+ func (iter BookmarkListIterator) Response() BookmarkList

+ func (iter BookmarkListIterator) Value() Bookmark

+ type BookmarkListPage struct

+ func NewBookmarkListPage(cur BookmarkList, ...) BookmarkListPage

+ func (page *BookmarkListPage) Next() error

+ func (page *BookmarkListPage) NextWithContext(ctx context.Context) (err error)

+ func (page BookmarkListPage) NotDone() bool

+ func (page BookmarkListPage) Response() BookmarkList

+ func (page BookmarkListPage) Values() []Bookmark

+ type BookmarkProperties struct

+ Created *date.Time

+ CreatedBy *UserInfo

+ DisplayName *string

+ EventTime *date.Time

+ IncidentInfo *IncidentInfo

+ Labels *[]string

+ Notes *string

+ Query *string

+ QueryEndTime *date.Time

+ QueryResult *string

+ QueryStartTime *date.Time

+ Updated *date.Time

+ UpdatedBy *UserInfo

+ type BookmarkRelationsClient struct

+ func NewBookmarkRelationsClient(subscriptionID string) BookmarkRelationsClient

+ func NewBookmarkRelationsClientWithBaseURI(baseURI string, subscriptionID string) BookmarkRelationsClient

+ func (client BookmarkRelationsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Relation, err error)

+ func (client BookmarkRelationsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client BookmarkRelationsClient) CreateOrUpdateResponder(resp *http.Response) (result Relation, err error)

+ func (client BookmarkRelationsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)

+ func (client BookmarkRelationsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)

+ func (client BookmarkRelationsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client BookmarkRelationsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client BookmarkRelationsClient) DeleteSender(req *http.Request) (*http.Response, error)

+ func (client BookmarkRelationsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Relation, err error)

+ func (client BookmarkRelationsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client BookmarkRelationsClient) GetResponder(resp *http.Response) (result Relation, err error)

+ func (client BookmarkRelationsClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client BookmarkRelationsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result RelationListPage, err error)

+ func (client BookmarkRelationsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result RelationListIterator, err error)

+ func (client BookmarkRelationsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client BookmarkRelationsClient) ListResponder(resp *http.Response) (result RelationList, err error)

+ func (client BookmarkRelationsClient) ListSender(req *http.Request) (*http.Response, error)

+ type BookmarkTimelineItem struct

+ AzureResourceID *string

+ CreatedBy *UserInfo

+ DisplayName *string

+ EndTimeUtc *date.Time

+ EventTime *date.Time

+ Kind KindBasicEntityTimelineItem

+ Labels *[]string

+ Notes *string

+ StartTimeUtc *date.Time

+ func (bti BookmarkTimelineItem) AsActivityTimelineItem() (*ActivityTimelineItem, bool)

+ func (bti BookmarkTimelineItem) AsBasicEntityTimelineItem() (BasicEntityTimelineItem, bool)

+ func (bti BookmarkTimelineItem) AsBookmarkTimelineItem() (*BookmarkTimelineItem, bool)

+ func (bti BookmarkTimelineItem) AsEntityTimelineItem() (*EntityTimelineItem, bool)

+ func (bti BookmarkTimelineItem) AsSecurityAlertTimelineItem() (*SecurityAlertTimelineItem, bool)

+ func (bti BookmarkTimelineItem) MarshalJSON() ([]byte, error)

+ type BookmarksClient struct

+ func NewBookmarksClient(subscriptionID string) BookmarksClient

+ func NewBookmarksClientWithBaseURI(baseURI string, subscriptionID string) BookmarksClient

+ func (client BookmarksClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Bookmark, err error)

+ func (client BookmarksClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client BookmarksClient) CreateOrUpdateResponder(resp *http.Response) (result Bookmark, err error)

+ func (client BookmarksClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)

+ func (client BookmarksClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)

+ func (client BookmarksClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client BookmarksClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client BookmarksClient) DeleteSender(req *http.Request) (*http.Response, error)

+ func (client BookmarksClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Bookmark, err error)

+ func (client BookmarksClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client BookmarksClient) GetResponder(resp *http.Response) (result Bookmark, err error)

+ func (client BookmarksClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client BookmarksClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result BookmarkListPage, err error)

+ func (client BookmarksClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result BookmarkListIterator, err error)

+ func (client BookmarksClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)

+ func (client BookmarksClient) ListResponder(resp *http.Response) (result BookmarkList, err error)

+ func (client BookmarksClient) ListSender(req *http.Request) (*http.Response, error)

+ type ClientInfo struct

+ Email *string

+ Name *string

+ ObjectID *uuid.UUID

+ UserPrincipalName *string

+ type CloudApplicationEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (cae *CloudApplicationEntity) UnmarshalJSON(body []byte) error

+ func (cae CloudApplicationEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (cae CloudApplicationEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (cae CloudApplicationEntity) AsBasicEntity() (BasicEntity, bool)

+ func (cae CloudApplicationEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (cae CloudApplicationEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (cae CloudApplicationEntity) AsEntity() (*Entity, bool)

+ func (cae CloudApplicationEntity) AsFileEntity() (*FileEntity, bool)

+ func (cae CloudApplicationEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (cae CloudApplicationEntity) AsHostEntity() (*HostEntity, bool)

+ func (cae CloudApplicationEntity) AsHuntingBookmark() (*HuntingBookmark, bool)

+ func (cae CloudApplicationEntity) AsIPEntity() (*IPEntity, bool)

+ func (cae CloudApplicationEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (cae CloudApplicationEntity) AsMailClusterEntity() (*MailClusterEntity, bool)

+ func (cae CloudApplicationEntity) AsMailMessageEntity() (*MailMessageEntity, bool)

+ func (cae CloudApplicationEntity) AsMailboxEntity() (*MailboxEntity, bool)

+ func (cae CloudApplicationEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (cae CloudApplicationEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (cae CloudApplicationEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (cae CloudApplicationEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (cae CloudApplicationEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (cae CloudApplicationEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (cae CloudApplicationEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)

+ func (cae CloudApplicationEntity) AsURLEntity() (*URLEntity, bool)

+ func (cae CloudApplicationEntity) MarshalJSON() ([]byte, error)

+ type CloudApplicationEntityProperties struct

+ AdditionalData map[string]interface{}

+ AppID *int32

+ AppName *string

+ FriendlyName *string

+ InstanceName *string

+ func (caep CloudApplicationEntityProperties) MarshalJSON() ([]byte, error)

+ type CloudError struct

+ Error *CloudErrorBody

+ type CloudErrorBody struct

+ Code *string

+ Message *string

+ func (ceb CloudErrorBody) MarshalJSON() ([]byte, error)

+ type CodelessAPIPollingDataConnector struct

+ Etag *string

+ ID *string

+ Kind KindBasicDataConnector

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (capdc *CodelessAPIPollingDataConnector) UnmarshalJSON(body []byte) error

+ func (capdc CodelessAPIPollingDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

+ func (capdc CodelessAPIPollingDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

+ func (capdc CodelessAPIPollingDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

+ func (capdc CodelessAPIPollingDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

+ func (capdc CodelessAPIPollingDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)

+ func (capdc CodelessAPIPollingDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

+ func (capdc CodelessAPIPollingDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)

+ func (capdc CodelessAPIPollingDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)

+ func (capdc CodelessAPIPollingDataConnector) AsDataConnector() (*DataConnector, bool)

+ func (capdc CodelessAPIPollingDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)

+ func (capdc CodelessAPIPollingDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

+ func (capdc CodelessAPIPollingDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

+ func (capdc CodelessAPIPollingDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)

+ func (capdc CodelessAPIPollingDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)

+ func (capdc CodelessAPIPollingDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)

+ func (capdc CodelessAPIPollingDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

+ func (capdc CodelessAPIPollingDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)

+ func (capdc CodelessAPIPollingDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

+ func (capdc CodelessAPIPollingDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)

+ func (capdc CodelessAPIPollingDataConnector) MarshalJSON() ([]byte, error)

+ type CodelessConnectorPollingAuthProperties struct

+ APIKeyIdentifier *string

+ APIKeyName *string

+ AuthType *string

+ AuthorizationEndpoint *string

+ AuthorizationEndpointQueryParameters interface{}

+ FlowName *string

+ IsAPIKeyInPostPayload *string

+ IsClientSecretInHeader *bool

+ RedirectionEndpoint *string

+ Scope *string

+ TokenEndpoint *string

+ TokenEndpointHeaders interface{}

+ TokenEndpointQueryParameters interface{}

+ type CodelessConnectorPollingConfigProperties struct

+ Auth *CodelessConnectorPollingAuthProperties

+ IsActive *bool

+ Paging *CodelessConnectorPollingPagingProperties

+ Request *CodelessConnectorPollingRequestProperties

+ Response *CodelessConnectorPollingResponseProperties

+ type CodelessConnectorPollingPagingProperties struct

+ NextPageParaName *string

+ NextPageTokenJSONPath *string

+ PageCountAttributePath *string

+ PageSize *int32

+ PageSizeParaName *string

+ PageTimeStampAttributePath *string

+ PageTotalCountAttributePath *string

+ PagingType *string

+ SearchTheLatestTimeStampFromEventsList *string

+ type CodelessConnectorPollingRequestProperties struct

+ APIEndpoint *string

+ EndTimeAttributeName *string

+ HTTPMethod *string

+ Headers interface{}

+ QueryParameters interface{}

+ QueryParametersTemplate *string

+ QueryTimeFormat *string

+ QueryWindowInMin *int32

+ RateLimitQPS *int32

+ RetryCount *int32

+ StartTimeAttributeName *string

+ TimeoutInSeconds *int32

+ type CodelessConnectorPollingResponseProperties struct

+ EventsJSONPaths *[]string

+ IsGzipCompressed *bool

+ SuccessStatusJSONPath *string

+ SuccessStatusValue *string

+ type CodelessParameters struct

+ ConnectorUIConfig *CodelessUIConnectorConfigProperties

+ type CodelessUIConnectorConfigProperties struct

+ Availability *Availability

+ ConnectivityCriteria *[]CodelessUIConnectorConfigPropertiesConnectivityCriteriaItem

+ CustomImage *string

+ DataTypes *[]CodelessUIConnectorConfigPropertiesDataTypesItem

+ DescriptionMarkdown *string

+ GraphQueries *[]CodelessUIConnectorConfigPropertiesGraphQueriesItem

+ GraphQueriesTableName *string

+ InstructionSteps *[]CodelessUIConnectorConfigPropertiesInstructionStepsItem

+ Permissions *Permissions

+ Publisher *string

+ SampleQueries *[]CodelessUIConnectorConfigPropertiesSampleQueriesItem

+ Title *string

+ type CodelessUIConnectorConfigPropertiesConnectivityCriteriaItem struct

+ Type ConnectivityType

+ Value *[]string

+ type CodelessUIConnectorConfigPropertiesDataTypesItem struct

+ LastDataReceivedQuery *string

+ Name *string

+ type CodelessUIConnectorConfigPropertiesGraphQueriesItem struct

+ BaseQuery *string

+ Legend *string

+ MetricName *string

+ type CodelessUIConnectorConfigPropertiesInstructionStepsItem struct

+ Description *string

+ Instructions *[]InstructionStepsInstructionsItem

+ Title *string

+ type CodelessUIConnectorConfigPropertiesSampleQueriesItem struct

+ Description *string

+ Query *string

+ type CodelessUIDataConnector struct

+ Etag *string

+ ID *string

+ Kind KindBasicDataConnector

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (cudc *CodelessUIDataConnector) UnmarshalJSON(body []byte) error

+ func (cudc CodelessUIDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

+ func (cudc CodelessUIDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

+ func (cudc CodelessUIDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

+ func (cudc CodelessUIDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

+ func (cudc CodelessUIDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)

+ func (cudc CodelessUIDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

+ func (cudc CodelessUIDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)

+ func (cudc CodelessUIDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)

+ func (cudc CodelessUIDataConnector) AsDataConnector() (*DataConnector, bool)

+ func (cudc CodelessUIDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)

+ func (cudc CodelessUIDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

+ func (cudc CodelessUIDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

+ func (cudc CodelessUIDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)

+ func (cudc CodelessUIDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)

+ func (cudc CodelessUIDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)

+ func (cudc CodelessUIDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

+ func (cudc CodelessUIDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)

+ func (cudc CodelessUIDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

+ func (cudc CodelessUIDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)

+ func (cudc CodelessUIDataConnector) MarshalJSON() ([]byte, error)

+ type ConditionType string

+ const ConditionTypeAutomationRuleCondition

+ const ConditionTypeProperty

+ func PossibleConditionTypeValues() []ConditionType

+ type ConfidenceLevel string

+ const ConfidenceLevelHigh

+ const ConfidenceLevelLow

+ const ConfidenceLevelUnknown

+ func PossibleConfidenceLevelValues() []ConfidenceLevel

+ type ConfidenceScoreStatus string

+ const ConfidenceScoreStatusFinal

+ const ConfidenceScoreStatusInProcess

+ const ConfidenceScoreStatusNotApplicable

+ const ConfidenceScoreStatusNotFinal

+ func PossibleConfidenceScoreStatusValues() []ConfidenceScoreStatus

+ type ConnectAuthKind string

+ const ConnectAuthKindAPIKey

+ const ConnectAuthKindBasic

+ const ConnectAuthKindOAuth2

+ func PossibleConnectAuthKindValues() []ConnectAuthKind

+ type ConnectedEntity struct

+ AdditionalData interface{}

+ TargetEntityID *string

+ type ConnectivityCriteria struct

+ Type ConnectivityType

+ Value *[]string

+ type ConnectivityType string

+ const ConnectivityTypeIsConnectedQuery

+ func PossibleConnectivityTypeValues() []ConnectivityType

+ type ConnectorInstructionModelBase struct

+ Parameters interface{}

+ Type SettingType

+ type ContentPathMap struct

+ ContentType ContentType

+ Path *string

+ type ContentType string

+ const ContentTypeAnalyticRule

+ const ContentTypeWorkbook

+ func PossibleContentTypeValues() []ContentType

+ type CreatedByType string

+ const CreatedByTypeApplication

+ const CreatedByTypeKey

+ const CreatedByTypeManagedIdentity

+ const CreatedByTypeUser

+ func PossibleCreatedByTypeValues() []CreatedByType

+ type CustomEntityQuery struct

+ Etag *string

+ ID *string

+ Kind KindBasicCustomEntityQuery

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (ceq CustomEntityQuery) AsActivityCustomEntityQuery() (*ActivityCustomEntityQuery, bool)

+ func (ceq CustomEntityQuery) AsBasicCustomEntityQuery() (BasicCustomEntityQuery, bool)

+ func (ceq CustomEntityQuery) AsCustomEntityQuery() (*CustomEntityQuery, bool)

+ func (ceq CustomEntityQuery) MarshalJSON() ([]byte, error)

+ type CustomEntityQueryKind string

+ const CustomEntityQueryKindActivity

+ func PossibleCustomEntityQueryKindValues() []CustomEntityQueryKind

+ type Customs struct

+ Description *string

+ Name *string

+ type CustomsPermission struct

+ Description *string

+ Name *string

+ type DNSEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (de *DNSEntity) UnmarshalJSON(body []byte) error

+ func (de DNSEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (de DNSEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (de DNSEntity) AsBasicEntity() (BasicEntity, bool)

+ func (de DNSEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (de DNSEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (de DNSEntity) AsEntity() (*Entity, bool)

+ func (de DNSEntity) AsFileEntity() (*FileEntity, bool)

+ func (de DNSEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (de DNSEntity) AsHostEntity() (*HostEntity, bool)

+ func (de DNSEntity) AsHuntingBookmark() (*HuntingBookmark, bool)

+ func (de DNSEntity) AsIPEntity() (*IPEntity, bool)

+ func (de DNSEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (de DNSEntity) AsMailClusterEntity() (*MailClusterEntity, bool)

+ func (de DNSEntity) AsMailMessageEntity() (*MailMessageEntity, bool)

+ func (de DNSEntity) AsMailboxEntity() (*MailboxEntity, bool)

+ func (de DNSEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (de DNSEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (de DNSEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (de DNSEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (de DNSEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (de DNSEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (de DNSEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)

+ func (de DNSEntity) AsURLEntity() (*URLEntity, bool)

+ func (de DNSEntity) MarshalJSON() ([]byte, error)

+ type DNSEntityProperties struct

+ AdditionalData map[string]interface{}

+ DNSServerIPEntityID *string

+ DomainName *string

+ FriendlyName *string

+ HostIPAddressEntityID *string

+ IPAddressEntityIds *[]string

+ func (dep DNSEntityProperties) MarshalJSON() ([]byte, error)

+ type DataConnector struct

+ Etag *string

+ ID *string

+ Kind KindBasicDataConnector

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (dc DataConnector) AsAADDataConnector() (*AADDataConnector, bool)

+ func (dc DataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

+ func (dc DataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

+ func (dc DataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

+ func (dc DataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)

+ func (dc DataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

+ func (dc DataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)

+ func (dc DataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)

+ func (dc DataConnector) AsDataConnector() (*DataConnector, bool)

+ func (dc DataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)

+ func (dc DataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

+ func (dc DataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

+ func (dc DataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)

+ func (dc DataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)

+ func (dc DataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)

+ func (dc DataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

+ func (dc DataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)

+ func (dc DataConnector) AsTIDataConnector() (*TIDataConnector, bool)

+ func (dc DataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)

+ func (dc DataConnector) MarshalJSON() ([]byte, error)

+ type DataConnectorAuthorizationState string

+ const DataConnectorAuthorizationStateInvalid

+ const DataConnectorAuthorizationStateValid

+ func PossibleDataConnectorAuthorizationStateValues() []DataConnectorAuthorizationState

+ type DataConnectorConnectBody struct

+ APIKey *string

+ AuthorizationCode *string

+ ClientID *string

+ ClientSecret *string

+ Kind ConnectAuthKind

+ Password *string

+ RequestConfigUserInputValues *[]interface{}

+ UserName *string

+ type DataConnectorDataTypeCommon struct

+ State DataTypeState

+ type DataConnectorKind string

+ const DataConnectorKindAPIPolling

+ const DataConnectorKindAmazonWebServicesCloudTrail

+ const DataConnectorKindAmazonWebServicesS3

+ const DataConnectorKindAzureActiveDirectory

+ const DataConnectorKindAzureAdvancedThreatProtection

+ const DataConnectorKindAzureSecurityCenter

+ const DataConnectorKindDynamics365

+ const DataConnectorKindGenericUI

+ const DataConnectorKindMicrosoftCloudAppSecurity

+ const DataConnectorKindMicrosoftDefenderAdvancedThreatProtection

+ const DataConnectorKindMicrosoftThreatIntelligence

+ const DataConnectorKindMicrosoftThreatProtection

+ const DataConnectorKindOffice365

+ const DataConnectorKindOfficeATP

+ const DataConnectorKindOfficeIRM

+ const DataConnectorKindThreatIntelligence

+ const DataConnectorKindThreatIntelligenceTaxii

+ func PossibleDataConnectorKindValues() []DataConnectorKind

+ type DataConnectorLicenseState string

+ const DataConnectorLicenseStateInvalid

+ const DataConnectorLicenseStateUnknown

+ const DataConnectorLicenseStateValid

+ func PossibleDataConnectorLicenseStateValues() []DataConnectorLicenseState

+ type DataConnectorList struct

+ NextLink *string

+ Value *[]BasicDataConnector

+ func (dcl *DataConnectorList) UnmarshalJSON(body []byte) error

+ func (dcl DataConnectorList) IsEmpty() bool

+ func (dcl DataConnectorList) MarshalJSON() ([]byte, error)

+ type DataConnectorListIterator struct

+ func NewDataConnectorListIterator(page DataConnectorListPage) DataConnectorListIterator

+ func (iter *DataConnectorListIterator) Next() error

+ func (iter *DataConnectorListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter DataConnectorListIterator) NotDone() bool

+ func (iter DataConnectorListIterator) Response() DataConnectorList

+ func (iter DataConnectorListIterator) Value() BasicDataConnector

+ type DataConnectorListPage struct

+ func NewDataConnectorListPage(cur DataConnectorList, ...) DataConnectorListPage

+ func (page *DataConnectorListPage) Next() error

+ func (page *DataConnectorListPage) NextWithContext(ctx context.Context) (err error)

+ func (page DataConnectorListPage) NotDone() bool

+ func (page DataConnectorListPage) Response() DataConnectorList

+ func (page DataConnectorListPage) Values() []BasicDataConnector

+ type DataConnectorModel struct

+ Value BasicDataConnector

+ func (dcm *DataConnectorModel) UnmarshalJSON(body []byte) error

+ type DataConnectorRequirementsState struct

+ AuthorizationState DataConnectorAuthorizationState

+ LicenseState DataConnectorLicenseState

+ type DataConnectorTenantID struct

+ TenantID *string

+ type DataConnectorWithAlertsProperties struct

+ DataTypes *AlertsDataTypeOfDataConnector

+ type DataConnectorsCheckRequirements struct

+ Kind KindBasicDataConnectorsCheckRequirements

+ func (dccr DataConnectorsCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)

+ func (dccr DataConnectorsCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)

+ func (dccr DataConnectorsCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)

+ func (dccr DataConnectorsCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)

+ func (dccr DataConnectorsCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)

+ func (dccr DataConnectorsCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)

+ func (dccr DataConnectorsCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)

+ func (dccr DataConnectorsCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)

+ func (dccr DataConnectorsCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)

+ func (dccr DataConnectorsCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)

+ func (dccr DataConnectorsCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)

+ func (dccr DataConnectorsCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)

+ func (dccr DataConnectorsCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)

+ func (dccr DataConnectorsCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)

+ func (dccr DataConnectorsCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)

+ func (dccr DataConnectorsCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)

+ func (dccr DataConnectorsCheckRequirements) MarshalJSON() ([]byte, error)

+ type DataConnectorsCheckRequirementsClient struct

+ func NewDataConnectorsCheckRequirementsClient(subscriptionID string) DataConnectorsCheckRequirementsClient

+ func NewDataConnectorsCheckRequirementsClientWithBaseURI(baseURI string, subscriptionID string) DataConnectorsCheckRequirementsClient

+ func (client DataConnectorsCheckRequirementsClient) Post(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result DataConnectorRequirementsState, err error)

+ func (client DataConnectorsCheckRequirementsClient) PostPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client DataConnectorsCheckRequirementsClient) PostResponder(resp *http.Response) (result DataConnectorRequirementsState, err error)

+ func (client DataConnectorsCheckRequirementsClient) PostSender(req *http.Request) (*http.Response, error)

+ type DataConnectorsClient struct

+ func NewDataConnectorsClient(subscriptionID string) DataConnectorsClient

+ func NewDataConnectorsClientWithBaseURI(baseURI string, subscriptionID string) DataConnectorsClient

+ func (client DataConnectorsClient) Connect(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)

+ func (client DataConnectorsClient) ConnectPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client DataConnectorsClient) ConnectResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client DataConnectorsClient) ConnectSender(req *http.Request) (*http.Response, error)

+ func (client DataConnectorsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result DataConnectorModel, err error)

+ func (client DataConnectorsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client DataConnectorsClient) CreateOrUpdateResponder(resp *http.Response) (result DataConnectorModel, err error)

+ func (client DataConnectorsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)

+ func (client DataConnectorsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)

+ func (client DataConnectorsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client DataConnectorsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client DataConnectorsClient) DeleteSender(req *http.Request) (*http.Response, error)

+ func (client DataConnectorsClient) Disconnect(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)

+ func (client DataConnectorsClient) DisconnectPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client DataConnectorsClient) DisconnectResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client DataConnectorsClient) DisconnectSender(req *http.Request) (*http.Response, error)

+ func (client DataConnectorsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result DataConnectorModel, err error)

+ func (client DataConnectorsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client DataConnectorsClient) GetResponder(resp *http.Response) (result DataConnectorModel, err error)

+ func (client DataConnectorsClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client DataConnectorsClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result DataConnectorListPage, err error)

+ func (client DataConnectorsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result DataConnectorListIterator, err error)

+ func (client DataConnectorsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)

+ func (client DataConnectorsClient) ListResponder(resp *http.Response) (result DataConnectorList, err error)

+ func (client DataConnectorsClient) ListSender(req *http.Request) (*http.Response, error)

+ type DataTypeDefinitions struct

+ DataType *string

+ type DataTypeState string

+ const DataTypeStateDisabled

+ const DataTypeStateEnabled

+ func PossibleDataTypeStateValues() []DataTypeState

+ type DeliveryAction string

+ const DeliveryActionBlocked

+ const DeliveryActionDelivered

+ const DeliveryActionDeliveredAsSpam

+ const DeliveryActionReplaced

+ const DeliveryActionUnknown

+ func PossibleDeliveryActionValues() []DeliveryAction

+ type DeliveryLocation string

+ const DeliveryLocationDeletedFolder

+ const DeliveryLocationDropped

+ const DeliveryLocationExternal

+ const DeliveryLocationFailed

+ const DeliveryLocationForwarded

+ const DeliveryLocationInbox

+ const DeliveryLocationJunkFolder

+ const DeliveryLocationQuarantine

+ const DeliveryLocationUnknown

+ func PossibleDeliveryLocationValues() []DeliveryLocation

+ type DomainWhoisClient struct

+ func NewDomainWhoisClient(subscriptionID string) DomainWhoisClient

+ func NewDomainWhoisClientWithBaseURI(baseURI string, subscriptionID string) DomainWhoisClient

+ func (client DomainWhoisClient) Get(ctx context.Context, resourceGroupName string, domain string) (result EnrichmentDomainWhois, err error)

+ func (client DomainWhoisClient) GetPreparer(ctx context.Context, resourceGroupName string, domain string) (*http.Request, error)

+ func (client DomainWhoisClient) GetResponder(resp *http.Response) (result EnrichmentDomainWhois, err error)

+ func (client DomainWhoisClient) GetSender(req *http.Request) (*http.Response, error)

+ type Dynamics365CheckRequirements struct

+ Kind KindBasicDataConnectorsCheckRequirements

+ func (d3cr *Dynamics365CheckRequirements) UnmarshalJSON(body []byte) error

+ func (d3cr Dynamics365CheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)

+ func (d3cr Dynamics365CheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)

+ func (d3cr Dynamics365CheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)

+ func (d3cr Dynamics365CheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)

+ func (d3cr Dynamics365CheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)

+ func (d3cr Dynamics365CheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)

+ func (d3cr Dynamics365CheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)

+ func (d3cr Dynamics365CheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)

+ func (d3cr Dynamics365CheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)

+ func (d3cr Dynamics365CheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)

+ func (d3cr Dynamics365CheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)

+ func (d3cr Dynamics365CheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)

+ func (d3cr Dynamics365CheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)

+ func (d3cr Dynamics365CheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)

+ func (d3cr Dynamics365CheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)

+ func (d3cr Dynamics365CheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)

+ func (d3cr Dynamics365CheckRequirements) MarshalJSON() ([]byte, error)

+ type Dynamics365CheckRequirementsProperties struct

+ TenantID *string

+ type Dynamics365DataConnector struct

+ Etag *string

+ ID *string

+ Kind KindBasicDataConnector

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (d3dc *Dynamics365DataConnector) UnmarshalJSON(body []byte) error

+ func (d3dc Dynamics365DataConnector) AsAADDataConnector() (*AADDataConnector, bool)

+ func (d3dc Dynamics365DataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

+ func (d3dc Dynamics365DataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

+ func (d3dc Dynamics365DataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

+ func (d3dc Dynamics365DataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)

+ func (d3dc Dynamics365DataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

+ func (d3dc Dynamics365DataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)

+ func (d3dc Dynamics365DataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)

+ func (d3dc Dynamics365DataConnector) AsDataConnector() (*DataConnector, bool)

+ func (d3dc Dynamics365DataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)

+ func (d3dc Dynamics365DataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

+ func (d3dc Dynamics365DataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

+ func (d3dc Dynamics365DataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)

+ func (d3dc Dynamics365DataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)

+ func (d3dc Dynamics365DataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)

+ func (d3dc Dynamics365DataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

+ func (d3dc Dynamics365DataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)

+ func (d3dc Dynamics365DataConnector) AsTIDataConnector() (*TIDataConnector, bool)

+ func (d3dc Dynamics365DataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)

+ func (d3dc Dynamics365DataConnector) MarshalJSON() ([]byte, error)

+ type Dynamics365DataConnectorDataTypes struct

+ Dynamics365CdsActivities *Dynamics365DataConnectorDataTypesDynamics365CdsActivities

+ type Dynamics365DataConnectorDataTypesDynamics365CdsActivities struct

+ State DataTypeState

+ type Dynamics365DataConnectorProperties struct

+ DataTypes *Dynamics365DataConnectorDataTypes

+ TenantID *string

+ type ElevationToken string

+ const ElevationTokenDefault

+ const ElevationTokenFull

+ const ElevationTokenLimited

+ func PossibleElevationTokenValues() []ElevationToken

+ type EnrichmentDomainWhois struct

+ Created *date.Time

+ Domain *string

+ Expires *date.Time

+ ParsedWhois *EnrichmentDomainWhoisDetails

+ Server *string

+ Updated *date.Time

+ type EnrichmentDomainWhoisContact struct

+ City *string

+ Country *string

+ Email *string

+ Fax *string

+ Name *string

+ Org *string

+ Phone *string

+ Postal *string

+ State *string

+ Street *[]string

+ type EnrichmentDomainWhoisContacts struct

+ Admin *EnrichmentDomainWhoisContact

+ Billing *EnrichmentDomainWhoisContact

+ Registrant *EnrichmentDomainWhoisContact

+ Tech *EnrichmentDomainWhoisContact

+ type EnrichmentDomainWhoisDetails struct

+ Contacts *EnrichmentDomainWhoisContacts

+ NameServers *[]string

+ Registrar *EnrichmentDomainWhoisRegistrarDetails

+ Statuses *[]string

+ type EnrichmentDomainWhoisRegistrarDetails struct

+ AbuseContactEmail *string

+ AbuseContactPhone *string

+ IanaID *string

+ Name *string

+ URL *string

+ WhoisServer *string

+ type EnrichmentIPGeodata struct

+ Asn *string

+ Carrier *string

+ City *string

+ CityCf *int32

+ Continent *string

+ Country *string

+ CountryCf *int32

+ IPAddr *string

+ IPRoutingType *string

+ Latitude *string

+ Longitude *string

+ Organization *string

+ OrganizationType *string

+ Region *string

+ State *string

+ StateCf *int32

+ StateCode *string

+ type EntitiesClient struct

+ func NewEntitiesClient(subscriptionID string) EntitiesClient

+ func NewEntitiesClientWithBaseURI(baseURI string, subscriptionID string) EntitiesClient

+ func (client EntitiesClient) Expand(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result EntityExpandResponse, err error)

+ func (client EntitiesClient) ExpandPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client EntitiesClient) ExpandResponder(resp *http.Response) (result EntityExpandResponse, err error)

+ func (client EntitiesClient) ExpandSender(req *http.Request) (*http.Response, error)

+ func (client EntitiesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result EntityModel, err error)

+ func (client EntitiesClient) GetInsights(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result EntityGetInsightsResponse, err error)

+ func (client EntitiesClient) GetInsightsPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client EntitiesClient) GetInsightsResponder(resp *http.Response) (result EntityGetInsightsResponse, err error)

+ func (client EntitiesClient) GetInsightsSender(req *http.Request) (*http.Response, error)

+ func (client EntitiesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client EntitiesClient) GetResponder(resp *http.Response) (result EntityModel, err error)

+ func (client EntitiesClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client EntitiesClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result EntityListPage, err error)

+ func (client EntitiesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result EntityListIterator, err error)

+ func (client EntitiesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)

+ func (client EntitiesClient) ListResponder(resp *http.Response) (result EntityList, err error)

+ func (client EntitiesClient) ListSender(req *http.Request) (*http.Response, error)

+ func (client EntitiesClient) Queries(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result GetQueriesResponse, err error)

+ func (client EntitiesClient) QueriesPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client EntitiesClient) QueriesResponder(resp *http.Response) (result GetQueriesResponse, err error)

+ func (client EntitiesClient) QueriesSender(req *http.Request) (*http.Response, error)

+ type EntitiesGetTimelineClient struct

+ func NewEntitiesGetTimelineClient(subscriptionID string) EntitiesGetTimelineClient

+ func NewEntitiesGetTimelineClientWithBaseURI(baseURI string, subscriptionID string) EntitiesGetTimelineClient

+ func (client EntitiesGetTimelineClient) List(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result EntityTimelineResponse, err error)

+ func (client EntitiesGetTimelineClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client EntitiesGetTimelineClient) ListResponder(resp *http.Response) (result EntityTimelineResponse, err error)

+ func (client EntitiesGetTimelineClient) ListSender(req *http.Request) (*http.Response, error)

+ type EntitiesRelationsClient struct

+ func NewEntitiesRelationsClient(subscriptionID string) EntitiesRelationsClient

+ func NewEntitiesRelationsClientWithBaseURI(baseURI string, subscriptionID string) EntitiesRelationsClient

+ func (client EntitiesRelationsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result RelationListPage, err error)

+ func (client EntitiesRelationsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result RelationListIterator, err error)

+ func (client EntitiesRelationsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client EntitiesRelationsClient) ListResponder(resp *http.Response) (result RelationList, err error)

+ func (client EntitiesRelationsClient) ListSender(req *http.Request) (*http.Response, error)

+ type Entity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (e Entity) AsAccountEntity() (*AccountEntity, bool)

+ func (e Entity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (e Entity) AsBasicEntity() (BasicEntity, bool)

+ func (e Entity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (e Entity) AsDNSEntity() (*DNSEntity, bool)

+ func (e Entity) AsEntity() (*Entity, bool)

+ func (e Entity) AsFileEntity() (*FileEntity, bool)

+ func (e Entity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (e Entity) AsHostEntity() (*HostEntity, bool)

+ func (e Entity) AsHuntingBookmark() (*HuntingBookmark, bool)

+ func (e Entity) AsIPEntity() (*IPEntity, bool)

+ func (e Entity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (e Entity) AsMailClusterEntity() (*MailClusterEntity, bool)

+ func (e Entity) AsMailMessageEntity() (*MailMessageEntity, bool)

+ func (e Entity) AsMailboxEntity() (*MailboxEntity, bool)

+ func (e Entity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (e Entity) AsProcessEntity() (*ProcessEntity, bool)

+ func (e Entity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (e Entity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (e Entity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (e Entity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (e Entity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)

+ func (e Entity) AsURLEntity() (*URLEntity, bool)

+ func (e Entity) MarshalJSON() ([]byte, error)

+ type EntityAnalytics struct

+ Etag *string

+ ID *string

+ Kind KindBasicSettings

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (ea *EntityAnalytics) UnmarshalJSON(body []byte) error

+ func (ea EntityAnalytics) AsAnomalies() (*Anomalies, bool)

+ func (ea EntityAnalytics) AsBasicSettings() (BasicSettings, bool)

+ func (ea EntityAnalytics) AsEntityAnalytics() (*EntityAnalytics, bool)

+ func (ea EntityAnalytics) AsEyesOn() (*EyesOn, bool)

+ func (ea EntityAnalytics) AsSettings() (*Settings, bool)

+ func (ea EntityAnalytics) AsUeba() (*Ueba, bool)

+ func (ea EntityAnalytics) MarshalJSON() ([]byte, error)

+ type EntityAnalyticsProperties struct

+ IsEnabled *bool

+ func (eap EntityAnalyticsProperties) MarshalJSON() ([]byte, error)

+ type EntityCommonProperties struct

+ AdditionalData map[string]interface{}

+ FriendlyName *string

+ func (ecp EntityCommonProperties) MarshalJSON() ([]byte, error)

+ type EntityEdges struct

+ AdditionalData map[string]interface{}

+ TargetEntityID *string

+ func (ee EntityEdges) MarshalJSON() ([]byte, error)

+ type EntityExpandParameters struct

+ EndTime *date.Time

+ ExpansionID *uuid.UUID

+ StartTime *date.Time

+ type EntityExpandResponse struct

+ MetaData *ExpansionResultsMetadata

+ Value *EntityExpandResponseValue

+ type EntityExpandResponseValue struct

+ Edges *[]EntityEdges

+ Entities *[]BasicEntity

+ func (eer *EntityExpandResponseValue) UnmarshalJSON(body []byte) error

+ type EntityGetInsightsParameters struct

+ AddDefaultExtendedTimeRange *bool

+ EndTime *date.Time

+ InsightQueryIds *[]uuid.UUID

+ StartTime *date.Time

+ type EntityGetInsightsResponse struct

+ MetaData *GetInsightsResultsMetadata

+ Value *[]EntityInsightItem

+ type EntityInsightItem struct

+ ChartQueryResults *[]InsightsTableResult

+ QueryID *string

+ QueryTimeInterval *EntityInsightItemQueryTimeInterval

+ TableQueryResults *InsightsTableResult

+ type EntityInsightItemQueryTimeInterval struct

+ EndTime *date.Time

+ StartTime *date.Time

+ type EntityKind string

+ const EntityKindAccount

+ const EntityKindAzureResource

+ const EntityKindBookmark

+ const EntityKindCloudApplication

+ const EntityKindDNSResolution

+ const EntityKindFile

+ const EntityKindFileHash

+ const EntityKindHost

+ const EntityKindIP

+ const EntityKindIoTDevice

+ const EntityKindMailCluster

+ const EntityKindMailMessage

+ const EntityKindMailbox

+ const EntityKindMalware

+ const EntityKindProcess

+ const EntityKindRegistryKey

+ const EntityKindRegistryValue

+ const EntityKindSecurityAlert

+ const EntityKindSecurityGroup

+ const EntityKindSubmissionMail

+ const EntityKindURL

+ func PossibleEntityKindValues() []EntityKind

+ type EntityList struct

+ NextLink *string

+ Value *[]BasicEntity

+ func (el *EntityList) UnmarshalJSON(body []byte) error

+ func (el EntityList) IsEmpty() bool

+ func (el EntityList) MarshalJSON() ([]byte, error)

+ type EntityListIterator struct

+ func NewEntityListIterator(page EntityListPage) EntityListIterator

+ func (iter *EntityListIterator) Next() error

+ func (iter *EntityListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter EntityListIterator) NotDone() bool

+ func (iter EntityListIterator) Response() EntityList

+ func (iter EntityListIterator) Value() BasicEntity

+ type EntityListPage struct

+ func NewEntityListPage(cur EntityList, ...) EntityListPage

+ func (page *EntityListPage) Next() error

+ func (page *EntityListPage) NextWithContext(ctx context.Context) (err error)

+ func (page EntityListPage) NotDone() bool

+ func (page EntityListPage) Response() EntityList

+ func (page EntityListPage) Values() []BasicEntity

+ type EntityMapping struct

+ EntityType EntityMappingType

+ FieldMappings *[]FieldMapping

+ type EntityMappingType string

+ const EntityMappingTypeAccount

+ const EntityMappingTypeAzureResource

+ const EntityMappingTypeCloudApplication

+ const EntityMappingTypeDNS

+ const EntityMappingTypeFile

+ const EntityMappingTypeFileHash

+ const EntityMappingTypeHost

+ const EntityMappingTypeIP

+ const EntityMappingTypeMailCluster

+ const EntityMappingTypeMailMessage

+ const EntityMappingTypeMailbox

+ const EntityMappingTypeMalware

+ const EntityMappingTypeProcess

+ const EntityMappingTypeRegistryKey

+ const EntityMappingTypeRegistryValue

+ const EntityMappingTypeSecurityGroup

+ const EntityMappingTypeSubmissionMail

+ const EntityMappingTypeURL

+ func PossibleEntityMappingTypeValues() []EntityMappingType

+ type EntityModel struct

+ Value BasicEntity

+ func (em *EntityModel) UnmarshalJSON(body []byte) error

+ type EntityQueriesClient struct

+ func NewEntityQueriesClient(subscriptionID string) EntityQueriesClient

+ func NewEntityQueriesClientWithBaseURI(baseURI string, subscriptionID string) EntityQueriesClient

+ func (client EntityQueriesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result EntityQueryModel, err error)

+ func (client EntityQueriesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client EntityQueriesClient) CreateOrUpdateResponder(resp *http.Response) (result EntityQueryModel, err error)

+ func (client EntityQueriesClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)

+ func (client EntityQueriesClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)

+ func (client EntityQueriesClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client EntityQueriesClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client EntityQueriesClient) DeleteSender(req *http.Request) (*http.Response, error)

+ func (client EntityQueriesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result EntityQueryModel, err error)

+ func (client EntityQueriesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client EntityQueriesClient) GetResponder(resp *http.Response) (result EntityQueryModel, err error)

+ func (client EntityQueriesClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client EntityQueriesClient) List(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result EntityQueryListPage, err error)

+ func (client EntityQueriesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result EntityQueryListIterator, err error)

+ func (client EntityQueriesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client EntityQueriesClient) ListResponder(resp *http.Response) (result EntityQueryList, err error)

+ func (client EntityQueriesClient) ListSender(req *http.Request) (*http.Response, error)

+ type EntityQuery struct

+ Etag *string

+ ID *string

+ Kind KindBasicEntityQuery

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (eq EntityQuery) AsActivityEntityQuery() (*ActivityEntityQuery, bool)

+ func (eq EntityQuery) AsBasicEntityQuery() (BasicEntityQuery, bool)

+ func (eq EntityQuery) AsEntityQuery() (*EntityQuery, bool)

+ func (eq EntityQuery) AsExpansionEntityQuery() (*ExpansionEntityQuery, bool)

+ func (eq EntityQuery) MarshalJSON() ([]byte, error)

+ type EntityQueryItem struct

+ ID *string

+ Kind KindBasicEntityQueryItem

+ Name *string

+ Type *string

+ func (eqi EntityQueryItem) AsBasicEntityQueryItem() (BasicEntityQueryItem, bool)

+ func (eqi EntityQueryItem) AsEntityQueryItem() (*EntityQueryItem, bool)

+ func (eqi EntityQueryItem) AsInsightQueryItem() (*InsightQueryItem, bool)

+ func (eqi EntityQueryItem) MarshalJSON() ([]byte, error)

+ type EntityQueryItemProperties struct

+ DataTypes *[]EntityQueryItemPropertiesDataTypesItem

+ EntitiesFilter interface{}

+ InputEntityType EntityType

+ RequiredInputFieldsSets *[][]string

+ type EntityQueryItemPropertiesDataTypesItem struct

+ DataType *string

+ type EntityQueryKind string

+ const EntityQueryKindActivity

+ const EntityQueryKindExpansion

+ const EntityQueryKindInsight

+ func PossibleEntityQueryKindValues() []EntityQueryKind

+ type EntityQueryList struct

+ NextLink *string

+ Value *[]BasicEntityQuery

+ func (eql *EntityQueryList) UnmarshalJSON(body []byte) error

+ func (eql EntityQueryList) IsEmpty() bool

+ func (eql EntityQueryList) MarshalJSON() ([]byte, error)

+ type EntityQueryListIterator struct

+ func NewEntityQueryListIterator(page EntityQueryListPage) EntityQueryListIterator

+ func (iter *EntityQueryListIterator) Next() error

+ func (iter *EntityQueryListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter EntityQueryListIterator) NotDone() bool

+ func (iter EntityQueryListIterator) Response() EntityQueryList

+ func (iter EntityQueryListIterator) Value() BasicEntityQuery

+ type EntityQueryListPage struct

+ func NewEntityQueryListPage(cur EntityQueryList, ...) EntityQueryListPage

+ func (page *EntityQueryListPage) Next() error

+ func (page *EntityQueryListPage) NextWithContext(ctx context.Context) (err error)

+ func (page EntityQueryListPage) NotDone() bool

+ func (page EntityQueryListPage) Response() EntityQueryList

+ func (page EntityQueryListPage) Values() []BasicEntityQuery

+ type EntityQueryModel struct

+ Value BasicEntityQuery

+ func (eqm *EntityQueryModel) UnmarshalJSON(body []byte) error

+ type EntityQueryTemplate struct

+ ID *string

+ Kind KindBasicEntityQueryTemplate

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (eqt EntityQueryTemplate) AsActivityEntityQueryTemplate() (*ActivityEntityQueryTemplate, bool)

+ func (eqt EntityQueryTemplate) AsBasicEntityQueryTemplate() (BasicEntityQueryTemplate, bool)

+ func (eqt EntityQueryTemplate) AsEntityQueryTemplate() (*EntityQueryTemplate, bool)

+ func (eqt EntityQueryTemplate) MarshalJSON() ([]byte, error)

+ type EntityQueryTemplateKind string

+ const EntityQueryTemplateKindActivity

+ func PossibleEntityQueryTemplateKindValues() []EntityQueryTemplateKind

+ type EntityQueryTemplateList struct

+ NextLink *string

+ Value *[]BasicEntityQueryTemplate

+ func (eqtl *EntityQueryTemplateList) UnmarshalJSON(body []byte) error

+ func (eqtl EntityQueryTemplateList) IsEmpty() bool

+ func (eqtl EntityQueryTemplateList) MarshalJSON() ([]byte, error)

+ type EntityQueryTemplateListIterator struct

+ func NewEntityQueryTemplateListIterator(page EntityQueryTemplateListPage) EntityQueryTemplateListIterator

+ func (iter *EntityQueryTemplateListIterator) Next() error

+ func (iter *EntityQueryTemplateListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter EntityQueryTemplateListIterator) NotDone() bool

+ func (iter EntityQueryTemplateListIterator) Response() EntityQueryTemplateList

+ func (iter EntityQueryTemplateListIterator) Value() BasicEntityQueryTemplate

+ type EntityQueryTemplateListPage struct

+ func NewEntityQueryTemplateListPage(cur EntityQueryTemplateList, ...) EntityQueryTemplateListPage

+ func (page *EntityQueryTemplateListPage) Next() error

+ func (page *EntityQueryTemplateListPage) NextWithContext(ctx context.Context) (err error)

+ func (page EntityQueryTemplateListPage) NotDone() bool

+ func (page EntityQueryTemplateListPage) Response() EntityQueryTemplateList

+ func (page EntityQueryTemplateListPage) Values() []BasicEntityQueryTemplate

+ type EntityQueryTemplateModel struct

+ Value BasicEntityQueryTemplate

+ func (eqtm *EntityQueryTemplateModel) UnmarshalJSON(body []byte) error

+ type EntityQueryTemplatesClient struct

+ func NewEntityQueryTemplatesClient(subscriptionID string) EntityQueryTemplatesClient

+ func NewEntityQueryTemplatesClientWithBaseURI(baseURI string, subscriptionID string) EntityQueryTemplatesClient

+ func (client EntityQueryTemplatesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result EntityQueryTemplateModel, err error)

+ func (client EntityQueryTemplatesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client EntityQueryTemplatesClient) GetResponder(resp *http.Response) (result EntityQueryTemplateModel, err error)

+ func (client EntityQueryTemplatesClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client EntityQueryTemplatesClient) List(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result EntityQueryTemplateListPage, err error)

+ func (client EntityQueryTemplatesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result EntityQueryTemplateListIterator, err error)

+ func (client EntityQueryTemplatesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client EntityQueryTemplatesClient) ListResponder(resp *http.Response) (result EntityQueryTemplateList, err error)

+ func (client EntityQueryTemplatesClient) ListSender(req *http.Request) (*http.Response, error)

+ type EntityRelationsClient struct

+ func NewEntityRelationsClient(subscriptionID string) EntityRelationsClient

+ func NewEntityRelationsClientWithBaseURI(baseURI string, subscriptionID string) EntityRelationsClient

+ func (client EntityRelationsClient) GetRelation(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Relation, err error)

+ func (client EntityRelationsClient) GetRelationPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client EntityRelationsClient) GetRelationResponder(resp *http.Response) (result Relation, err error)

+ func (client EntityRelationsClient) GetRelationSender(req *http.Request) (*http.Response, error)

+ type EntityTimelineItem struct

+ Kind KindBasicEntityTimelineItem

+ func (eti EntityTimelineItem) AsActivityTimelineItem() (*ActivityTimelineItem, bool)

+ func (eti EntityTimelineItem) AsBasicEntityTimelineItem() (BasicEntityTimelineItem, bool)

+ func (eti EntityTimelineItem) AsBookmarkTimelineItem() (*BookmarkTimelineItem, bool)

+ func (eti EntityTimelineItem) AsEntityTimelineItem() (*EntityTimelineItem, bool)

+ func (eti EntityTimelineItem) AsSecurityAlertTimelineItem() (*SecurityAlertTimelineItem, bool)

+ func (eti EntityTimelineItem) MarshalJSON() ([]byte, error)

+ type EntityTimelineKind string

+ const EntityTimelineKindActivity

+ const EntityTimelineKindBookmark

+ const EntityTimelineKindSecurityAlert

+ func PossibleEntityTimelineKindValues() []EntityTimelineKind

+ type EntityTimelineParameters struct

+ EndTime *date.Time

+ Kinds *[]EntityTimelineKind

+ NumberOfBucket *int32

+ StartTime *date.Time

+ type EntityTimelineResponse struct

+ MetaData *TimelineResultsMetadata

+ Value *[]BasicEntityTimelineItem

+ func (etr *EntityTimelineResponse) UnmarshalJSON(body []byte) error

+ type EntityType string

+ const EntityTypeAccount

+ const EntityTypeAzureResource

+ const EntityTypeCloudApplication

+ const EntityTypeDNS

+ const EntityTypeFile

+ const EntityTypeFileHash

+ const EntityTypeHost

+ const EntityTypeHuntingBookmark

+ const EntityTypeIP

+ const EntityTypeIoTDevice

+ const EntityTypeMailCluster

+ const EntityTypeMailMessage

+ const EntityTypeMailbox

+ const EntityTypeMalware

+ const EntityTypeProcess

+ const EntityTypeRegistryKey

+ const EntityTypeRegistryValue

+ const EntityTypeSecurityAlert

+ const EntityTypeSecurityGroup

+ const EntityTypeSubmissionMail

+ const EntityTypeURL

+ func PossibleEntityTypeValues() []EntityType

+ type ErrorAdditionalInfo struct

+ Info interface{}

+ Type *string

+ func (eai ErrorAdditionalInfo) MarshalJSON() ([]byte, error)

+ type ErrorDetail struct

+ AdditionalInfo *[]ErrorAdditionalInfo

+ Code *string

+ Details *[]ErrorDetail

+ Message *string

+ Target *string

+ func (ed ErrorDetail) MarshalJSON() ([]byte, error)

+ type ErrorResponse struct

+ Error *ErrorDetail

+ type EventGroupingAggregationKind string

+ const EventGroupingAggregationKindAlertPerResult

+ const EventGroupingAggregationKindSingleAlert

+ func PossibleEventGroupingAggregationKindValues() []EventGroupingAggregationKind

+ type EventGroupingSettings struct

+ AggregationKind EventGroupingAggregationKind

+ type ExpansionEntityQueriesProperties struct

+ DataSources *[]string

+ DisplayName *string

+ InputEntityType EntityType

+ InputFields *[]string

+ OutputEntityTypes *[]EntityType

+ QueryTemplate *string

+ type ExpansionEntityQuery struct

+ Etag *string

+ ID *string

+ Kind KindBasicEntityQuery

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (eeq *ExpansionEntityQuery) UnmarshalJSON(body []byte) error

+ func (eeq ExpansionEntityQuery) AsActivityEntityQuery() (*ActivityEntityQuery, bool)

+ func (eeq ExpansionEntityQuery) AsBasicEntityQuery() (BasicEntityQuery, bool)

+ func (eeq ExpansionEntityQuery) AsEntityQuery() (*EntityQuery, bool)

+ func (eeq ExpansionEntityQuery) AsExpansionEntityQuery() (*ExpansionEntityQuery, bool)

+ func (eeq ExpansionEntityQuery) MarshalJSON() ([]byte, error)

+ type ExpansionResultAggregation struct

+ AggregationType *string

+ Count *int32

+ DisplayName *string

+ EntityKind EntityKind

+ type ExpansionResultsMetadata struct

+ Aggregations *[]ExpansionResultAggregation

+ type EyesOn struct

+ Etag *string

+ ID *string

+ Kind KindBasicSettings

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (eo *EyesOn) UnmarshalJSON(body []byte) error

+ func (eo EyesOn) AsAnomalies() (*Anomalies, bool)

+ func (eo EyesOn) AsBasicSettings() (BasicSettings, bool)

+ func (eo EyesOn) AsEntityAnalytics() (*EntityAnalytics, bool)

+ func (eo EyesOn) AsEyesOn() (*EyesOn, bool)

+ func (eo EyesOn) AsSettings() (*Settings, bool)

+ func (eo EyesOn) AsUeba() (*Ueba, bool)

+ func (eo EyesOn) MarshalJSON() ([]byte, error)

+ type EyesOnSettingsProperties struct

+ IsEnabled *bool

+ func (eosp EyesOnSettingsProperties) MarshalJSON() ([]byte, error)

+ type FieldMapping struct

+ ColumnName *string

+ Identifier *string

+ type FileEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (fe *FileEntity) UnmarshalJSON(body []byte) error

+ func (fe FileEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (fe FileEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (fe FileEntity) AsBasicEntity() (BasicEntity, bool)

+ func (fe FileEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (fe FileEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (fe FileEntity) AsEntity() (*Entity, bool)

+ func (fe FileEntity) AsFileEntity() (*FileEntity, bool)

+ func (fe FileEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (fe FileEntity) AsHostEntity() (*HostEntity, bool)

+ func (fe FileEntity) AsHuntingBookmark() (*HuntingBookmark, bool)

+ func (fe FileEntity) AsIPEntity() (*IPEntity, bool)

+ func (fe FileEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (fe FileEntity) AsMailClusterEntity() (*MailClusterEntity, bool)

+ func (fe FileEntity) AsMailMessageEntity() (*MailMessageEntity, bool)

+ func (fe FileEntity) AsMailboxEntity() (*MailboxEntity, bool)

+ func (fe FileEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (fe FileEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (fe FileEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (fe FileEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (fe FileEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (fe FileEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (fe FileEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)

+ func (fe FileEntity) AsURLEntity() (*URLEntity, bool)

+ func (fe FileEntity) MarshalJSON() ([]byte, error)

+ type FileEntityProperties struct

+ AdditionalData map[string]interface{}

+ Directory *string

+ FileHashEntityIds *[]string

+ FileName *string

+ FriendlyName *string

+ HostEntityID *string

+ func (fep FileEntityProperties) MarshalJSON() ([]byte, error)

+ type FileHashAlgorithm string

+ const FileHashAlgorithmMD5

+ const FileHashAlgorithmSHA1

+ const FileHashAlgorithmSHA256

+ const FileHashAlgorithmSHA256AC

+ const FileHashAlgorithmUnknown

+ func PossibleFileHashAlgorithmValues() []FileHashAlgorithm

+ type FileHashEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (fhe *FileHashEntity) UnmarshalJSON(body []byte) error

+ func (fhe FileHashEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (fhe FileHashEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (fhe FileHashEntity) AsBasicEntity() (BasicEntity, bool)

+ func (fhe FileHashEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (fhe FileHashEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (fhe FileHashEntity) AsEntity() (*Entity, bool)

+ func (fhe FileHashEntity) AsFileEntity() (*FileEntity, bool)

+ func (fhe FileHashEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (fhe FileHashEntity) AsHostEntity() (*HostEntity, bool)

+ func (fhe FileHashEntity) AsHuntingBookmark() (*HuntingBookmark, bool)

+ func (fhe FileHashEntity) AsIPEntity() (*IPEntity, bool)

+ func (fhe FileHashEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (fhe FileHashEntity) AsMailClusterEntity() (*MailClusterEntity, bool)

+ func (fhe FileHashEntity) AsMailMessageEntity() (*MailMessageEntity, bool)

+ func (fhe FileHashEntity) AsMailboxEntity() (*MailboxEntity, bool)

+ func (fhe FileHashEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (fhe FileHashEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (fhe FileHashEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (fhe FileHashEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (fhe FileHashEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (fhe FileHashEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (fhe FileHashEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)

+ func (fhe FileHashEntity) AsURLEntity() (*URLEntity, bool)

+ func (fhe FileHashEntity) MarshalJSON() ([]byte, error)

+ type FileHashEntityProperties struct

+ AdditionalData map[string]interface{}

+ Algorithm FileHashAlgorithm

+ FriendlyName *string

+ HashValue *string

+ func (fhep FileHashEntityProperties) MarshalJSON() ([]byte, error)

+ type FusionAlertRule struct

+ Etag *string

+ ID *string

+ Kind KindBasicAlertRule

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (far *FusionAlertRule) UnmarshalJSON(body []byte) error

+ func (far FusionAlertRule) AsAlertRule() (*AlertRule, bool)

+ func (far FusionAlertRule) AsBasicAlertRule() (BasicAlertRule, bool)

+ func (far FusionAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)

+ func (far FusionAlertRule) AsMLBehaviorAnalyticsAlertRule() (*MLBehaviorAnalyticsAlertRule, bool)

+ func (far FusionAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)

+ func (far FusionAlertRule) AsNrtAlertRule() (*NrtAlertRule, bool)

+ func (far FusionAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)

+ func (far FusionAlertRule) AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool)

+ func (far FusionAlertRule) MarshalJSON() ([]byte, error)

+ type FusionAlertRuleProperties struct

+ AlertRuleTemplateName *string

+ Description *string

+ DisplayName *string

+ Enabled *bool

+ LastModifiedUtc *date.Time

+ Severity AlertSeverity

+ Tactics *[]AttackTactic

+ func (farp FusionAlertRuleProperties) MarshalJSON() ([]byte, error)

+ type FusionAlertRuleTemplate struct

+ ID *string

+ Kind KindBasicAlertRuleTemplate

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (fart *FusionAlertRuleTemplate) UnmarshalJSON(body []byte) error

+ func (fart FusionAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)

+ func (fart FusionAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)

+ func (fart FusionAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)

+ func (fart FusionAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate() (*MLBehaviorAnalyticsAlertRuleTemplate, bool)

+ func (fart FusionAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)

+ func (fart FusionAlertRuleTemplate) AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool)

+ func (fart FusionAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)

+ func (fart FusionAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool)

+ func (fart FusionAlertRuleTemplate) MarshalJSON() ([]byte, error)

+ type FusionAlertRuleTemplateProperties struct

+ AlertRulesCreatedByTemplateCount *int32

+ CreatedDateUTC *date.Time

+ Description *string

+ DisplayName *string

+ LastUpdatedDateUTC *date.Time

+ RequiredDataConnectors *[]AlertRuleTemplateDataSource

+ Severity AlertSeverity

+ Status TemplateStatus

+ Tactics *[]AttackTactic

+ func (fart FusionAlertRuleTemplateProperties) MarshalJSON() ([]byte, error)

+ type GeoLocation struct

+ Asn *int32

+ City *string

+ CountryCode *string

+ CountryName *string

+ Latitude *float64

+ Longitude *float64

+ State *string

+ func (gl GeoLocation) MarshalJSON() ([]byte, error)

+ type GetInsightsError struct

+ ErrorMessage *string

+ Kind *string

+ QueryID *string

+ type GetInsightsResultsMetadata struct

+ Errors *[]GetInsightsError

+ TotalCount *int32

+ type GetQueriesResponse struct

+ Value *[]BasicEntityQueryItem

+ func (gqr *GetQueriesResponse) UnmarshalJSON(body []byte) error

+ type GraphQueries struct

+ BaseQuery *string

+ Legend *string

+ MetricName *string

+ type GroupingConfiguration struct

+ Enabled *bool

+ GroupByAlertDetails *[]AlertDetail

+ GroupByCustomDetails *[]string

+ GroupByEntities *[]EntityMappingType

+ LookbackDuration *string

+ MatchingMethod MatchingMethod

+ ReopenClosedIncident *bool

+ type HostEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (he *HostEntity) UnmarshalJSON(body []byte) error

+ func (he HostEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (he HostEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (he HostEntity) AsBasicEntity() (BasicEntity, bool)

+ func (he HostEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (he HostEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (he HostEntity) AsEntity() (*Entity, bool)

+ func (he HostEntity) AsFileEntity() (*FileEntity, bool)

+ func (he HostEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (he HostEntity) AsHostEntity() (*HostEntity, bool)

+ func (he HostEntity) AsHuntingBookmark() (*HuntingBookmark, bool)

+ func (he HostEntity) AsIPEntity() (*IPEntity, bool)

+ func (he HostEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (he HostEntity) AsMailClusterEntity() (*MailClusterEntity, bool)

+ func (he HostEntity) AsMailMessageEntity() (*MailMessageEntity, bool)

+ func (he HostEntity) AsMailboxEntity() (*MailboxEntity, bool)

+ func (he HostEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (he HostEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (he HostEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (he HostEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (he HostEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (he HostEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (he HostEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)

+ func (he HostEntity) AsURLEntity() (*URLEntity, bool)

+ func (he HostEntity) MarshalJSON() ([]byte, error)

+ type HostEntityProperties struct

+ AdditionalData map[string]interface{}

+ AzureID *string

+ DNSDomain *string

+ FriendlyName *string

+ HostName *string

+ IsDomainJoined *bool

+ NetBiosName *string

+ NtDomain *string

+ OmsAgentID *string

+ OsFamily OSFamily

+ OsVersion *string

+ func (hep HostEntityProperties) MarshalJSON() ([]byte, error)

+ type HuntingBookmark struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (hb *HuntingBookmark) UnmarshalJSON(body []byte) error

+ func (hb HuntingBookmark) AsAccountEntity() (*AccountEntity, bool)

+ func (hb HuntingBookmark) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (hb HuntingBookmark) AsBasicEntity() (BasicEntity, bool)

+ func (hb HuntingBookmark) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (hb HuntingBookmark) AsDNSEntity() (*DNSEntity, bool)

+ func (hb HuntingBookmark) AsEntity() (*Entity, bool)

+ func (hb HuntingBookmark) AsFileEntity() (*FileEntity, bool)

+ func (hb HuntingBookmark) AsFileHashEntity() (*FileHashEntity, bool)

+ func (hb HuntingBookmark) AsHostEntity() (*HostEntity, bool)

+ func (hb HuntingBookmark) AsHuntingBookmark() (*HuntingBookmark, bool)

+ func (hb HuntingBookmark) AsIPEntity() (*IPEntity, bool)

+ func (hb HuntingBookmark) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (hb HuntingBookmark) AsMailClusterEntity() (*MailClusterEntity, bool)

+ func (hb HuntingBookmark) AsMailMessageEntity() (*MailMessageEntity, bool)

+ func (hb HuntingBookmark) AsMailboxEntity() (*MailboxEntity, bool)

+ func (hb HuntingBookmark) AsMalwareEntity() (*MalwareEntity, bool)

+ func (hb HuntingBookmark) AsProcessEntity() (*ProcessEntity, bool)

+ func (hb HuntingBookmark) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (hb HuntingBookmark) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (hb HuntingBookmark) AsSecurityAlert() (*SecurityAlert, bool)

+ func (hb HuntingBookmark) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (hb HuntingBookmark) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)

+ func (hb HuntingBookmark) AsURLEntity() (*URLEntity, bool)

+ func (hb HuntingBookmark) MarshalJSON() ([]byte, error)

+ type HuntingBookmarkProperties struct

+ AdditionalData map[string]interface{}

+ Created *date.Time

+ CreatedBy *UserInfo

+ DisplayName *string

+ EventTime *date.Time

+ FriendlyName *string

+ IncidentInfo *IncidentInfo

+ Labels *[]string

+ Notes *string

+ Query *string

+ QueryResult *string

+ Updated *date.Time

+ UpdatedBy *UserInfo

+ func (hbp HuntingBookmarkProperties) MarshalJSON() ([]byte, error)

+ type IPEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (ie *IPEntity) UnmarshalJSON(body []byte) error

+ func (ie IPEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (ie IPEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (ie IPEntity) AsBasicEntity() (BasicEntity, bool)

+ func (ie IPEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (ie IPEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (ie IPEntity) AsEntity() (*Entity, bool)

+ func (ie IPEntity) AsFileEntity() (*FileEntity, bool)

+ func (ie IPEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (ie IPEntity) AsHostEntity() (*HostEntity, bool)

+ func (ie IPEntity) AsHuntingBookmark() (*HuntingBookmark, bool)

+ func (ie IPEntity) AsIPEntity() (*IPEntity, bool)

+ func (ie IPEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (ie IPEntity) AsMailClusterEntity() (*MailClusterEntity, bool)

+ func (ie IPEntity) AsMailMessageEntity() (*MailMessageEntity, bool)

+ func (ie IPEntity) AsMailboxEntity() (*MailboxEntity, bool)

+ func (ie IPEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (ie IPEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (ie IPEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (ie IPEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (ie IPEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (ie IPEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (ie IPEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)

+ func (ie IPEntity) AsURLEntity() (*URLEntity, bool)

+ func (ie IPEntity) MarshalJSON() ([]byte, error)

+ type IPEntityProperties struct

+ AdditionalData map[string]interface{}

+ Address *string

+ FriendlyName *string

+ Location *GeoLocation

+ ThreatIntelligence *[]ThreatIntelligence

+ func (iep IPEntityProperties) MarshalJSON() ([]byte, error)

+ type IPGeodataClient struct

+ func NewIPGeodataClient(subscriptionID string) IPGeodataClient

+ func NewIPGeodataClientWithBaseURI(baseURI string, subscriptionID string) IPGeodataClient

+ func (client IPGeodataClient) Get(ctx context.Context, resourceGroupName string, IPAddress string) (result EnrichmentIPGeodata, err error)

+ func (client IPGeodataClient) GetPreparer(ctx context.Context, resourceGroupName string, IPAddress string) (*http.Request, error)

+ func (client IPGeodataClient) GetResponder(resp *http.Response) (result EnrichmentIPGeodata, err error)

+ func (client IPGeodataClient) GetSender(req *http.Request) (*http.Response, error)

+ type Incident struct

+ Etag *string

+ ID *string

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (i *Incident) UnmarshalJSON(body []byte) error

+ func (i Incident) MarshalJSON() ([]byte, error)

+ type IncidentAdditionalData struct

+ AlertProductNames *[]string

+ AlertsCount *int32

+ BookmarksCount *int32

+ CommentsCount *int32

+ Tactics *[]AttackTactic

+ func (iad IncidentAdditionalData) MarshalJSON() ([]byte, error)

+ type IncidentAlertList struct

+ Value *[]SecurityAlert

+ type IncidentBookmarkList struct

+ Value *[]HuntingBookmark

+ type IncidentClassification string

+ const IncidentClassificationBenignPositive

+ const IncidentClassificationFalsePositive

+ const IncidentClassificationTruePositive

+ const IncidentClassificationUndetermined

+ func PossibleIncidentClassificationValues() []IncidentClassification

+ type IncidentClassificationReason string

+ const IncidentClassificationReasonInaccurateData

+ const IncidentClassificationReasonIncorrectAlertLogic

+ const IncidentClassificationReasonSuspiciousActivity

+ const IncidentClassificationReasonSuspiciousButExpected

+ func PossibleIncidentClassificationReasonValues() []IncidentClassificationReason

+ type IncidentComment struct

+ Etag *string

+ ID *string

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (ic *IncidentComment) UnmarshalJSON(body []byte) error

+ func (ic IncidentComment) MarshalJSON() ([]byte, error)

+ type IncidentCommentList struct

+ NextLink *string

+ Value *[]IncidentComment

+ func (icl IncidentCommentList) IsEmpty() bool

+ func (icl IncidentCommentList) MarshalJSON() ([]byte, error)

+ type IncidentCommentListIterator struct

+ func NewIncidentCommentListIterator(page IncidentCommentListPage) IncidentCommentListIterator

+ func (iter *IncidentCommentListIterator) Next() error

+ func (iter *IncidentCommentListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter IncidentCommentListIterator) NotDone() bool

+ func (iter IncidentCommentListIterator) Response() IncidentCommentList

+ func (iter IncidentCommentListIterator) Value() IncidentComment

+ type IncidentCommentListPage struct

+ func NewIncidentCommentListPage(cur IncidentCommentList, ...) IncidentCommentListPage

+ func (page *IncidentCommentListPage) Next() error

+ func (page *IncidentCommentListPage) NextWithContext(ctx context.Context) (err error)

+ func (page IncidentCommentListPage) NotDone() bool

+ func (page IncidentCommentListPage) Response() IncidentCommentList

+ func (page IncidentCommentListPage) Values() []IncidentComment

+ type IncidentCommentProperties struct

+ Author *ClientInfo

+ CreatedTimeUtc *date.Time

+ LastModifiedTimeUtc *date.Time

+ Message *string

+ func (icp IncidentCommentProperties) MarshalJSON() ([]byte, error)

+ type IncidentCommentsClient struct

+ func NewIncidentCommentsClient(subscriptionID string) IncidentCommentsClient

+ func NewIncidentCommentsClientWithBaseURI(baseURI string, subscriptionID string) IncidentCommentsClient

+ func (client IncidentCommentsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentComment, err error)

+ func (client IncidentCommentsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client IncidentCommentsClient) CreateOrUpdateResponder(resp *http.Response) (result IncidentComment, err error)

+ func (client IncidentCommentsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)

+ func (client IncidentCommentsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)

+ func (client IncidentCommentsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client IncidentCommentsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client IncidentCommentsClient) DeleteSender(req *http.Request) (*http.Response, error)

+ func (client IncidentCommentsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentComment, err error)

+ func (client IncidentCommentsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client IncidentCommentsClient) GetResponder(resp *http.Response) (result IncidentComment, err error)

+ func (client IncidentCommentsClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client IncidentCommentsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentCommentListPage, err error)

+ func (client IncidentCommentsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentCommentListIterator, err error)

+ func (client IncidentCommentsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client IncidentCommentsClient) ListResponder(resp *http.Response) (result IncidentCommentList, err error)

+ func (client IncidentCommentsClient) ListSender(req *http.Request) (*http.Response, error)

+ type IncidentConfiguration struct

+ CreateIncident *bool

+ GroupingConfiguration *GroupingConfiguration

+ type IncidentEntitiesResponse struct

+ Entities *[]BasicEntity

+ MetaData *[]IncidentEntitiesResultsMetadata

+ func (ier *IncidentEntitiesResponse) UnmarshalJSON(body []byte) error

+ type IncidentEntitiesResultsMetadata struct

+ Count *int32

+ EntityKind EntityKind

+ type IncidentInfo struct

+ IncidentID *string

+ RelationName *string

+ Severity IncidentSeverity

+ Title *string

+ type IncidentLabel struct

+ LabelName *string

+ LabelType IncidentLabelType

+ func (il IncidentLabel) MarshalJSON() ([]byte, error)

+ type IncidentLabelType string

+ const IncidentLabelTypeSystem

+ const IncidentLabelTypeUser

+ func PossibleIncidentLabelTypeValues() []IncidentLabelType

+ type IncidentList struct

+ NextLink *string

+ Value *[]Incident

+ func (il IncidentList) IsEmpty() bool

+ func (il IncidentList) MarshalJSON() ([]byte, error)

+ type IncidentListIterator struct

+ func NewIncidentListIterator(page IncidentListPage) IncidentListIterator

+ func (iter *IncidentListIterator) Next() error

+ func (iter *IncidentListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter IncidentListIterator) NotDone() bool

+ func (iter IncidentListIterator) Response() IncidentList

+ func (iter IncidentListIterator) Value() Incident

+ type IncidentListPage struct

+ func NewIncidentListPage(cur IncidentList, ...) IncidentListPage

+ func (page *IncidentListPage) Next() error

+ func (page *IncidentListPage) NextWithContext(ctx context.Context) (err error)

+ func (page IncidentListPage) NotDone() bool

+ func (page IncidentListPage) Response() IncidentList

+ func (page IncidentListPage) Values() []Incident

+ type IncidentOwnerInfo struct

+ AssignedTo *string

+ Email *string

+ ObjectID *uuid.UUID

+ OwnerType OwnerType

+ UserPrincipalName *string

+ func (ioi IncidentOwnerInfo) MarshalJSON() ([]byte, error)

+ type IncidentProperties struct

+ AdditionalData *IncidentAdditionalData

+ Classification IncidentClassification

+ ClassificationComment *string

+ ClassificationReason IncidentClassificationReason

+ CreatedTimeUtc *date.Time

+ Description *string

+ FirstActivityTimeUtc *date.Time

+ IncidentNumber *int32

+ IncidentURL *string

+ Labels *[]IncidentLabel

+ LastActivityTimeUtc *date.Time

+ LastModifiedTimeUtc *date.Time

+ Owner *IncidentOwnerInfo

+ ProviderIncidentID *string

+ ProviderName *string

+ RelatedAnalyticRuleIds *[]string

+ Severity IncidentSeverity

+ Status IncidentStatus

+ TeamInformation *TeamInformation

+ Title *string

+ func (IP IncidentProperties) MarshalJSON() ([]byte, error)

+ type IncidentRelationsClient struct

+ func NewIncidentRelationsClient(subscriptionID string) IncidentRelationsClient

+ func NewIncidentRelationsClientWithBaseURI(baseURI string, subscriptionID string) IncidentRelationsClient

+ func (client IncidentRelationsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Relation, err error)

+ func (client IncidentRelationsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client IncidentRelationsClient) CreateOrUpdateResponder(resp *http.Response) (result Relation, err error)

+ func (client IncidentRelationsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)

+ func (client IncidentRelationsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)

+ func (client IncidentRelationsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client IncidentRelationsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client IncidentRelationsClient) DeleteSender(req *http.Request) (*http.Response, error)

+ func (client IncidentRelationsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Relation, err error)

+ func (client IncidentRelationsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client IncidentRelationsClient) GetResponder(resp *http.Response) (result Relation, err error)

+ func (client IncidentRelationsClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client IncidentRelationsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result RelationListPage, err error)

+ func (client IncidentRelationsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result RelationListIterator, err error)

+ func (client IncidentRelationsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client IncidentRelationsClient) ListResponder(resp *http.Response) (result RelationList, err error)

+ func (client IncidentRelationsClient) ListSender(req *http.Request) (*http.Response, error)

+ type IncidentSeverity string

+ const IncidentSeverityHigh

+ const IncidentSeverityInformational

+ const IncidentSeverityLow

+ const IncidentSeverityMedium

+ func PossibleIncidentSeverityValues() []IncidentSeverity

+ type IncidentStatus string

+ const IncidentStatusActive

+ const IncidentStatusClosed

+ const IncidentStatusNew

+ func PossibleIncidentStatusValues() []IncidentStatus

+ type IncidentsClient struct

+ func NewIncidentsClient(subscriptionID string) IncidentsClient

+ func NewIncidentsClientWithBaseURI(baseURI string, subscriptionID string) IncidentsClient

+ func (client IncidentsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Incident, err error)

+ func (client IncidentsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client IncidentsClient) CreateOrUpdateResponder(resp *http.Response) (result Incident, err error)

+ func (client IncidentsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)

+ func (client IncidentsClient) CreateTeam(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result TeamInformation, err error)

+ func (client IncidentsClient) CreateTeamPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client IncidentsClient) CreateTeamResponder(resp *http.Response) (result TeamInformation, err error)

+ func (client IncidentsClient) CreateTeamSender(req *http.Request) (*http.Response, error)

+ func (client IncidentsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)

+ func (client IncidentsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client IncidentsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client IncidentsClient) DeleteSender(req *http.Request) (*http.Response, error)

+ func (client IncidentsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Incident, err error)

+ func (client IncidentsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client IncidentsClient) GetResponder(resp *http.Response) (result Incident, err error)

+ func (client IncidentsClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client IncidentsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentListPage, err error)

+ func (client IncidentsClient) ListAlerts(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentAlertList, err error)

+ func (client IncidentsClient) ListAlertsPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client IncidentsClient) ListAlertsResponder(resp *http.Response) (result IncidentAlertList, err error)

+ func (client IncidentsClient) ListAlertsSender(req *http.Request) (*http.Response, error)

+ func (client IncidentsClient) ListBookmarks(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentBookmarkList, err error)

+ func (client IncidentsClient) ListBookmarksPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client IncidentsClient) ListBookmarksResponder(resp *http.Response) (result IncidentBookmarkList, err error)

+ func (client IncidentsClient) ListBookmarksSender(req *http.Request) (*http.Response, error)

+ func (client IncidentsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentListIterator, err error)

+ func (client IncidentsClient) ListEntities(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentEntitiesResponse, err error)

+ func (client IncidentsClient) ListEntitiesPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client IncidentsClient) ListEntitiesResponder(resp *http.Response) (result IncidentEntitiesResponse, err error)

+ func (client IncidentsClient) ListEntitiesSender(req *http.Request) (*http.Response, error)

+ func (client IncidentsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client IncidentsClient) ListResponder(resp *http.Response) (result IncidentList, err error)

+ func (client IncidentsClient) ListSender(req *http.Request) (*http.Response, error)

+ type InsightQueryItem struct

+ ID *string

+ Kind KindBasicEntityQueryItem

+ Name *string

+ Properties *InsightQueryItemProperties

+ Type *string

+ func (iqi InsightQueryItem) AsBasicEntityQueryItem() (BasicEntityQueryItem, bool)

+ func (iqi InsightQueryItem) AsEntityQueryItem() (*EntityQueryItem, bool)

+ func (iqi InsightQueryItem) AsInsightQueryItem() (*InsightQueryItem, bool)

+ func (iqi InsightQueryItem) MarshalJSON() ([]byte, error)

+ type InsightQueryItemProperties struct

+ AdditionalQuery *InsightQueryItemPropertiesAdditionalQuery

+ BaseQuery *string

+ ChartQuery interface{}

+ DataTypes *[]EntityQueryItemPropertiesDataTypesItem

+ DefaultTimeRange *InsightQueryItemPropertiesDefaultTimeRange

+ Description *string

+ DisplayName *string

+ EntitiesFilter interface{}

+ InputEntityType EntityType

+ ReferenceTimeRange *InsightQueryItemPropertiesReferenceTimeRange

+ RequiredInputFieldsSets *[][]string

+ TableQuery *InsightQueryItemPropertiesTableQuery

+ type InsightQueryItemPropertiesAdditionalQuery struct

+ Query *string

+ Text *string

+ type InsightQueryItemPropertiesDefaultTimeRange struct

+ AfterRange *string

+ BeforeRange *string

+ type InsightQueryItemPropertiesReferenceTimeRange struct

+ BeforeRange *string

+ type InsightQueryItemPropertiesTableQuery struct

+ ColumnsDefinitions *[]InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem

+ QueriesDefinitions *[]InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem

+ type InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem struct

+ Header *string

+ OutputType OutputType

+ SupportDeepLink *bool

+ type InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem struct

+ Filter *string

+ LinkColumnsDefinitions *[]InsightQueryItemPropertiesTableQueryQueriesDefinitionsItemLinkColumnsDefinitionsItem

+ Project *string

+ Summarize *string

+ type InsightQueryItemPropertiesTableQueryQueriesDefinitionsItemLinkColumnsDefinitionsItem struct

+ ProjectedName *string

+ Query *string

+ type InsightsTableResult struct

+ Columns *[]InsightsTableResultColumnsItem

+ Rows *[][]string

+ type InsightsTableResultColumnsItem struct

+ Name *string

+ Type *string

+ type InstructionSteps struct

+ Description *string

+ Instructions *[]InstructionStepsInstructionsItem

+ Title *string

+ type InstructionStepsInstructionsItem struct

+ Parameters interface{}

+ Type SettingType

+ type IoTDeviceEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (itde *IoTDeviceEntity) UnmarshalJSON(body []byte) error

+ func (itde IoTDeviceEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (itde IoTDeviceEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (itde IoTDeviceEntity) AsBasicEntity() (BasicEntity, bool)

+ func (itde IoTDeviceEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (itde IoTDeviceEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (itde IoTDeviceEntity) AsEntity() (*Entity, bool)

+ func (itde IoTDeviceEntity) AsFileEntity() (*FileEntity, bool)

+ func (itde IoTDeviceEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (itde IoTDeviceEntity) AsHostEntity() (*HostEntity, bool)

+ func (itde IoTDeviceEntity) AsHuntingBookmark() (*HuntingBookmark, bool)

+ func (itde IoTDeviceEntity) AsIPEntity() (*IPEntity, bool)

+ func (itde IoTDeviceEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (itde IoTDeviceEntity) AsMailClusterEntity() (*MailClusterEntity, bool)

+ func (itde IoTDeviceEntity) AsMailMessageEntity() (*MailMessageEntity, bool)

+ func (itde IoTDeviceEntity) AsMailboxEntity() (*MailboxEntity, bool)

+ func (itde IoTDeviceEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (itde IoTDeviceEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (itde IoTDeviceEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (itde IoTDeviceEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (itde IoTDeviceEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (itde IoTDeviceEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (itde IoTDeviceEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)

+ func (itde IoTDeviceEntity) AsURLEntity() (*URLEntity, bool)

+ func (itde IoTDeviceEntity) MarshalJSON() ([]byte, error)

+ type IoTDeviceEntityProperties struct

+ AdditionalData map[string]interface{}

+ DeviceID *string

+ DeviceName *string

+ DeviceType *string

+ EdgeID *string

+ FirmwareVersion *string

+ FriendlyName *string

+ HostEntityID *string

+ IPAddressEntityID *string

+ IotHubEntityID *string

+ IotSecurityAgentID *uuid.UUID

+ MacAddress *string

+ Model *string

+ OperatingSystem *string

+ Protocols *[]string

+ SerialNumber *string

+ Source *string

+ ThreatIntelligence *[]ThreatIntelligence

+ Vendor *string

+ func (itdep IoTDeviceEntityProperties) MarshalJSON() ([]byte, error)

+ type KillChainIntent string

+ const KillChainIntentCollection

+ const KillChainIntentCommandAndControl

+ const KillChainIntentCredentialAccess

+ const KillChainIntentDefenseEvasion

+ const KillChainIntentDiscovery

+ const KillChainIntentExecution

+ const KillChainIntentExfiltration

+ const KillChainIntentExploitation

+ const KillChainIntentImpact

+ const KillChainIntentLateralMovement

+ const KillChainIntentPersistence

+ const KillChainIntentPrivilegeEscalation

+ const KillChainIntentProbing

+ const KillChainIntentUnknown

+ func PossibleKillChainIntentValues() []KillChainIntent

+ type Kind string

+ const KindAnalyticsRule

+ const KindAnalyticsRuleTemplate

+ const KindDataConnector

+ const KindDataType

+ const KindHuntingQuery

+ const KindInvestigationQuery

+ const KindParser

+ const KindPlaybook

+ const KindPlaybookTemplate

+ const KindSolution

+ const KindWatchlist

+ const KindWatchlistTemplate

+ const KindWorkbook

+ const KindWorkbookTemplate

+ func PossibleKindValues() []Kind

+ type KindBasicAlertRule string

+ const KindBasicAlertRuleKindAlertRule

+ const KindBasicAlertRuleKindFusion

+ const KindBasicAlertRuleKindMLBehaviorAnalytics

+ const KindBasicAlertRuleKindMicrosoftSecurityIncidentCreation

+ const KindBasicAlertRuleKindNRT

+ const KindBasicAlertRuleKindScheduled

+ const KindBasicAlertRuleKindThreatIntelligence

+ func PossibleKindBasicAlertRuleValues() []KindBasicAlertRule

+ type KindBasicAlertRuleTemplate string

+ const KindBasicAlertRuleTemplateKindAlertRuleTemplate

+ const KindBasicAlertRuleTemplateKindFusion

+ const KindBasicAlertRuleTemplateKindMLBehaviorAnalytics

+ const KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation

+ const KindBasicAlertRuleTemplateKindNRT

+ const KindBasicAlertRuleTemplateKindScheduled

+ const KindBasicAlertRuleTemplateKindThreatIntelligence

+ func PossibleKindBasicAlertRuleTemplateValues() []KindBasicAlertRuleTemplate

+ type KindBasicCustomEntityQuery string

+ const KindBasicCustomEntityQueryKindActivity

+ const KindBasicCustomEntityQueryKindCustomEntityQuery

+ func PossibleKindBasicCustomEntityQueryValues() []KindBasicCustomEntityQuery

+ type KindBasicDataConnector string

+ const KindBasicDataConnectorKindAPIPolling

+ const KindBasicDataConnectorKindAmazonWebServicesCloudTrail

+ const KindBasicDataConnectorKindAmazonWebServicesS3

+ const KindBasicDataConnectorKindAzureActiveDirectory

+ const KindBasicDataConnectorKindAzureAdvancedThreatProtection

+ const KindBasicDataConnectorKindAzureSecurityCenter

+ const KindBasicDataConnectorKindDataConnector

+ const KindBasicDataConnectorKindDynamics365

+ const KindBasicDataConnectorKindGenericUI

+ const KindBasicDataConnectorKindMicrosoftCloudAppSecurity

+ const KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection

+ const KindBasicDataConnectorKindMicrosoftThreatIntelligence

+ const KindBasicDataConnectorKindMicrosoftThreatProtection

+ const KindBasicDataConnectorKindOffice365

+ const KindBasicDataConnectorKindOfficeATP

+ const KindBasicDataConnectorKindOfficeIRM

+ const KindBasicDataConnectorKindThreatIntelligence

+ const KindBasicDataConnectorKindThreatIntelligenceTaxii

+ func PossibleKindBasicDataConnectorValues() []KindBasicDataConnector

+ type KindBasicDataConnectorsCheckRequirements string

+ const KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail

+ const KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3

+ const KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory

+ const KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection

+ const KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter

+ const KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements

+ const KindBasicDataConnectorsCheckRequirementsKindDynamics365

+ const KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity

+ const KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection

+ const KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence

+ const KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection

+ const KindBasicDataConnectorsCheckRequirementsKindOfficeATP

+ const KindBasicDataConnectorsCheckRequirementsKindOfficeIRM

+ const KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence

+ const KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii

+ func PossibleKindBasicDataConnectorsCheckRequirementsValues() []KindBasicDataConnectorsCheckRequirements

+ type KindBasicEntity string

+ const KindBasicEntityKindAccount

+ const KindBasicEntityKindAzureResource

+ const KindBasicEntityKindBookmark

+ const KindBasicEntityKindCloudApplication

+ const KindBasicEntityKindDNSResolution

+ const KindBasicEntityKindEntity

+ const KindBasicEntityKindFile

+ const KindBasicEntityKindFileHash

+ const KindBasicEntityKindHost

+ const KindBasicEntityKindIP

+ const KindBasicEntityKindIoTDevice

+ const KindBasicEntityKindMailCluster

+ const KindBasicEntityKindMailMessage

+ const KindBasicEntityKindMailbox

+ const KindBasicEntityKindMalware

+ const KindBasicEntityKindProcess

+ const KindBasicEntityKindRegistryKey

+ const KindBasicEntityKindRegistryValue

+ const KindBasicEntityKindSecurityAlert

+ const KindBasicEntityKindSecurityGroup

+ const KindBasicEntityKindSubmissionMail

+ const KindBasicEntityKindURL

+ func PossibleKindBasicEntityValues() []KindBasicEntity

+ type KindBasicEntityQuery string

+ const KindBasicEntityQueryKindActivity

+ const KindBasicEntityQueryKindEntityQuery

+ const KindBasicEntityQueryKindExpansion

+ func PossibleKindBasicEntityQueryValues() []KindBasicEntityQuery

+ type KindBasicEntityQueryItem string

+ const KindBasicEntityQueryItemKindEntityQueryItem

+ const KindBasicEntityQueryItemKindInsight

+ func PossibleKindBasicEntityQueryItemValues() []KindBasicEntityQueryItem

+ type KindBasicEntityQueryTemplate string

+ const KindBasicEntityQueryTemplateKindActivity

+ const KindBasicEntityQueryTemplateKindEntityQueryTemplate

+ func PossibleKindBasicEntityQueryTemplateValues() []KindBasicEntityQueryTemplate

+ type KindBasicEntityTimelineItem string

+ const KindBasicEntityTimelineItemKindActivity

+ const KindBasicEntityTimelineItemKindBookmark

+ const KindBasicEntityTimelineItemKindEntityTimelineItem

+ const KindBasicEntityTimelineItemKindSecurityAlert

+ func PossibleKindBasicEntityTimelineItemValues() []KindBasicEntityTimelineItem

+ type KindBasicSettings string

+ const KindBasicSettingsKindAnomalies

+ const KindBasicSettingsKindEntityAnalytics

+ const KindBasicSettingsKindEyesOn

+ const KindBasicSettingsKindSettings

+ const KindBasicSettingsKindUeba

+ func PossibleKindBasicSettingsValues() []KindBasicSettings

+ type KindBasicThreatIntelligenceInformation string

+ const KindBasicThreatIntelligenceInformationKindIndicator

+ const KindBasicThreatIntelligenceInformationKindThreatIntelligenceInformation

+ func PossibleKindBasicThreatIntelligenceInformationValues() []KindBasicThreatIntelligenceInformation

+ type LastDataReceivedDataType struct

+ LastDataReceivedQuery *string

+ Name *string

+ type MCASCheckRequirements struct

+ Kind KindBasicDataConnectorsCheckRequirements

+ func (mcr *MCASCheckRequirements) UnmarshalJSON(body []byte) error

+ func (mcr MCASCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)

+ func (mcr MCASCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)

+ func (mcr MCASCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)

+ func (mcr MCASCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)

+ func (mcr MCASCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)

+ func (mcr MCASCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)

+ func (mcr MCASCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)

+ func (mcr MCASCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)

+ func (mcr MCASCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)

+ func (mcr MCASCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)

+ func (mcr MCASCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)

+ func (mcr MCASCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)

+ func (mcr MCASCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)

+ func (mcr MCASCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)

+ func (mcr MCASCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)

+ func (mcr MCASCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)

+ func (mcr MCASCheckRequirements) MarshalJSON() ([]byte, error)

+ type MCASCheckRequirementsProperties struct

+ TenantID *string

+ type MCASDataConnector struct

+ Etag *string

+ ID *string

+ Kind KindBasicDataConnector

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (mdc *MCASDataConnector) UnmarshalJSON(body []byte) error

+ func (mdc MCASDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

+ func (mdc MCASDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

+ func (mdc MCASDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

+ func (mdc MCASDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

+ func (mdc MCASDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)

+ func (mdc MCASDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

+ func (mdc MCASDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)

+ func (mdc MCASDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)

+ func (mdc MCASDataConnector) AsDataConnector() (*DataConnector, bool)

+ func (mdc MCASDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)

+ func (mdc MCASDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

+ func (mdc MCASDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

+ func (mdc MCASDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)

+ func (mdc MCASDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)

+ func (mdc MCASDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)

+ func (mdc MCASDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

+ func (mdc MCASDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)

+ func (mdc MCASDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

+ func (mdc MCASDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)

+ func (mdc MCASDataConnector) MarshalJSON() ([]byte, error)

+ type MCASDataConnectorDataTypes struct

+ Alerts *DataConnectorDataTypeCommon

+ DiscoveryLogs *DataConnectorDataTypeCommon

+ type MCASDataConnectorProperties struct

+ DataTypes *MCASDataConnectorDataTypes

+ TenantID *string

+ type MDATPCheckRequirements struct

+ Kind KindBasicDataConnectorsCheckRequirements

+ func (mcr *MDATPCheckRequirements) UnmarshalJSON(body []byte) error

+ func (mcr MDATPCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)

+ func (mcr MDATPCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)

+ func (mcr MDATPCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)

+ func (mcr MDATPCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)

+ func (mcr MDATPCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)

+ func (mcr MDATPCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)

+ func (mcr MDATPCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)

+ func (mcr MDATPCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)

+ func (mcr MDATPCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)

+ func (mcr MDATPCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)

+ func (mcr MDATPCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)

+ func (mcr MDATPCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)

+ func (mcr MDATPCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)

+ func (mcr MDATPCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)

+ func (mcr MDATPCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)

+ func (mcr MDATPCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)

+ func (mcr MDATPCheckRequirements) MarshalJSON() ([]byte, error)

+ type MDATPCheckRequirementsProperties struct

+ TenantID *string

+ type MDATPDataConnector struct

+ Etag *string

+ ID *string

+ Kind KindBasicDataConnector

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (mdc *MDATPDataConnector) UnmarshalJSON(body []byte) error

+ func (mdc MDATPDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

+ func (mdc MDATPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

+ func (mdc MDATPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

+ func (mdc MDATPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

+ func (mdc MDATPDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)

+ func (mdc MDATPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

+ func (mdc MDATPDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)

+ func (mdc MDATPDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)

+ func (mdc MDATPDataConnector) AsDataConnector() (*DataConnector, bool)

+ func (mdc MDATPDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)

+ func (mdc MDATPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

+ func (mdc MDATPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

+ func (mdc MDATPDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)

+ func (mdc MDATPDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)

+ func (mdc MDATPDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)

+ func (mdc MDATPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

+ func (mdc MDATPDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)

+ func (mdc MDATPDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

+ func (mdc MDATPDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)

+ func (mdc MDATPDataConnector) MarshalJSON() ([]byte, error)

+ type MDATPDataConnectorProperties struct

+ DataTypes *AlertsDataTypeOfDataConnector

+ TenantID *string

+ type MLBehaviorAnalyticsAlertRule struct

+ Etag *string

+ ID *string

+ Kind KindBasicAlertRule

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (mbaar *MLBehaviorAnalyticsAlertRule) UnmarshalJSON(body []byte) error

+ func (mbaar MLBehaviorAnalyticsAlertRule) AsAlertRule() (*AlertRule, bool)

+ func (mbaar MLBehaviorAnalyticsAlertRule) AsBasicAlertRule() (BasicAlertRule, bool)

+ func (mbaar MLBehaviorAnalyticsAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)

+ func (mbaar MLBehaviorAnalyticsAlertRule) AsMLBehaviorAnalyticsAlertRule() (*MLBehaviorAnalyticsAlertRule, bool)

+ func (mbaar MLBehaviorAnalyticsAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)

+ func (mbaar MLBehaviorAnalyticsAlertRule) AsNrtAlertRule() (*NrtAlertRule, bool)

+ func (mbaar MLBehaviorAnalyticsAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)

+ func (mbaar MLBehaviorAnalyticsAlertRule) AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool)

+ func (mbaar MLBehaviorAnalyticsAlertRule) MarshalJSON() ([]byte, error)

+ type MLBehaviorAnalyticsAlertRuleProperties struct

+ AlertRuleTemplateName *string

+ Description *string

+ DisplayName *string

+ Enabled *bool

+ LastModifiedUtc *date.Time

+ Severity AlertSeverity

+ Tactics *[]AttackTactic

+ func (mbaarp MLBehaviorAnalyticsAlertRuleProperties) MarshalJSON() ([]byte, error)

+ type MLBehaviorAnalyticsAlertRuleTemplate struct

+ ID *string

+ Kind KindBasicAlertRuleTemplate

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (mbaart *MLBehaviorAnalyticsAlertRuleTemplate) UnmarshalJSON(body []byte) error

+ func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)

+ func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)

+ func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)

+ func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate() (*MLBehaviorAnalyticsAlertRuleTemplate, bool)

+ func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)

+ func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool)

+ func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)

+ func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool)

+ func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) MarshalJSON() ([]byte, error)

+ type MLBehaviorAnalyticsAlertRuleTemplateProperties struct

+ AlertRulesCreatedByTemplateCount *int32

+ CreatedDateUTC *date.Time

+ Description *string

+ DisplayName *string

+ LastUpdatedDateUTC *date.Time

+ RequiredDataConnectors *[]AlertRuleTemplateDataSource

+ Severity AlertSeverity

+ Status TemplateStatus

+ Tactics *[]AttackTactic

+ func (mbaart MLBehaviorAnalyticsAlertRuleTemplateProperties) MarshalJSON() ([]byte, error)

+ type MSTICheckRequirements struct

+ Kind KindBasicDataConnectorsCheckRequirements

+ func (mcr *MSTICheckRequirements) UnmarshalJSON(body []byte) error

+ func (mcr MSTICheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)

+ func (mcr MSTICheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)

+ func (mcr MSTICheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)

+ func (mcr MSTICheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)

+ func (mcr MSTICheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)

+ func (mcr MSTICheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)

+ func (mcr MSTICheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)

+ func (mcr MSTICheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)

+ func (mcr MSTICheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)

+ func (mcr MSTICheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)

+ func (mcr MSTICheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)

+ func (mcr MSTICheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)

+ func (mcr MSTICheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)

+ func (mcr MSTICheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)

+ func (mcr MSTICheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)

+ func (mcr MSTICheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)

+ func (mcr MSTICheckRequirements) MarshalJSON() ([]byte, error)

+ type MSTICheckRequirementsProperties struct

+ TenantID *string

+ type MSTIDataConnector struct

+ Etag *string

+ ID *string

+ Kind KindBasicDataConnector

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (mdc *MSTIDataConnector) UnmarshalJSON(body []byte) error

+ func (mdc MSTIDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

+ func (mdc MSTIDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

+ func (mdc MSTIDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

+ func (mdc MSTIDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

+ func (mdc MSTIDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)

+ func (mdc MSTIDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

+ func (mdc MSTIDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)

+ func (mdc MSTIDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)

+ func (mdc MSTIDataConnector) AsDataConnector() (*DataConnector, bool)

+ func (mdc MSTIDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)

+ func (mdc MSTIDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

+ func (mdc MSTIDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

+ func (mdc MSTIDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)

+ func (mdc MSTIDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)

+ func (mdc MSTIDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)

+ func (mdc MSTIDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

+ func (mdc MSTIDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)

+ func (mdc MSTIDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

+ func (mdc MSTIDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)

+ func (mdc MSTIDataConnector) MarshalJSON() ([]byte, error)

+ type MSTIDataConnectorDataTypes struct

+ BingSafetyPhishingURL *MSTIDataConnectorDataTypesBingSafetyPhishingURL

+ MicrosoftEmergingThreatFeed *MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed

+ type MSTIDataConnectorDataTypesBingSafetyPhishingURL struct

+ LookbackPeriod *string

+ State DataTypeState

+ type MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed struct

+ LookbackPeriod *string

+ State DataTypeState

+ type MSTIDataConnectorProperties struct

+ DataTypes *MSTIDataConnectorDataTypes

+ TenantID *string

+ type MTPCheckRequirementsProperties struct

+ TenantID *string

+ type MTPDataConnector struct

+ Etag *string

+ ID *string

+ Kind KindBasicDataConnector

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (mdc *MTPDataConnector) UnmarshalJSON(body []byte) error

+ func (mdc MTPDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

+ func (mdc MTPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

+ func (mdc MTPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

+ func (mdc MTPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

+ func (mdc MTPDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)

+ func (mdc MTPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

+ func (mdc MTPDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)

+ func (mdc MTPDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)

+ func (mdc MTPDataConnector) AsDataConnector() (*DataConnector, bool)

+ func (mdc MTPDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)

+ func (mdc MTPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

+ func (mdc MTPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

+ func (mdc MTPDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)

+ func (mdc MTPDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)

+ func (mdc MTPDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)

+ func (mdc MTPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

+ func (mdc MTPDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)

+ func (mdc MTPDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

+ func (mdc MTPDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)

+ func (mdc MTPDataConnector) MarshalJSON() ([]byte, error)

+ type MTPDataConnectorDataTypes struct

+ Incidents *MTPDataConnectorDataTypesIncidents

+ type MTPDataConnectorDataTypesIncidents struct

+ State DataTypeState

+ type MTPDataConnectorProperties struct

+ DataTypes *MTPDataConnectorDataTypes

+ TenantID *string

+ type MailClusterEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (mce *MailClusterEntity) UnmarshalJSON(body []byte) error

+ func (mce MailClusterEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (mce MailClusterEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (mce MailClusterEntity) AsBasicEntity() (BasicEntity, bool)

+ func (mce MailClusterEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (mce MailClusterEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (mce MailClusterEntity) AsEntity() (*Entity, bool)

+ func (mce MailClusterEntity) AsFileEntity() (*FileEntity, bool)

+ func (mce MailClusterEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (mce MailClusterEntity) AsHostEntity() (*HostEntity, bool)

+ func (mce MailClusterEntity) AsHuntingBookmark() (*HuntingBookmark, bool)

+ func (mce MailClusterEntity) AsIPEntity() (*IPEntity, bool)

+ func (mce MailClusterEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (mce MailClusterEntity) AsMailClusterEntity() (*MailClusterEntity, bool)

+ func (mce MailClusterEntity) AsMailMessageEntity() (*MailMessageEntity, bool)

+ func (mce MailClusterEntity) AsMailboxEntity() (*MailboxEntity, bool)

+ func (mce MailClusterEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (mce MailClusterEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (mce MailClusterEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (mce MailClusterEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (mce MailClusterEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (mce MailClusterEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (mce MailClusterEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)

+ func (mce MailClusterEntity) AsURLEntity() (*URLEntity, bool)

+ func (mce MailClusterEntity) MarshalJSON() ([]byte, error)

+ type MailClusterEntityProperties struct

+ AdditionalData map[string]interface{}

+ ClusterGroup *string

+ ClusterQueryEndTime *date.Time

+ ClusterQueryStartTime *date.Time

+ ClusterSourceIdentifier *string

+ ClusterSourceType *string

+ CountByDeliveryStatus interface{}

+ CountByProtectionStatus interface{}

+ CountByThreatType interface{}

+ FriendlyName *string

+ IsVolumeAnomaly *bool

+ MailCount *int32

+ NetworkMessageIds *[]string

+ Query *string

+ QueryTime *date.Time

+ Source *string

+ Threats *[]string

+ func (mcep MailClusterEntityProperties) MarshalJSON() ([]byte, error)

+ type MailMessageEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (mme *MailMessageEntity) UnmarshalJSON(body []byte) error

+ func (mme MailMessageEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (mme MailMessageEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (mme MailMessageEntity) AsBasicEntity() (BasicEntity, bool)

+ func (mme MailMessageEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (mme MailMessageEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (mme MailMessageEntity) AsEntity() (*Entity, bool)

+ func (mme MailMessageEntity) AsFileEntity() (*FileEntity, bool)

+ func (mme MailMessageEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (mme MailMessageEntity) AsHostEntity() (*HostEntity, bool)

+ func (mme MailMessageEntity) AsHuntingBookmark() (*HuntingBookmark, bool)

+ func (mme MailMessageEntity) AsIPEntity() (*IPEntity, bool)

+ func (mme MailMessageEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (mme MailMessageEntity) AsMailClusterEntity() (*MailClusterEntity, bool)

+ func (mme MailMessageEntity) AsMailMessageEntity() (*MailMessageEntity, bool)

+ func (mme MailMessageEntity) AsMailboxEntity() (*MailboxEntity, bool)

+ func (mme MailMessageEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (mme MailMessageEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (mme MailMessageEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (mme MailMessageEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (mme MailMessageEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (mme MailMessageEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (mme MailMessageEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)

+ func (mme MailMessageEntity) AsURLEntity() (*URLEntity, bool)

+ func (mme MailMessageEntity) MarshalJSON() ([]byte, error)

+ type MailMessageEntityProperties struct

+ AdditionalData map[string]interface{}

+ AntispamDirection AntispamMailDirection

+ BodyFingerprintBin1 *int32

+ BodyFingerprintBin2 *int32

+ BodyFingerprintBin3 *int32

+ BodyFingerprintBin4 *int32

+ BodyFingerprintBin5 *int32

+ DeliveryAction DeliveryAction

+ DeliveryLocation DeliveryLocation

+ FileEntityIds *[]string

+ FriendlyName *string

+ InternetMessageID *string

+ Language *string

+ NetworkMessageID *uuid.UUID

+ P1Sender *string

+ P1SenderDisplayName *string

+ P1SenderDomain *string

+ P2Sender *string

+ P2SenderDisplayName *string

+ P2SenderDomain *string

+ ReceiveDate *date.Time

+ Recipient *string

+ SenderIP *string

+ Subject *string

+ ThreatDetectionMethods *[]string

+ Threats *[]string

+ Urls *[]string

+ func (mmep MailMessageEntityProperties) MarshalJSON() ([]byte, error)

+ type MailboxEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (me *MailboxEntity) UnmarshalJSON(body []byte) error

+ func (me MailboxEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (me MailboxEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (me MailboxEntity) AsBasicEntity() (BasicEntity, bool)

+ func (me MailboxEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (me MailboxEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (me MailboxEntity) AsEntity() (*Entity, bool)

+ func (me MailboxEntity) AsFileEntity() (*FileEntity, bool)

+ func (me MailboxEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (me MailboxEntity) AsHostEntity() (*HostEntity, bool)

+ func (me MailboxEntity) AsHuntingBookmark() (*HuntingBookmark, bool)

+ func (me MailboxEntity) AsIPEntity() (*IPEntity, bool)

+ func (me MailboxEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (me MailboxEntity) AsMailClusterEntity() (*MailClusterEntity, bool)

+ func (me MailboxEntity) AsMailMessageEntity() (*MailMessageEntity, bool)

+ func (me MailboxEntity) AsMailboxEntity() (*MailboxEntity, bool)

+ func (me MailboxEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (me MailboxEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (me MailboxEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (me MailboxEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (me MailboxEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (me MailboxEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (me MailboxEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)

+ func (me MailboxEntity) AsURLEntity() (*URLEntity, bool)

+ func (me MailboxEntity) MarshalJSON() ([]byte, error)

+ type MailboxEntityProperties struct

+ AdditionalData map[string]interface{}

+ DisplayName *string

+ ExternalDirectoryObjectID *uuid.UUID

+ FriendlyName *string

+ MailboxPrimaryAddress *string

+ Upn *string

+ func (mep MailboxEntityProperties) MarshalJSON() ([]byte, error)

+ type MalwareEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (me *MalwareEntity) UnmarshalJSON(body []byte) error

+ func (me MalwareEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (me MalwareEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (me MalwareEntity) AsBasicEntity() (BasicEntity, bool)

+ func (me MalwareEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (me MalwareEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (me MalwareEntity) AsEntity() (*Entity, bool)

+ func (me MalwareEntity) AsFileEntity() (*FileEntity, bool)

+ func (me MalwareEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (me MalwareEntity) AsHostEntity() (*HostEntity, bool)

+ func (me MalwareEntity) AsHuntingBookmark() (*HuntingBookmark, bool)

+ func (me MalwareEntity) AsIPEntity() (*IPEntity, bool)

+ func (me MalwareEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (me MalwareEntity) AsMailClusterEntity() (*MailClusterEntity, bool)

+ func (me MalwareEntity) AsMailMessageEntity() (*MailMessageEntity, bool)

+ func (me MalwareEntity) AsMailboxEntity() (*MailboxEntity, bool)

+ func (me MalwareEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (me MalwareEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (me MalwareEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (me MalwareEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (me MalwareEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (me MalwareEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (me MalwareEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)

+ func (me MalwareEntity) AsURLEntity() (*URLEntity, bool)

+ func (me MalwareEntity) MarshalJSON() ([]byte, error)

+ type MalwareEntityProperties struct

+ AdditionalData map[string]interface{}

+ Category *string

+ FileEntityIds *[]string

+ FriendlyName *string

+ MalwareName *string

+ ProcessEntityIds *[]string

+ func (mep MalwareEntityProperties) MarshalJSON() ([]byte, error)

+ type MatchingMethod string

+ const MatchingMethodAllEntities

+ const MatchingMethodAnyAlert

+ const MatchingMethodSelected

+ func PossibleMatchingMethodValues() []MatchingMethod

+ type MetadataAuthor struct

+ Email *string

+ Link *string

+ Name *string

+ type MetadataCategories struct

+ Domains *[]string

+ Verticals *[]string

+ type MetadataClient struct

+ func NewMetadataClient(subscriptionID string) MetadataClient

+ func NewMetadataClientWithBaseURI(baseURI string, subscriptionID string) MetadataClient

+ func (client MetadataClient) Create(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result MetadataModel, err error)

+ func (client MetadataClient) CreatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client MetadataClient) CreateResponder(resp *http.Response) (result MetadataModel, err error)

+ func (client MetadataClient) CreateSender(req *http.Request) (*http.Response, error)

+ func (client MetadataClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)

+ func (client MetadataClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client MetadataClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client MetadataClient) DeleteSender(req *http.Request) (*http.Response, error)

+ func (client MetadataClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result MetadataModel, err error)

+ func (client MetadataClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client MetadataClient) GetResponder(resp *http.Response) (result MetadataModel, err error)

+ func (client MetadataClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client MetadataClient) List(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result MetadataListPage, err error)

+ func (client MetadataClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result MetadataListIterator, err error)

+ func (client MetadataClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client MetadataClient) ListResponder(resp *http.Response) (result MetadataList, err error)

+ func (client MetadataClient) ListSender(req *http.Request) (*http.Response, error)

+ func (client MetadataClient) Update(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result MetadataModel, err error)

+ func (client MetadataClient) UpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client MetadataClient) UpdateResponder(resp *http.Response) (result MetadataModel, err error)

+ func (client MetadataClient) UpdateSender(req *http.Request) (*http.Response, error)

+ type MetadataDependencies struct

+ ContentID *string

+ Criteria *[]MetadataDependencies

+ Kind Kind

+ Name *string

+ Operator Operator

+ Version *string

+ type MetadataList struct

+ NextLink *string

+ Value *[]MetadataModel

+ func (ml MetadataList) IsEmpty() bool

+ func (ml MetadataList) MarshalJSON() ([]byte, error)

+ type MetadataListIterator struct

+ func NewMetadataListIterator(page MetadataListPage) MetadataListIterator

+ func (iter *MetadataListIterator) Next() error

+ func (iter *MetadataListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter MetadataListIterator) NotDone() bool

+ func (iter MetadataListIterator) Response() MetadataList

+ func (iter MetadataListIterator) Value() MetadataModel

+ type MetadataListPage struct

+ func NewMetadataListPage(cur MetadataList, ...) MetadataListPage

+ func (page *MetadataListPage) Next() error

+ func (page *MetadataListPage) NextWithContext(ctx context.Context) (err error)

+ func (page MetadataListPage) NotDone() bool

+ func (page MetadataListPage) Response() MetadataList

+ func (page MetadataListPage) Values() []MetadataModel

+ type MetadataModel struct

+ Etag *string

+ ID *string

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (mm *MetadataModel) UnmarshalJSON(body []byte) error

+ func (mm MetadataModel) MarshalJSON() ([]byte, error)

+ type MetadataPatch struct

+ Etag *string

+ ID *string

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (mp *MetadataPatch) UnmarshalJSON(body []byte) error

+ func (mp MetadataPatch) MarshalJSON() ([]byte, error)

+ type MetadataProperties struct

+ Author *MetadataAuthor

+ Categories *MetadataCategories

+ ContentID *string

+ Dependencies *MetadataDependencies

+ FirstPublishDate *date.Date

+ Kind Kind

+ LastPublishDate *date.Date

+ ParentID *string

+ Providers *[]string

+ Source *MetadataSource

+ Support *MetadataSupport

+ Version *string

+ type MetadataPropertiesPatch struct

+ Author *MetadataAuthor

+ Categories *MetadataCategories

+ ContentID *string

+ Dependencies *MetadataDependencies

+ FirstPublishDate *date.Date

+ Kind Kind

+ LastPublishDate *date.Date

+ ParentID *string

+ Providers *[]string

+ Source *MetadataSource

+ Support *MetadataSupport

+ Version *string

+ type MetadataSource struct

+ Kind SourceKind

+ Name *string

+ SourceID *string

+ type MetadataSupport struct

+ Email *string

+ Link *string

+ Name *string

+ Tier SupportTier

+ type MicrosoftSecurityIncidentCreationAlertRule struct

+ Etag *string

+ ID *string

+ Kind KindBasicAlertRule

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (msicar *MicrosoftSecurityIncidentCreationAlertRule) UnmarshalJSON(body []byte) error

+ func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsAlertRule() (*AlertRule, bool)

+ func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsBasicAlertRule() (BasicAlertRule, bool)

+ func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)

+ func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsMLBehaviorAnalyticsAlertRule() (*MLBehaviorAnalyticsAlertRule, bool)

+ func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)

+ func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsNrtAlertRule() (*NrtAlertRule, bool)

+ func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)

+ func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool)

+ func (msicar MicrosoftSecurityIncidentCreationAlertRule) MarshalJSON() ([]byte, error)

+ type MicrosoftSecurityIncidentCreationAlertRuleCommonProperties struct

+ DisplayNamesExcludeFilter *[]string

+ DisplayNamesFilter *[]string

+ ProductFilter MicrosoftSecurityProductName

+ SeveritiesFilter *[]AlertSeverity

+ type MicrosoftSecurityIncidentCreationAlertRuleProperties struct

+ AlertRuleTemplateName *string

+ Description *string

+ DisplayName *string

+ DisplayNamesExcludeFilter *[]string

+ DisplayNamesFilter *[]string

+ Enabled *bool

+ LastModifiedUtc *date.Time

+ ProductFilter MicrosoftSecurityProductName

+ SeveritiesFilter *[]AlertSeverity

+ func (msicarp MicrosoftSecurityIncidentCreationAlertRuleProperties) MarshalJSON() ([]byte, error)

+ type MicrosoftSecurityIncidentCreationAlertRuleTemplate struct

+ ID *string

+ Kind KindBasicAlertRuleTemplate

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (msicart *MicrosoftSecurityIncidentCreationAlertRuleTemplate) UnmarshalJSON(body []byte) error

+ func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)

+ func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)

+ func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)

+ func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate() (*MLBehaviorAnalyticsAlertRuleTemplate, bool)

+ func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)

+ func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool)

+ func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)

+ func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool)

+ func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) MarshalJSON() ([]byte, error)

+ type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties struct

+ AlertRulesCreatedByTemplateCount *int32

+ CreatedDateUTC *date.Time

+ Description *string

+ DisplayName *string

+ DisplayNamesExcludeFilter *[]string

+ DisplayNamesFilter *[]string

+ LastUpdatedDateUTC *date.Time

+ ProductFilter MicrosoftSecurityProductName

+ RequiredDataConnectors *[]AlertRuleTemplateDataSource

+ SeveritiesFilter *[]AlertSeverity

+ Status TemplateStatus

+ func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) MarshalJSON() ([]byte, error)

+ type MicrosoftSecurityProductName string

+ const MicrosoftSecurityProductNameAzureActiveDirectoryIdentityProtection

+ const MicrosoftSecurityProductNameAzureAdvancedThreatProtection

+ const MicrosoftSecurityProductNameAzureSecurityCenter

+ const MicrosoftSecurityProductNameAzureSecurityCenterforIoT

+ const MicrosoftSecurityProductNameMicrosoftCloudAppSecurity

+ const MicrosoftSecurityProductNameMicrosoftDefenderAdvancedThreatProtection

+ const MicrosoftSecurityProductNameOffice365AdvancedThreatProtection

+ func PossibleMicrosoftSecurityProductNameValues() []MicrosoftSecurityProductName

+ type MtpCheckRequirements struct

+ Kind KindBasicDataConnectorsCheckRequirements

+ func (mcr *MtpCheckRequirements) UnmarshalJSON(body []byte) error

+ func (mcr MtpCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)

+ func (mcr MtpCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)

+ func (mcr MtpCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)

+ func (mcr MtpCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)

+ func (mcr MtpCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)

+ func (mcr MtpCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)

+ func (mcr MtpCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)

+ func (mcr MtpCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)

+ func (mcr MtpCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)

+ func (mcr MtpCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)

+ func (mcr MtpCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)

+ func (mcr MtpCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)

+ func (mcr MtpCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)

+ func (mcr MtpCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)

+ func (mcr MtpCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)

+ func (mcr MtpCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)

+ func (mcr MtpCheckRequirements) MarshalJSON() ([]byte, error)

+ type NrtAlertRule struct

+ Etag *string

+ ID *string

+ Kind KindBasicAlertRule

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (nar *NrtAlertRule) UnmarshalJSON(body []byte) error

+ func (nar NrtAlertRule) AsAlertRule() (*AlertRule, bool)

+ func (nar NrtAlertRule) AsBasicAlertRule() (BasicAlertRule, bool)

+ func (nar NrtAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)

+ func (nar NrtAlertRule) AsMLBehaviorAnalyticsAlertRule() (*MLBehaviorAnalyticsAlertRule, bool)

+ func (nar NrtAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)

+ func (nar NrtAlertRule) AsNrtAlertRule() (*NrtAlertRule, bool)

+ func (nar NrtAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)

+ func (nar NrtAlertRule) AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool)

+ func (nar NrtAlertRule) MarshalJSON() ([]byte, error)

+ type NrtAlertRuleProperties struct

+ AlertDetailsOverride *AlertDetailsOverride

+ AlertRuleTemplateName *string

+ CustomDetails map[string]*string

+ Description *string

+ DisplayName *string

+ Enabled *bool

+ EntityMappings *[]EntityMapping

+ IncidentConfiguration *IncidentConfiguration

+ LastModifiedUtc *date.Time

+ Query *string

+ Severity AlertSeverity

+ SuppressionDuration *string

+ SuppressionEnabled *bool

+ Tactics *[]AttackTactic

+ TemplateVersion *string

+ func (narp NrtAlertRuleProperties) MarshalJSON() ([]byte, error)

+ type NrtAlertRuleTemplate struct

+ ID *string

+ Kind KindBasicAlertRuleTemplate

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (nart *NrtAlertRuleTemplate) UnmarshalJSON(body []byte) error

+ func (nart NrtAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)

+ func (nart NrtAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)

+ func (nart NrtAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)

+ func (nart NrtAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate() (*MLBehaviorAnalyticsAlertRuleTemplate, bool)

+ func (nart NrtAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)

+ func (nart NrtAlertRuleTemplate) AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool)

+ func (nart NrtAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)

+ func (nart NrtAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool)

+ func (nart NrtAlertRuleTemplate) MarshalJSON() ([]byte, error)

+ type NrtAlertRuleTemplateProperties struct

+ AlertDetailsOverride *AlertDetailsOverride

+ AlertRulesCreatedByTemplateCount *int32

+ CreatedDateUTC *date.Time

+ CustomDetails map[string]*string

+ Description *string

+ DisplayName *string

+ EntityMappings *[]EntityMapping

+ LastUpdatedDateUTC *date.Time

+ Query *string

+ RequiredDataConnectors *[]AlertRuleTemplateDataSource

+ Severity AlertSeverity

+ Status TemplateStatus

+ Tactics *[]AttackTactic

+ Version *string

+ func (nart NrtAlertRuleTemplateProperties) MarshalJSON() ([]byte, error)

+ type OSFamily string

+ const OSFamilyAndroid

+ const OSFamilyIOS

+ const OSFamilyLinux

+ const OSFamilyUnknown

+ const OSFamilyWindows

+ func PossibleOSFamilyValues() []OSFamily

+ type OfficeATPCheckRequirements struct

+ Kind KindBasicDataConnectorsCheckRequirements

+ func (oacr *OfficeATPCheckRequirements) UnmarshalJSON(body []byte) error

+ func (oacr OfficeATPCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)

+ func (oacr OfficeATPCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)

+ func (oacr OfficeATPCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)

+ func (oacr OfficeATPCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)

+ func (oacr OfficeATPCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)

+ func (oacr OfficeATPCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)

+ func (oacr OfficeATPCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)

+ func (oacr OfficeATPCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)

+ func (oacr OfficeATPCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)

+ func (oacr OfficeATPCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)

+ func (oacr OfficeATPCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)

+ func (oacr OfficeATPCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)

+ func (oacr OfficeATPCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)

+ func (oacr OfficeATPCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)

+ func (oacr OfficeATPCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)

+ func (oacr OfficeATPCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)

+ func (oacr OfficeATPCheckRequirements) MarshalJSON() ([]byte, error)

+ type OfficeATPCheckRequirementsProperties struct

+ TenantID *string

+ type OfficeATPDataConnector struct

+ Etag *string

+ ID *string

+ Kind KindBasicDataConnector

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (oadc *OfficeATPDataConnector) UnmarshalJSON(body []byte) error

+ func (oadc OfficeATPDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

+ func (oadc OfficeATPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

+ func (oadc OfficeATPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

+ func (oadc OfficeATPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

+ func (oadc OfficeATPDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)

+ func (oadc OfficeATPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

+ func (oadc OfficeATPDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)

+ func (oadc OfficeATPDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)

+ func (oadc OfficeATPDataConnector) AsDataConnector() (*DataConnector, bool)

+ func (oadc OfficeATPDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)

+ func (oadc OfficeATPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

+ func (oadc OfficeATPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

+ func (oadc OfficeATPDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)

+ func (oadc OfficeATPDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)

+ func (oadc OfficeATPDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)

+ func (oadc OfficeATPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

+ func (oadc OfficeATPDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)

+ func (oadc OfficeATPDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

+ func (oadc OfficeATPDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)

+ func (oadc OfficeATPDataConnector) MarshalJSON() ([]byte, error)

+ type OfficeATPDataConnectorProperties struct

+ DataTypes *AlertsDataTypeOfDataConnector

+ TenantID *string

+ type OfficeConsent struct

+ ID *string

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (oc *OfficeConsent) UnmarshalJSON(body []byte) error

+ func (oc OfficeConsent) MarshalJSON() ([]byte, error)

+ type OfficeConsentList struct

+ NextLink *string

+ Value *[]OfficeConsent

+ func (ocl OfficeConsentList) IsEmpty() bool

+ func (ocl OfficeConsentList) MarshalJSON() ([]byte, error)

+ type OfficeConsentListIterator struct

+ func NewOfficeConsentListIterator(page OfficeConsentListPage) OfficeConsentListIterator

+ func (iter *OfficeConsentListIterator) Next() error

+ func (iter *OfficeConsentListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter OfficeConsentListIterator) NotDone() bool

+ func (iter OfficeConsentListIterator) Response() OfficeConsentList

+ func (iter OfficeConsentListIterator) Value() OfficeConsent

+ type OfficeConsentListPage struct

+ func NewOfficeConsentListPage(cur OfficeConsentList, ...) OfficeConsentListPage

+ func (page *OfficeConsentListPage) Next() error

+ func (page *OfficeConsentListPage) NextWithContext(ctx context.Context) (err error)

+ func (page OfficeConsentListPage) NotDone() bool

+ func (page OfficeConsentListPage) Response() OfficeConsentList

+ func (page OfficeConsentListPage) Values() []OfficeConsent

+ type OfficeConsentProperties struct

+ ConsentID *string

+ TenantID *string

+ type OfficeConsentsClient struct

+ func NewOfficeConsentsClient(subscriptionID string) OfficeConsentsClient

+ func NewOfficeConsentsClientWithBaseURI(baseURI string, subscriptionID string) OfficeConsentsClient

+ func (client OfficeConsentsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)

+ func (client OfficeConsentsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client OfficeConsentsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client OfficeConsentsClient) DeleteSender(req *http.Request) (*http.Response, error)

+ func (client OfficeConsentsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result OfficeConsent, err error)

+ func (client OfficeConsentsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client OfficeConsentsClient) GetResponder(resp *http.Response) (result OfficeConsent, err error)

+ func (client OfficeConsentsClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client OfficeConsentsClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result OfficeConsentListPage, err error)

+ func (client OfficeConsentsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result OfficeConsentListIterator, err error)

+ func (client OfficeConsentsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)

+ func (client OfficeConsentsClient) ListResponder(resp *http.Response) (result OfficeConsentList, err error)

+ func (client OfficeConsentsClient) ListSender(req *http.Request) (*http.Response, error)

+ type OfficeDataConnector struct

+ Etag *string

+ ID *string

+ Kind KindBasicDataConnector

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (odc *OfficeDataConnector) UnmarshalJSON(body []byte) error

+ func (odc OfficeDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

+ func (odc OfficeDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

+ func (odc OfficeDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

+ func (odc OfficeDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

+ func (odc OfficeDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)

+ func (odc OfficeDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

+ func (odc OfficeDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)

+ func (odc OfficeDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)

+ func (odc OfficeDataConnector) AsDataConnector() (*DataConnector, bool)

+ func (odc OfficeDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)

+ func (odc OfficeDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

+ func (odc OfficeDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

+ func (odc OfficeDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)

+ func (odc OfficeDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)

+ func (odc OfficeDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)

+ func (odc OfficeDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

+ func (odc OfficeDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)

+ func (odc OfficeDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

+ func (odc OfficeDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)

+ func (odc OfficeDataConnector) MarshalJSON() ([]byte, error)

+ type OfficeDataConnectorDataTypes struct

+ Exchange *OfficeDataConnectorDataTypesExchange

+ SharePoint *OfficeDataConnectorDataTypesSharePoint

+ Teams *OfficeDataConnectorDataTypesTeams

+ type OfficeDataConnectorDataTypesExchange struct

+ State DataTypeState

+ type OfficeDataConnectorDataTypesSharePoint struct

+ State DataTypeState

+ type OfficeDataConnectorDataTypesTeams struct

+ State DataTypeState

+ type OfficeDataConnectorProperties struct

+ DataTypes *OfficeDataConnectorDataTypes

+ TenantID *string

+ type OfficeIRMCheckRequirements struct

+ Kind KindBasicDataConnectorsCheckRequirements

+ func (oicr *OfficeIRMCheckRequirements) UnmarshalJSON(body []byte) error

+ func (oicr OfficeIRMCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)

+ func (oicr OfficeIRMCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)

+ func (oicr OfficeIRMCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)

+ func (oicr OfficeIRMCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)

+ func (oicr OfficeIRMCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)

+ func (oicr OfficeIRMCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)

+ func (oicr OfficeIRMCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)

+ func (oicr OfficeIRMCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)

+ func (oicr OfficeIRMCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)

+ func (oicr OfficeIRMCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)

+ func (oicr OfficeIRMCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)

+ func (oicr OfficeIRMCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)

+ func (oicr OfficeIRMCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)

+ func (oicr OfficeIRMCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)

+ func (oicr OfficeIRMCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)

+ func (oicr OfficeIRMCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)

+ func (oicr OfficeIRMCheckRequirements) MarshalJSON() ([]byte, error)

+ type OfficeIRMCheckRequirementsProperties struct

+ TenantID *string

+ type OfficeIRMDataConnector struct

+ Etag *string

+ ID *string

+ Kind KindBasicDataConnector

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (oidc *OfficeIRMDataConnector) UnmarshalJSON(body []byte) error

+ func (oidc OfficeIRMDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

+ func (oidc OfficeIRMDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

+ func (oidc OfficeIRMDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

+ func (oidc OfficeIRMDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

+ func (oidc OfficeIRMDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)

+ func (oidc OfficeIRMDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

+ func (oidc OfficeIRMDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)

+ func (oidc OfficeIRMDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)

+ func (oidc OfficeIRMDataConnector) AsDataConnector() (*DataConnector, bool)

+ func (oidc OfficeIRMDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)

+ func (oidc OfficeIRMDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

+ func (oidc OfficeIRMDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

+ func (oidc OfficeIRMDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)

+ func (oidc OfficeIRMDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)

+ func (oidc OfficeIRMDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)

+ func (oidc OfficeIRMDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

+ func (oidc OfficeIRMDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)

+ func (oidc OfficeIRMDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

+ func (oidc OfficeIRMDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)

+ func (oidc OfficeIRMDataConnector) MarshalJSON() ([]byte, error)

+ type OfficeIRMDataConnectorProperties struct

+ DataTypes *AlertsDataTypeOfDataConnector

+ TenantID *string

+ type Operation struct

+ Display *OperationDisplay

+ IsDataAction *bool

+ Name *string

+ Origin *string

+ type OperationDisplay struct

+ Description *string

+ Operation *string

+ Provider *string

+ Resource *string

+ type OperationsClient struct

+ func NewOperationsClient(subscriptionID string) OperationsClient

+ func NewOperationsClientWithBaseURI(baseURI string, subscriptionID string) OperationsClient

+ func (client OperationsClient) List(ctx context.Context) (result OperationsListPage, err error)

+ func (client OperationsClient) ListComplete(ctx context.Context) (result OperationsListIterator, err error)

+ func (client OperationsClient) ListPreparer(ctx context.Context) (*http.Request, error)

+ func (client OperationsClient) ListResponder(resp *http.Response) (result OperationsList, err error)

+ func (client OperationsClient) ListSender(req *http.Request) (*http.Response, error)

+ type OperationsList struct

+ NextLink *string

+ Value *[]Operation

+ func (ol OperationsList) IsEmpty() bool

+ func (ol OperationsList) MarshalJSON() ([]byte, error)

+ type OperationsListIterator struct

+ func NewOperationsListIterator(page OperationsListPage) OperationsListIterator

+ func (iter *OperationsListIterator) Next() error

+ func (iter *OperationsListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter OperationsListIterator) NotDone() bool

+ func (iter OperationsListIterator) Response() OperationsList

+ func (iter OperationsListIterator) Value() Operation

+ type OperationsListPage struct

+ func NewOperationsListPage(cur OperationsList, ...) OperationsListPage

+ func (page *OperationsListPage) Next() error

+ func (page *OperationsListPage) NextWithContext(ctx context.Context) (err error)

+ func (page OperationsListPage) NotDone() bool

+ func (page OperationsListPage) Response() OperationsList

+ func (page OperationsListPage) Values() []Operation

+ type Operator string

+ const OperatorAND

+ const OperatorOR

+ func PossibleOperatorValues() []Operator

+ type OutputType string

+ const OutputTypeDate

+ const OutputTypeEntity

+ const OutputTypeNumber

+ const OutputTypeString

+ func PossibleOutputTypeValues() []OutputType

+ type OwnerType string

+ const OwnerTypeGroup

+ const OwnerTypeUnknown

+ const OwnerTypeUser

+ func PossibleOwnerTypeValues() []OwnerType

+ type PermissionProviderScope string

+ const PermissionProviderScopeResourceGroup

+ const PermissionProviderScopeSubscription

+ const PermissionProviderScopeWorkspace

+ func PossiblePermissionProviderScopeValues() []PermissionProviderScope

+ type Permissions struct

+ Customs *[]PermissionsCustomsItem

+ ResourceProvider *[]PermissionsResourceProviderItem

+ type PermissionsCustomsItem struct

+ Description *string

+ Name *string

+ type PermissionsResourceProviderItem struct

+ PermissionsDisplayText *string

+ Provider ProviderName

+ ProviderDisplayName *string

+ RequiredPermissions *RequiredPermissions

+ Scope PermissionProviderScope

+ type PollingFrequency string

+ const PollingFrequencyOnceADay

+ const PollingFrequencyOnceAMinute

+ const PollingFrequencyOnceAnHour

+ func PossiblePollingFrequencyValues() []PollingFrequency

+ type ProcessEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (peVar *ProcessEntity) UnmarshalJSON(body []byte) error

+ func (peVar ProcessEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (peVar ProcessEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (peVar ProcessEntity) AsBasicEntity() (BasicEntity, bool)

+ func (peVar ProcessEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (peVar ProcessEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (peVar ProcessEntity) AsEntity() (*Entity, bool)

+ func (peVar ProcessEntity) AsFileEntity() (*FileEntity, bool)

+ func (peVar ProcessEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (peVar ProcessEntity) AsHostEntity() (*HostEntity, bool)

+ func (peVar ProcessEntity) AsHuntingBookmark() (*HuntingBookmark, bool)

+ func (peVar ProcessEntity) AsIPEntity() (*IPEntity, bool)

+ func (peVar ProcessEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (peVar ProcessEntity) AsMailClusterEntity() (*MailClusterEntity, bool)

+ func (peVar ProcessEntity) AsMailMessageEntity() (*MailMessageEntity, bool)

+ func (peVar ProcessEntity) AsMailboxEntity() (*MailboxEntity, bool)

+ func (peVar ProcessEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (peVar ProcessEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (peVar ProcessEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (peVar ProcessEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (peVar ProcessEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (peVar ProcessEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (peVar ProcessEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)

+ func (peVar ProcessEntity) AsURLEntity() (*URLEntity, bool)

+ func (peVar ProcessEntity) MarshalJSON() ([]byte, error)

+ type ProcessEntityProperties struct

+ AccountEntityID *string

+ AdditionalData map[string]interface{}

+ CommandLine *string

+ CreationTimeUtc *date.Time

+ ElevationToken ElevationToken

+ FriendlyName *string

+ HostEntityID *string

+ HostLogonSessionEntityID *string

+ ImageFileEntityID *string

+ ParentProcessEntityID *string

+ ProcessID *string

+ func (pep ProcessEntityProperties) MarshalJSON() ([]byte, error)

+ type ProductSettingsClient struct

+ func NewProductSettingsClient(subscriptionID string) ProductSettingsClient

+ func NewProductSettingsClientWithBaseURI(baseURI string, subscriptionID string) ProductSettingsClient

+ func (client ProductSettingsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)

+ func (client ProductSettingsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client ProductSettingsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client ProductSettingsClient) DeleteSender(req *http.Request) (*http.Response, error)

+ func (client ProductSettingsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result SettingsModel, err error)

+ func (client ProductSettingsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client ProductSettingsClient) GetResponder(resp *http.Response) (result SettingsModel, err error)

+ func (client ProductSettingsClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client ProductSettingsClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result SettingList, err error)

+ func (client ProductSettingsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)

+ func (client ProductSettingsClient) ListResponder(resp *http.Response) (result SettingList, err error)

+ func (client ProductSettingsClient) ListSender(req *http.Request) (*http.Response, error)

+ func (client ProductSettingsClient) Update(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result SettingsModel, err error)

+ func (client ProductSettingsClient) UpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client ProductSettingsClient) UpdateResponder(resp *http.Response) (result SettingsModel, err error)

+ func (client ProductSettingsClient) UpdateSender(req *http.Request) (*http.Response, error)

+ type ProviderName string

+ const ProviderNameMicrosoftAuthorizationpolicyAssignments

+ const ProviderNameMicrosoftOperationalInsightssolutions

+ const ProviderNameMicrosoftOperationalInsightsworkspaces

+ const ProviderNameMicrosoftOperationalInsightsworkspacesdatasources

+ const ProviderNameMicrosoftOperationalInsightsworkspacessharedKeys

+ const ProviderNameMicrosoftaadiamdiagnosticSettings

+ func PossibleProviderNameValues() []ProviderName

+ type ProxyResource struct

+ ID *string

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (pr ProxyResource) MarshalJSON() ([]byte, error)

+ type QueryBasedAlertRuleProperties struct

+ AlertDetailsOverride *AlertDetailsOverride

+ AlertRuleTemplateName *string

+ CustomDetails map[string]*string

+ Description *string

+ DisplayName *string

+ Enabled *bool

+ EntityMappings *[]EntityMapping

+ IncidentConfiguration *IncidentConfiguration

+ LastModifiedUtc *date.Time

+ Query *string

+ Severity AlertSeverity

+ SuppressionDuration *string

+ SuppressionEnabled *bool

+ Tactics *[]AttackTactic

+ TemplateVersion *string

+ func (qbarp QueryBasedAlertRuleProperties) MarshalJSON() ([]byte, error)

+ type QueryBasedAlertRuleTemplateProperties struct

+ AlertDetailsOverride *AlertDetailsOverride

+ CustomDetails map[string]*string

+ EntityMappings *[]EntityMapping

+ Query *string

+ Severity AlertSeverity

+ Tactics *[]AttackTactic

+ Version *string

+ func (qbartp QueryBasedAlertRuleTemplateProperties) MarshalJSON() ([]byte, error)

+ type RegistryHive string

+ const RegistryHiveHKEYA

+ const RegistryHiveHKEYCLASSESROOT

+ const RegistryHiveHKEYCURRENTCONFIG

+ const RegistryHiveHKEYCURRENTUSER

+ const RegistryHiveHKEYCURRENTUSERLOCALSETTINGS

+ const RegistryHiveHKEYLOCALMACHINE

+ const RegistryHiveHKEYPERFORMANCEDATA

+ const RegistryHiveHKEYPERFORMANCENLSTEXT

+ const RegistryHiveHKEYPERFORMANCETEXT

+ const RegistryHiveHKEYUSERS

+ func PossibleRegistryHiveValues() []RegistryHive

+ type RegistryKeyEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (rke *RegistryKeyEntity) UnmarshalJSON(body []byte) error

+ func (rke RegistryKeyEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (rke RegistryKeyEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (rke RegistryKeyEntity) AsBasicEntity() (BasicEntity, bool)

+ func (rke RegistryKeyEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (rke RegistryKeyEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (rke RegistryKeyEntity) AsEntity() (*Entity, bool)

+ func (rke RegistryKeyEntity) AsFileEntity() (*FileEntity, bool)

+ func (rke RegistryKeyEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (rke RegistryKeyEntity) AsHostEntity() (*HostEntity, bool)

+ func (rke RegistryKeyEntity) AsHuntingBookmark() (*HuntingBookmark, bool)

+ func (rke RegistryKeyEntity) AsIPEntity() (*IPEntity, bool)

+ func (rke RegistryKeyEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (rke RegistryKeyEntity) AsMailClusterEntity() (*MailClusterEntity, bool)

+ func (rke RegistryKeyEntity) AsMailMessageEntity() (*MailMessageEntity, bool)

+ func (rke RegistryKeyEntity) AsMailboxEntity() (*MailboxEntity, bool)

+ func (rke RegistryKeyEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (rke RegistryKeyEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (rke RegistryKeyEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (rke RegistryKeyEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (rke RegistryKeyEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (rke RegistryKeyEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (rke RegistryKeyEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)

+ func (rke RegistryKeyEntity) AsURLEntity() (*URLEntity, bool)

+ func (rke RegistryKeyEntity) MarshalJSON() ([]byte, error)

+ type RegistryKeyEntityProperties struct

+ AdditionalData map[string]interface{}

+ FriendlyName *string

+ Hive RegistryHive

+ Key *string

+ func (rkep RegistryKeyEntityProperties) MarshalJSON() ([]byte, error)

+ type RegistryValueEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (rve *RegistryValueEntity) UnmarshalJSON(body []byte) error

+ func (rve RegistryValueEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (rve RegistryValueEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (rve RegistryValueEntity) AsBasicEntity() (BasicEntity, bool)

+ func (rve RegistryValueEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (rve RegistryValueEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (rve RegistryValueEntity) AsEntity() (*Entity, bool)

+ func (rve RegistryValueEntity) AsFileEntity() (*FileEntity, bool)

+ func (rve RegistryValueEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (rve RegistryValueEntity) AsHostEntity() (*HostEntity, bool)

+ func (rve RegistryValueEntity) AsHuntingBookmark() (*HuntingBookmark, bool)

+ func (rve RegistryValueEntity) AsIPEntity() (*IPEntity, bool)

+ func (rve RegistryValueEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (rve RegistryValueEntity) AsMailClusterEntity() (*MailClusterEntity, bool)

+ func (rve RegistryValueEntity) AsMailMessageEntity() (*MailMessageEntity, bool)

+ func (rve RegistryValueEntity) AsMailboxEntity() (*MailboxEntity, bool)

+ func (rve RegistryValueEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (rve RegistryValueEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (rve RegistryValueEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (rve RegistryValueEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (rve RegistryValueEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (rve RegistryValueEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (rve RegistryValueEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)

+ func (rve RegistryValueEntity) AsURLEntity() (*URLEntity, bool)

+ func (rve RegistryValueEntity) MarshalJSON() ([]byte, error)

+ type RegistryValueEntityProperties struct

+ AdditionalData map[string]interface{}

+ FriendlyName *string

+ KeyEntityID *string

+ ValueData *string

+ ValueName *string

+ ValueType RegistryValueKind

+ func (rvep RegistryValueEntityProperties) MarshalJSON() ([]byte, error)

+ type RegistryValueKind string

+ const RegistryValueKindBinary

+ const RegistryValueKindDWord

+ const RegistryValueKindExpandString

+ const RegistryValueKindMultiString

+ const RegistryValueKindNone

+ const RegistryValueKindQWord

+ const RegistryValueKindString

+ const RegistryValueKindUnknown

+ func PossibleRegistryValueKindValues() []RegistryValueKind

+ type Relation struct

+ Etag *string

+ ID *string

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (r *Relation) UnmarshalJSON(body []byte) error

+ func (r Relation) MarshalJSON() ([]byte, error)

+ type RelationList struct

+ NextLink *string

+ Value *[]Relation

+ func (rl RelationList) IsEmpty() bool

+ func (rl RelationList) MarshalJSON() ([]byte, error)

+ type RelationListIterator struct

+ func NewRelationListIterator(page RelationListPage) RelationListIterator

+ func (iter *RelationListIterator) Next() error

+ func (iter *RelationListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter RelationListIterator) NotDone() bool

+ func (iter RelationListIterator) Response() RelationList

+ func (iter RelationListIterator) Value() Relation

+ type RelationListPage struct

+ func NewRelationListPage(cur RelationList, ...) RelationListPage

+ func (page *RelationListPage) Next() error

+ func (page *RelationListPage) NextWithContext(ctx context.Context) (err error)

+ func (page RelationListPage) NotDone() bool

+ func (page RelationListPage) Response() RelationList

+ func (page RelationListPage) Values() []Relation

+ type RelationProperties struct

+ RelatedResourceID *string

+ RelatedResourceKind *string

+ RelatedResourceName *string

+ RelatedResourceType *string

+ func (rp RelationProperties) MarshalJSON() ([]byte, error)

+ type Repo struct

+ Branches *[]string

+ FullName *string

+ URL *string

+ type RepoList struct

+ NextLink *string

+ Value *[]Repo

+ func (rl RepoList) IsEmpty() bool

+ func (rl RepoList) MarshalJSON() ([]byte, error)

+ type RepoListIterator struct

+ func NewRepoListIterator(page RepoListPage) RepoListIterator

+ func (iter *RepoListIterator) Next() error

+ func (iter *RepoListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter RepoListIterator) NotDone() bool

+ func (iter RepoListIterator) Response() RepoList

+ func (iter RepoListIterator) Value() Repo

+ type RepoListPage struct

+ func NewRepoListPage(cur RepoList, getNextPage func(context.Context, RepoList) (RepoList, error)) RepoListPage

+ func (page *RepoListPage) Next() error

+ func (page *RepoListPage) NextWithContext(ctx context.Context) (err error)

+ func (page RepoListPage) NotDone() bool

+ func (page RepoListPage) Response() RepoList

+ func (page RepoListPage) Values() []Repo

+ type RepoType string

+ const RepoTypeDevOps

+ const RepoTypeGithub

+ func PossibleRepoTypeValues() []RepoType

+ type Repository struct

+ Branch *string

+ DeploymentLogsURL *string

+ DisplayURL *string

+ PathMapping *[]ContentPathMap

+ URL *string

+ type RequiredPermissions struct

+ Action *bool

+ Delete *bool

+ Read *bool

+ Write *bool

+ type Resource struct

+ ID *string

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (r Resource) MarshalJSON() ([]byte, error)

+ type ResourceProvider struct

+ PermissionsDisplayText *string

+ Provider ProviderName

+ ProviderDisplayName *string

+ RequiredPermissions *RequiredPermissions

+ Scope PermissionProviderScope

+ type ResourceWithEtag struct

+ Etag *string

+ ID *string

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (rwe ResourceWithEtag) MarshalJSON() ([]byte, error)

+ type SampleQueries struct

+ Description *string

+ Query *string

+ type ScheduledAlertRule struct

+ Etag *string

+ ID *string

+ Kind KindBasicAlertRule

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (sar *ScheduledAlertRule) UnmarshalJSON(body []byte) error

+ func (sar ScheduledAlertRule) AsAlertRule() (*AlertRule, bool)

+ func (sar ScheduledAlertRule) AsBasicAlertRule() (BasicAlertRule, bool)

+ func (sar ScheduledAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)

+ func (sar ScheduledAlertRule) AsMLBehaviorAnalyticsAlertRule() (*MLBehaviorAnalyticsAlertRule, bool)

+ func (sar ScheduledAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)

+ func (sar ScheduledAlertRule) AsNrtAlertRule() (*NrtAlertRule, bool)

+ func (sar ScheduledAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)

+ func (sar ScheduledAlertRule) AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool)

+ func (sar ScheduledAlertRule) MarshalJSON() ([]byte, error)

+ type ScheduledAlertRuleCommonProperties struct

+ EventGroupingSettings *EventGroupingSettings

+ QueryFrequency *string

+ QueryPeriod *string

+ TriggerOperator TriggerOperator

+ TriggerThreshold *int32

+ type ScheduledAlertRuleProperties struct

+ AlertDetailsOverride *AlertDetailsOverride

+ AlertRuleTemplateName *string

+ CustomDetails map[string]*string

+ Description *string

+ DisplayName *string

+ Enabled *bool

+ EntityMappings *[]EntityMapping

+ EventGroupingSettings *EventGroupingSettings

+ IncidentConfiguration *IncidentConfiguration

+ LastModifiedUtc *date.Time

+ Query *string

+ QueryFrequency *string

+ QueryPeriod *string

+ Severity AlertSeverity

+ SuppressionDuration *string

+ SuppressionEnabled *bool

+ Tactics *[]AttackTactic

+ TemplateVersion *string

+ TriggerOperator TriggerOperator

+ TriggerThreshold *int32

+ func (sarp ScheduledAlertRuleProperties) MarshalJSON() ([]byte, error)

+ type ScheduledAlertRuleTemplate struct

+ ID *string

+ Kind KindBasicAlertRuleTemplate

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (sart *ScheduledAlertRuleTemplate) UnmarshalJSON(body []byte) error

+ func (sart ScheduledAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)

+ func (sart ScheduledAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)

+ func (sart ScheduledAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)

+ func (sart ScheduledAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate() (*MLBehaviorAnalyticsAlertRuleTemplate, bool)

+ func (sart ScheduledAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)

+ func (sart ScheduledAlertRuleTemplate) AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool)

+ func (sart ScheduledAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)

+ func (sart ScheduledAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool)

+ func (sart ScheduledAlertRuleTemplate) MarshalJSON() ([]byte, error)

+ type ScheduledAlertRuleTemplateProperties struct

+ AlertDetailsOverride *AlertDetailsOverride

+ AlertRulesCreatedByTemplateCount *int32

+ CreatedDateUTC *date.Time

+ CustomDetails map[string]*string

+ Description *string

+ DisplayName *string

+ EntityMappings *[]EntityMapping

+ EventGroupingSettings *EventGroupingSettings

+ LastUpdatedDateUTC *date.Time

+ Query *string

+ QueryFrequency *string

+ QueryPeriod *string

+ RequiredDataConnectors *[]AlertRuleTemplateDataSource

+ Severity AlertSeverity

+ Status TemplateStatus

+ Tactics *[]AttackTactic

+ TriggerOperator TriggerOperator

+ TriggerThreshold *int32

+ Version *string

+ func (sart ScheduledAlertRuleTemplateProperties) MarshalJSON() ([]byte, error)

+ type SecurityAlert struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (sa *SecurityAlert) UnmarshalJSON(body []byte) error

+ func (sa SecurityAlert) AsAccountEntity() (*AccountEntity, bool)

+ func (sa SecurityAlert) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (sa SecurityAlert) AsBasicEntity() (BasicEntity, bool)

+ func (sa SecurityAlert) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (sa SecurityAlert) AsDNSEntity() (*DNSEntity, bool)

+ func (sa SecurityAlert) AsEntity() (*Entity, bool)

+ func (sa SecurityAlert) AsFileEntity() (*FileEntity, bool)

+ func (sa SecurityAlert) AsFileHashEntity() (*FileHashEntity, bool)

+ func (sa SecurityAlert) AsHostEntity() (*HostEntity, bool)

+ func (sa SecurityAlert) AsHuntingBookmark() (*HuntingBookmark, bool)

+ func (sa SecurityAlert) AsIPEntity() (*IPEntity, bool)

+ func (sa SecurityAlert) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (sa SecurityAlert) AsMailClusterEntity() (*MailClusterEntity, bool)

+ func (sa SecurityAlert) AsMailMessageEntity() (*MailMessageEntity, bool)

+ func (sa SecurityAlert) AsMailboxEntity() (*MailboxEntity, bool)

+ func (sa SecurityAlert) AsMalwareEntity() (*MalwareEntity, bool)

+ func (sa SecurityAlert) AsProcessEntity() (*ProcessEntity, bool)

+ func (sa SecurityAlert) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (sa SecurityAlert) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (sa SecurityAlert) AsSecurityAlert() (*SecurityAlert, bool)

+ func (sa SecurityAlert) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (sa SecurityAlert) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)

+ func (sa SecurityAlert) AsURLEntity() (*URLEntity, bool)

+ func (sa SecurityAlert) MarshalJSON() ([]byte, error)

+ type SecurityAlertProperties struct

+ AdditionalData map[string]interface{}

+ AlertDisplayName *string

+ AlertLink *string

+ AlertType *string

+ CompromisedEntity *string

+ ConfidenceLevel ConfidenceLevel

+ ConfidenceReasons *[]SecurityAlertPropertiesConfidenceReasonsItem

+ ConfidenceScore *float64

+ ConfidenceScoreStatus ConfidenceScoreStatus

+ Description *string

+ EndTimeUtc *date.Time

+ FriendlyName *string

+ Intent KillChainIntent

+ ProcessingEndTime *date.Time

+ ProductComponentName *string

+ ProductName *string

+ ProductVersion *string

+ ProviderAlertID *string

+ RemediationSteps *[]string

+ ResourceIdentifiers *[]interface{}

+ Severity AlertSeverity

+ StartTimeUtc *date.Time

+ Status AlertStatus

+ SystemAlertID *string

+ Tactics *[]AttackTactic

+ TimeGenerated *date.Time

+ VendorName *string

+ func (sap SecurityAlertProperties) MarshalJSON() ([]byte, error)

+ type SecurityAlertPropertiesConfidenceReasonsItem struct

+ Reason *string

+ ReasonType *string

+ func (sapRi SecurityAlertPropertiesConfidenceReasonsItem) MarshalJSON() ([]byte, error)

+ type SecurityAlertTimelineItem struct

+ AlertType *string

+ AzureResourceID *string

+ Description *string

+ DisplayName *string

+ EndTimeUtc *date.Time

+ Kind KindBasicEntityTimelineItem

+ ProductName *string

+ Severity AlertSeverity

+ StartTimeUtc *date.Time

+ TimeGenerated *date.Time

+ func (sati SecurityAlertTimelineItem) AsActivityTimelineItem() (*ActivityTimelineItem, bool)

+ func (sati SecurityAlertTimelineItem) AsBasicEntityTimelineItem() (BasicEntityTimelineItem, bool)

+ func (sati SecurityAlertTimelineItem) AsBookmarkTimelineItem() (*BookmarkTimelineItem, bool)

+ func (sati SecurityAlertTimelineItem) AsEntityTimelineItem() (*EntityTimelineItem, bool)

+ func (sati SecurityAlertTimelineItem) AsSecurityAlertTimelineItem() (*SecurityAlertTimelineItem, bool)

+ func (sati SecurityAlertTimelineItem) MarshalJSON() ([]byte, error)

+ type SecurityGroupEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (sge *SecurityGroupEntity) UnmarshalJSON(body []byte) error

+ func (sge SecurityGroupEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (sge SecurityGroupEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (sge SecurityGroupEntity) AsBasicEntity() (BasicEntity, bool)

+ func (sge SecurityGroupEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (sge SecurityGroupEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (sge SecurityGroupEntity) AsEntity() (*Entity, bool)

+ func (sge SecurityGroupEntity) AsFileEntity() (*FileEntity, bool)

+ func (sge SecurityGroupEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (sge SecurityGroupEntity) AsHostEntity() (*HostEntity, bool)

+ func (sge SecurityGroupEntity) AsHuntingBookmark() (*HuntingBookmark, bool)

+ func (sge SecurityGroupEntity) AsIPEntity() (*IPEntity, bool)

+ func (sge SecurityGroupEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (sge SecurityGroupEntity) AsMailClusterEntity() (*MailClusterEntity, bool)

+ func (sge SecurityGroupEntity) AsMailMessageEntity() (*MailMessageEntity, bool)

+ func (sge SecurityGroupEntity) AsMailboxEntity() (*MailboxEntity, bool)

+ func (sge SecurityGroupEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (sge SecurityGroupEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (sge SecurityGroupEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (sge SecurityGroupEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (sge SecurityGroupEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (sge SecurityGroupEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (sge SecurityGroupEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)

+ func (sge SecurityGroupEntity) AsURLEntity() (*URLEntity, bool)

+ func (sge SecurityGroupEntity) MarshalJSON() ([]byte, error)

+ type SecurityGroupEntityProperties struct

+ AdditionalData map[string]interface{}

+ DistinguishedName *string

+ FriendlyName *string

+ ObjectGUID *uuid.UUID

+ Sid *string

+ func (sgep SecurityGroupEntityProperties) MarshalJSON() ([]byte, error)

+ type SentinelOnboardingState struct

+ Etag *string

+ ID *string

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (sos *SentinelOnboardingState) UnmarshalJSON(body []byte) error

+ func (sos SentinelOnboardingState) MarshalJSON() ([]byte, error)

+ type SentinelOnboardingStateProperties struct

+ CustomerManagedKey *bool

+ type SentinelOnboardingStatesClient struct

+ func NewSentinelOnboardingStatesClient(subscriptionID string) SentinelOnboardingStatesClient

+ func NewSentinelOnboardingStatesClientWithBaseURI(baseURI string, subscriptionID string) SentinelOnboardingStatesClient

+ func (client SentinelOnboardingStatesClient) Create(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result SentinelOnboardingState, err error)

+ func (client SentinelOnboardingStatesClient) CreatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client SentinelOnboardingStatesClient) CreateResponder(resp *http.Response) (result SentinelOnboardingState, err error)

+ func (client SentinelOnboardingStatesClient) CreateSender(req *http.Request) (*http.Response, error)

+ func (client SentinelOnboardingStatesClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)

+ func (client SentinelOnboardingStatesClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client SentinelOnboardingStatesClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client SentinelOnboardingStatesClient) DeleteSender(req *http.Request) (*http.Response, error)

+ func (client SentinelOnboardingStatesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result SentinelOnboardingState, err error)

+ func (client SentinelOnboardingStatesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client SentinelOnboardingStatesClient) GetResponder(resp *http.Response) (result SentinelOnboardingState, err error)

+ func (client SentinelOnboardingStatesClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client SentinelOnboardingStatesClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result SentinelOnboardingStatesList, err error)

+ func (client SentinelOnboardingStatesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)

+ func (client SentinelOnboardingStatesClient) ListResponder(resp *http.Response) (result SentinelOnboardingStatesList, err error)

+ func (client SentinelOnboardingStatesClient) ListSender(req *http.Request) (*http.Response, error)

+ type SentinelOnboardingStatesList struct

+ Value *[]SentinelOnboardingState

+ type SettingList struct

+ Value *[]BasicSettings

+ func (sl *SettingList) UnmarshalJSON(body []byte) error

+ type SettingType string

+ const SettingTypeCopyableLabel

+ const SettingTypeInfoMessage

+ const SettingTypeInstructionStepsGroup

+ func PossibleSettingTypeValues() []SettingType

+ type Settings struct

+ Etag *string

+ ID *string

+ Kind KindBasicSettings

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (s Settings) AsAnomalies() (*Anomalies, bool)

+ func (s Settings) AsBasicSettings() (BasicSettings, bool)

+ func (s Settings) AsEntityAnalytics() (*EntityAnalytics, bool)

+ func (s Settings) AsEyesOn() (*EyesOn, bool)

+ func (s Settings) AsSettings() (*Settings, bool)

+ func (s Settings) AsUeba() (*Ueba, bool)

+ func (s Settings) MarshalJSON() ([]byte, error)

+ type SettingsModel struct

+ Value BasicSettings

+ func (sm *SettingsModel) UnmarshalJSON(body []byte) error

+ type Sku struct

+ CapacityReservationLevel *int32

+ Name SkuKind

+ type SkuKind string

+ const SkuKindCapacityReservation

+ const SkuKindPerGB

+ func PossibleSkuKindValues() []SkuKind

+ type Source string

+ const SourceLocalfile

+ const SourceRemotestorage

+ func PossibleSourceValues() []Source

+ type SourceControl struct

+ Etag *string

+ ID *string

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (sc *SourceControl) UnmarshalJSON(body []byte) error

+ func (sc SourceControl) MarshalJSON() ([]byte, error)

+ type SourceControlClient struct

+ func NewSourceControlClient(subscriptionID string) SourceControlClient

+ func NewSourceControlClientWithBaseURI(baseURI string, subscriptionID string) SourceControlClient

+ func (client SourceControlClient) ListRepositories(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result RepoListPage, err error)

+ func (client SourceControlClient) ListRepositoriesComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result RepoListIterator, err error)

+ func (client SourceControlClient) ListRepositoriesPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client SourceControlClient) ListRepositoriesResponder(resp *http.Response) (result RepoList, err error)

+ func (client SourceControlClient) ListRepositoriesSender(req *http.Request) (*http.Response, error)

+ type SourceControlList struct

+ NextLink *string

+ Value *[]SourceControl

+ func (scl SourceControlList) IsEmpty() bool

+ func (scl SourceControlList) MarshalJSON() ([]byte, error)

+ type SourceControlListIterator struct

+ func NewSourceControlListIterator(page SourceControlListPage) SourceControlListIterator

+ func (iter *SourceControlListIterator) Next() error

+ func (iter *SourceControlListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter SourceControlListIterator) NotDone() bool

+ func (iter SourceControlListIterator) Response() SourceControlList

+ func (iter SourceControlListIterator) Value() SourceControl

+ type SourceControlListPage struct

+ func NewSourceControlListPage(cur SourceControlList, ...) SourceControlListPage

+ func (page *SourceControlListPage) Next() error

+ func (page *SourceControlListPage) NextWithContext(ctx context.Context) (err error)

+ func (page SourceControlListPage) NotDone() bool

+ func (page SourceControlListPage) Response() SourceControlList

+ func (page SourceControlListPage) Values() []SourceControl

+ type SourceControlProperties struct

+ ContentTypes *[]ContentType

+ Description *string

+ DisplayName *string

+ ID *string

+ RepoType RepoType

+ Repository *Repository

+ type SourceControlsClient struct

+ func NewSourceControlsClient(subscriptionID string) SourceControlsClient

+ func NewSourceControlsClientWithBaseURI(baseURI string, subscriptionID string) SourceControlsClient

+ func (client SourceControlsClient) Create(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result SourceControl, err error)

+ func (client SourceControlsClient) CreatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client SourceControlsClient) CreateResponder(resp *http.Response) (result SourceControl, err error)

+ func (client SourceControlsClient) CreateSender(req *http.Request) (*http.Response, error)

+ func (client SourceControlsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)

+ func (client SourceControlsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client SourceControlsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client SourceControlsClient) DeleteSender(req *http.Request) (*http.Response, error)

+ func (client SourceControlsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result SourceControl, err error)

+ func (client SourceControlsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client SourceControlsClient) GetResponder(resp *http.Response) (result SourceControl, err error)

+ func (client SourceControlsClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client SourceControlsClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result SourceControlListPage, err error)

+ func (client SourceControlsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result SourceControlListIterator, err error)

+ func (client SourceControlsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)

+ func (client SourceControlsClient) ListResponder(resp *http.Response) (result SourceControlList, err error)

+ func (client SourceControlsClient) ListSender(req *http.Request) (*http.Response, error)

+ type SourceKind string

+ const SourceKindCommunity

+ const SourceKindLocalWorkspace

+ const SourceKindSolution

+ const SourceKindSourceRepository

+ func PossibleSourceKindValues() []SourceKind

+ type SubmissionMailEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (sme *SubmissionMailEntity) UnmarshalJSON(body []byte) error

+ func (sme SubmissionMailEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (sme SubmissionMailEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (sme SubmissionMailEntity) AsBasicEntity() (BasicEntity, bool)

+ func (sme SubmissionMailEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (sme SubmissionMailEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (sme SubmissionMailEntity) AsEntity() (*Entity, bool)

+ func (sme SubmissionMailEntity) AsFileEntity() (*FileEntity, bool)

+ func (sme SubmissionMailEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (sme SubmissionMailEntity) AsHostEntity() (*HostEntity, bool)

+ func (sme SubmissionMailEntity) AsHuntingBookmark() (*HuntingBookmark, bool)

+ func (sme SubmissionMailEntity) AsIPEntity() (*IPEntity, bool)

+ func (sme SubmissionMailEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (sme SubmissionMailEntity) AsMailClusterEntity() (*MailClusterEntity, bool)

+ func (sme SubmissionMailEntity) AsMailMessageEntity() (*MailMessageEntity, bool)

+ func (sme SubmissionMailEntity) AsMailboxEntity() (*MailboxEntity, bool)

+ func (sme SubmissionMailEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (sme SubmissionMailEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (sme SubmissionMailEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (sme SubmissionMailEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (sme SubmissionMailEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (sme SubmissionMailEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (sme SubmissionMailEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)

+ func (sme SubmissionMailEntity) AsURLEntity() (*URLEntity, bool)

+ func (sme SubmissionMailEntity) MarshalJSON() ([]byte, error)

+ type SubmissionMailEntityProperties struct

+ AdditionalData map[string]interface{}

+ FriendlyName *string

+ NetworkMessageID *uuid.UUID

+ Recipient *string

+ ReportType *string

+ Sender *string

+ SenderIP *string

+ Subject *string

+ SubmissionDate *date.Time

+ SubmissionID *uuid.UUID

+ Submitter *string

+ Timestamp *date.Time

+ func (smep SubmissionMailEntityProperties) MarshalJSON() ([]byte, error)

+ type SupportTier string

+ const SupportTierCommunity

+ const SupportTierMicrosoft

+ const SupportTierPartner

+ func PossibleSupportTierValues() []SupportTier

+ type SystemData struct

+ CreatedAt *date.Time

+ CreatedBy *string

+ CreatedByType CreatedByType

+ LastModifiedAt *date.Time

+ LastModifiedBy *string

+ LastModifiedByType CreatedByType

+ type TICheckRequirements struct

+ Kind KindBasicDataConnectorsCheckRequirements

+ func (tcr *TICheckRequirements) UnmarshalJSON(body []byte) error

+ func (tcr TICheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)

+ func (tcr TICheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)

+ func (tcr TICheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)

+ func (tcr TICheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)

+ func (tcr TICheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)

+ func (tcr TICheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)

+ func (tcr TICheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)

+ func (tcr TICheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)

+ func (tcr TICheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)

+ func (tcr TICheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)

+ func (tcr TICheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)

+ func (tcr TICheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)

+ func (tcr TICheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)

+ func (tcr TICheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)

+ func (tcr TICheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)

+ func (tcr TICheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)

+ func (tcr TICheckRequirements) MarshalJSON() ([]byte, error)

+ type TICheckRequirementsProperties struct

+ TenantID *string

+ type TIDataConnector struct

+ Etag *string

+ ID *string

+ Kind KindBasicDataConnector

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (tdc *TIDataConnector) UnmarshalJSON(body []byte) error

+ func (tdc TIDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

+ func (tdc TIDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

+ func (tdc TIDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

+ func (tdc TIDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

+ func (tdc TIDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)

+ func (tdc TIDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

+ func (tdc TIDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)

+ func (tdc TIDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)

+ func (tdc TIDataConnector) AsDataConnector() (*DataConnector, bool)

+ func (tdc TIDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)

+ func (tdc TIDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

+ func (tdc TIDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

+ func (tdc TIDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)

+ func (tdc TIDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)

+ func (tdc TIDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)

+ func (tdc TIDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

+ func (tdc TIDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)

+ func (tdc TIDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

+ func (tdc TIDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)

+ func (tdc TIDataConnector) MarshalJSON() ([]byte, error)

+ type TIDataConnectorDataTypes struct

+ Indicators *TIDataConnectorDataTypesIndicators

+ type TIDataConnectorDataTypesIndicators struct

+ State DataTypeState

+ type TIDataConnectorProperties struct

+ DataTypes *TIDataConnectorDataTypes

+ TenantID *string

+ TipLookbackPeriod *date.Time

+ type TeamInformation struct

+ Description *string

+ Name *string

+ PrimaryChannelURL *string

+ TeamCreationTimeUtc *date.Time

+ TeamID *string

+ func (ti TeamInformation) MarshalJSON() ([]byte, error)

+ type TeamProperties struct

+ GroupIds *[]uuid.UUID

+ MemberIds *[]uuid.UUID

+ TeamDescription *string

+ TeamName *string

+ type TemplateStatus string

+ const TemplateStatusAvailable

+ const TemplateStatusInstalled

+ const TemplateStatusNotAvailable

+ func PossibleTemplateStatusValues() []TemplateStatus

+ type ThreatIntelligence struct

+ Confidence *float64

+ ProviderName *string

+ ReportLink *string

+ ThreatDescription *string

+ ThreatName *string

+ ThreatType *string

+ func (ti ThreatIntelligence) MarshalJSON() ([]byte, error)

+ type ThreatIntelligenceAlertRule struct

+ Etag *string

+ ID *string

+ Kind KindBasicAlertRule

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (tiar *ThreatIntelligenceAlertRule) UnmarshalJSON(body []byte) error

+ func (tiar ThreatIntelligenceAlertRule) AsAlertRule() (*AlertRule, bool)

+ func (tiar ThreatIntelligenceAlertRule) AsBasicAlertRule() (BasicAlertRule, bool)

+ func (tiar ThreatIntelligenceAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)

+ func (tiar ThreatIntelligenceAlertRule) AsMLBehaviorAnalyticsAlertRule() (*MLBehaviorAnalyticsAlertRule, bool)

+ func (tiar ThreatIntelligenceAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)

+ func (tiar ThreatIntelligenceAlertRule) AsNrtAlertRule() (*NrtAlertRule, bool)

+ func (tiar ThreatIntelligenceAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)

+ func (tiar ThreatIntelligenceAlertRule) AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool)

+ func (tiar ThreatIntelligenceAlertRule) MarshalJSON() ([]byte, error)

+ type ThreatIntelligenceAlertRuleProperties struct

+ AlertRuleTemplateName *string

+ Description *string

+ DisplayName *string

+ Enabled *bool

+ LastModifiedUtc *date.Time

+ Severity AlertSeverity

+ Tactics *[]AttackTactic

+ func (tiarp ThreatIntelligenceAlertRuleProperties) MarshalJSON() ([]byte, error)

+ type ThreatIntelligenceAlertRuleTemplate struct

+ ID *string

+ Kind KindBasicAlertRuleTemplate

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (tiart *ThreatIntelligenceAlertRuleTemplate) UnmarshalJSON(body []byte) error

+ func (tiart ThreatIntelligenceAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)

+ func (tiart ThreatIntelligenceAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)

+ func (tiart ThreatIntelligenceAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)

+ func (tiart ThreatIntelligenceAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate() (*MLBehaviorAnalyticsAlertRuleTemplate, bool)

+ func (tiart ThreatIntelligenceAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)

+ func (tiart ThreatIntelligenceAlertRuleTemplate) AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool)

+ func (tiart ThreatIntelligenceAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)

+ func (tiart ThreatIntelligenceAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool)

+ func (tiart ThreatIntelligenceAlertRuleTemplate) MarshalJSON() ([]byte, error)

+ type ThreatIntelligenceAlertRuleTemplateProperties struct

+ AlertRulesCreatedByTemplateCount *int32

+ CreatedDateUTC *date.Time

+ Description *string

+ DisplayName *string

+ LastUpdatedDateUTC *date.Time

+ RequiredDataConnectors *[]AlertRuleTemplateDataSource

+ Severity AlertSeverity

+ Status TemplateStatus

+ Tactics *[]AttackTactic

+ func (tiart ThreatIntelligenceAlertRuleTemplateProperties) MarshalJSON() ([]byte, error)

+ type ThreatIntelligenceAppendTags struct

+ ThreatIntelligenceTags *[]string

+ type ThreatIntelligenceExternalReference struct

+ Description *string

+ ExternalID *string

+ Hashes map[string]*string

+ SourceName *string

+ URL *string

+ func (tier ThreatIntelligenceExternalReference) MarshalJSON() ([]byte, error)

+ type ThreatIntelligenceFilteringCriteria struct

+ Ids *[]string

+ IncludeDisabled *bool

+ Keywords *[]string

+ MaxConfidence *int32

+ MaxValidUntil *string

+ MinConfidence *int32

+ MinValidUntil *string

+ PageSize *int32

+ PatternTypes *[]string

+ SkipToken *string

+ SortBy *[]ThreatIntelligenceSortingCriteria

+ Sources *[]string

+ ThreatTypes *[]string

+ type ThreatIntelligenceGranularMarkingModel struct

+ Language *string

+ MarkingRef *int32

+ Selectors *[]string

+ type ThreatIntelligenceIndicatorClient struct

+ func NewThreatIntelligenceIndicatorClient(subscriptionID string) ThreatIntelligenceIndicatorClient

+ func NewThreatIntelligenceIndicatorClientWithBaseURI(baseURI string, subscriptionID string) ThreatIntelligenceIndicatorClient

+ func (client ThreatIntelligenceIndicatorClient) AppendTags(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)

+ func (client ThreatIntelligenceIndicatorClient) AppendTagsPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client ThreatIntelligenceIndicatorClient) AppendTagsResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client ThreatIntelligenceIndicatorClient) AppendTagsSender(req *http.Request) (*http.Response, error)

+ func (client ThreatIntelligenceIndicatorClient) Create(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ThreatIntelligenceInformationModel, err error)

+ func (client ThreatIntelligenceIndicatorClient) CreateIndicator(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ThreatIntelligenceInformationModel, err error)

+ func (client ThreatIntelligenceIndicatorClient) CreateIndicatorPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client ThreatIntelligenceIndicatorClient) CreateIndicatorResponder(resp *http.Response) (result ThreatIntelligenceInformationModel, err error)

+ func (client ThreatIntelligenceIndicatorClient) CreateIndicatorSender(req *http.Request) (*http.Response, error)

+ func (client ThreatIntelligenceIndicatorClient) CreatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client ThreatIntelligenceIndicatorClient) CreateResponder(resp *http.Response) (result ThreatIntelligenceInformationModel, err error)

+ func (client ThreatIntelligenceIndicatorClient) CreateSender(req *http.Request) (*http.Response, error)

+ func (client ThreatIntelligenceIndicatorClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)

+ func (client ThreatIntelligenceIndicatorClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client ThreatIntelligenceIndicatorClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client ThreatIntelligenceIndicatorClient) DeleteSender(req *http.Request) (*http.Response, error)

+ func (client ThreatIntelligenceIndicatorClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ThreatIntelligenceInformationModel, err error)

+ func (client ThreatIntelligenceIndicatorClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client ThreatIntelligenceIndicatorClient) GetResponder(resp *http.Response) (result ThreatIntelligenceInformationModel, err error)

+ func (client ThreatIntelligenceIndicatorClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client ThreatIntelligenceIndicatorClient) QueryIndicators(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ThreatIntelligenceInformationListPage, err error)

+ func (client ThreatIntelligenceIndicatorClient) QueryIndicatorsComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ThreatIntelligenceInformationListIterator, err error)

+ func (client ThreatIntelligenceIndicatorClient) QueryIndicatorsPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client ThreatIntelligenceIndicatorClient) QueryIndicatorsResponder(resp *http.Response) (result ThreatIntelligenceInformationList, err error)

+ func (client ThreatIntelligenceIndicatorClient) QueryIndicatorsSender(req *http.Request) (*http.Response, error)

+ func (client ThreatIntelligenceIndicatorClient) ReplaceTags(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ThreatIntelligenceInformationModel, err error)

+ func (client ThreatIntelligenceIndicatorClient) ReplaceTagsPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client ThreatIntelligenceIndicatorClient) ReplaceTagsResponder(resp *http.Response) (result ThreatIntelligenceInformationModel, err error)

+ func (client ThreatIntelligenceIndicatorClient) ReplaceTagsSender(req *http.Request) (*http.Response, error)

+ type ThreatIntelligenceIndicatorMetricsClient struct

+ func NewThreatIntelligenceIndicatorMetricsClient(subscriptionID string) ThreatIntelligenceIndicatorMetricsClient

+ func NewThreatIntelligenceIndicatorMetricsClientWithBaseURI(baseURI string, subscriptionID string) ThreatIntelligenceIndicatorMetricsClient

+ func (client ThreatIntelligenceIndicatorMetricsClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result ThreatIntelligenceMetricsList, err error)

+ func (client ThreatIntelligenceIndicatorMetricsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)

+ func (client ThreatIntelligenceIndicatorMetricsClient) ListResponder(resp *http.Response) (result ThreatIntelligenceMetricsList, err error)

+ func (client ThreatIntelligenceIndicatorMetricsClient) ListSender(req *http.Request) (*http.Response, error)

+ type ThreatIntelligenceIndicatorModel struct

+ Etag *string

+ Kind KindBasicThreatIntelligenceInformation

+ func (tiim *ThreatIntelligenceIndicatorModel) UnmarshalJSON(body []byte) error

+ func (tiim ThreatIntelligenceIndicatorModel) AsBasicThreatIntelligenceInformation() (BasicThreatIntelligenceInformation, bool)

+ func (tiim ThreatIntelligenceIndicatorModel) AsThreatIntelligenceIndicatorModel() (*ThreatIntelligenceIndicatorModel, bool)

+ func (tiim ThreatIntelligenceIndicatorModel) AsThreatIntelligenceInformation() (*ThreatIntelligenceInformation, bool)

+ func (tiim ThreatIntelligenceIndicatorModel) MarshalJSON() ([]byte, error)

+ type ThreatIntelligenceIndicatorModelForRequestBody struct

+ Etag *string

+ Kind *string

+ func (tiimfrb *ThreatIntelligenceIndicatorModelForRequestBody) UnmarshalJSON(body []byte) error

+ func (tiimfrb ThreatIntelligenceIndicatorModelForRequestBody) MarshalJSON() ([]byte, error)

+ type ThreatIntelligenceIndicatorProperties struct

+ AdditionalData map[string]interface{}

+ Confidence *int32

+ Created *string

+ CreatedByRef *string

+ Defanged *bool

+ Description *string

+ DisplayName *string

+ Extensions map[string]interface{}

+ ExternalID *string

+ ExternalLastUpdatedTimeUtc *string

+ ExternalReferences *[]ThreatIntelligenceExternalReference

+ FriendlyName *string

+ GranularMarkings *[]ThreatIntelligenceGranularMarkingModel

+ IndicatorTypes *[]string

+ KillChainPhases *[]ThreatIntelligenceKillChainPhase

+ Labels *[]string

+ Language *string

+ LastUpdatedTimeUtc *string

+ Modified *string

+ ObjectMarkingRefs *[]string

+ ParsedPattern *[]ThreatIntelligenceParsedPattern

+ Pattern *string

+ PatternType *string

+ PatternVersion *string

+ Revoked *bool

+ Source *string

+ ThreatIntelligenceTags *[]string

+ ThreatTypes *[]string

+ ValidFrom *string

+ ValidUntil *string

+ func (tiip ThreatIntelligenceIndicatorProperties) MarshalJSON() ([]byte, error)

+ type ThreatIntelligenceIndicatorsClient struct

+ func NewThreatIntelligenceIndicatorsClient(subscriptionID string) ThreatIntelligenceIndicatorsClient

+ func NewThreatIntelligenceIndicatorsClientWithBaseURI(baseURI string, subscriptionID string) ThreatIntelligenceIndicatorsClient

+ func (client ThreatIntelligenceIndicatorsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ThreatIntelligenceInformationListPage, err error)

+ func (client ThreatIntelligenceIndicatorsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ThreatIntelligenceInformationListIterator, err error)

+ func (client ThreatIntelligenceIndicatorsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client ThreatIntelligenceIndicatorsClient) ListResponder(resp *http.Response) (result ThreatIntelligenceInformationList, err error)

+ func (client ThreatIntelligenceIndicatorsClient) ListSender(req *http.Request) (*http.Response, error)

+ type ThreatIntelligenceInformation struct

+ Etag *string

+ Kind KindBasicThreatIntelligenceInformation

+ func (tii ThreatIntelligenceInformation) AsBasicThreatIntelligenceInformation() (BasicThreatIntelligenceInformation, bool)

+ func (tii ThreatIntelligenceInformation) AsThreatIntelligenceIndicatorModel() (*ThreatIntelligenceIndicatorModel, bool)

+ func (tii ThreatIntelligenceInformation) AsThreatIntelligenceInformation() (*ThreatIntelligenceInformation, bool)

+ func (tii ThreatIntelligenceInformation) MarshalJSON() ([]byte, error)

+ type ThreatIntelligenceInformationList struct

+ NextLink *string

+ Value *[]BasicThreatIntelligenceInformation

+ func (tiil *ThreatIntelligenceInformationList) UnmarshalJSON(body []byte) error

+ func (tiil ThreatIntelligenceInformationList) IsEmpty() bool

+ func (tiil ThreatIntelligenceInformationList) MarshalJSON() ([]byte, error)

+ type ThreatIntelligenceInformationListIterator struct

+ func NewThreatIntelligenceInformationListIterator(page ThreatIntelligenceInformationListPage) ThreatIntelligenceInformationListIterator

+ func (iter *ThreatIntelligenceInformationListIterator) Next() error

+ func (iter *ThreatIntelligenceInformationListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter ThreatIntelligenceInformationListIterator) NotDone() bool

+ func (iter ThreatIntelligenceInformationListIterator) Response() ThreatIntelligenceInformationList

+ func (iter ThreatIntelligenceInformationListIterator) Value() BasicThreatIntelligenceInformation

+ type ThreatIntelligenceInformationListPage struct

+ func NewThreatIntelligenceInformationListPage(cur ThreatIntelligenceInformationList, ...) ThreatIntelligenceInformationListPage

+ func (page *ThreatIntelligenceInformationListPage) Next() error

+ func (page *ThreatIntelligenceInformationListPage) NextWithContext(ctx context.Context) (err error)

+ func (page ThreatIntelligenceInformationListPage) NotDone() bool

+ func (page ThreatIntelligenceInformationListPage) Response() ThreatIntelligenceInformationList

+ func (page ThreatIntelligenceInformationListPage) Values() []BasicThreatIntelligenceInformation

+ type ThreatIntelligenceInformationModel struct

+ Value BasicThreatIntelligenceInformation

+ func (tiim *ThreatIntelligenceInformationModel) UnmarshalJSON(body []byte) error

+ type ThreatIntelligenceKillChainPhase struct

+ KillChainName *string

+ PhaseName *string

+ type ThreatIntelligenceMetric struct

+ LastUpdatedTimeUtc *string

+ PatternTypeMetrics *[]ThreatIntelligenceMetricEntity

+ SourceMetrics *[]ThreatIntelligenceMetricEntity

+ ThreatTypeMetrics *[]ThreatIntelligenceMetricEntity

+ type ThreatIntelligenceMetricEntity struct

+ MetricName *string

+ MetricValue *int32

+ type ThreatIntelligenceMetrics struct

+ Properties *ThreatIntelligenceMetric

+ type ThreatIntelligenceMetricsList struct

+ Value *[]ThreatIntelligenceMetrics

+ type ThreatIntelligenceParsedPattern struct

+ PatternTypeKey *string

+ PatternTypeValues *[]ThreatIntelligenceParsedPatternTypeValue

+ type ThreatIntelligenceParsedPatternTypeValue struct

+ Value *string

+ ValueType *string

+ type ThreatIntelligenceResourceKind struct

+ Kind *string

+ type ThreatIntelligenceResourceKindEnum string

+ const ThreatIntelligenceResourceKindEnumIndicator

+ func PossibleThreatIntelligenceResourceKindEnumValues() []ThreatIntelligenceResourceKindEnum

+ type ThreatIntelligenceSortingCriteria struct

+ ItemKey *string

+ SortOrder ThreatIntelligenceSortingCriteriaEnum

+ type ThreatIntelligenceSortingCriteriaEnum string

+ const ThreatIntelligenceSortingCriteriaEnumAscending

+ const ThreatIntelligenceSortingCriteriaEnumDescending

+ const ThreatIntelligenceSortingCriteriaEnumUnsorted

+ func PossibleThreatIntelligenceSortingCriteriaEnumValues() []ThreatIntelligenceSortingCriteriaEnum

+ type TiTaxiiCheckRequirements struct

+ Kind KindBasicDataConnectorsCheckRequirements

+ func (ttcr *TiTaxiiCheckRequirements) UnmarshalJSON(body []byte) error

+ func (ttcr TiTaxiiCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)

+ func (ttcr TiTaxiiCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)

+ func (ttcr TiTaxiiCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)

+ func (ttcr TiTaxiiCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)

+ func (ttcr TiTaxiiCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool)

+ func (ttcr TiTaxiiCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)

+ func (ttcr TiTaxiiCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)

+ func (ttcr TiTaxiiCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool)

+ func (ttcr TiTaxiiCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)

+ func (ttcr TiTaxiiCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)

+ func (ttcr TiTaxiiCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool)

+ func (ttcr TiTaxiiCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool)

+ func (ttcr TiTaxiiCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool)

+ func (ttcr TiTaxiiCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool)

+ func (ttcr TiTaxiiCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)

+ func (ttcr TiTaxiiCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)

+ func (ttcr TiTaxiiCheckRequirements) MarshalJSON() ([]byte, error)

+ type TiTaxiiCheckRequirementsProperties struct

+ TenantID *string

+ type TiTaxiiDataConnector struct

+ Etag *string

+ ID *string

+ Kind KindBasicDataConnector

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (ttdc *TiTaxiiDataConnector) UnmarshalJSON(body []byte) error

+ func (ttdc TiTaxiiDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) AsDataConnector() (*DataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) MarshalJSON() ([]byte, error)

+ type TiTaxiiDataConnectorDataTypes struct

+ TaxiiClient *TiTaxiiDataConnectorDataTypesTaxiiClient

+ type TiTaxiiDataConnectorDataTypesTaxiiClient struct

+ State DataTypeState

+ type TiTaxiiDataConnectorProperties struct

+ CollectionID *string

+ DataTypes *TiTaxiiDataConnectorDataTypes

+ FriendlyName *string

+ Password *string

+ PollingFrequency PollingFrequency

+ TaxiiLookbackPeriod *date.Time

+ TaxiiServer *string

+ TenantID *string

+ UserName *string

+ WorkspaceID *string

+ type TimelineAggregation struct

+ Count *int32

+ Kind EntityTimelineKind

+ type TimelineError struct

+ ErrorMessage *string

+ Kind EntityTimelineKind

+ QueryID *string

+ type TimelineResultsMetadata struct

+ Aggregations *[]TimelineAggregation

+ Errors *[]TimelineError

+ TotalCount *int32

+ type TrackedResource struct

+ ID *string

+ Location *string

+ Name *string

+ SystemData *SystemData

+ Tags map[string]*string

+ Type *string

+ func (tr TrackedResource) MarshalJSON() ([]byte, error)

+ type TriggerOperator string

+ const TriggerOperatorEqual

+ const TriggerOperatorGreaterThan

+ const TriggerOperatorLessThan

+ const TriggerOperatorNotEqual

+ func PossibleTriggerOperatorValues() []TriggerOperator

+ type URLEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (ue *URLEntity) UnmarshalJSON(body []byte) error

+ func (ue URLEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (ue URLEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (ue URLEntity) AsBasicEntity() (BasicEntity, bool)

+ func (ue URLEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (ue URLEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (ue URLEntity) AsEntity() (*Entity, bool)

+ func (ue URLEntity) AsFileEntity() (*FileEntity, bool)

+ func (ue URLEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (ue URLEntity) AsHostEntity() (*HostEntity, bool)

+ func (ue URLEntity) AsHuntingBookmark() (*HuntingBookmark, bool)

+ func (ue URLEntity) AsIPEntity() (*IPEntity, bool)

+ func (ue URLEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (ue URLEntity) AsMailClusterEntity() (*MailClusterEntity, bool)

+ func (ue URLEntity) AsMailMessageEntity() (*MailMessageEntity, bool)

+ func (ue URLEntity) AsMailboxEntity() (*MailboxEntity, bool)

+ func (ue URLEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (ue URLEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (ue URLEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (ue URLEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (ue URLEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (ue URLEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (ue URLEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool)

+ func (ue URLEntity) AsURLEntity() (*URLEntity, bool)

+ func (ue URLEntity) MarshalJSON() ([]byte, error)

+ type URLEntityProperties struct

+ AdditionalData map[string]interface{}

+ FriendlyName *string

+ URL *string

+ func (uep URLEntityProperties) MarshalJSON() ([]byte, error)

+ type Ueba struct

+ Etag *string

+ ID *string

+ Kind KindBasicSettings

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (u *Ueba) UnmarshalJSON(body []byte) error

+ func (u Ueba) AsAnomalies() (*Anomalies, bool)

+ func (u Ueba) AsBasicSettings() (BasicSettings, bool)

+ func (u Ueba) AsEntityAnalytics() (*EntityAnalytics, bool)

+ func (u Ueba) AsEyesOn() (*EyesOn, bool)

+ func (u Ueba) AsSettings() (*Settings, bool)

+ func (u Ueba) AsUeba() (*Ueba, bool)

+ func (u Ueba) MarshalJSON() ([]byte, error)

+ type UebaDataSources string

+ const UebaDataSourcesAuditLogs

+ const UebaDataSourcesAzureActivity

+ const UebaDataSourcesSecurityEvent

+ const UebaDataSourcesSigninLogs

+ func PossibleUebaDataSourcesValues() []UebaDataSources

+ type UebaProperties struct

+ DataSources *[]UebaDataSources

+ type UserInfo struct

+ Email *string

+ Name *string

+ ObjectID *uuid.UUID

+ func (UI UserInfo) MarshalJSON() ([]byte, error)

+ type Watchlist struct

+ Etag *string

+ ID *string

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (w *Watchlist) UnmarshalJSON(body []byte) error

+ func (w Watchlist) MarshalJSON() ([]byte, error)

+ type WatchlistItem struct

+ Etag *string

+ ID *string

+ Name *string

+ SystemData *SystemData

+ Type *string

+ func (wi *WatchlistItem) UnmarshalJSON(body []byte) error

+ func (wi WatchlistItem) MarshalJSON() ([]byte, error)

+ type WatchlistItemList struct

+ NextLink *string

+ Value *[]WatchlistItem

+ func (wil WatchlistItemList) IsEmpty() bool

+ func (wil WatchlistItemList) MarshalJSON() ([]byte, error)

+ type WatchlistItemListIterator struct

+ func NewWatchlistItemListIterator(page WatchlistItemListPage) WatchlistItemListIterator

+ func (iter *WatchlistItemListIterator) Next() error

+ func (iter *WatchlistItemListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter WatchlistItemListIterator) NotDone() bool

+ func (iter WatchlistItemListIterator) Response() WatchlistItemList

+ func (iter WatchlistItemListIterator) Value() WatchlistItem

+ type WatchlistItemListPage struct

+ func NewWatchlistItemListPage(cur WatchlistItemList, ...) WatchlistItemListPage

+ func (page *WatchlistItemListPage) Next() error

+ func (page *WatchlistItemListPage) NextWithContext(ctx context.Context) (err error)

+ func (page WatchlistItemListPage) NotDone() bool

+ func (page WatchlistItemListPage) Response() WatchlistItemList

+ func (page WatchlistItemListPage) Values() []WatchlistItem

+ type WatchlistItemProperties struct

+ Created *date.Time

+ CreatedBy *UserInfo

+ EntityMapping interface{}

+ IsDeleted *bool

+ ItemsKeyValue interface{}

+ TenantID *string

+ Updated *date.Time

+ UpdatedBy *UserInfo

+ WatchlistItemID *string

+ WatchlistItemType *string

+ type WatchlistItemsClient struct

+ func NewWatchlistItemsClient(subscriptionID string) WatchlistItemsClient

+ func NewWatchlistItemsClientWithBaseURI(baseURI string, subscriptionID string) WatchlistItemsClient

+ func (client WatchlistItemsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result WatchlistItem, err error)

+ func (client WatchlistItemsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client WatchlistItemsClient) CreateOrUpdateResponder(resp *http.Response) (result WatchlistItem, err error)

+ func (client WatchlistItemsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)

+ func (client WatchlistItemsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)

+ func (client WatchlistItemsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client WatchlistItemsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client WatchlistItemsClient) DeleteSender(req *http.Request) (*http.Response, error)

+ func (client WatchlistItemsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result WatchlistItem, err error)

+ func (client WatchlistItemsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client WatchlistItemsClient) GetResponder(resp *http.Response) (result WatchlistItem, err error)

+ func (client WatchlistItemsClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client WatchlistItemsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result WatchlistItemListPage, err error)

+ func (client WatchlistItemsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result WatchlistItemListIterator, err error)

+ func (client WatchlistItemsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client WatchlistItemsClient) ListResponder(resp *http.Response) (result WatchlistItemList, err error)

+ func (client WatchlistItemsClient) ListSender(req *http.Request) (*http.Response, error)

+ type WatchlistList struct

+ NextLink *string

+ Value *[]Watchlist

+ func (wl WatchlistList) IsEmpty() bool

+ func (wl WatchlistList) MarshalJSON() ([]byte, error)

+ type WatchlistListIterator struct

+ func NewWatchlistListIterator(page WatchlistListPage) WatchlistListIterator

+ func (iter *WatchlistListIterator) Next() error

+ func (iter *WatchlistListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter WatchlistListIterator) NotDone() bool

+ func (iter WatchlistListIterator) Response() WatchlistList

+ func (iter WatchlistListIterator) Value() Watchlist

+ type WatchlistListPage struct

+ func NewWatchlistListPage(cur WatchlistList, ...) WatchlistListPage

+ func (page *WatchlistListPage) Next() error

+ func (page *WatchlistListPage) NextWithContext(ctx context.Context) (err error)

+ func (page WatchlistListPage) NotDone() bool

+ func (page WatchlistListPage) Response() WatchlistList

+ func (page WatchlistListPage) Values() []Watchlist

+ type WatchlistProperties struct

+ ContentType *string

+ Created *date.Time

+ CreatedBy *UserInfo

+ DefaultDuration *string

+ Description *string

+ DisplayName *string

+ IsDeleted *bool

+ ItemsSearchKey *string

+ Labels *[]string

+ NumberOfLinesToSkip *int32

+ Provider *string

+ RawContent *string

+ Source Source

+ TenantID *string

+ Updated *date.Time

+ UpdatedBy *UserInfo

+ UploadStatus *string

+ WatchlistAlias *string

+ WatchlistID *string

+ WatchlistItemsCount *int32

+ WatchlistType *string

+ type WatchlistsClient struct

+ func NewWatchlistsClient(subscriptionID string) WatchlistsClient

+ func NewWatchlistsClientWithBaseURI(baseURI string, subscriptionID string) WatchlistsClient

+ func (client WatchlistsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Watchlist, err error)

+ func (client WatchlistsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client WatchlistsClient) CreateOrUpdateResponder(resp *http.Response) (result Watchlist, err error)

+ func (client WatchlistsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)

+ func (client WatchlistsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)

+ func (client WatchlistsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client WatchlistsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client WatchlistsClient) DeleteSender(req *http.Request) (*http.Response, error)

+ func (client WatchlistsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Watchlist, err error)

+ func (client WatchlistsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client WatchlistsClient) GetResponder(resp *http.Response) (result Watchlist, err error)

+ func (client WatchlistsClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client WatchlistsClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result WatchlistListPage, err error)

+ func (client WatchlistsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result WatchlistListIterator, err error)

+ func (client WatchlistsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)

+ func (client WatchlistsClient) ListResponder(resp *http.Response) (result WatchlistList, err error)

+ func (client WatchlistsClient) ListSender(req *http.Request) (*http.Response, error)

Incompatible versions in this module

v60.3.0+incompatible

Dec 23, 2021