Versions in this module Expand all Collapse all v1 v1.1.4 Sep 7, 2022 Changes in this version + const DefaultBaseURI + func UserAgent() string + func Version() string + type AADDataConnector struct + Etag *string + ID *string + Kind KindBasicDataConnector + Name *string + Type *string + func (adc *AADDataConnector) UnmarshalJSON(body []byte) error + func (adc AADDataConnector) AsAADDataConnector() (*AADDataConnector, bool) + func (adc AADDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) + func (adc AADDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) + func (adc AADDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) + func (adc AADDataConnector) AsBasicDataConnector() (BasicDataConnector, bool) + func (adc AADDataConnector) AsDataConnector() (*DataConnector, bool) + func (adc AADDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) + func (adc AADDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) + func (adc AADDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) + func (adc AADDataConnector) AsTIDataConnector() (*TIDataConnector, bool) + func (adc AADDataConnector) MarshalJSON() ([]byte, error) + type AADDataConnectorProperties struct + DataTypes *AlertsDataTypeOfDataConnector + TenantID *string + type AATPDataConnector struct + Etag *string + ID *string + Kind KindBasicDataConnector + Name *string + Type *string + func (adc *AATPDataConnector) UnmarshalJSON(body []byte) error + func (adc AATPDataConnector) AsAADDataConnector() (*AADDataConnector, bool) + func (adc AATPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) + func (adc AATPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) + func (adc AATPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) + func (adc AATPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool) + func (adc AATPDataConnector) AsDataConnector() (*DataConnector, bool) + func (adc AATPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) + func (adc AATPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) + func (adc AATPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) + func (adc AATPDataConnector) AsTIDataConnector() (*TIDataConnector, bool) + func (adc AATPDataConnector) MarshalJSON() ([]byte, error) + type AATPDataConnectorProperties struct + DataTypes *AlertsDataTypeOfDataConnector + TenantID *string + type ASCDataConnector struct + Etag *string + ID *string + Kind KindBasicDataConnector + Name *string + Type *string + func (adc *ASCDataConnector) UnmarshalJSON(body []byte) error + func (adc ASCDataConnector) AsAADDataConnector() (*AADDataConnector, bool) + func (adc ASCDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) + func (adc ASCDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) + func (adc ASCDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) + func (adc ASCDataConnector) AsBasicDataConnector() (BasicDataConnector, bool) + func (adc ASCDataConnector) AsDataConnector() (*DataConnector, bool) + func (adc ASCDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) + func (adc ASCDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) + func (adc ASCDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) + func (adc ASCDataConnector) AsTIDataConnector() (*TIDataConnector, bool) + func (adc ASCDataConnector) MarshalJSON() ([]byte, error) + type ASCDataConnectorProperties struct + DataTypes *AlertsDataTypeOfDataConnector + SubscriptionID *string + type ActionPropertiesBase struct + LogicAppResourceID *string + type ActionRequest struct + Etag *string + ID *string + Name *string + Type *string + func (ar *ActionRequest) UnmarshalJSON(body []byte) error + func (ar ActionRequest) MarshalJSON() ([]byte, error) + type ActionRequestProperties struct + LogicAppResourceID *string + TriggerURI *string + type ActionResponse struct + Etag *string + ID *string + Name *string + Type *string + func (ar *ActionResponse) UnmarshalJSON(body []byte) error + func (ar ActionResponse) MarshalJSON() ([]byte, error) + type ActionResponseProperties struct + LogicAppResourceID *string + WorkflowID *string + type ActionsClient struct + func NewActionsClient(subscriptionID string) ActionsClient + func NewActionsClientWithBaseURI(baseURI string, subscriptionID string) ActionsClient + func (client ActionsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ActionResponse, err error) + func (client ActionsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error) + func (client ActionsClient) CreateOrUpdateResponder(resp *http.Response) (result ActionResponse, err error) + func (client ActionsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) + func (client ActionsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error) + func (client ActionsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error) + func (client ActionsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) + func (client ActionsClient) DeleteSender(req *http.Request) (*http.Response, error) + func (client ActionsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ActionResponse, err error) + func (client ActionsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error) + func (client ActionsClient) GetResponder(resp *http.Response) (result ActionResponse, err error) + func (client ActionsClient) GetSender(req *http.Request) (*http.Response, error) + func (client ActionsClient) ListByAlertRule(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ActionsListPage, err error) + func (client ActionsClient) ListByAlertRuleComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ActionsListIterator, err error) + func (client ActionsClient) ListByAlertRulePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error) + func (client ActionsClient) ListByAlertRuleResponder(resp *http.Response) (result ActionsList, err error) + func (client ActionsClient) ListByAlertRuleSender(req *http.Request) (*http.Response, error) + type ActionsList struct + NextLink *string + Value *[]ActionResponse + func (al ActionsList) IsEmpty() bool + func (al ActionsList) MarshalJSON() ([]byte, error) + type ActionsListIterator struct + func NewActionsListIterator(page ActionsListPage) ActionsListIterator + func (iter *ActionsListIterator) Next() error + func (iter *ActionsListIterator) NextWithContext(ctx context.Context) (err error) + func (iter ActionsListIterator) NotDone() bool + func (iter ActionsListIterator) Response() ActionsList + func (iter ActionsListIterator) Value() ActionResponse + type ActionsListPage struct + func NewActionsListPage(cur ActionsList, ...) ActionsListPage + func (page *ActionsListPage) Next() error + func (page *ActionsListPage) NextWithContext(ctx context.Context) (err error) + func (page ActionsListPage) NotDone() bool + func (page ActionsListPage) Response() ActionsList + func (page ActionsListPage) Values() []ActionResponse + type AlertRule struct + Etag *string + ID *string + Kind Kind + Name *string + Type *string + func (ar AlertRule) AsAlertRule() (*AlertRule, bool) + func (ar AlertRule) AsBasicAlertRule() (BasicAlertRule, bool) + func (ar AlertRule) AsFusionAlertRule() (*FusionAlertRule, bool) + func (ar AlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool) + func (ar AlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool) + func (ar AlertRule) MarshalJSON() ([]byte, error) + type AlertRuleKind string + const AlertRuleKindFusion + const AlertRuleKindMicrosoftSecurityIncidentCreation + const AlertRuleKindScheduled + func PossibleAlertRuleKindValues() []AlertRuleKind + type AlertRuleModel struct + Value BasicAlertRule + func (arm *AlertRuleModel) UnmarshalJSON(body []byte) error + type AlertRuleTemplate struct + ID *string + Kind KindBasicAlertRuleTemplate + Name *string + Type *string + func (art AlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool) + func (art AlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool) + func (art AlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool) + func (art AlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool) + func (art AlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool) + func (art AlertRuleTemplate) MarshalJSON() ([]byte, error) + type AlertRuleTemplateDataSource struct + ConnectorID *string + DataTypes *[]string + type AlertRuleTemplateModel struct + Value BasicAlertRuleTemplate + func (artm *AlertRuleTemplateModel) UnmarshalJSON(body []byte) error + type AlertRuleTemplatesClient struct + func NewAlertRuleTemplatesClient(subscriptionID string) AlertRuleTemplatesClient + func NewAlertRuleTemplatesClientWithBaseURI(baseURI string, subscriptionID string) AlertRuleTemplatesClient + func (client AlertRuleTemplatesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result AlertRuleTemplateModel, err error) + func (client AlertRuleTemplatesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error) + func (client AlertRuleTemplatesClient) GetResponder(resp *http.Response) (result AlertRuleTemplateModel, err error) + func (client AlertRuleTemplatesClient) GetSender(req *http.Request) (*http.Response, error) + func (client AlertRuleTemplatesClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRuleTemplatesListPage, err error) + func (client AlertRuleTemplatesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRuleTemplatesListIterator, err error) + func (client AlertRuleTemplatesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error) + func (client AlertRuleTemplatesClient) ListResponder(resp *http.Response) (result AlertRuleTemplatesList, err error) + func (client AlertRuleTemplatesClient) ListSender(req *http.Request) (*http.Response, error) + type AlertRuleTemplatesList struct + NextLink *string + Value *[]BasicAlertRuleTemplate + func (artl *AlertRuleTemplatesList) UnmarshalJSON(body []byte) error + func (artl AlertRuleTemplatesList) IsEmpty() bool + func (artl AlertRuleTemplatesList) MarshalJSON() ([]byte, error) + type AlertRuleTemplatesListIterator struct + func NewAlertRuleTemplatesListIterator(page AlertRuleTemplatesListPage) AlertRuleTemplatesListIterator + func (iter *AlertRuleTemplatesListIterator) Next() error + func (iter *AlertRuleTemplatesListIterator) NextWithContext(ctx context.Context) (err error) + func (iter AlertRuleTemplatesListIterator) NotDone() bool + func (iter AlertRuleTemplatesListIterator) Response() AlertRuleTemplatesList + func (iter AlertRuleTemplatesListIterator) Value() BasicAlertRuleTemplate + type AlertRuleTemplatesListPage struct + func NewAlertRuleTemplatesListPage(cur AlertRuleTemplatesList, ...) AlertRuleTemplatesListPage + func (page *AlertRuleTemplatesListPage) Next() error + func (page *AlertRuleTemplatesListPage) NextWithContext(ctx context.Context) (err error) + func (page AlertRuleTemplatesListPage) NotDone() bool + func (page AlertRuleTemplatesListPage) Response() AlertRuleTemplatesList + func (page AlertRuleTemplatesListPage) Values() []BasicAlertRuleTemplate + type AlertRulesClient struct + func NewAlertRulesClient(subscriptionID string) AlertRulesClient + func NewAlertRulesClientWithBaseURI(baseURI string, subscriptionID string) AlertRulesClient + func (client AlertRulesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result AlertRuleModel, err error) + func (client AlertRulesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error) + func (client AlertRulesClient) CreateOrUpdateResponder(resp *http.Response) (result AlertRuleModel, err error) + func (client AlertRulesClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) + func (client AlertRulesClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error) + func (client AlertRulesClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error) + func (client AlertRulesClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) + func (client AlertRulesClient) DeleteSender(req *http.Request) (*http.Response, error) + func (client AlertRulesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result AlertRuleModel, err error) + func (client AlertRulesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error) + func (client AlertRulesClient) GetResponder(resp *http.Response) (result AlertRuleModel, err error) + func (client AlertRulesClient) GetSender(req *http.Request) (*http.Response, error) + func (client AlertRulesClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRulesListPage, err error) + func (client AlertRulesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRulesListIterator, err error) + func (client AlertRulesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error) + func (client AlertRulesClient) ListResponder(resp *http.Response) (result AlertRulesList, err error) + func (client AlertRulesClient) ListSender(req *http.Request) (*http.Response, error) + type AlertRulesList struct + NextLink *string + Value *[]BasicAlertRule + func (arl *AlertRulesList) UnmarshalJSON(body []byte) error + func (arl AlertRulesList) IsEmpty() bool + func (arl AlertRulesList) MarshalJSON() ([]byte, error) + type AlertRulesListIterator struct + func NewAlertRulesListIterator(page AlertRulesListPage) AlertRulesListIterator + func (iter *AlertRulesListIterator) Next() error + func (iter *AlertRulesListIterator) NextWithContext(ctx context.Context) (err error) + func (iter AlertRulesListIterator) NotDone() bool + func (iter AlertRulesListIterator) Response() AlertRulesList + func (iter AlertRulesListIterator) Value() BasicAlertRule + type AlertRulesListPage struct + func NewAlertRulesListPage(cur AlertRulesList, ...) AlertRulesListPage + func (page *AlertRulesListPage) Next() error + func (page *AlertRulesListPage) NextWithContext(ctx context.Context) (err error) + func (page AlertRulesListPage) NotDone() bool + func (page AlertRulesListPage) Response() AlertRulesList + func (page AlertRulesListPage) Values() []BasicAlertRule + type AlertSeverity string + const AlertSeverityHigh + const AlertSeverityInformational + const AlertSeverityLow + const AlertSeverityMedium + func PossibleAlertSeverityValues() []AlertSeverity + type AlertsDataTypeOfDataConnector struct + Alerts *DataConnectorDataTypeCommon + type AttackTactic string + const AttackTacticCollection + const AttackTacticCommandAndControl + const AttackTacticCredentialAccess + const AttackTacticDefenseEvasion + const AttackTacticDiscovery + const AttackTacticExecution + const AttackTacticExfiltration + const AttackTacticImpact + const AttackTacticInitialAccess + const AttackTacticLateralMovement + const AttackTacticPersistence + const AttackTacticPrivilegeEscalation + func PossibleAttackTacticValues() []AttackTactic + type AwsCloudTrailDataConnector struct + Etag *string + ID *string + Kind KindBasicDataConnector + Name *string + Type *string + func (actdc *AwsCloudTrailDataConnector) UnmarshalJSON(body []byte) error + func (actdc AwsCloudTrailDataConnector) AsAADDataConnector() (*AADDataConnector, bool) + func (actdc AwsCloudTrailDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) + func (actdc AwsCloudTrailDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) + func (actdc AwsCloudTrailDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) + func (actdc AwsCloudTrailDataConnector) AsBasicDataConnector() (BasicDataConnector, bool) + func (actdc AwsCloudTrailDataConnector) AsDataConnector() (*DataConnector, bool) + func (actdc AwsCloudTrailDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) + func (actdc AwsCloudTrailDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) + func (actdc AwsCloudTrailDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) + func (actdc AwsCloudTrailDataConnector) AsTIDataConnector() (*TIDataConnector, bool) + func (actdc AwsCloudTrailDataConnector) MarshalJSON() ([]byte, error) + type AwsCloudTrailDataConnectorDataTypes struct + Logs *AwsCloudTrailDataConnectorDataTypesLogs + type AwsCloudTrailDataConnectorDataTypesLogs struct + State DataTypeState + type AwsCloudTrailDataConnectorProperties struct + AwsRoleArn *string + DataTypes *AwsCloudTrailDataConnectorDataTypes + type BaseClient struct + BaseURI string + SubscriptionID string + func New(subscriptionID string) BaseClient + func NewWithBaseURI(baseURI string, subscriptionID string) BaseClient + type BasicAlertRule interface + AsAlertRule func() (*AlertRule, bool) + AsFusionAlertRule func() (*FusionAlertRule, bool) + AsMicrosoftSecurityIncidentCreationAlertRule func() (*MicrosoftSecurityIncidentCreationAlertRule, bool) + AsScheduledAlertRule func() (*ScheduledAlertRule, bool) + type BasicAlertRuleTemplate interface + AsAlertRuleTemplate func() (*AlertRuleTemplate, bool) + AsFusionAlertRuleTemplate func() (*FusionAlertRuleTemplate, bool) + AsMicrosoftSecurityIncidentCreationAlertRuleTemplate func() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool) + AsScheduledAlertRuleTemplate func() (*ScheduledAlertRuleTemplate, bool) + type BasicDataConnector interface + AsAADDataConnector func() (*AADDataConnector, bool) + AsAATPDataConnector func() (*AATPDataConnector, bool) + AsASCDataConnector func() (*ASCDataConnector, bool) + AsAwsCloudTrailDataConnector func() (*AwsCloudTrailDataConnector, bool) + AsDataConnector func() (*DataConnector, bool) + AsMCASDataConnector func() (*MCASDataConnector, bool) + AsMDATPDataConnector func() (*MDATPDataConnector, bool) + AsOfficeDataConnector func() (*OfficeDataConnector, bool) + AsTIDataConnector func() (*TIDataConnector, bool) + type BasicSettings interface + AsSettings func() (*Settings, bool) + AsToggleSettings func() (*ToggleSettings, bool) + AsUebaSettings func() (*UebaSettings, bool) + type Bookmark struct + Etag *string + ID *string + Name *string + Type *string + func (b *Bookmark) UnmarshalJSON(body []byte) error + func (b Bookmark) MarshalJSON() ([]byte, error) + type BookmarkList struct + NextLink *string + Value *[]Bookmark + func (bl BookmarkList) IsEmpty() bool + func (bl BookmarkList) MarshalJSON() ([]byte, error) + type BookmarkListIterator struct + func NewBookmarkListIterator(page BookmarkListPage) BookmarkListIterator + func (iter *BookmarkListIterator) Next() error + func (iter *BookmarkListIterator) NextWithContext(ctx context.Context) (err error) + func (iter BookmarkListIterator) NotDone() bool + func (iter BookmarkListIterator) Response() BookmarkList + func (iter BookmarkListIterator) Value() Bookmark + type BookmarkListPage struct + func NewBookmarkListPage(cur BookmarkList, ...) BookmarkListPage + func (page *BookmarkListPage) Next() error + func (page *BookmarkListPage) NextWithContext(ctx context.Context) (err error) + func (page BookmarkListPage) NotDone() bool + func (page BookmarkListPage) Response() BookmarkList + func (page BookmarkListPage) Values() []Bookmark + type BookmarkProperties struct + Created *date.Time + CreatedBy *UserInfo + DisplayName *string + EventTime *date.Time + IncidentInfo *IncidentInfo + Labels *[]string + Notes *string + Query *string + QueryEndTime *date.Time + QueryResult *string + QueryStartTime *date.Time + Updated *date.Time + UpdatedBy *UserInfo + type BookmarksClient struct + func NewBookmarksClient(subscriptionID string) BookmarksClient + func NewBookmarksClientWithBaseURI(baseURI string, subscriptionID string) BookmarksClient + func (client BookmarksClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Bookmark, err error) + func (client BookmarksClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error) + func (client BookmarksClient) CreateOrUpdateResponder(resp *http.Response) (result Bookmark, err error) + func (client BookmarksClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) + func (client BookmarksClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error) + func (client BookmarksClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error) + func (client BookmarksClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) + func (client BookmarksClient) DeleteSender(req *http.Request) (*http.Response, error) + func (client BookmarksClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Bookmark, err error) + func (client BookmarksClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error) + func (client BookmarksClient) GetResponder(resp *http.Response) (result Bookmark, err error) + func (client BookmarksClient) GetSender(req *http.Request) (*http.Response, error) + func (client BookmarksClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result BookmarkListPage, err error) + func (client BookmarksClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result BookmarkListIterator, err error) + func (client BookmarksClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error) + func (client BookmarksClient) ListResponder(resp *http.Response) (result BookmarkList, err error) + func (client BookmarksClient) ListSender(req *http.Request) (*http.Response, error) + type CaseSeverity string + const CaseSeverityCritical + const CaseSeverityHigh + const CaseSeverityInformational + const CaseSeverityLow + const CaseSeverityMedium + func PossibleCaseSeverityValues() []CaseSeverity + type ClientInfo struct + Email *string + Name *string + ObjectID *uuid.UUID + UserPrincipalName *string + type CloudError struct + Error *ErrorResponse + type DataConnector struct + Etag *string + ID *string + Kind KindBasicDataConnector + Name *string + Type *string + func (dc DataConnector) AsAADDataConnector() (*AADDataConnector, bool) + func (dc DataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) + func (dc DataConnector) AsASCDataConnector() (*ASCDataConnector, bool) + func (dc DataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) + func (dc DataConnector) AsBasicDataConnector() (BasicDataConnector, bool) + func (dc DataConnector) AsDataConnector() (*DataConnector, bool) + func (dc DataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) + func (dc DataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) + func (dc DataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) + func (dc DataConnector) AsTIDataConnector() (*TIDataConnector, bool) + func (dc DataConnector) MarshalJSON() ([]byte, error) + type DataConnectorDataTypeCommon struct + State DataTypeState + type DataConnectorKind string + const DataConnectorKindAmazonWebServicesCloudTrail + const DataConnectorKindAzureActiveDirectory + const DataConnectorKindAzureAdvancedThreatProtection + const DataConnectorKindAzureSecurityCenter + const DataConnectorKindMicrosoftCloudAppSecurity + const DataConnectorKindMicrosoftDefenderAdvancedThreatProtection + const DataConnectorKindOffice365 + const DataConnectorKindThreatIntelligence + func PossibleDataConnectorKindValues() []DataConnectorKind + type DataConnectorList struct + NextLink *string + Value *[]BasicDataConnector + func (dcl *DataConnectorList) UnmarshalJSON(body []byte) error + func (dcl DataConnectorList) IsEmpty() bool + func (dcl DataConnectorList) MarshalJSON() ([]byte, error) + type DataConnectorListIterator struct + func NewDataConnectorListIterator(page DataConnectorListPage) DataConnectorListIterator + func (iter *DataConnectorListIterator) Next() error + func (iter *DataConnectorListIterator) NextWithContext(ctx context.Context) (err error) + func (iter DataConnectorListIterator) NotDone() bool + func (iter DataConnectorListIterator) Response() DataConnectorList + func (iter DataConnectorListIterator) Value() BasicDataConnector + type DataConnectorListPage struct + func NewDataConnectorListPage(cur DataConnectorList, ...) DataConnectorListPage + func (page *DataConnectorListPage) Next() error + func (page *DataConnectorListPage) NextWithContext(ctx context.Context) (err error) + func (page DataConnectorListPage) NotDone() bool + func (page DataConnectorListPage) Response() DataConnectorList + func (page DataConnectorListPage) Values() []BasicDataConnector + type DataConnectorModel struct + Value BasicDataConnector + func (dcm *DataConnectorModel) UnmarshalJSON(body []byte) error + type DataConnectorTenantID struct + TenantID *string + type DataConnectorWithAlertsProperties struct + DataTypes *AlertsDataTypeOfDataConnector + type DataConnectorsClient struct + func NewDataConnectorsClient(subscriptionID string) DataConnectorsClient + func NewDataConnectorsClientWithBaseURI(baseURI string, subscriptionID string) DataConnectorsClient + func (client DataConnectorsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result DataConnectorModel, err error) + func (client DataConnectorsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error) + func (client DataConnectorsClient) CreateOrUpdateResponder(resp *http.Response) (result DataConnectorModel, err error) + func (client DataConnectorsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) + func (client DataConnectorsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error) + func (client DataConnectorsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error) + func (client DataConnectorsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) + func (client DataConnectorsClient) DeleteSender(req *http.Request) (*http.Response, error) + func (client DataConnectorsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result DataConnectorModel, err error) + func (client DataConnectorsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error) + func (client DataConnectorsClient) GetResponder(resp *http.Response) (result DataConnectorModel, err error) + func (client DataConnectorsClient) GetSender(req *http.Request) (*http.Response, error) + func (client DataConnectorsClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result DataConnectorListPage, err error) + func (client DataConnectorsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result DataConnectorListIterator, err error) + func (client DataConnectorsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error) + func (client DataConnectorsClient) ListResponder(resp *http.Response) (result DataConnectorList, err error) + func (client DataConnectorsClient) ListSender(req *http.Request) (*http.Response, error) + type DataTypeState string + const DataTypeStateDisabled + const DataTypeStateEnabled + func PossibleDataTypeStateValues() []DataTypeState + type ErrorAdditionalInfo struct + Info interface{} + Type *string + func (eai ErrorAdditionalInfo) MarshalJSON() ([]byte, error) + type ErrorResponse struct + AdditionalInfo *[]ErrorAdditionalInfo + Code *string + Details *[]ErrorResponse + Message *string + Target *string + func (er ErrorResponse) MarshalJSON() ([]byte, error) + type FusionAlertRule struct + Etag *string + ID *string + Kind Kind + Name *string + Type *string + func (far *FusionAlertRule) UnmarshalJSON(body []byte) error + func (far FusionAlertRule) AsAlertRule() (*AlertRule, bool) + func (far FusionAlertRule) AsBasicAlertRule() (BasicAlertRule, bool) + func (far FusionAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool) + func (far FusionAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool) + func (far FusionAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool) + func (far FusionAlertRule) MarshalJSON() ([]byte, error) + type FusionAlertRuleProperties struct + AlertRuleTemplateName *string + Description *string + DisplayName *string + Enabled *bool + LastModifiedUtc *date.Time + Severity AlertSeverity + Tactics *[]AttackTactic + func (farp FusionAlertRuleProperties) MarshalJSON() ([]byte, error) + type FusionAlertRuleTemplate struct + ID *string + Kind KindBasicAlertRuleTemplate + Name *string + Type *string + func (fart *FusionAlertRuleTemplate) UnmarshalJSON(body []byte) error + func (fart FusionAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool) + func (fart FusionAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool) + func (fart FusionAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool) + func (fart FusionAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool) + func (fart FusionAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool) + func (fart FusionAlertRuleTemplate) MarshalJSON() ([]byte, error) + type FusionAlertRuleTemplateProperties struct + AlertRulesCreatedByTemplateCount *int32 + CreatedDateUTC *date.Time + Description *string + DisplayName *string + RequiredDataConnectors *[]AlertRuleTemplateDataSource + Severity AlertSeverity + Status TemplateStatus + Tactics *[]AttackTactic + func (fartp FusionAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) + type Incident struct + Etag *string + ID *string + Name *string + Type *string + func (i *Incident) UnmarshalJSON(body []byte) error + func (i Incident) MarshalJSON() ([]byte, error) + type IncidentAdditionalData struct + AlertProductNames *[]string + AlertsCount *int32 + BookmarksCount *int32 + CommentsCount *int32 + Tactics *[]AttackTactic + func (iad IncidentAdditionalData) MarshalJSON() ([]byte, error) + type IncidentClassification string + const IncidentClassificationBenignPositive + const IncidentClassificationFalsePositive + const IncidentClassificationTruePositive + const IncidentClassificationUndetermined + func PossibleIncidentClassificationValues() []IncidentClassification + type IncidentClassificationReason string + const IncidentClassificationReasonInaccurateData + const IncidentClassificationReasonIncorrectAlertLogic + const IncidentClassificationReasonSuspiciousActivity + const IncidentClassificationReasonSuspiciousButExpected + func PossibleIncidentClassificationReasonValues() []IncidentClassificationReason + type IncidentComment struct + ID *string + Name *string + Type *string + func (ic *IncidentComment) UnmarshalJSON(body []byte) error + func (ic IncidentComment) MarshalJSON() ([]byte, error) + type IncidentCommentList struct + NextLink *string + Value *[]IncidentComment + func (icl IncidentCommentList) IsEmpty() bool + func (icl IncidentCommentList) MarshalJSON() ([]byte, error) + type IncidentCommentListIterator struct + func NewIncidentCommentListIterator(page IncidentCommentListPage) IncidentCommentListIterator + func (iter *IncidentCommentListIterator) Next() error + func (iter *IncidentCommentListIterator) NextWithContext(ctx context.Context) (err error) + func (iter IncidentCommentListIterator) NotDone() bool + func (iter IncidentCommentListIterator) Response() IncidentCommentList + func (iter IncidentCommentListIterator) Value() IncidentComment + type IncidentCommentListPage struct + func NewIncidentCommentListPage(cur IncidentCommentList, ...) IncidentCommentListPage + func (page *IncidentCommentListPage) Next() error + func (page *IncidentCommentListPage) NextWithContext(ctx context.Context) (err error) + func (page IncidentCommentListPage) NotDone() bool + func (page IncidentCommentListPage) Response() IncidentCommentList + func (page IncidentCommentListPage) Values() []IncidentComment + type IncidentCommentProperties struct + Author *ClientInfo + CreatedTimeUtc *date.Time + Message *string + func (icp IncidentCommentProperties) MarshalJSON() ([]byte, error) + type IncidentCommentsClient struct + func NewIncidentCommentsClient(subscriptionID string) IncidentCommentsClient + func NewIncidentCommentsClientWithBaseURI(baseURI string, subscriptionID string) IncidentCommentsClient + func (client IncidentCommentsClient) CreateComment(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentComment, err error) + func (client IncidentCommentsClient) CreateCommentPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error) + func (client IncidentCommentsClient) CreateCommentResponder(resp *http.Response) (result IncidentComment, err error) + func (client IncidentCommentsClient) CreateCommentSender(req *http.Request) (*http.Response, error) + func (client IncidentCommentsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentComment, err error) + func (client IncidentCommentsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error) + func (client IncidentCommentsClient) GetResponder(resp *http.Response) (result IncidentComment, err error) + func (client IncidentCommentsClient) GetSender(req *http.Request) (*http.Response, error) + func (client IncidentCommentsClient) ListByIncident(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentCommentListPage, err error) + func (client IncidentCommentsClient) ListByIncidentComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentCommentListIterator, err error) + func (client IncidentCommentsClient) ListByIncidentPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error) + func (client IncidentCommentsClient) ListByIncidentResponder(resp *http.Response) (result IncidentCommentList, err error) + func (client IncidentCommentsClient) ListByIncidentSender(req *http.Request) (*http.Response, error) + type IncidentInfo struct + IncidentID *string + RelationName *string + Severity CaseSeverity + Title *string + type IncidentLabel struct + LabelName *string + LabelType IncidentLabelType + func (il IncidentLabel) MarshalJSON() ([]byte, error) + type IncidentLabelType string + const IncidentLabelTypeSystem + const IncidentLabelTypeUser + func PossibleIncidentLabelTypeValues() []IncidentLabelType + type IncidentList struct + NextLink *string + Value *[]Incident + func (il IncidentList) IsEmpty() bool + func (il IncidentList) MarshalJSON() ([]byte, error) + type IncidentListIterator struct + func NewIncidentListIterator(page IncidentListPage) IncidentListIterator + func (iter *IncidentListIterator) Next() error + func (iter *IncidentListIterator) NextWithContext(ctx context.Context) (err error) + func (iter IncidentListIterator) NotDone() bool + func (iter IncidentListIterator) Response() IncidentList + func (iter IncidentListIterator) Value() Incident + type IncidentListPage struct + func NewIncidentListPage(cur IncidentList, ...) IncidentListPage + func (page *IncidentListPage) Next() error + func (page *IncidentListPage) NextWithContext(ctx context.Context) (err error) + func (page IncidentListPage) NotDone() bool + func (page IncidentListPage) Response() IncidentList + func (page IncidentListPage) Values() []Incident + type IncidentOwnerInfo struct + AssignedTo *string + Email *string + ObjectID *uuid.UUID + UserPrincipalName *string + type IncidentProperties struct + AdditionalData *IncidentAdditionalData + Classification IncidentClassification + ClassificationComment *string + ClassificationReason IncidentClassificationReason + CreatedTimeUtc *date.Time + Description *string + FirstActivityTimeUtc *date.Time + IncidentNumber *int32 + IncidentURL *string + Labels *[]IncidentLabel + LastActivityTimeUtc *date.Time + LastModifiedTimeUtc *date.Time + Owner *IncidentOwnerInfo + RelatedAnalyticRuleIds *[]string + Severity IncidentSeverity + Status IncidentStatus + Title *string + func (IP IncidentProperties) MarshalJSON() ([]byte, error) + type IncidentSeverity string + const IncidentSeverityHigh + const IncidentSeverityInformational + const IncidentSeverityLow + const IncidentSeverityMedium + func PossibleIncidentSeverityValues() []IncidentSeverity + type IncidentStatus string + const IncidentStatusActive + const IncidentStatusClosed + const IncidentStatusNew + func PossibleIncidentStatusValues() []IncidentStatus + type IncidentsClient struct + func NewIncidentsClient(subscriptionID string) IncidentsClient + func NewIncidentsClientWithBaseURI(baseURI string, subscriptionID string) IncidentsClient + func (client IncidentsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Incident, err error) + func (client IncidentsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error) + func (client IncidentsClient) CreateOrUpdateResponder(resp *http.Response) (result Incident, err error) + func (client IncidentsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) + func (client IncidentsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error) + func (client IncidentsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error) + func (client IncidentsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) + func (client IncidentsClient) DeleteSender(req *http.Request) (*http.Response, error) + func (client IncidentsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Incident, err error) + func (client IncidentsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error) + func (client IncidentsClient) GetResponder(resp *http.Response) (result Incident, err error) + func (client IncidentsClient) GetSender(req *http.Request) (*http.Response, error) + func (client IncidentsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentListPage, err error) + func (client IncidentsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentListIterator, err error) + func (client IncidentsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error) + func (client IncidentsClient) ListResponder(resp *http.Response) (result IncidentList, err error) + func (client IncidentsClient) ListSender(req *http.Request) (*http.Response, error) + type Kind string + const KindAlertRule + const KindFusion + const KindMicrosoftSecurityIncidentCreation + const KindScheduled + func PossibleKindValues() []Kind + type KindBasicAlertRuleTemplate string + const KindBasicAlertRuleTemplateKindAlertRuleTemplate + const KindBasicAlertRuleTemplateKindFusion + const KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation + const KindBasicAlertRuleTemplateKindScheduled + func PossibleKindBasicAlertRuleTemplateValues() []KindBasicAlertRuleTemplate + type KindBasicDataConnector string + const KindBasicDataConnectorKindAmazonWebServicesCloudTrail + const KindBasicDataConnectorKindAzureActiveDirectory + const KindBasicDataConnectorKindAzureAdvancedThreatProtection + const KindBasicDataConnectorKindAzureSecurityCenter + const KindBasicDataConnectorKindDataConnector + const KindBasicDataConnectorKindMicrosoftCloudAppSecurity + const KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection + const KindBasicDataConnectorKindOffice365 + const KindBasicDataConnectorKindThreatIntelligence + func PossibleKindBasicDataConnectorValues() []KindBasicDataConnector + type KindBasicSettings string + const KindBasicSettingsKindSettings + const KindBasicSettingsKindToggleSettings + const KindBasicSettingsKindUebaSettings + func PossibleKindBasicSettingsValues() []KindBasicSettings + type LicenseStatus string + const LicenseStatusDisabled + const LicenseStatusEnabled + func PossibleLicenseStatusValues() []LicenseStatus + type MCASDataConnector struct + Etag *string + ID *string + Kind KindBasicDataConnector + Name *string + Type *string + func (mdc *MCASDataConnector) UnmarshalJSON(body []byte) error + func (mdc MCASDataConnector) AsAADDataConnector() (*AADDataConnector, bool) + func (mdc MCASDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) + func (mdc MCASDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) + func (mdc MCASDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) + func (mdc MCASDataConnector) AsBasicDataConnector() (BasicDataConnector, bool) + func (mdc MCASDataConnector) AsDataConnector() (*DataConnector, bool) + func (mdc MCASDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) + func (mdc MCASDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) + func (mdc MCASDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) + func (mdc MCASDataConnector) AsTIDataConnector() (*TIDataConnector, bool) + func (mdc MCASDataConnector) MarshalJSON() ([]byte, error) + type MCASDataConnectorDataTypes struct + Alerts *DataConnectorDataTypeCommon + DiscoveryLogs *DataConnectorDataTypeCommon + type MCASDataConnectorProperties struct + DataTypes *MCASDataConnectorDataTypes + TenantID *string + type MDATPDataConnector struct + Etag *string + ID *string + Kind KindBasicDataConnector + Name *string + Type *string + func (mdc *MDATPDataConnector) UnmarshalJSON(body []byte) error + func (mdc MDATPDataConnector) AsAADDataConnector() (*AADDataConnector, bool) + func (mdc MDATPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) + func (mdc MDATPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) + func (mdc MDATPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) + func (mdc MDATPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool) + func (mdc MDATPDataConnector) AsDataConnector() (*DataConnector, bool) + func (mdc MDATPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) + func (mdc MDATPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) + func (mdc MDATPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) + func (mdc MDATPDataConnector) AsTIDataConnector() (*TIDataConnector, bool) + func (mdc MDATPDataConnector) MarshalJSON() ([]byte, error) + type MDATPDataConnectorProperties struct + DataTypes *AlertsDataTypeOfDataConnector + TenantID *string + type MicrosoftSecurityIncidentCreationAlertRule struct + Etag *string + ID *string + Kind Kind + Name *string + Type *string + func (msicar *MicrosoftSecurityIncidentCreationAlertRule) UnmarshalJSON(body []byte) error + func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsAlertRule() (*AlertRule, bool) + func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsBasicAlertRule() (BasicAlertRule, bool) + func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool) + func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool) + func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool) + func (msicar MicrosoftSecurityIncidentCreationAlertRule) MarshalJSON() ([]byte, error) + type MicrosoftSecurityIncidentCreationAlertRuleCommonProperties struct + DisplayNamesExcludeFilter *[]string + DisplayNamesFilter *[]string + ProductFilter MicrosoftSecurityProductName + SeveritiesFilter *[]AlertSeverity + type MicrosoftSecurityIncidentCreationAlertRuleProperties struct + AlertRuleTemplateName *string + Description *string + DisplayName *string + DisplayNamesExcludeFilter *[]string + DisplayNamesFilter *[]string + Enabled *bool + LastModifiedUtc *date.Time + ProductFilter MicrosoftSecurityProductName + SeveritiesFilter *[]AlertSeverity + func (msicarp MicrosoftSecurityIncidentCreationAlertRuleProperties) MarshalJSON() ([]byte, error) + type MicrosoftSecurityIncidentCreationAlertRuleTemplate struct + ID *string + Kind KindBasicAlertRuleTemplate + Name *string + Type *string + func (msicart *MicrosoftSecurityIncidentCreationAlertRuleTemplate) UnmarshalJSON(body []byte) error + func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool) + func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool) + func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool) + func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool) + func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool) + func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) MarshalJSON() ([]byte, error) + type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties struct + AlertRulesCreatedByTemplateCount *int32 + CreatedDateUTC *date.Time + Description *string + DisplayName *string + DisplayNamesExcludeFilter *[]string + DisplayNamesFilter *[]string + ProductFilter MicrosoftSecurityProductName + RequiredDataConnectors *[]AlertRuleTemplateDataSource + SeveritiesFilter *[]AlertSeverity + Status TemplateStatus + func (msicartp MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) + type MicrosoftSecurityProductName string + const MicrosoftSecurityProductNameAzureActiveDirectoryIdentityProtection + const MicrosoftSecurityProductNameAzureAdvancedThreatProtection + const MicrosoftSecurityProductNameAzureSecurityCenter + const MicrosoftSecurityProductNameAzureSecurityCenterforIoT + const MicrosoftSecurityProductNameMicrosoftCloudAppSecurity + func PossibleMicrosoftSecurityProductNameValues() []MicrosoftSecurityProductName + type OfficeConsent struct + ID *string + Name *string + Type *string + func (oc *OfficeConsent) UnmarshalJSON(body []byte) error + func (oc OfficeConsent) MarshalJSON() ([]byte, error) + type OfficeConsentList struct + NextLink *string + Value *[]OfficeConsent + func (ocl OfficeConsentList) MarshalJSON() ([]byte, error) + type OfficeConsentProperties struct + TenantID *string + TenantName *string + func (ocp OfficeConsentProperties) MarshalJSON() ([]byte, error) + type OfficeDataConnector struct + Etag *string + ID *string + Kind KindBasicDataConnector + Name *string + Type *string + func (odc *OfficeDataConnector) UnmarshalJSON(body []byte) error + func (odc OfficeDataConnector) AsAADDataConnector() (*AADDataConnector, bool) + func (odc OfficeDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) + func (odc OfficeDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) + func (odc OfficeDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) + func (odc OfficeDataConnector) AsBasicDataConnector() (BasicDataConnector, bool) + func (odc OfficeDataConnector) AsDataConnector() (*DataConnector, bool) + func (odc OfficeDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) + func (odc OfficeDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) + func (odc OfficeDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) + func (odc OfficeDataConnector) AsTIDataConnector() (*TIDataConnector, bool) + func (odc OfficeDataConnector) MarshalJSON() ([]byte, error) + type OfficeDataConnectorDataTypes struct + Exchange *OfficeDataConnectorDataTypesExchange + SharePoint *OfficeDataConnectorDataTypesSharePoint + Teams *OfficeDataConnectorDataTypesTeams + type OfficeDataConnectorDataTypesExchange struct + State DataTypeState + type OfficeDataConnectorDataTypesSharePoint struct + State DataTypeState + type OfficeDataConnectorDataTypesTeams struct + State DataTypeState + type OfficeDataConnectorProperties struct + DataTypes *OfficeDataConnectorDataTypes + TenantID *string + type Operation struct + Display *OperationDisplay + Name *string + Origin *string + type OperationDisplay struct + Description *string + Operation *string + Provider *string + Resource *string + type OperationsClient struct + func NewOperationsClient(subscriptionID string) OperationsClient + func NewOperationsClientWithBaseURI(baseURI string, subscriptionID string) OperationsClient + func (client OperationsClient) List(ctx context.Context) (result OperationsListPage, err error) + func (client OperationsClient) ListComplete(ctx context.Context) (result OperationsListIterator, err error) + func (client OperationsClient) ListPreparer(ctx context.Context) (*http.Request, error) + func (client OperationsClient) ListResponder(resp *http.Response) (result OperationsList, err error) + func (client OperationsClient) ListSender(req *http.Request) (*http.Response, error) + type OperationsList struct + NextLink *string + Value *[]Operation + func (ol OperationsList) IsEmpty() bool + type OperationsListIterator struct + func NewOperationsListIterator(page OperationsListPage) OperationsListIterator + func (iter *OperationsListIterator) Next() error + func (iter *OperationsListIterator) NextWithContext(ctx context.Context) (err error) + func (iter OperationsListIterator) NotDone() bool + func (iter OperationsListIterator) Response() OperationsList + func (iter OperationsListIterator) Value() Operation + type OperationsListPage struct + func NewOperationsListPage(cur OperationsList, ...) OperationsListPage + func (page *OperationsListPage) Next() error + func (page *OperationsListPage) NextWithContext(ctx context.Context) (err error) + func (page OperationsListPage) NotDone() bool + func (page OperationsListPage) Response() OperationsList + func (page OperationsListPage) Values() []Operation + type Resource struct + ID *string + Name *string + Type *string + func (r Resource) MarshalJSON() ([]byte, error) + type ResourceWithEtag struct + Etag *string + ID *string + Name *string + Type *string + func (rwe ResourceWithEtag) MarshalJSON() ([]byte, error) + type ScheduledAlertRule struct + Etag *string + ID *string + Kind Kind + Name *string + Type *string + func (sar *ScheduledAlertRule) UnmarshalJSON(body []byte) error + func (sar ScheduledAlertRule) AsAlertRule() (*AlertRule, bool) + func (sar ScheduledAlertRule) AsBasicAlertRule() (BasicAlertRule, bool) + func (sar ScheduledAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool) + func (sar ScheduledAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool) + func (sar ScheduledAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool) + func (sar ScheduledAlertRule) MarshalJSON() ([]byte, error) + type ScheduledAlertRuleCommonProperties struct + Query *string + QueryFrequency *string + QueryPeriod *string + Severity AlertSeverity + TriggerOperator TriggerOperator + TriggerThreshold *int32 + type ScheduledAlertRuleProperties struct + AlertRuleTemplateName *string + Description *string + DisplayName *string + Enabled *bool + LastModifiedUtc *date.Time + Query *string + QueryFrequency *string + QueryPeriod *string + Severity AlertSeverity + SuppressionDuration *string + SuppressionEnabled *bool + Tactics *[]AttackTactic + TriggerOperator TriggerOperator + TriggerThreshold *int32 + func (sarp ScheduledAlertRuleProperties) MarshalJSON() ([]byte, error) + type ScheduledAlertRuleTemplate struct + ID *string + Kind KindBasicAlertRuleTemplate + Name *string + Type *string + func (sart *ScheduledAlertRuleTemplate) UnmarshalJSON(body []byte) error + func (sart ScheduledAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool) + func (sart ScheduledAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool) + func (sart ScheduledAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool) + func (sart ScheduledAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool) + func (sart ScheduledAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool) + func (sart ScheduledAlertRuleTemplate) MarshalJSON() ([]byte, error) + type ScheduledAlertRuleTemplateProperties struct + AlertRulesCreatedByTemplateCount *int32 + CreatedDateUTC *date.Time + Description *string + DisplayName *string + Query *string + QueryFrequency *string + QueryPeriod *string + RequiredDataConnectors *[]AlertRuleTemplateDataSource + Severity AlertSeverity + Status TemplateStatus + Tactics *[]AttackTactic + TriggerOperator TriggerOperator + TriggerThreshold *int32 + func (sartp ScheduledAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) + type SettingKind string + const SettingKindToggleSettings + const SettingKindUebaSettings + func PossibleSettingKindValues() []SettingKind + type Settings struct + Etag *string + ID *string + Kind KindBasicSettings + Name *string + Type *string + func (s Settings) AsBasicSettings() (BasicSettings, bool) + func (s Settings) AsSettings() (*Settings, bool) + func (s Settings) AsToggleSettings() (*ToggleSettings, bool) + func (s Settings) AsUebaSettings() (*UebaSettings, bool) + func (s Settings) MarshalJSON() ([]byte, error) + type StatusInMcas string + const StatusInMcasDisabled + const StatusInMcasEnabled + func PossibleStatusInMcasValues() []StatusInMcas + type TIDataConnector struct + Etag *string + ID *string + Kind KindBasicDataConnector + Name *string + Type *string + func (tdc *TIDataConnector) UnmarshalJSON(body []byte) error + func (tdc TIDataConnector) AsAADDataConnector() (*AADDataConnector, bool) + func (tdc TIDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) + func (tdc TIDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) + func (tdc TIDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) + func (tdc TIDataConnector) AsBasicDataConnector() (BasicDataConnector, bool) + func (tdc TIDataConnector) AsDataConnector() (*DataConnector, bool) + func (tdc TIDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) + func (tdc TIDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) + func (tdc TIDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) + func (tdc TIDataConnector) AsTIDataConnector() (*TIDataConnector, bool) + func (tdc TIDataConnector) MarshalJSON() ([]byte, error) + type TIDataConnectorDataTypes struct + Indicators *TIDataConnectorDataTypesIndicators + type TIDataConnectorDataTypesIndicators struct + State DataTypeState + type TIDataConnectorProperties struct + DataTypes *TIDataConnectorDataTypes + TenantID *string + TipLookbackPeriod *date.Time + type TemplateStatus string + const TemplateStatusAvailable + const TemplateStatusInstalled + const TemplateStatusNotAvailable + func PossibleTemplateStatusValues() []TemplateStatus + type ThreatIntelligence struct + Confidence *float64 + ProviderName *string + ReportLink *string + ThreatDescription *string + ThreatName *string + ThreatType *string + func (ti ThreatIntelligence) MarshalJSON() ([]byte, error) + type ToggleSettings struct + Etag *string + ID *string + Kind KindBasicSettings + Name *string + Type *string + func (ts *ToggleSettings) UnmarshalJSON(body []byte) error + func (ts ToggleSettings) AsBasicSettings() (BasicSettings, bool) + func (ts ToggleSettings) AsSettings() (*Settings, bool) + func (ts ToggleSettings) AsToggleSettings() (*ToggleSettings, bool) + func (ts ToggleSettings) AsUebaSettings() (*UebaSettings, bool) + func (ts ToggleSettings) MarshalJSON() ([]byte, error) + type ToggleSettingsProperties struct + IsEnabled *bool + type TriggerOperator string + const TriggerOperatorEqual + const TriggerOperatorGreaterThan + const TriggerOperatorLessThan + const TriggerOperatorNotEqual + func PossibleTriggerOperatorValues() []TriggerOperator + type UebaSettings struct + Etag *string + ID *string + Kind KindBasicSettings + Name *string + Type *string + func (us *UebaSettings) UnmarshalJSON(body []byte) error + func (us UebaSettings) AsBasicSettings() (BasicSettings, bool) + func (us UebaSettings) AsSettings() (*Settings, bool) + func (us UebaSettings) AsToggleSettings() (*ToggleSettings, bool) + func (us UebaSettings) AsUebaSettings() (*UebaSettings, bool) + func (us UebaSettings) MarshalJSON() ([]byte, error) + type UebaSettingsProperties struct + AtpLicenseStatus LicenseStatus + IsEnabled *bool + StatusInMcas StatusInMcas + func (usp UebaSettingsProperties) MarshalJSON() ([]byte, error) + type UserInfo struct + Email *string + Name *string + ObjectID *uuid.UUID + func (UI UserInfo) MarshalJSON() ([]byte, error)