Documentation ¶
Index ¶
- func PossibleValuesForAttackTactic() []string
- func PossibleValuesForIncidentClassification() []string
- func PossibleValuesForIncidentClassificationReason() []string
- func PossibleValuesForIncidentLabelType() []string
- func PossibleValuesForIncidentSeverity() []string
- func PossibleValuesForIncidentStatus() []string
- func PossibleValuesForOwnerType() []string
- func ValidateIncidentID(input interface{}, key string) (warnings []string, errors []error)
- func ValidateWorkspaceID(input interface{}, key string) (warnings []string, errors []error)
- type AttackTactic
- type CreateOrUpdateOperationResponse
- type DeleteOperationResponse
- type GetOperationResponse
- type Incident
- type IncidentAdditionalData
- type IncidentClassification
- type IncidentClassificationReason
- type IncidentId
- type IncidentLabel
- type IncidentLabelType
- type IncidentOperationPredicate
- type IncidentOwnerInfo
- type IncidentProperties
- func (o *IncidentProperties) GetCreatedTimeUtcAsTime() (*time.Time, error)
- func (o *IncidentProperties) GetFirstActivityTimeUtcAsTime() (*time.Time, error)
- func (o *IncidentProperties) GetLastActivityTimeUtcAsTime() (*time.Time, error)
- func (o *IncidentProperties) GetLastModifiedTimeUtcAsTime() (*time.Time, error)
- func (o *IncidentProperties) SetCreatedTimeUtcAsTime(input time.Time)
- func (o *IncidentProperties) SetFirstActivityTimeUtcAsTime(input time.Time)
- func (o *IncidentProperties) SetLastActivityTimeUtcAsTime(input time.Time)
- func (o *IncidentProperties) SetLastModifiedTimeUtcAsTime(input time.Time)
- type IncidentSeverity
- type IncidentStatus
- type IncidentsClient
- func (c IncidentsClient) CreateOrUpdate(ctx context.Context, id IncidentId, input Incident) (result CreateOrUpdateOperationResponse, err error)
- func (c IncidentsClient) Delete(ctx context.Context, id IncidentId) (result DeleteOperationResponse, err error)
- func (c IncidentsClient) Get(ctx context.Context, id IncidentId) (result GetOperationResponse, err error)
- func (c IncidentsClient) List(ctx context.Context, id WorkspaceId, options ListOperationOptions) (resp ListOperationResponse, err error)
- func (c IncidentsClient) ListComplete(ctx context.Context, id WorkspaceId, options ListOperationOptions) (ListCompleteResult, error)
- func (c IncidentsClient) ListCompleteMatchingPredicate(ctx context.Context, id WorkspaceId, options ListOperationOptions, ...) (resp ListCompleteResult, err error)
- type ListCompleteResult
- type ListOperationOptions
- type ListOperationResponse
- type OwnerType
- type WorkspaceId
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func PossibleValuesForAttackTactic ¶
func PossibleValuesForAttackTactic() []string
func PossibleValuesForIncidentClassification ¶
func PossibleValuesForIncidentClassification() []string
func PossibleValuesForIncidentClassificationReason ¶
func PossibleValuesForIncidentClassificationReason() []string
func PossibleValuesForIncidentLabelType ¶
func PossibleValuesForIncidentLabelType() []string
func PossibleValuesForIncidentSeverity ¶
func PossibleValuesForIncidentSeverity() []string
func PossibleValuesForIncidentStatus ¶
func PossibleValuesForIncidentStatus() []string
func PossibleValuesForOwnerType ¶
func PossibleValuesForOwnerType() []string
func ValidateIncidentID ¶
ValidateIncidentID checks that 'input' can be parsed as a Incident ID
func ValidateWorkspaceID ¶
ValidateWorkspaceID checks that 'input' can be parsed as a Workspace ID
Types ¶
type AttackTactic ¶
type AttackTactic string
const ( AttackTacticCollection AttackTactic = "Collection" AttackTacticCommandAndControl AttackTactic = "CommandAndControl" AttackTacticCredentialAccess AttackTactic = "CredentialAccess" AttackTacticDefenseEvasion AttackTactic = "DefenseEvasion" AttackTacticDiscovery AttackTactic = "Discovery" AttackTacticExecution AttackTactic = "Execution" AttackTacticExfiltration AttackTactic = "Exfiltration" AttackTacticImpact AttackTactic = "Impact" AttackTacticImpairProcessControl AttackTactic = "ImpairProcessControl" AttackTacticInhibitResponseFunction AttackTactic = "InhibitResponseFunction" AttackTacticInitialAccess AttackTactic = "InitialAccess" AttackTacticLateralMovement AttackTactic = "LateralMovement" AttackTacticPersistence AttackTactic = "Persistence" AttackTacticPreAttack AttackTactic = "PreAttack" AttackTacticPrivilegeEscalation AttackTactic = "PrivilegeEscalation" AttackTacticReconnaissance AttackTactic = "Reconnaissance" AttackTacticResourceDevelopment AttackTactic = "ResourceDevelopment" )
type DeleteOperationResponse ¶
type GetOperationResponse ¶
type Incident ¶
type Incident struct { Etag *string `json:"etag,omitempty"` Id *string `json:"id,omitempty"` Name *string `json:"name,omitempty"` Properties *IncidentProperties `json:"properties,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
type IncidentAdditionalData ¶
type IncidentAdditionalData struct { AlertProductNames *[]string `json:"alertProductNames,omitempty"` AlertsCount *int64 `json:"alertsCount,omitempty"` BookmarksCount *int64 `json:"bookmarksCount,omitempty"` CommentsCount *int64 `json:"commentsCount,omitempty"` Tactics *[]AttackTactic `json:"tactics,omitempty"` }
type IncidentClassification ¶
type IncidentClassification string
const ( IncidentClassificationBenignPositive IncidentClassification = "BenignPositive" IncidentClassificationFalsePositive IncidentClassification = "FalsePositive" IncidentClassificationTruePositive IncidentClassification = "TruePositive" IncidentClassificationUndetermined IncidentClassification = "Undetermined" )
type IncidentClassificationReason ¶
type IncidentClassificationReason string
const ( IncidentClassificationReasonInaccurateData IncidentClassificationReason = "InaccurateData" IncidentClassificationReasonIncorrectAlertLogic IncidentClassificationReason = "IncorrectAlertLogic" IncidentClassificationReasonSuspiciousActivity IncidentClassificationReason = "SuspiciousActivity" IncidentClassificationReasonSuspiciousButExpected IncidentClassificationReason = "SuspiciousButExpected" )
type IncidentId ¶
type IncidentId struct { SubscriptionId string ResourceGroupName string WorkspaceName string IncidentId string }
IncidentId is a struct representing the Resource ID for a Incident
func NewIncidentID ¶
func NewIncidentID(subscriptionId string, resourceGroupName string, workspaceName string, incidentId string) IncidentId
NewIncidentID returns a new IncidentId struct
func ParseIncidentID ¶
func ParseIncidentID(input string) (*IncidentId, error)
ParseIncidentID parses 'input' into a IncidentId
func ParseIncidentIDInsensitively ¶
func ParseIncidentIDInsensitively(input string) (*IncidentId, error)
ParseIncidentIDInsensitively parses 'input' case-insensitively into a IncidentId note: this method should only be used for API response data and not user input
func (*IncidentId) FromParseResult ¶
func (id *IncidentId) FromParseResult(input resourceids.ParseResult) error
func (IncidentId) Segments ¶
func (id IncidentId) Segments() []resourceids.Segment
Segments returns a slice of Resource ID Segments which comprise this Incident ID
func (IncidentId) String ¶
func (id IncidentId) String() string
String returns a human-readable description of this Incident ID
type IncidentLabel ¶
type IncidentLabel struct { LabelName string `json:"labelName"` LabelType *IncidentLabelType `json:"labelType,omitempty"` }
type IncidentLabelType ¶
type IncidentLabelType string
const ( IncidentLabelTypeAutoAssigned IncidentLabelType = "AutoAssigned" IncidentLabelTypeUser IncidentLabelType = "User" )
type IncidentOperationPredicate ¶
func (IncidentOperationPredicate) Matches ¶
func (p IncidentOperationPredicate) Matches(input Incident) bool
type IncidentOwnerInfo ¶
type IncidentProperties ¶
type IncidentProperties struct { AdditionalData *IncidentAdditionalData `json:"additionalData,omitempty"` Classification *IncidentClassification `json:"classification,omitempty"` ClassificationComment *string `json:"classificationComment,omitempty"` ClassificationReason *IncidentClassificationReason `json:"classificationReason,omitempty"` CreatedTimeUtc *string `json:"createdTimeUtc,omitempty"` Description *string `json:"description,omitempty"` FirstActivityTimeUtc *string `json:"firstActivityTimeUtc,omitempty"` IncidentNumber *int64 `json:"incidentNumber,omitempty"` IncidentUrl *string `json:"incidentUrl,omitempty"` Labels *[]IncidentLabel `json:"labels,omitempty"` LastActivityTimeUtc *string `json:"lastActivityTimeUtc,omitempty"` LastModifiedTimeUtc *string `json:"lastModifiedTimeUtc,omitempty"` Owner *IncidentOwnerInfo `json:"owner,omitempty"` RelatedAnalyticRuleIds *[]string `json:"relatedAnalyticRuleIds,omitempty"` Severity IncidentSeverity `json:"severity"` Status IncidentStatus `json:"status"` Title string `json:"title"` }
func (*IncidentProperties) GetCreatedTimeUtcAsTime ¶
func (o *IncidentProperties) GetCreatedTimeUtcAsTime() (*time.Time, error)
func (*IncidentProperties) GetFirstActivityTimeUtcAsTime ¶
func (o *IncidentProperties) GetFirstActivityTimeUtcAsTime() (*time.Time, error)
func (*IncidentProperties) GetLastActivityTimeUtcAsTime ¶
func (o *IncidentProperties) GetLastActivityTimeUtcAsTime() (*time.Time, error)
func (*IncidentProperties) GetLastModifiedTimeUtcAsTime ¶
func (o *IncidentProperties) GetLastModifiedTimeUtcAsTime() (*time.Time, error)
func (*IncidentProperties) SetCreatedTimeUtcAsTime ¶
func (o *IncidentProperties) SetCreatedTimeUtcAsTime(input time.Time)
func (*IncidentProperties) SetFirstActivityTimeUtcAsTime ¶
func (o *IncidentProperties) SetFirstActivityTimeUtcAsTime(input time.Time)
func (*IncidentProperties) SetLastActivityTimeUtcAsTime ¶
func (o *IncidentProperties) SetLastActivityTimeUtcAsTime(input time.Time)
func (*IncidentProperties) SetLastModifiedTimeUtcAsTime ¶
func (o *IncidentProperties) SetLastModifiedTimeUtcAsTime(input time.Time)
type IncidentSeverity ¶
type IncidentSeverity string
const ( IncidentSeverityHigh IncidentSeverity = "High" IncidentSeverityInformational IncidentSeverity = "Informational" IncidentSeverityLow IncidentSeverity = "Low" IncidentSeverityMedium IncidentSeverity = "Medium" )
type IncidentStatus ¶
type IncidentStatus string
const ( IncidentStatusActive IncidentStatus = "Active" IncidentStatusClosed IncidentStatus = "Closed" IncidentStatusNew IncidentStatus = "New" )
type IncidentsClient ¶
func NewIncidentsClientWithBaseURI ¶
func NewIncidentsClientWithBaseURI(endpoint string) IncidentsClient
func (IncidentsClient) CreateOrUpdate ¶
func (c IncidentsClient) CreateOrUpdate(ctx context.Context, id IncidentId, input Incident) (result CreateOrUpdateOperationResponse, err error)
CreateOrUpdate ...
func (IncidentsClient) Delete ¶
func (c IncidentsClient) Delete(ctx context.Context, id IncidentId) (result DeleteOperationResponse, err error)
Delete ...
func (IncidentsClient) Get ¶
func (c IncidentsClient) Get(ctx context.Context, id IncidentId) (result GetOperationResponse, err error)
Get ...
func (IncidentsClient) List ¶
func (c IncidentsClient) List(ctx context.Context, id WorkspaceId, options ListOperationOptions) (resp ListOperationResponse, err error)
List ...
func (IncidentsClient) ListComplete ¶
func (c IncidentsClient) ListComplete(ctx context.Context, id WorkspaceId, options ListOperationOptions) (ListCompleteResult, error)
ListComplete retrieves all of the results into a single object
func (IncidentsClient) ListCompleteMatchingPredicate ¶
func (c IncidentsClient) ListCompleteMatchingPredicate(ctx context.Context, id WorkspaceId, options ListOperationOptions, predicate IncidentOperationPredicate) (resp ListCompleteResult, err error)
ListCompleteMatchingPredicate retrieves all of the results and then applied the predicate
type ListCompleteResult ¶
type ListCompleteResult struct {
Items []Incident
}
type ListOperationOptions ¶
func DefaultListOperationOptions ¶
func DefaultListOperationOptions() ListOperationOptions
type ListOperationResponse ¶
type ListOperationResponse struct { HttpResponse *http.Response Model *[]Incident // contains filtered or unexported fields }
func (ListOperationResponse) HasMore ¶
func (r ListOperationResponse) HasMore() bool
func (ListOperationResponse) LoadMore ¶
func (r ListOperationResponse) LoadMore(ctx context.Context) (resp ListOperationResponse, err error)
type WorkspaceId ¶
WorkspaceId is a struct representing the Resource ID for a Workspace
func NewWorkspaceID ¶
func NewWorkspaceID(subscriptionId string, resourceGroupName string, workspaceName string) WorkspaceId
NewWorkspaceID returns a new WorkspaceId struct
func ParseWorkspaceID ¶
func ParseWorkspaceID(input string) (*WorkspaceId, error)
ParseWorkspaceID parses 'input' into a WorkspaceId
func ParseWorkspaceIDInsensitively ¶
func ParseWorkspaceIDInsensitively(input string) (*WorkspaceId, error)
ParseWorkspaceIDInsensitively parses 'input' case-insensitively into a WorkspaceId note: this method should only be used for API response data and not user input
func (*WorkspaceId) FromParseResult ¶
func (id *WorkspaceId) FromParseResult(input resourceids.ParseResult) error
func (WorkspaceId) Segments ¶
func (id WorkspaceId) Segments() []resourceids.Segment
Segments returns a slice of Resource ID Segments which comprise this Workspace ID
func (WorkspaceId) String ¶
func (id WorkspaceId) String() string
String returns a human-readable description of this Workspace ID
Source Files ¶
- client.go
- constants.go
- id_incident.go
- id_workspace.go
- method_createorupdate_autorest.go
- method_delete_autorest.go
- method_get_autorest.go
- method_list_autorest.go
- model_incident.go
- model_incidentadditionaldata.go
- model_incidentlabel.go
- model_incidentownerinfo.go
- model_incidentproperties.go
- predicates.go
- version.go