threatintelligence

package
v0.20240606.1065251 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 6, 2024 License: MPL-2.0 Imports: 12 Imported by: 1

README

github.com/hashicorp/go-azure-sdk/resource-manager/securityinsights/2023-02-01/threatintelligence Documentation

The threatintelligence SDK allows for interaction with the Azure Resource Manager Service securityinsights (API Version 2023-02-01).

This readme covers example usages, but further information on using this SDK can be found in the project root.

Import Path

import "github.com/hashicorp/go-azure-sdk/resource-manager/securityinsights/2023-02-01/threatintelligence"

Client Initialization

client := threatintelligence.NewThreatIntelligenceClientWithBaseURI("https://management.azure.com")
client.Client.Authorizer = authorizer

Example Usage: ThreatIntelligenceClient.IndicatorAppendTags

ctx := context.TODO()
id := threatintelligence.NewIndicatorID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue", "indicatorValue")

payload := threatintelligence.ThreatIntelligenceAppendTags{
	// ...
}


read, err := client.IndicatorAppendTags(ctx, id, payload)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: ThreatIntelligenceClient.IndicatorCreate

ctx := context.TODO()
id := threatintelligence.NewIndicatorID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue", "indicatorValue")

payload := threatintelligence.ThreatIntelligenceIndicatorModel{
	// ...
}


read, err := client.IndicatorCreate(ctx, id, payload)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: ThreatIntelligenceClient.IndicatorCreateIndicator

ctx := context.TODO()
id := threatintelligence.NewWorkspaceID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue")

payload := threatintelligence.ThreatIntelligenceIndicatorModel{
	// ...
}


read, err := client.IndicatorCreateIndicator(ctx, id, payload)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: ThreatIntelligenceClient.IndicatorDelete

ctx := context.TODO()
id := threatintelligence.NewIndicatorID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue", "indicatorValue")

read, err := client.IndicatorDelete(ctx, id)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: ThreatIntelligenceClient.IndicatorGet

ctx := context.TODO()
id := threatintelligence.NewIndicatorID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue", "indicatorValue")

read, err := client.IndicatorGet(ctx, id)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: ThreatIntelligenceClient.IndicatorMetricsList

ctx := context.TODO()
id := threatintelligence.NewWorkspaceID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue")

read, err := client.IndicatorMetricsList(ctx, id)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: ThreatIntelligenceClient.IndicatorQueryIndicators

ctx := context.TODO()
id := threatintelligence.NewWorkspaceID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue")

payload := threatintelligence.ThreatIntelligenceFilteringCriteria{
	// ...
}


// alternatively `client.IndicatorQueryIndicators(ctx, id, payload)` can be used to do batched pagination
items, err := client.IndicatorQueryIndicatorsComplete(ctx, id, payload)
if err != nil {
	// handle the error
}
for _, item := range items {
	// do something
}

Example Usage: ThreatIntelligenceClient.IndicatorReplaceTags

ctx := context.TODO()
id := threatintelligence.NewIndicatorID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue", "indicatorValue")

payload := threatintelligence.ThreatIntelligenceIndicatorModel{
	// ...
}


read, err := client.IndicatorReplaceTags(ctx, id, payload)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: ThreatIntelligenceClient.IndicatorsList

ctx := context.TODO()
id := threatintelligence.NewWorkspaceID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue")

// alternatively `client.IndicatorsList(ctx, id, threatintelligence.DefaultIndicatorsListOperationOptions())` can be used to do batched pagination
items, err := client.IndicatorsListComplete(ctx, id, threatintelligence.DefaultIndicatorsListOperationOptions())
if err != nil {
	// handle the error
}
for _, item := range items {
	// do something
}

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func PossibleValuesForThreatIntelligenceResourceInnerKind

func PossibleValuesForThreatIntelligenceResourceInnerKind() []string

func PossibleValuesForThreatIntelligenceSortingOrder

func PossibleValuesForThreatIntelligenceSortingOrder() []string

func ValidateIndicatorID

func ValidateIndicatorID(input interface{}, key string) (warnings []string, errors []error)

ValidateIndicatorID checks that 'input' can be parsed as a Indicator ID

func ValidateWorkspaceID

func ValidateWorkspaceID(input interface{}, key string) (warnings []string, errors []error)

ValidateWorkspaceID checks that 'input' can be parsed as a Workspace ID

Types

type IndicatorAppendTagsOperationResponse

type IndicatorAppendTagsOperationResponse struct {
	HttpResponse *http.Response
	OData        *odata.OData
}

type IndicatorCreateIndicatorOperationResponse

type IndicatorCreateIndicatorOperationResponse struct {
	HttpResponse *http.Response
	OData        *odata.OData
	Model        *ThreatIntelligenceInformation
}

type IndicatorCreateOperationResponse

type IndicatorCreateOperationResponse struct {
	HttpResponse *http.Response
	OData        *odata.OData
	Model        *ThreatIntelligenceInformation
}

type IndicatorDeleteOperationResponse

type IndicatorDeleteOperationResponse struct {
	HttpResponse *http.Response
	OData        *odata.OData
}

type IndicatorGetOperationResponse

type IndicatorGetOperationResponse struct {
	HttpResponse *http.Response
	OData        *odata.OData
	Model        *ThreatIntelligenceInformation
}

type IndicatorId

type IndicatorId struct {
	SubscriptionId    string
	ResourceGroupName string
	WorkspaceName     string
	IndicatorName     string
}

IndicatorId is a struct representing the Resource ID for a Indicator

func NewIndicatorID

func NewIndicatorID(subscriptionId string, resourceGroupName string, workspaceName string, indicatorName string) IndicatorId

NewIndicatorID returns a new IndicatorId struct

func ParseIndicatorID

func ParseIndicatorID(input string) (*IndicatorId, error)

ParseIndicatorID parses 'input' into a IndicatorId

func ParseIndicatorIDInsensitively

func ParseIndicatorIDInsensitively(input string) (*IndicatorId, error)

ParseIndicatorIDInsensitively parses 'input' case-insensitively into a IndicatorId note: this method should only be used for API response data and not user input

func (*IndicatorId) FromParseResult

func (id *IndicatorId) FromParseResult(input resourceids.ParseResult) error

func (IndicatorId) ID

func (id IndicatorId) ID() string

ID returns the formatted Indicator ID

func (IndicatorId) Segments

func (id IndicatorId) Segments() []resourceids.Segment

Segments returns a slice of Resource ID Segments which comprise this Indicator ID

func (IndicatorId) String

func (id IndicatorId) String() string

String returns a human-readable description of this Indicator ID

type IndicatorMetricsListOperationResponse

type IndicatorMetricsListOperationResponse struct {
	HttpResponse *http.Response
	OData        *odata.OData
	Model        *ThreatIntelligenceMetricsList
}

type IndicatorQueryIndicatorsCompleteResult

type IndicatorQueryIndicatorsCompleteResult struct {
	LatestHttpResponse *http.Response
	Items              []ThreatIntelligenceInformation
}

type IndicatorQueryIndicatorsOperationResponse

type IndicatorQueryIndicatorsOperationResponse struct {
	HttpResponse *http.Response
	OData        *odata.OData
	Model        *[]ThreatIntelligenceInformation
}

type IndicatorReplaceTagsOperationResponse

type IndicatorReplaceTagsOperationResponse struct {
	HttpResponse *http.Response
	OData        *odata.OData
	Model        *ThreatIntelligenceInformation
}

type IndicatorsListCompleteResult

type IndicatorsListCompleteResult struct {
	LatestHttpResponse *http.Response
	Items              []ThreatIntelligenceInformation
}

type IndicatorsListOperationOptions

type IndicatorsListOperationOptions struct {
	Filter  *string
	Orderby *string
	Top     *int64
}

func DefaultIndicatorsListOperationOptions

func DefaultIndicatorsListOperationOptions() IndicatorsListOperationOptions

func (IndicatorsListOperationOptions) ToHeaders added in v0.20240221.1115631

func (IndicatorsListOperationOptions) ToOData added in v0.20240221.1115631

func (IndicatorsListOperationOptions) ToQuery added in v0.20240221.1115631

type IndicatorsListOperationResponse

type IndicatorsListOperationResponse struct {
	HttpResponse *http.Response
	OData        *odata.OData
	Model        *[]ThreatIntelligenceInformation
}

type RawThreatIntelligenceInformationImpl

type RawThreatIntelligenceInformationImpl struct {
	Type   string
	Values map[string]interface{}
}

RawThreatIntelligenceInformationImpl is returned when the Discriminated Value doesn't match any of the defined types NOTE: this should only be used when a type isn't defined for this type of Object (as a workaround) and is used only for Deserialization (e.g. this cannot be used as a Request Payload).

type ThreatIntelligenceAppendTags

type ThreatIntelligenceAppendTags struct {
	ThreatIntelligenceTags *[]string `json:"threatIntelligenceTags,omitempty"`
}

type ThreatIntelligenceClient

type ThreatIntelligenceClient struct {
	Client *resourcemanager.Client
}

func NewThreatIntelligenceClientWithBaseURI

func NewThreatIntelligenceClientWithBaseURI(sdkApi sdkEnv.Api) (*ThreatIntelligenceClient, error)

func (ThreatIntelligenceClient) IndicatorAppendTags

IndicatorAppendTags ...

func (ThreatIntelligenceClient) IndicatorCreate

IndicatorCreate ...

func (ThreatIntelligenceClient) IndicatorCreateIndicator

IndicatorCreateIndicator ...

func (ThreatIntelligenceClient) IndicatorDelete

IndicatorDelete ...

func (ThreatIntelligenceClient) IndicatorGet

IndicatorGet ...

func (ThreatIntelligenceClient) IndicatorMetricsList

IndicatorMetricsList ...

func (ThreatIntelligenceClient) IndicatorQueryIndicators

IndicatorQueryIndicators ...

func (ThreatIntelligenceClient) IndicatorQueryIndicatorsComplete

IndicatorQueryIndicatorsComplete retrieves all the results into a single object

func (ThreatIntelligenceClient) IndicatorQueryIndicatorsCompleteMatchingPredicate

IndicatorQueryIndicatorsCompleteMatchingPredicate retrieves all the results and then applies the predicate

func (ThreatIntelligenceClient) IndicatorReplaceTags

IndicatorReplaceTags ...

func (ThreatIntelligenceClient) IndicatorsList

IndicatorsList ...

func (ThreatIntelligenceClient) IndicatorsListComplete

IndicatorsListComplete retrieves all the results into a single object

func (ThreatIntelligenceClient) IndicatorsListCompleteMatchingPredicate

IndicatorsListCompleteMatchingPredicate retrieves all the results and then applies the predicate

type ThreatIntelligenceExternalReference

type ThreatIntelligenceExternalReference struct {
	Description *string            `json:"description,omitempty"`
	ExternalId  *string            `json:"externalId,omitempty"`
	Hashes      *map[string]string `json:"hashes,omitempty"`
	SourceName  *string            `json:"sourceName,omitempty"`
	Url         *string            `json:"url,omitempty"`
}

type ThreatIntelligenceFilteringCriteria

type ThreatIntelligenceFilteringCriteria struct {
	Ids             *[]string                            `json:"ids,omitempty"`
	IncludeDisabled *bool                                `json:"includeDisabled,omitempty"`
	Keywords        *[]string                            `json:"keywords,omitempty"`
	MaxConfidence   *int64                               `json:"maxConfidence,omitempty"`
	MaxValidUntil   *string                              `json:"maxValidUntil,omitempty"`
	MinConfidence   *int64                               `json:"minConfidence,omitempty"`
	MinValidUntil   *string                              `json:"minValidUntil,omitempty"`
	PageSize        *int64                               `json:"pageSize,omitempty"`
	PatternTypes    *[]string                            `json:"patternTypes,omitempty"`
	SkipToken       *string                              `json:"skipToken,omitempty"`
	SortBy          *[]ThreatIntelligenceSortingCriteria `json:"sortBy,omitempty"`
	Sources         *[]string                            `json:"sources,omitempty"`
	ThreatTypes     *[]string                            `json:"threatTypes,omitempty"`
}

type ThreatIntelligenceGranularMarkingModel

type ThreatIntelligenceGranularMarkingModel struct {
	Language   *string   `json:"language,omitempty"`
	MarkingRef *int64    `json:"markingRef,omitempty"`
	Selectors  *[]string `json:"selectors,omitempty"`
}

type ThreatIntelligenceIndicatorModel

type ThreatIntelligenceIndicatorModel struct {
	Properties *ThreatIntelligenceIndicatorProperties `json:"properties,omitempty"`

	// Fields inherited from ThreatIntelligenceInformation
	Etag       *string                `json:"etag,omitempty"`
	Id         *string                `json:"id,omitempty"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (ThreatIntelligenceIndicatorModel) MarshalJSON

func (s ThreatIntelligenceIndicatorModel) MarshalJSON() ([]byte, error)

type ThreatIntelligenceIndicatorProperties

type ThreatIntelligenceIndicatorProperties struct {
	AdditionalData             *interface{}                              `json:"additionalData,omitempty"`
	Confidence                 *int64                                    `json:"confidence,omitempty"`
	Created                    *string                                   `json:"created,omitempty"`
	CreatedByRef               *string                                   `json:"createdByRef,omitempty"`
	Defanged                   *bool                                     `json:"defanged,omitempty"`
	Description                *string                                   `json:"description,omitempty"`
	DisplayName                *string                                   `json:"displayName,omitempty"`
	Extensions                 *interface{}                              `json:"extensions,omitempty"`
	ExternalId                 *string                                   `json:"externalId,omitempty"`
	ExternalLastUpdatedTimeUtc *string                                   `json:"externalLastUpdatedTimeUtc,omitempty"`
	ExternalReferences         *[]ThreatIntelligenceExternalReference    `json:"externalReferences,omitempty"`
	FriendlyName               *string                                   `json:"friendlyName,omitempty"`
	GranularMarkings           *[]ThreatIntelligenceGranularMarkingModel `json:"granularMarkings,omitempty"`
	IndicatorTypes             *[]string                                 `json:"indicatorTypes,omitempty"`
	KillChainPhases            *[]ThreatIntelligenceKillChainPhase       `json:"killChainPhases,omitempty"`
	Labels                     *[]string                                 `json:"labels,omitempty"`
	Language                   *string                                   `json:"language,omitempty"`
	LastUpdatedTimeUtc         *string                                   `json:"lastUpdatedTimeUtc,omitempty"`
	Modified                   *string                                   `json:"modified,omitempty"`
	ObjectMarkingRefs          *[]string                                 `json:"objectMarkingRefs,omitempty"`
	ParsedPattern              *[]ThreatIntelligenceParsedPattern        `json:"parsedPattern,omitempty"`
	Pattern                    *string                                   `json:"pattern,omitempty"`
	PatternType                *string                                   `json:"patternType,omitempty"`
	PatternVersion             *string                                   `json:"patternVersion,omitempty"`
	Revoked                    *bool                                     `json:"revoked,omitempty"`
	Source                     *string                                   `json:"source,omitempty"`
	ThreatIntelligenceTags     *[]string                                 `json:"threatIntelligenceTags,omitempty"`
	ThreatTypes                *[]string                                 `json:"threatTypes,omitempty"`
	ValidFrom                  *string                                   `json:"validFrom,omitempty"`
	ValidUntil                 *string                                   `json:"validUntil,omitempty"`
}

type ThreatIntelligenceInformation

type ThreatIntelligenceInformation interface {
}

type ThreatIntelligenceInformationOperationPredicate

type ThreatIntelligenceInformationOperationPredicate struct {
}

func (ThreatIntelligenceInformationOperationPredicate) Matches

type ThreatIntelligenceKillChainPhase

type ThreatIntelligenceKillChainPhase struct {
	KillChainName *string `json:"killChainName,omitempty"`
	PhaseName     *string `json:"phaseName,omitempty"`
}

type ThreatIntelligenceMetric

type ThreatIntelligenceMetric struct {
	LastUpdatedTimeUtc *string                           `json:"lastUpdatedTimeUtc,omitempty"`
	PatternTypeMetrics *[]ThreatIntelligenceMetricEntity `json:"patternTypeMetrics,omitempty"`
	SourceMetrics      *[]ThreatIntelligenceMetricEntity `json:"sourceMetrics,omitempty"`
	ThreatTypeMetrics  *[]ThreatIntelligenceMetricEntity `json:"threatTypeMetrics,omitempty"`
}

type ThreatIntelligenceMetricEntity

type ThreatIntelligenceMetricEntity struct {
	MetricName  *string `json:"metricName,omitempty"`
	MetricValue *int64  `json:"metricValue,omitempty"`
}

type ThreatIntelligenceMetrics

type ThreatIntelligenceMetrics struct {
	Properties *ThreatIntelligenceMetric `json:"properties,omitempty"`
}

type ThreatIntelligenceMetricsList

type ThreatIntelligenceMetricsList struct {
	Value []ThreatIntelligenceMetrics `json:"value"`
}

type ThreatIntelligenceParsedPattern

type ThreatIntelligenceParsedPattern struct {
	PatternTypeKey    *string                                     `json:"patternTypeKey,omitempty"`
	PatternTypeValues *[]ThreatIntelligenceParsedPatternTypeValue `json:"patternTypeValues,omitempty"`
}

type ThreatIntelligenceParsedPatternTypeValue

type ThreatIntelligenceParsedPatternTypeValue struct {
	Value     *string `json:"value,omitempty"`
	ValueType *string `json:"valueType,omitempty"`
}

type ThreatIntelligenceResourceInnerKind

type ThreatIntelligenceResourceInnerKind string
const (
	ThreatIntelligenceResourceInnerKindIndicator ThreatIntelligenceResourceInnerKind = "indicator"
)

func (*ThreatIntelligenceResourceInnerKind) UnmarshalJSON added in v0.20240221.1115631

func (s *ThreatIntelligenceResourceInnerKind) UnmarshalJSON(bytes []byte) error

type ThreatIntelligenceSortingCriteria

type ThreatIntelligenceSortingCriteria struct {
	ItemKey   *string                         `json:"itemKey,omitempty"`
	SortOrder *ThreatIntelligenceSortingOrder `json:"sortOrder,omitempty"`
}

type ThreatIntelligenceSortingOrder

type ThreatIntelligenceSortingOrder string
const (
	ThreatIntelligenceSortingOrderAscending  ThreatIntelligenceSortingOrder = "ascending"
	ThreatIntelligenceSortingOrderDescending ThreatIntelligenceSortingOrder = "descending"
	ThreatIntelligenceSortingOrderUnsorted   ThreatIntelligenceSortingOrder = "unsorted"
)

func (*ThreatIntelligenceSortingOrder) UnmarshalJSON added in v0.20240221.1115631

func (s *ThreatIntelligenceSortingOrder) UnmarshalJSON(bytes []byte) error

type WorkspaceId

type WorkspaceId struct {
	SubscriptionId    string
	ResourceGroupName string
	WorkspaceName     string
}

WorkspaceId is a struct representing the Resource ID for a Workspace

func NewWorkspaceID

func NewWorkspaceID(subscriptionId string, resourceGroupName string, workspaceName string) WorkspaceId

NewWorkspaceID returns a new WorkspaceId struct

func ParseWorkspaceID

func ParseWorkspaceID(input string) (*WorkspaceId, error)

ParseWorkspaceID parses 'input' into a WorkspaceId

func ParseWorkspaceIDInsensitively

func ParseWorkspaceIDInsensitively(input string) (*WorkspaceId, error)

ParseWorkspaceIDInsensitively parses 'input' case-insensitively into a WorkspaceId note: this method should only be used for API response data and not user input

func (*WorkspaceId) FromParseResult

func (id *WorkspaceId) FromParseResult(input resourceids.ParseResult) error

func (WorkspaceId) ID

func (id WorkspaceId) ID() string

ID returns the formatted Workspace ID

func (WorkspaceId) Segments

func (id WorkspaceId) Segments() []resourceids.Segment

Segments returns a slice of Resource ID Segments which comprise this Workspace ID

func (WorkspaceId) String

func (id WorkspaceId) String() string

String returns a human-readable description of this Workspace ID

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL