entities

package
v0.20241118.1115603 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 18, 2024 License: MPL-2.0 Imports: 14 Imported by: 1

README

github.com/hashicorp/go-azure-sdk/resource-manager/securityinsights/2022-10-01-preview/entities Documentation

The entities SDK allows for interaction with Azure Resource Manager securityinsights (API Version 2022-10-01-preview).

This readme covers example usages, but further information on using this SDK can be found in the project root.

Import Path

import "github.com/hashicorp/go-azure-sdk/resource-manager/securityinsights/2022-10-01-preview/entities"

Client Initialization

client := entities.NewEntitiesClientWithBaseURI("https://management.azure.com")
client.Client.Authorizer = authorizer

Example Usage: EntitiesClient.Expand

ctx := context.TODO()
id := entities.NewEntityID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceName", "entityId")

payload := entities.EntityExpandParameters{
	// ...
}


read, err := client.Expand(ctx, id, payload)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: EntitiesClient.Get

ctx := context.TODO()
id := entities.NewEntityID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceName", "entityId")

read, err := client.Get(ctx, id)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: EntitiesClient.GetInsights

ctx := context.TODO()
id := entities.NewEntityID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceName", "entityId")

payload := entities.EntityGetInsightsParameters{
	// ...
}


read, err := client.GetInsights(ctx, id, payload)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: EntitiesClient.GetTimelinelist

ctx := context.TODO()
id := entities.NewEntityID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceName", "entityId")

payload := entities.EntityTimelineParameters{
	// ...
}


read, err := client.GetTimelinelist(ctx, id, payload)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: EntitiesClient.List

ctx := context.TODO()
id := entities.NewWorkspaceID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceName")

// alternatively `client.List(ctx, id)` can be used to do batched pagination
items, err := client.ListComplete(ctx, id)
if err != nil {
	// handle the error
}
for _, item := range items {
	// do something
}

Example Usage: EntitiesClient.Queries

ctx := context.TODO()
id := entities.NewEntityID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceName", "entityId")

read, err := client.Queries(ctx, id, entities.DefaultQueriesOperationOptions())
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func PossibleValuesForAlertSeverity

func PossibleValuesForAlertSeverity() []string

func PossibleValuesForAlertStatus added in v0.20241009.1142232

func PossibleValuesForAlertStatus() []string

func PossibleValuesForAntispamMailDirection added in v0.20241009.1142232

func PossibleValuesForAntispamMailDirection() []string

func PossibleValuesForAttackTactic added in v0.20241009.1142232

func PossibleValuesForAttackTactic() []string

func PossibleValuesForConfidenceLevel added in v0.20241009.1142232

func PossibleValuesForConfidenceLevel() []string

func PossibleValuesForConfidenceScoreStatus added in v0.20241009.1142232

func PossibleValuesForConfidenceScoreStatus() []string

func PossibleValuesForDeliveryAction added in v0.20241009.1142232

func PossibleValuesForDeliveryAction() []string

func PossibleValuesForDeliveryLocation added in v0.20241009.1142232

func PossibleValuesForDeliveryLocation() []string

func PossibleValuesForDeviceImportance added in v0.20241009.1142232

func PossibleValuesForDeviceImportance() []string

func PossibleValuesForElevationToken added in v0.20241009.1142232

func PossibleValuesForElevationToken() []string

func PossibleValuesForEntityItemQueryKind

func PossibleValuesForEntityItemQueryKind() []string

func PossibleValuesForEntityKind

func PossibleValuesForEntityKind() []string

func PossibleValuesForEntityQueryKind

func PossibleValuesForEntityQueryKind() []string

func PossibleValuesForEntityTimelineKind

func PossibleValuesForEntityTimelineKind() []string

func PossibleValuesForEntityType

func PossibleValuesForEntityType() []string

func PossibleValuesForFileHashAlgorithm added in v0.20241009.1142232

func PossibleValuesForFileHashAlgorithm() []string

func PossibleValuesForGetInsightsError

func PossibleValuesForGetInsightsError() []string

func PossibleValuesForIncidentSeverity added in v0.20241009.1142232

func PossibleValuesForIncidentSeverity() []string

func PossibleValuesForKillChainIntent

func PossibleValuesForKillChainIntent() []string

func PossibleValuesForOSFamily added in v0.20241009.1142232

func PossibleValuesForOSFamily() []string

func PossibleValuesForOutputType

func PossibleValuesForOutputType() []string

func PossibleValuesForRegistryHive added in v0.20241009.1142232

func PossibleValuesForRegistryHive() []string

func PossibleValuesForRegistryValueKind added in v0.20241009.1142232

func PossibleValuesForRegistryValueKind() []string

func ValidateEntityID

func ValidateEntityID(input interface{}, key string) (warnings []string, errors []error)

ValidateEntityID checks that 'input' can be parsed as a Entity ID

func ValidateWorkspaceID

func ValidateWorkspaceID(input interface{}, key string) (warnings []string, errors []error)

ValidateWorkspaceID checks that 'input' can be parsed as a Workspace ID

Types

type AccountEntity added in v0.20241009.1142232

type AccountEntity struct {
	Properties *AccountEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (AccountEntity) Entity added in v0.20241009.1142232

func (s AccountEntity) Entity() BaseEntityImpl

func (AccountEntity) MarshalJSON added in v0.20241009.1142232

func (s AccountEntity) MarshalJSON() ([]byte, error)

type AccountEntityProperties added in v0.20241009.1142232

type AccountEntityProperties struct {
	AadTenantId    *string                 `json:"aadTenantId,omitempty"`
	AadUserId      *string                 `json:"aadUserId,omitempty"`
	AccountName    *string                 `json:"accountName,omitempty"`
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	DisplayName    *string                 `json:"displayName,omitempty"`
	DnsDomain      *string                 `json:"dnsDomain,omitempty"`
	FriendlyName   *string                 `json:"friendlyName,omitempty"`
	HostEntityId   *string                 `json:"hostEntityId,omitempty"`
	IsDomainJoined *bool                   `json:"isDomainJoined,omitempty"`
	NtDomain       *string                 `json:"ntDomain,omitempty"`
	ObjectGuid     *string                 `json:"objectGuid,omitempty"`
	Puid           *string                 `json:"puid,omitempty"`
	Sid            *string                 `json:"sid,omitempty"`
	UpnSuffix      *string                 `json:"upnSuffix,omitempty"`
}

type ActivityTimelineItem

type ActivityTimelineItem struct {
	BucketEndTimeUTC     string `json:"bucketEndTimeUTC"`
	BucketStartTimeUTC   string `json:"bucketStartTimeUTC"`
	Content              string `json:"content"`
	FirstActivityTimeUTC string `json:"firstActivityTimeUTC"`
	LastActivityTimeUTC  string `json:"lastActivityTimeUTC"`
	QueryId              string `json:"queryId"`
	Title                string `json:"title"`

	Kind EntityTimelineKind `json:"kind"`
}

func (ActivityTimelineItem) EntityTimelineItem added in v0.20240920.1135249

func (s ActivityTimelineItem) EntityTimelineItem() BaseEntityTimelineItemImpl

func (ActivityTimelineItem) MarshalJSON

func (s ActivityTimelineItem) MarshalJSON() ([]byte, error)

type AlertSeverity

type AlertSeverity string
const (
	AlertSeverityHigh          AlertSeverity = "High"
	AlertSeverityInformational AlertSeverity = "Informational"
	AlertSeverityLow           AlertSeverity = "Low"
	AlertSeverityMedium        AlertSeverity = "Medium"
)

func (*AlertSeverity) UnmarshalJSON added in v0.20240221.1115631

func (s *AlertSeverity) UnmarshalJSON(bytes []byte) error

type AlertStatus added in v0.20241009.1142232

type AlertStatus string
const (
	AlertStatusDismissed  AlertStatus = "Dismissed"
	AlertStatusInProgress AlertStatus = "InProgress"
	AlertStatusNew        AlertStatus = "New"
	AlertStatusResolved   AlertStatus = "Resolved"
	AlertStatusUnknown    AlertStatus = "Unknown"
)

func (*AlertStatus) UnmarshalJSON added in v0.20241009.1142232

func (s *AlertStatus) UnmarshalJSON(bytes []byte) error

type AnomalyTimelineItem

type AnomalyTimelineItem struct {
	AzureResourceId string    `json:"azureResourceId"`
	Description     *string   `json:"description,omitempty"`
	DisplayName     string    `json:"displayName"`
	EndTimeUtc      string    `json:"endTimeUtc"`
	Intent          *string   `json:"intent,omitempty"`
	ProductName     *string   `json:"productName,omitempty"`
	Reasons         *[]string `json:"reasons,omitempty"`
	StartTimeUtc    string    `json:"startTimeUtc"`
	Techniques      *[]string `json:"techniques,omitempty"`
	TimeGenerated   string    `json:"timeGenerated"`
	Vendor          *string   `json:"vendor,omitempty"`

	Kind EntityTimelineKind `json:"kind"`
}

func (AnomalyTimelineItem) EntityTimelineItem added in v0.20240920.1135249

func (s AnomalyTimelineItem) EntityTimelineItem() BaseEntityTimelineItemImpl

func (AnomalyTimelineItem) MarshalJSON

func (s AnomalyTimelineItem) MarshalJSON() ([]byte, error)

type AntispamMailDirection added in v0.20241009.1142232

type AntispamMailDirection string
const (
	AntispamMailDirectionInbound  AntispamMailDirection = "Inbound"
	AntispamMailDirectionIntraorg AntispamMailDirection = "Intraorg"
	AntispamMailDirectionOutbound AntispamMailDirection = "Outbound"
	AntispamMailDirectionUnknown  AntispamMailDirection = "Unknown"
)

func (*AntispamMailDirection) UnmarshalJSON added in v0.20241009.1142232

func (s *AntispamMailDirection) UnmarshalJSON(bytes []byte) error

type AttackTactic added in v0.20241009.1142232

type AttackTactic string
const (
	AttackTacticCollection              AttackTactic = "Collection"
	AttackTacticCommandAndControl       AttackTactic = "CommandAndControl"
	AttackTacticCredentialAccess        AttackTactic = "CredentialAccess"
	AttackTacticDefenseEvasion          AttackTactic = "DefenseEvasion"
	AttackTacticDiscovery               AttackTactic = "Discovery"
	AttackTacticExecution               AttackTactic = "Execution"
	AttackTacticExfiltration            AttackTactic = "Exfiltration"
	AttackTacticImpact                  AttackTactic = "Impact"
	AttackTacticImpairProcessControl    AttackTactic = "ImpairProcessControl"
	AttackTacticInhibitResponseFunction AttackTactic = "InhibitResponseFunction"
	AttackTacticInitialAccess           AttackTactic = "InitialAccess"
	AttackTacticLateralMovement         AttackTactic = "LateralMovement"
	AttackTacticPersistence             AttackTactic = "Persistence"
	AttackTacticPreAttack               AttackTactic = "PreAttack"
	AttackTacticPrivilegeEscalation     AttackTactic = "PrivilegeEscalation"
	AttackTacticReconnaissance          AttackTactic = "Reconnaissance"
	AttackTacticResourceDevelopment     AttackTactic = "ResourceDevelopment"
)

func (*AttackTactic) UnmarshalJSON added in v0.20241009.1142232

func (s *AttackTactic) UnmarshalJSON(bytes []byte) error

type AzureResourceEntity added in v0.20241009.1142232

type AzureResourceEntity struct {
	Properties *AzureResourceEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (AzureResourceEntity) Entity added in v0.20241009.1142232

func (AzureResourceEntity) MarshalJSON added in v0.20241009.1142232

func (s AzureResourceEntity) MarshalJSON() ([]byte, error)

type AzureResourceEntityProperties added in v0.20241009.1142232

type AzureResourceEntityProperties struct {
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	FriendlyName   *string                 `json:"friendlyName,omitempty"`
	ResourceId     *string                 `json:"resourceId,omitempty"`
	SubscriptionId *string                 `json:"subscriptionId,omitempty"`
}

type BaseEntityImpl added in v0.20241009.1142232

type BaseEntityImpl struct {
	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (BaseEntityImpl) Entity added in v0.20241009.1142232

func (s BaseEntityImpl) Entity() BaseEntityImpl

type BaseEntityQueryItemImpl added in v0.20240920.1135249

type BaseEntityQueryItemImpl struct {
	Id   *string         `json:"id,omitempty"`
	Kind EntityQueryKind `json:"kind"`
	Name *string         `json:"name,omitempty"`
	Type *string         `json:"type,omitempty"`
}

func (BaseEntityQueryItemImpl) EntityQueryItem added in v0.20240920.1135249

type BaseEntityTimelineItemImpl added in v0.20240920.1135249

type BaseEntityTimelineItemImpl struct {
	Kind EntityTimelineKind `json:"kind"`
}

func (BaseEntityTimelineItemImpl) EntityTimelineItem added in v0.20240920.1135249

type BookmarkTimelineItem

type BookmarkTimelineItem struct {
	AzureResourceId string    `json:"azureResourceId"`
	CreatedBy       *UserInfo `json:"createdBy,omitempty"`
	DisplayName     *string   `json:"displayName,omitempty"`
	EndTimeUtc      *string   `json:"endTimeUtc,omitempty"`
	EventTime       *string   `json:"eventTime,omitempty"`
	Labels          *[]string `json:"labels,omitempty"`
	Notes           *string   `json:"notes,omitempty"`
	StartTimeUtc    *string   `json:"startTimeUtc,omitempty"`

	Kind EntityTimelineKind `json:"kind"`
}

func (BookmarkTimelineItem) EntityTimelineItem added in v0.20240920.1135249

func (s BookmarkTimelineItem) EntityTimelineItem() BaseEntityTimelineItemImpl

func (BookmarkTimelineItem) MarshalJSON

func (s BookmarkTimelineItem) MarshalJSON() ([]byte, error)

type CloudApplicationEntity added in v0.20241009.1142232

type CloudApplicationEntity struct {
	Properties *CloudApplicationEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (CloudApplicationEntity) Entity added in v0.20241009.1142232

func (CloudApplicationEntity) MarshalJSON added in v0.20241009.1142232

func (s CloudApplicationEntity) MarshalJSON() ([]byte, error)

type CloudApplicationEntityProperties added in v0.20241009.1142232

type CloudApplicationEntityProperties struct {
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	AppId          *int64                  `json:"appId,omitempty"`
	AppName        *string                 `json:"appName,omitempty"`
	FriendlyName   *string                 `json:"friendlyName,omitempty"`
	InstanceName   *string                 `json:"instanceName,omitempty"`
}

type ConfidenceLevel added in v0.20241009.1142232

type ConfidenceLevel string
const (
	ConfidenceLevelHigh    ConfidenceLevel = "High"
	ConfidenceLevelLow     ConfidenceLevel = "Low"
	ConfidenceLevelUnknown ConfidenceLevel = "Unknown"
)

func (*ConfidenceLevel) UnmarshalJSON added in v0.20241009.1142232

func (s *ConfidenceLevel) UnmarshalJSON(bytes []byte) error

type ConfidenceScoreStatus added in v0.20241009.1142232

type ConfidenceScoreStatus string
const (
	ConfidenceScoreStatusFinal         ConfidenceScoreStatus = "Final"
	ConfidenceScoreStatusInProcess     ConfidenceScoreStatus = "InProcess"
	ConfidenceScoreStatusNotApplicable ConfidenceScoreStatus = "NotApplicable"
	ConfidenceScoreStatusNotFinal      ConfidenceScoreStatus = "NotFinal"
)

func (*ConfidenceScoreStatus) UnmarshalJSON added in v0.20241009.1142232

func (s *ConfidenceScoreStatus) UnmarshalJSON(bytes []byte) error

type DeliveryAction added in v0.20241009.1142232

type DeliveryAction string
const (
	DeliveryActionBlocked         DeliveryAction = "Blocked"
	DeliveryActionDelivered       DeliveryAction = "Delivered"
	DeliveryActionDeliveredAsSpam DeliveryAction = "DeliveredAsSpam"
	DeliveryActionReplaced        DeliveryAction = "Replaced"
	DeliveryActionUnknown         DeliveryAction = "Unknown"
)

func (*DeliveryAction) UnmarshalJSON added in v0.20241009.1142232

func (s *DeliveryAction) UnmarshalJSON(bytes []byte) error

type DeliveryLocation added in v0.20241009.1142232

type DeliveryLocation string
const (
	DeliveryLocationDeletedFolder DeliveryLocation = "DeletedFolder"
	DeliveryLocationDropped       DeliveryLocation = "Dropped"
	DeliveryLocationExternal      DeliveryLocation = "External"
	DeliveryLocationFailed        DeliveryLocation = "Failed"
	DeliveryLocationForwarded     DeliveryLocation = "Forwarded"
	DeliveryLocationInbox         DeliveryLocation = "Inbox"
	DeliveryLocationJunkFolder    DeliveryLocation = "JunkFolder"
	DeliveryLocationQuarantine    DeliveryLocation = "Quarantine"
	DeliveryLocationUnknown       DeliveryLocation = "Unknown"
)

func (*DeliveryLocation) UnmarshalJSON added in v0.20241009.1142232

func (s *DeliveryLocation) UnmarshalJSON(bytes []byte) error

type DeviceImportance added in v0.20241009.1142232

type DeviceImportance string
const (
	DeviceImportanceHigh    DeviceImportance = "High"
	DeviceImportanceLow     DeviceImportance = "Low"
	DeviceImportanceNormal  DeviceImportance = "Normal"
	DeviceImportanceUnknown DeviceImportance = "Unknown"
)

func (*DeviceImportance) UnmarshalJSON added in v0.20241009.1142232

func (s *DeviceImportance) UnmarshalJSON(bytes []byte) error

type DnsEntity added in v0.20241009.1142232

type DnsEntity struct {
	Properties *DnsEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (DnsEntity) Entity added in v0.20241009.1142232

func (s DnsEntity) Entity() BaseEntityImpl

func (DnsEntity) MarshalJSON added in v0.20241009.1142232

func (s DnsEntity) MarshalJSON() ([]byte, error)

type DnsEntityProperties added in v0.20241009.1142232

type DnsEntityProperties struct {
	AdditionalData        *map[string]interface{} `json:"additionalData,omitempty"`
	DnsServerIPEntityId   *string                 `json:"dnsServerIpEntityId,omitempty"`
	DomainName            *string                 `json:"domainName,omitempty"`
	FriendlyName          *string                 `json:"friendlyName,omitempty"`
	HostIPAddressEntityId *string                 `json:"hostIpAddressEntityId,omitempty"`
	IPAddressEntityIds    *[]string               `json:"ipAddressEntityIds,omitempty"`
}

type ElevationToken added in v0.20241009.1142232

type ElevationToken string
const (
	ElevationTokenDefault ElevationToken = "Default"
	ElevationTokenFull    ElevationToken = "Full"
	ElevationTokenLimited ElevationToken = "Limited"
)

func (*ElevationToken) UnmarshalJSON added in v0.20241009.1142232

func (s *ElevationToken) UnmarshalJSON(bytes []byte) error

type EntitiesClient

type EntitiesClient struct {
	Client *resourcemanager.Client
}

func NewEntitiesClientWithBaseURI

func NewEntitiesClientWithBaseURI(sdkApi sdkEnv.Api) (*EntitiesClient, error)

func (EntitiesClient) Expand

Expand ...

func (EntitiesClient) Get

func (c EntitiesClient) Get(ctx context.Context, id EntityId) (result GetOperationResponse, err error)

Get ...

func (EntitiesClient) GetInsights

GetInsights ...

func (EntitiesClient) GetTimelinelist

GetTimelinelist ...

func (EntitiesClient) List

func (c EntitiesClient) List(ctx context.Context, id WorkspaceId) (result ListOperationResponse, err error)

List ...

func (EntitiesClient) ListComplete

ListComplete retrieves all the results into a single object

func (EntitiesClient) ListCompleteMatchingPredicate

func (c EntitiesClient) ListCompleteMatchingPredicate(ctx context.Context, id WorkspaceId, predicate EntityOperationPredicate) (result ListCompleteResult, err error)

ListCompleteMatchingPredicate retrieves all the results and then applies the predicate

func (EntitiesClient) Queries

Queries ...

type Entity

type Entity interface {
	Entity() BaseEntityImpl
}

func UnmarshalEntityImplementation added in v0.20241009.1142232

func UnmarshalEntityImplementation(input []byte) (Entity, error)

type EntityEdges

type EntityEdges struct {
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	TargetEntityId *string                 `json:"targetEntityId,omitempty"`
}

type EntityExpandParameters

type EntityExpandParameters struct {
	EndTime     *string `json:"endTime,omitempty"`
	ExpansionId *string `json:"expansionId,omitempty"`
	StartTime   *string `json:"startTime,omitempty"`
}

func (*EntityExpandParameters) GetEndTimeAsTime

func (o *EntityExpandParameters) GetEndTimeAsTime() (*time.Time, error)

func (*EntityExpandParameters) GetStartTimeAsTime

func (o *EntityExpandParameters) GetStartTimeAsTime() (*time.Time, error)

func (*EntityExpandParameters) SetEndTimeAsTime

func (o *EntityExpandParameters) SetEndTimeAsTime(input time.Time)

func (*EntityExpandParameters) SetStartTimeAsTime

func (o *EntityExpandParameters) SetStartTimeAsTime(input time.Time)

type EntityExpandResponse

type EntityExpandResponse struct {
	MetaData *ExpansionResultsMetadata  `json:"metaData,omitempty"`
	Value    *EntityExpandResponseValue `json:"value,omitempty"`
}

type EntityExpandResponseValue

type EntityExpandResponseValue struct {
	Edges    *[]EntityEdges `json:"edges,omitempty"`
	Entities *[]Entity      `json:"entities,omitempty"`
}

func (*EntityExpandResponseValue) UnmarshalJSON added in v0.20241009.1142232

func (s *EntityExpandResponseValue) UnmarshalJSON(bytes []byte) error

type EntityGetInsightsParameters

type EntityGetInsightsParameters struct {
	AddDefaultExtendedTimeRange *bool     `json:"addDefaultExtendedTimeRange,omitempty"`
	EndTime                     string    `json:"endTime"`
	InsightQueryIds             *[]string `json:"insightQueryIds,omitempty"`
	StartTime                   string    `json:"startTime"`
}

func (*EntityGetInsightsParameters) GetEndTimeAsTime

func (o *EntityGetInsightsParameters) GetEndTimeAsTime() (*time.Time, error)

func (*EntityGetInsightsParameters) GetStartTimeAsTime

func (o *EntityGetInsightsParameters) GetStartTimeAsTime() (*time.Time, error)

func (*EntityGetInsightsParameters) SetEndTimeAsTime

func (o *EntityGetInsightsParameters) SetEndTimeAsTime(input time.Time)

func (*EntityGetInsightsParameters) SetStartTimeAsTime

func (o *EntityGetInsightsParameters) SetStartTimeAsTime(input time.Time)

type EntityGetInsightsResponse

type EntityGetInsightsResponse struct {
	MetaData *GetInsightsResultsMetadata `json:"metaData,omitempty"`
	Value    *[]EntityInsightItem        `json:"value,omitempty"`
}

type EntityId

type EntityId struct {
	SubscriptionId    string
	ResourceGroupName string
	WorkspaceName     string
	EntityId          string
}

EntityId is a struct representing the Resource ID for a Entity

func NewEntityID

func NewEntityID(subscriptionId string, resourceGroupName string, workspaceName string, entityId string) EntityId

NewEntityID returns a new EntityId struct

func ParseEntityID

func ParseEntityID(input string) (*EntityId, error)

ParseEntityID parses 'input' into a EntityId

func ParseEntityIDInsensitively

func ParseEntityIDInsensitively(input string) (*EntityId, error)

ParseEntityIDInsensitively parses 'input' case-insensitively into a EntityId note: this method should only be used for API response data and not user input

func (*EntityId) FromParseResult

func (id *EntityId) FromParseResult(input resourceids.ParseResult) error

func (EntityId) ID

func (id EntityId) ID() string

ID returns the formatted Entity ID

func (EntityId) Segments

func (id EntityId) Segments() []resourceids.Segment

Segments returns a slice of Resource ID Segments which comprise this Entity ID

func (EntityId) String

func (id EntityId) String() string

String returns a human-readable description of this Entity ID

type EntityInsightItem

type EntityInsightItem struct {
	ChartQueryResults *[]InsightsTableResult              `json:"chartQueryResults,omitempty"`
	QueryId           *string                             `json:"queryId,omitempty"`
	QueryTimeInterval *EntityInsightItemQueryTimeInterval `json:"queryTimeInterval,omitempty"`
	TableQueryResults *InsightsTableResult                `json:"tableQueryResults,omitempty"`
}

type EntityInsightItemQueryTimeInterval

type EntityInsightItemQueryTimeInterval struct {
	EndTime   *string `json:"endTime,omitempty"`
	StartTime *string `json:"startTime,omitempty"`
}

func (*EntityInsightItemQueryTimeInterval) GetEndTimeAsTime

func (o *EntityInsightItemQueryTimeInterval) GetEndTimeAsTime() (*time.Time, error)

func (*EntityInsightItemQueryTimeInterval) GetStartTimeAsTime

func (o *EntityInsightItemQueryTimeInterval) GetStartTimeAsTime() (*time.Time, error)

func (*EntityInsightItemQueryTimeInterval) SetEndTimeAsTime

func (o *EntityInsightItemQueryTimeInterval) SetEndTimeAsTime(input time.Time)

func (*EntityInsightItemQueryTimeInterval) SetStartTimeAsTime

func (o *EntityInsightItemQueryTimeInterval) SetStartTimeAsTime(input time.Time)

type EntityItemQueryKind

type EntityItemQueryKind string
const (
	EntityItemQueryKindInsight EntityItemQueryKind = "Insight"
)

func (*EntityItemQueryKind) UnmarshalJSON added in v0.20240221.1115631

func (s *EntityItemQueryKind) UnmarshalJSON(bytes []byte) error

type EntityKind

type EntityKind string
const (
	EntityKindAccount          EntityKind = "Account"
	EntityKindAzureResource    EntityKind = "AzureResource"
	EntityKindBookmark         EntityKind = "Bookmark"
	EntityKindCloudApplication EntityKind = "CloudApplication"
	EntityKindDnsResolution    EntityKind = "DnsResolution"
	EntityKindFile             EntityKind = "File"
	EntityKindFileHash         EntityKind = "FileHash"
	EntityKindHost             EntityKind = "Host"
	EntityKindIP               EntityKind = "Ip"
	EntityKindIoTDevice        EntityKind = "IoTDevice"
	EntityKindMailCluster      EntityKind = "MailCluster"
	EntityKindMailMessage      EntityKind = "MailMessage"
	EntityKindMailbox          EntityKind = "Mailbox"
	EntityKindMalware          EntityKind = "Malware"
	EntityKindNic              EntityKind = "Nic"
	EntityKindProcess          EntityKind = "Process"
	EntityKindRegistryKey      EntityKind = "RegistryKey"
	EntityKindRegistryValue    EntityKind = "RegistryValue"
	EntityKindSecurityAlert    EntityKind = "SecurityAlert"
	EntityKindSecurityGroup    EntityKind = "SecurityGroup"
	EntityKindSubmissionMail   EntityKind = "SubmissionMail"
	EntityKindURL              EntityKind = "Url"
)

func (*EntityKind) UnmarshalJSON added in v0.20240221.1115631

func (s *EntityKind) UnmarshalJSON(bytes []byte) error

type EntityOperationPredicate

type EntityOperationPredicate struct {
}

func (EntityOperationPredicate) Matches

func (p EntityOperationPredicate) Matches(input Entity) bool

type EntityQueryItem

type EntityQueryItem interface {
	EntityQueryItem() BaseEntityQueryItemImpl
}

func UnmarshalEntityQueryItemImplementation added in v0.20240920.1135249

func UnmarshalEntityQueryItemImplementation(input []byte) (EntityQueryItem, error)

type EntityQueryItemPropertiesDataTypesInlined

type EntityQueryItemPropertiesDataTypesInlined struct {
	DataType *string `json:"dataType,omitempty"`
}

type EntityQueryKind

type EntityQueryKind string
const (
	EntityQueryKindActivity  EntityQueryKind = "Activity"
	EntityQueryKindExpansion EntityQueryKind = "Expansion"
	EntityQueryKindInsight   EntityQueryKind = "Insight"
)

func (*EntityQueryKind) UnmarshalJSON added in v0.20240221.1115631

func (s *EntityQueryKind) UnmarshalJSON(bytes []byte) error

type EntityTimelineItem

type EntityTimelineItem interface {
	EntityTimelineItem() BaseEntityTimelineItemImpl
}

func UnmarshalEntityTimelineItemImplementation added in v0.20240920.1135249

func UnmarshalEntityTimelineItemImplementation(input []byte) (EntityTimelineItem, error)

type EntityTimelineKind

type EntityTimelineKind string
const (
	EntityTimelineKindActivity      EntityTimelineKind = "Activity"
	EntityTimelineKindAnomaly       EntityTimelineKind = "Anomaly"
	EntityTimelineKindBookmark      EntityTimelineKind = "Bookmark"
	EntityTimelineKindSecurityAlert EntityTimelineKind = "SecurityAlert"
)

func (*EntityTimelineKind) UnmarshalJSON added in v0.20240221.1115631

func (s *EntityTimelineKind) UnmarshalJSON(bytes []byte) error

type EntityTimelineParameters

type EntityTimelineParameters struct {
	EndTime        string                `json:"endTime"`
	Kinds          *[]EntityTimelineKind `json:"kinds,omitempty"`
	NumberOfBucket *int64                `json:"numberOfBucket,omitempty"`
	StartTime      string                `json:"startTime"`
}

func (*EntityTimelineParameters) GetEndTimeAsTime

func (o *EntityTimelineParameters) GetEndTimeAsTime() (*time.Time, error)

func (*EntityTimelineParameters) GetStartTimeAsTime

func (o *EntityTimelineParameters) GetStartTimeAsTime() (*time.Time, error)

func (*EntityTimelineParameters) SetEndTimeAsTime

func (o *EntityTimelineParameters) SetEndTimeAsTime(input time.Time)

func (*EntityTimelineParameters) SetStartTimeAsTime

func (o *EntityTimelineParameters) SetStartTimeAsTime(input time.Time)

type EntityTimelineResponse

type EntityTimelineResponse struct {
	MetaData *TimelineResultsMetadata `json:"metaData,omitempty"`
	Value    *[]EntityTimelineItem    `json:"value,omitempty"`
}

func (*EntityTimelineResponse) UnmarshalJSON

func (s *EntityTimelineResponse) UnmarshalJSON(bytes []byte) error

type EntityType

type EntityType string
const (
	EntityTypeAccount          EntityType = "Account"
	EntityTypeAzureResource    EntityType = "AzureResource"
	EntityTypeCloudApplication EntityType = "CloudApplication"
	EntityTypeDNS              EntityType = "DNS"
	EntityTypeFile             EntityType = "File"
	EntityTypeFileHash         EntityType = "FileHash"
	EntityTypeHost             EntityType = "Host"
	EntityTypeHuntingBookmark  EntityType = "HuntingBookmark"
	EntityTypeIP               EntityType = "IP"
	EntityTypeIoTDevice        EntityType = "IoTDevice"
	EntityTypeMailCluster      EntityType = "MailCluster"
	EntityTypeMailMessage      EntityType = "MailMessage"
	EntityTypeMailbox          EntityType = "Mailbox"
	EntityTypeMalware          EntityType = "Malware"
	EntityTypeNic              EntityType = "Nic"
	EntityTypeProcess          EntityType = "Process"
	EntityTypeRegistryKey      EntityType = "RegistryKey"
	EntityTypeRegistryValue    EntityType = "RegistryValue"
	EntityTypeSecurityAlert    EntityType = "SecurityAlert"
	EntityTypeSecurityGroup    EntityType = "SecurityGroup"
	EntityTypeSubmissionMail   EntityType = "SubmissionMail"
	EntityTypeURL              EntityType = "URL"
)

func (*EntityType) UnmarshalJSON added in v0.20240221.1115631

func (s *EntityType) UnmarshalJSON(bytes []byte) error

type ExpandOperationResponse

type ExpandOperationResponse struct {
	HttpResponse *http.Response
	OData        *odata.OData
	Model        *EntityExpandResponse
}

type ExpansionResultAggregation

type ExpansionResultAggregation struct {
	AggregationType *string    `json:"aggregationType,omitempty"`
	Count           int64      `json:"count"`
	DisplayName     *string    `json:"displayName,omitempty"`
	EntityKind      EntityKind `json:"entityKind"`
}

type ExpansionResultsMetadata

type ExpansionResultsMetadata struct {
	Aggregations *[]ExpansionResultAggregation `json:"aggregations,omitempty"`
}

type FileEntity added in v0.20241009.1142232

type FileEntity struct {
	Properties *FileEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (FileEntity) Entity added in v0.20241009.1142232

func (s FileEntity) Entity() BaseEntityImpl

func (FileEntity) MarshalJSON added in v0.20241009.1142232

func (s FileEntity) MarshalJSON() ([]byte, error)

type FileEntityProperties added in v0.20241009.1142232

type FileEntityProperties struct {
	AdditionalData    *map[string]interface{} `json:"additionalData,omitempty"`
	Directory         *string                 `json:"directory,omitempty"`
	FileHashEntityIds *[]string               `json:"fileHashEntityIds,omitempty"`
	FileName          *string                 `json:"fileName,omitempty"`
	FriendlyName      *string                 `json:"friendlyName,omitempty"`
	HostEntityId      *string                 `json:"hostEntityId,omitempty"`
}

type FileHashAlgorithm added in v0.20241009.1142232

type FileHashAlgorithm string
const (
	FileHashAlgorithmMDFive          FileHashAlgorithm = "MD5"
	FileHashAlgorithmSHAOne          FileHashAlgorithm = "SHA1"
	FileHashAlgorithmSHATwoFiveSix   FileHashAlgorithm = "SHA256"
	FileHashAlgorithmSHATwoFiveSixAC FileHashAlgorithm = "SHA256AC"
	FileHashAlgorithmUnknown         FileHashAlgorithm = "Unknown"
)

func (*FileHashAlgorithm) UnmarshalJSON added in v0.20241009.1142232

func (s *FileHashAlgorithm) UnmarshalJSON(bytes []byte) error

type FileHashEntity added in v0.20241009.1142232

type FileHashEntity struct {
	Properties *FileHashEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (FileHashEntity) Entity added in v0.20241009.1142232

func (s FileHashEntity) Entity() BaseEntityImpl

func (FileHashEntity) MarshalJSON added in v0.20241009.1142232

func (s FileHashEntity) MarshalJSON() ([]byte, error)

type FileHashEntityProperties added in v0.20241009.1142232

type FileHashEntityProperties struct {
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	Algorithm      *FileHashAlgorithm      `json:"algorithm,omitempty"`
	FriendlyName   *string                 `json:"friendlyName,omitempty"`
	HashValue      *string                 `json:"hashValue,omitempty"`
}

type GeoLocation added in v0.20241009.1142232

type GeoLocation struct {
	Asn         *int64   `json:"asn,omitempty"`
	City        *string  `json:"city,omitempty"`
	CountryCode *string  `json:"countryCode,omitempty"`
	CountryName *string  `json:"countryName,omitempty"`
	Latitude    *float64 `json:"latitude,omitempty"`
	Longitude   *float64 `json:"longitude,omitempty"`
	State       *string  `json:"state,omitempty"`
}

type GetInsightsError

type GetInsightsError string
const (
	GetInsightsErrorInsight GetInsightsError = "Insight"
)

func (*GetInsightsError) UnmarshalJSON added in v0.20240221.1115631

func (s *GetInsightsError) UnmarshalJSON(bytes []byte) error

type GetInsightsErrorKind

type GetInsightsErrorKind struct {
	ErrorMessage string           `json:"errorMessage"`
	Kind         GetInsightsError `json:"kind"`
	QueryId      *string          `json:"queryId,omitempty"`
}

type GetInsightsOperationResponse

type GetInsightsOperationResponse struct {
	HttpResponse *http.Response
	OData        *odata.OData
	Model        *EntityGetInsightsResponse
}

type GetInsightsResultsMetadata

type GetInsightsResultsMetadata struct {
	Errors     *[]GetInsightsErrorKind `json:"errors,omitempty"`
	TotalCount int64                   `json:"totalCount"`
}

type GetOperationResponse

type GetOperationResponse struct {
	HttpResponse *http.Response
	OData        *odata.OData
	Model        Entity
}

type GetQueriesResponse

type GetQueriesResponse struct {
	Value *[]EntityQueryItem `json:"value,omitempty"`
}

func (*GetQueriesResponse) UnmarshalJSON

func (s *GetQueriesResponse) UnmarshalJSON(bytes []byte) error

type GetTimelinelistOperationResponse

type GetTimelinelistOperationResponse struct {
	HttpResponse *http.Response
	OData        *odata.OData
	Model        *EntityTimelineResponse
}

type HostEntity added in v0.20241009.1142232

type HostEntity struct {
	Properties *HostEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (HostEntity) Entity added in v0.20241009.1142232

func (s HostEntity) Entity() BaseEntityImpl

func (HostEntity) MarshalJSON added in v0.20241009.1142232

func (s HostEntity) MarshalJSON() ([]byte, error)

type HostEntityProperties added in v0.20241009.1142232

type HostEntityProperties struct {
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	AzureID        *string                 `json:"azureID,omitempty"`
	DnsDomain      *string                 `json:"dnsDomain,omitempty"`
	FriendlyName   *string                 `json:"friendlyName,omitempty"`
	HostName       *string                 `json:"hostName,omitempty"`
	IsDomainJoined *bool                   `json:"isDomainJoined,omitempty"`
	NetBiosName    *string                 `json:"netBiosName,omitempty"`
	NtDomain       *string                 `json:"ntDomain,omitempty"`
	OmsAgentID     *string                 `json:"omsAgentID,omitempty"`
	OsFamily       *OSFamily               `json:"osFamily,omitempty"`
	OsVersion      *string                 `json:"osVersion,omitempty"`
}

type HuntingBookmark added in v0.20241009.1142232

type HuntingBookmark struct {
	Properties *HuntingBookmarkProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (HuntingBookmark) Entity added in v0.20241009.1142232

func (s HuntingBookmark) Entity() BaseEntityImpl

func (HuntingBookmark) MarshalJSON added in v0.20241009.1142232

func (s HuntingBookmark) MarshalJSON() ([]byte, error)

type HuntingBookmarkProperties added in v0.20241009.1142232

type HuntingBookmarkProperties struct {
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	Created        *string                 `json:"created,omitempty"`
	CreatedBy      *UserInfo               `json:"createdBy,omitempty"`
	DisplayName    string                  `json:"displayName"`
	EventTime      *string                 `json:"eventTime,omitempty"`
	FriendlyName   *string                 `json:"friendlyName,omitempty"`
	IncidentInfo   *IncidentInfo           `json:"incidentInfo,omitempty"`
	Labels         *[]string               `json:"labels,omitempty"`
	Notes          *string                 `json:"notes,omitempty"`
	Query          string                  `json:"query"`
	QueryResult    *string                 `json:"queryResult,omitempty"`
	Updated        *string                 `json:"updated,omitempty"`
	UpdatedBy      *UserInfo               `json:"updatedBy,omitempty"`
}

func (*HuntingBookmarkProperties) GetCreatedAsTime added in v0.20241009.1142232

func (o *HuntingBookmarkProperties) GetCreatedAsTime() (*time.Time, error)

func (*HuntingBookmarkProperties) GetEventTimeAsTime added in v0.20241009.1142232

func (o *HuntingBookmarkProperties) GetEventTimeAsTime() (*time.Time, error)

func (*HuntingBookmarkProperties) GetUpdatedAsTime added in v0.20241009.1142232

func (o *HuntingBookmarkProperties) GetUpdatedAsTime() (*time.Time, error)

func (*HuntingBookmarkProperties) SetCreatedAsTime added in v0.20241009.1142232

func (o *HuntingBookmarkProperties) SetCreatedAsTime(input time.Time)

func (*HuntingBookmarkProperties) SetEventTimeAsTime added in v0.20241009.1142232

func (o *HuntingBookmarkProperties) SetEventTimeAsTime(input time.Time)

func (*HuntingBookmarkProperties) SetUpdatedAsTime added in v0.20241009.1142232

func (o *HuntingBookmarkProperties) SetUpdatedAsTime(input time.Time)

type IPEntity added in v0.20241009.1142232

type IPEntity struct {
	Properties *IPEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (IPEntity) Entity added in v0.20241009.1142232

func (s IPEntity) Entity() BaseEntityImpl

func (IPEntity) MarshalJSON added in v0.20241009.1142232

func (s IPEntity) MarshalJSON() ([]byte, error)

type IPEntityProperties added in v0.20241009.1142232

type IPEntityProperties struct {
	AdditionalData     *map[string]interface{} `json:"additionalData,omitempty"`
	Address            *string                 `json:"address,omitempty"`
	FriendlyName       *string                 `json:"friendlyName,omitempty"`
	Location           *GeoLocation            `json:"location,omitempty"`
	ThreatIntelligence *[]ThreatIntelligence   `json:"threatIntelligence,omitempty"`
}

type IncidentInfo added in v0.20241009.1142232

type IncidentInfo struct {
	IncidentId   *string           `json:"incidentId,omitempty"`
	RelationName *string           `json:"relationName,omitempty"`
	Severity     *IncidentSeverity `json:"severity,omitempty"`
	Title        *string           `json:"title,omitempty"`
}

type IncidentSeverity added in v0.20241009.1142232

type IncidentSeverity string
const (
	IncidentSeverityHigh          IncidentSeverity = "High"
	IncidentSeverityInformational IncidentSeverity = "Informational"
	IncidentSeverityLow           IncidentSeverity = "Low"
	IncidentSeverityMedium        IncidentSeverity = "Medium"
)

func (*IncidentSeverity) UnmarshalJSON added in v0.20241009.1142232

func (s *IncidentSeverity) UnmarshalJSON(bytes []byte) error

type InsightQueryItem

type InsightQueryItem struct {
	Properties *InsightQueryItemProperties `json:"properties,omitempty"`

	Id   *string         `json:"id,omitempty"`
	Kind EntityQueryKind `json:"kind"`
	Name *string         `json:"name,omitempty"`
	Type *string         `json:"type,omitempty"`
}

func (InsightQueryItem) EntityQueryItem added in v0.20240920.1135249

func (s InsightQueryItem) EntityQueryItem() BaseEntityQueryItemImpl

func (InsightQueryItem) MarshalJSON

func (s InsightQueryItem) MarshalJSON() ([]byte, error)

type InsightQueryItemProperties

type InsightQueryItemProperties struct {
	AdditionalQuery         *InsightQueryItemPropertiesAdditionalQuery    `json:"additionalQuery,omitempty"`
	BaseQuery               *string                                       `json:"baseQuery,omitempty"`
	ChartQuery              *interface{}                                  `json:"chartQuery,omitempty"`
	DataTypes               *[]EntityQueryItemPropertiesDataTypesInlined  `json:"dataTypes,omitempty"`
	DefaultTimeRange        *InsightQueryItemPropertiesDefaultTimeRange   `json:"defaultTimeRange,omitempty"`
	Description             *string                                       `json:"description,omitempty"`
	DisplayName             *string                                       `json:"displayName,omitempty"`
	EntitiesFilter          *interface{}                                  `json:"entitiesFilter,omitempty"`
	InputEntityType         *EntityType                                   `json:"inputEntityType,omitempty"`
	ReferenceTimeRange      *InsightQueryItemPropertiesReferenceTimeRange `json:"referenceTimeRange,omitempty"`
	RequiredInputFieldsSets *[][]string                                   `json:"requiredInputFieldsSets,omitempty"`
	TableQuery              *InsightQueryItemPropertiesTableQuery         `json:"tableQuery,omitempty"`
}

type InsightQueryItemPropertiesAdditionalQuery

type InsightQueryItemPropertiesAdditionalQuery struct {
	Query *string `json:"query,omitempty"`
	Text  *string `json:"text,omitempty"`
}

type InsightQueryItemPropertiesDefaultTimeRange

type InsightQueryItemPropertiesDefaultTimeRange struct {
	AfterRange  *string `json:"afterRange,omitempty"`
	BeforeRange *string `json:"beforeRange,omitempty"`
}

type InsightQueryItemPropertiesReferenceTimeRange

type InsightQueryItemPropertiesReferenceTimeRange struct {
	BeforeRange *string `json:"beforeRange,omitempty"`
}

type InsightQueryItemPropertiesTableQuery

type InsightQueryItemPropertiesTableQuery struct {
	ColumnsDefinitions *[]InsightQueryItemPropertiesTableQueryColumnsDefinitionsInlined `json:"columnsDefinitions,omitempty"`
	QueriesDefinitions *[]InsightQueryItemPropertiesTableQueryQueriesDefinitionsInlined `json:"queriesDefinitions,omitempty"`
}

type InsightQueryItemPropertiesTableQueryColumnsDefinitionsInlined

type InsightQueryItemPropertiesTableQueryColumnsDefinitionsInlined struct {
	Header          *string     `json:"header,omitempty"`
	OutputType      *OutputType `json:"outputType,omitempty"`
	SupportDeepLink *bool       `json:"supportDeepLink,omitempty"`
}

type InsightQueryItemPropertiesTableQueryQueriesDefinitionsInlined

type InsightQueryItemPropertiesTableQueryQueriesDefinitionsInlined struct {
	Filter                 *string                                                                                       `json:"filter,omitempty"`
	LinkColumnsDefinitions *[]InsightQueryItemPropertiesTableQueryQueriesDefinitionsInlinedLinkColumnsDefinitionsInlined `json:"linkColumnsDefinitions,omitempty"`
	Project                *string                                                                                       `json:"project,omitempty"`
	Summarize              *string                                                                                       `json:"summarize,omitempty"`
}

type InsightQueryItemPropertiesTableQueryQueriesDefinitionsInlinedLinkColumnsDefinitionsInlined

type InsightQueryItemPropertiesTableQueryQueriesDefinitionsInlinedLinkColumnsDefinitionsInlined struct {
	ProjectedName *string `json:"projectedName,omitempty"`
	Query         *string `json:"Query,omitempty"`
}

type InsightsTableResult

type InsightsTableResult struct {
	Columns *[]InsightsTableResultColumnsInlined `json:"columns,omitempty"`
	Rows    *[][]string                          `json:"rows,omitempty"`
}

type InsightsTableResultColumnsInlined

type InsightsTableResultColumnsInlined struct {
	Name *string `json:"name,omitempty"`
	Type *string `json:"type,omitempty"`
}

type IoTDeviceEntity added in v0.20241009.1142232

type IoTDeviceEntity struct {
	Properties *IoTDeviceEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (IoTDeviceEntity) Entity added in v0.20241009.1142232

func (s IoTDeviceEntity) Entity() BaseEntityImpl

func (IoTDeviceEntity) MarshalJSON added in v0.20241009.1142232

func (s IoTDeviceEntity) MarshalJSON() ([]byte, error)

type IoTDeviceEntityProperties added in v0.20241009.1142232

type IoTDeviceEntityProperties struct {
	AdditionalData     *map[string]interface{} `json:"additionalData,omitempty"`
	DeviceId           *string                 `json:"deviceId,omitempty"`
	DeviceName         *string                 `json:"deviceName,omitempty"`
	DeviceSubType      *string                 `json:"deviceSubType,omitempty"`
	DeviceType         *string                 `json:"deviceType,omitempty"`
	EdgeId             *string                 `json:"edgeId,omitempty"`
	FirmwareVersion    *string                 `json:"firmwareVersion,omitempty"`
	FriendlyName       *string                 `json:"friendlyName,omitempty"`
	HostEntityId       *string                 `json:"hostEntityId,omitempty"`
	IPAddressEntityId  *string                 `json:"ipAddressEntityId,omitempty"`
	Importance         *DeviceImportance       `json:"importance,omitempty"`
	IotHubEntityId     *string                 `json:"iotHubEntityId,omitempty"`
	IotSecurityAgentId *string                 `json:"iotSecurityAgentId,omitempty"`
	IsAuthorized       *bool                   `json:"isAuthorized,omitempty"`
	IsProgramming      *bool                   `json:"isProgramming,omitempty"`
	IsScanner          *bool                   `json:"isScanner,omitempty"`
	MacAddress         *string                 `json:"macAddress,omitempty"`
	Model              *string                 `json:"model,omitempty"`
	NicEntityIds       *[]string               `json:"nicEntityIds,omitempty"`
	OperatingSystem    *string                 `json:"operatingSystem,omitempty"`
	Owners             *[]string               `json:"owners,omitempty"`
	Protocols          *[]string               `json:"protocols,omitempty"`
	PurdueLayer        *string                 `json:"purdueLayer,omitempty"`
	Sensor             *string                 `json:"sensor,omitempty"`
	SerialNumber       *string                 `json:"serialNumber,omitempty"`
	Site               *string                 `json:"site,omitempty"`
	Source             *string                 `json:"source,omitempty"`
	ThreatIntelligence *[]ThreatIntelligence   `json:"threatIntelligence,omitempty"`
	Vendor             *string                 `json:"vendor,omitempty"`
	Zone               *string                 `json:"zone,omitempty"`
}

type KillChainIntent

type KillChainIntent string
const (
	KillChainIntentCollection          KillChainIntent = "Collection"
	KillChainIntentCommandAndControl   KillChainIntent = "CommandAndControl"
	KillChainIntentCredentialAccess    KillChainIntent = "CredentialAccess"
	KillChainIntentDefenseEvasion      KillChainIntent = "DefenseEvasion"
	KillChainIntentDiscovery           KillChainIntent = "Discovery"
	KillChainIntentExecution           KillChainIntent = "Execution"
	KillChainIntentExfiltration        KillChainIntent = "Exfiltration"
	KillChainIntentExploitation        KillChainIntent = "Exploitation"
	KillChainIntentImpact              KillChainIntent = "Impact"
	KillChainIntentLateralMovement     KillChainIntent = "LateralMovement"
	KillChainIntentPersistence         KillChainIntent = "Persistence"
	KillChainIntentPrivilegeEscalation KillChainIntent = "PrivilegeEscalation"
	KillChainIntentProbing             KillChainIntent = "Probing"
	KillChainIntentUnknown             KillChainIntent = "Unknown"
)

func (*KillChainIntent) UnmarshalJSON added in v0.20240221.1115631

func (s *KillChainIntent) UnmarshalJSON(bytes []byte) error

type ListCompleteResult

type ListCompleteResult struct {
	LatestHttpResponse *http.Response
	Items              []Entity
}

type ListCustomPager added in v0.20240628.1153531

type ListCustomPager struct {
	NextLink *odata.Link `json:"nextLink"`
}
func (p *ListCustomPager) NextPageLink() *odata.Link

type ListOperationResponse

type ListOperationResponse struct {
	HttpResponse *http.Response
	OData        *odata.OData
	Model        *[]Entity
}

type MailClusterEntity added in v0.20241009.1142232

type MailClusterEntity struct {
	Properties *MailClusterEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (MailClusterEntity) Entity added in v0.20241009.1142232

func (s MailClusterEntity) Entity() BaseEntityImpl

func (MailClusterEntity) MarshalJSON added in v0.20241009.1142232

func (s MailClusterEntity) MarshalJSON() ([]byte, error)

type MailClusterEntityProperties added in v0.20241009.1142232

type MailClusterEntityProperties struct {
	AdditionalData          *map[string]interface{} `json:"additionalData,omitempty"`
	ClusterGroup            *string                 `json:"clusterGroup,omitempty"`
	ClusterQueryEndTime     *string                 `json:"clusterQueryEndTime,omitempty"`
	ClusterQueryStartTime   *string                 `json:"clusterQueryStartTime,omitempty"`
	ClusterSourceIdentifier *string                 `json:"clusterSourceIdentifier,omitempty"`
	ClusterSourceType       *string                 `json:"clusterSourceType,omitempty"`
	CountByDeliveryStatus   *interface{}            `json:"countByDeliveryStatus,omitempty"`
	CountByProtectionStatus *interface{}            `json:"countByProtectionStatus,omitempty"`
	CountByThreatType       *interface{}            `json:"countByThreatType,omitempty"`
	FriendlyName            *string                 `json:"friendlyName,omitempty"`
	IsVolumeAnomaly         *bool                   `json:"isVolumeAnomaly,omitempty"`
	MailCount               *int64                  `json:"mailCount,omitempty"`
	NetworkMessageIds       *[]string               `json:"networkMessageIds,omitempty"`
	Query                   *string                 `json:"query,omitempty"`
	QueryTime               *string                 `json:"queryTime,omitempty"`
	Source                  *string                 `json:"source,omitempty"`
	Threats                 *[]string               `json:"threats,omitempty"`
}

func (*MailClusterEntityProperties) GetClusterQueryEndTimeAsTime added in v0.20241009.1142232

func (o *MailClusterEntityProperties) GetClusterQueryEndTimeAsTime() (*time.Time, error)

func (*MailClusterEntityProperties) GetClusterQueryStartTimeAsTime added in v0.20241009.1142232

func (o *MailClusterEntityProperties) GetClusterQueryStartTimeAsTime() (*time.Time, error)

func (*MailClusterEntityProperties) GetQueryTimeAsTime added in v0.20241009.1142232

func (o *MailClusterEntityProperties) GetQueryTimeAsTime() (*time.Time, error)

func (*MailClusterEntityProperties) SetClusterQueryEndTimeAsTime added in v0.20241009.1142232

func (o *MailClusterEntityProperties) SetClusterQueryEndTimeAsTime(input time.Time)

func (*MailClusterEntityProperties) SetClusterQueryStartTimeAsTime added in v0.20241009.1142232

func (o *MailClusterEntityProperties) SetClusterQueryStartTimeAsTime(input time.Time)

func (*MailClusterEntityProperties) SetQueryTimeAsTime added in v0.20241009.1142232

func (o *MailClusterEntityProperties) SetQueryTimeAsTime(input time.Time)

type MailMessageEntity added in v0.20241009.1142232

type MailMessageEntity struct {
	Properties *MailMessageEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (MailMessageEntity) Entity added in v0.20241009.1142232

func (s MailMessageEntity) Entity() BaseEntityImpl

func (MailMessageEntity) MarshalJSON added in v0.20241009.1142232

func (s MailMessageEntity) MarshalJSON() ([]byte, error)

type MailMessageEntityProperties added in v0.20241009.1142232

type MailMessageEntityProperties struct {
	AdditionalData         *map[string]interface{} `json:"additionalData,omitempty"`
	AntispamDirection      *AntispamMailDirection  `json:"antispamDirection,omitempty"`
	BodyFingerprintBin1    *int64                  `json:"bodyFingerprintBin1,omitempty"`
	BodyFingerprintBin2    *int64                  `json:"bodyFingerprintBin2,omitempty"`
	BodyFingerprintBin3    *int64                  `json:"bodyFingerprintBin3,omitempty"`
	BodyFingerprintBin4    *int64                  `json:"bodyFingerprintBin4,omitempty"`
	BodyFingerprintBin5    *int64                  `json:"bodyFingerprintBin5,omitempty"`
	DeliveryAction         *DeliveryAction         `json:"deliveryAction,omitempty"`
	DeliveryLocation       *DeliveryLocation       `json:"deliveryLocation,omitempty"`
	FileEntityIds          *[]string               `json:"fileEntityIds,omitempty"`
	FriendlyName           *string                 `json:"friendlyName,omitempty"`
	InternetMessageId      *string                 `json:"internetMessageId,omitempty"`
	Language               *string                 `json:"language,omitempty"`
	NetworkMessageId       *string                 `json:"networkMessageId,omitempty"`
	P1Sender               *string                 `json:"p1Sender,omitempty"`
	P1SenderDisplayName    *string                 `json:"p1SenderDisplayName,omitempty"`
	P1SenderDomain         *string                 `json:"p1SenderDomain,omitempty"`
	P2Sender               *string                 `json:"p2Sender,omitempty"`
	P2SenderDisplayName    *string                 `json:"p2SenderDisplayName,omitempty"`
	P2SenderDomain         *string                 `json:"p2SenderDomain,omitempty"`
	ReceiveDate            *string                 `json:"receiveDate,omitempty"`
	Recipient              *string                 `json:"recipient,omitempty"`
	SenderIP               *string                 `json:"senderIP,omitempty"`
	Subject                *string                 `json:"subject,omitempty"`
	ThreatDetectionMethods *[]string               `json:"threatDetectionMethods,omitempty"`
	Threats                *[]string               `json:"threats,omitempty"`
	Urls                   *[]string               `json:"urls,omitempty"`
}

func (*MailMessageEntityProperties) GetReceiveDateAsTime added in v0.20241009.1142232

func (o *MailMessageEntityProperties) GetReceiveDateAsTime() (*time.Time, error)

func (*MailMessageEntityProperties) SetReceiveDateAsTime added in v0.20241009.1142232

func (o *MailMessageEntityProperties) SetReceiveDateAsTime(input time.Time)

type MailboxEntity added in v0.20241009.1142232

type MailboxEntity struct {
	Properties *MailboxEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (MailboxEntity) Entity added in v0.20241009.1142232

func (s MailboxEntity) Entity() BaseEntityImpl

func (MailboxEntity) MarshalJSON added in v0.20241009.1142232

func (s MailboxEntity) MarshalJSON() ([]byte, error)

type MailboxEntityProperties added in v0.20241009.1142232

type MailboxEntityProperties struct {
	AdditionalData            *map[string]interface{} `json:"additionalData,omitempty"`
	DisplayName               *string                 `json:"displayName,omitempty"`
	ExternalDirectoryObjectId *string                 `json:"externalDirectoryObjectId,omitempty"`
	FriendlyName              *string                 `json:"friendlyName,omitempty"`
	MailboxPrimaryAddress     *string                 `json:"mailboxPrimaryAddress,omitempty"`
	Upn                       *string                 `json:"upn,omitempty"`
}

type MalwareEntity added in v0.20241009.1142232

type MalwareEntity struct {
	Properties *MalwareEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (MalwareEntity) Entity added in v0.20241009.1142232

func (s MalwareEntity) Entity() BaseEntityImpl

func (MalwareEntity) MarshalJSON added in v0.20241009.1142232

func (s MalwareEntity) MarshalJSON() ([]byte, error)

type MalwareEntityProperties added in v0.20241009.1142232

type MalwareEntityProperties struct {
	AdditionalData   *map[string]interface{} `json:"additionalData,omitempty"`
	Category         *string                 `json:"category,omitempty"`
	FileEntityIds    *[]string               `json:"fileEntityIds,omitempty"`
	FriendlyName     *string                 `json:"friendlyName,omitempty"`
	MalwareName      *string                 `json:"malwareName,omitempty"`
	ProcessEntityIds *[]string               `json:"processEntityIds,omitempty"`
}

type NicEntity added in v0.20241009.1142232

type NicEntity struct {
	Properties *NicEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (NicEntity) Entity added in v0.20241009.1142232

func (s NicEntity) Entity() BaseEntityImpl

func (NicEntity) MarshalJSON added in v0.20241009.1142232

func (s NicEntity) MarshalJSON() ([]byte, error)

type NicEntityProperties added in v0.20241009.1142232

type NicEntityProperties struct {
	AdditionalData    *map[string]interface{} `json:"additionalData,omitempty"`
	FriendlyName      *string                 `json:"friendlyName,omitempty"`
	IPAddressEntityId *string                 `json:"ipAddressEntityId,omitempty"`
	MacAddress        *string                 `json:"macAddress,omitempty"`
	Vlans             *[]string               `json:"vlans,omitempty"`
}

type OSFamily added in v0.20241009.1142232

type OSFamily string
const (
	OSFamilyAndroid OSFamily = "Android"
	OSFamilyIOS     OSFamily = "IOS"
	OSFamilyLinux   OSFamily = "Linux"
	OSFamilyUnknown OSFamily = "Unknown"
	OSFamilyWindows OSFamily = "Windows"
)

func (*OSFamily) UnmarshalJSON added in v0.20241009.1142232

func (s *OSFamily) UnmarshalJSON(bytes []byte) error

type OutputType

type OutputType string
const (
	OutputTypeDate   OutputType = "Date"
	OutputTypeEntity OutputType = "Entity"
	OutputTypeNumber OutputType = "Number"
	OutputTypeString OutputType = "String"
)

func (*OutputType) UnmarshalJSON added in v0.20240221.1115631

func (s *OutputType) UnmarshalJSON(bytes []byte) error

type ProcessEntity added in v0.20241009.1142232

type ProcessEntity struct {
	Properties *ProcessEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (ProcessEntity) Entity added in v0.20241009.1142232

func (s ProcessEntity) Entity() BaseEntityImpl

func (ProcessEntity) MarshalJSON added in v0.20241009.1142232

func (s ProcessEntity) MarshalJSON() ([]byte, error)

type ProcessEntityProperties added in v0.20241009.1142232

type ProcessEntityProperties struct {
	AccountEntityId          *string                 `json:"accountEntityId,omitempty"`
	AdditionalData           *map[string]interface{} `json:"additionalData,omitempty"`
	CommandLine              *string                 `json:"commandLine,omitempty"`
	CreationTimeUtc          *string                 `json:"creationTimeUtc,omitempty"`
	ElevationToken           *ElevationToken         `json:"elevationToken,omitempty"`
	FriendlyName             *string                 `json:"friendlyName,omitempty"`
	HostEntityId             *string                 `json:"hostEntityId,omitempty"`
	HostLogonSessionEntityId *string                 `json:"hostLogonSessionEntityId,omitempty"`
	ImageFileEntityId        *string                 `json:"imageFileEntityId,omitempty"`
	ParentProcessEntityId    *string                 `json:"parentProcessEntityId,omitempty"`
	ProcessId                *string                 `json:"processId,omitempty"`
}

func (*ProcessEntityProperties) GetCreationTimeUtcAsTime added in v0.20241009.1142232

func (o *ProcessEntityProperties) GetCreationTimeUtcAsTime() (*time.Time, error)

func (*ProcessEntityProperties) SetCreationTimeUtcAsTime added in v0.20241009.1142232

func (o *ProcessEntityProperties) SetCreationTimeUtcAsTime(input time.Time)

type QueriesOperationOptions

type QueriesOperationOptions struct {
	Kind *EntityItemQueryKind
}

func DefaultQueriesOperationOptions

func DefaultQueriesOperationOptions() QueriesOperationOptions

func (QueriesOperationOptions) ToHeaders added in v0.20240221.1115631

func (o QueriesOperationOptions) ToHeaders() *client.Headers

func (QueriesOperationOptions) ToOData added in v0.20240221.1115631

func (o QueriesOperationOptions) ToOData() *odata.Query

func (QueriesOperationOptions) ToQuery added in v0.20240221.1115631

type QueriesOperationResponse

type QueriesOperationResponse struct {
	HttpResponse *http.Response
	OData        *odata.OData
	Model        *GetQueriesResponse
}

type RawEntityImpl added in v0.20241009.1142232

type RawEntityImpl struct {
	Type   string
	Values map[string]interface{}
	// contains filtered or unexported fields
}

RawEntityImpl is returned when the Discriminated Value doesn't match any of the defined types NOTE: this should only be used when a type isn't defined for this type of Object (as a workaround) and is used only for Deserialization (e.g. this cannot be used as a Request Payload).

func (RawEntityImpl) Entity added in v0.20241009.1142232

func (s RawEntityImpl) Entity() BaseEntityImpl

type RawEntityQueryItemImpl

type RawEntityQueryItemImpl struct {
	Type   string
	Values map[string]interface{}
	// contains filtered or unexported fields
}

RawEntityQueryItemImpl is returned when the Discriminated Value doesn't match any of the defined types NOTE: this should only be used when a type isn't defined for this type of Object (as a workaround) and is used only for Deserialization (e.g. this cannot be used as a Request Payload).

func (RawEntityQueryItemImpl) EntityQueryItem added in v0.20240920.1135249

func (s RawEntityQueryItemImpl) EntityQueryItem() BaseEntityQueryItemImpl

type RawEntityTimelineItemImpl

type RawEntityTimelineItemImpl struct {
	Type   string
	Values map[string]interface{}
	// contains filtered or unexported fields
}

RawEntityTimelineItemImpl is returned when the Discriminated Value doesn't match any of the defined types NOTE: this should only be used when a type isn't defined for this type of Object (as a workaround) and is used only for Deserialization (e.g. this cannot be used as a Request Payload).

func (RawEntityTimelineItemImpl) EntityTimelineItem added in v0.20240920.1135249

type RegistryHive added in v0.20241009.1142232

type RegistryHive string
const (
	RegistryHiveHKEYA                        RegistryHive = "HKEY_A"
	RegistryHiveHKEYCLASSESROOT              RegistryHive = "HKEY_CLASSES_ROOT"
	RegistryHiveHKEYCURRENTCONFIG            RegistryHive = "HKEY_CURRENT_CONFIG"
	RegistryHiveHKEYCURRENTUSER              RegistryHive = "HKEY_CURRENT_USER"
	RegistryHiveHKEYCURRENTUSERLOCALSETTINGS RegistryHive = "HKEY_CURRENT_USER_LOCAL_SETTINGS"
	RegistryHiveHKEYLOCALMACHINE             RegistryHive = "HKEY_LOCAL_MACHINE"
	RegistryHiveHKEYPERFORMANCEDATA          RegistryHive = "HKEY_PERFORMANCE_DATA"
	RegistryHiveHKEYPERFORMANCENLSTEXT       RegistryHive = "HKEY_PERFORMANCE_NLSTEXT"
	RegistryHiveHKEYPERFORMANCETEXT          RegistryHive = "HKEY_PERFORMANCE_TEXT"
	RegistryHiveHKEYUSERS                    RegistryHive = "HKEY_USERS"
)

func (*RegistryHive) UnmarshalJSON added in v0.20241009.1142232

func (s *RegistryHive) UnmarshalJSON(bytes []byte) error

type RegistryKeyEntity added in v0.20241009.1142232

type RegistryKeyEntity struct {
	Properties *RegistryKeyEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (RegistryKeyEntity) Entity added in v0.20241009.1142232

func (s RegistryKeyEntity) Entity() BaseEntityImpl

func (RegistryKeyEntity) MarshalJSON added in v0.20241009.1142232

func (s RegistryKeyEntity) MarshalJSON() ([]byte, error)

type RegistryKeyEntityProperties added in v0.20241009.1142232

type RegistryKeyEntityProperties struct {
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	FriendlyName   *string                 `json:"friendlyName,omitempty"`
	Hive           *RegistryHive           `json:"hive,omitempty"`
	Key            *string                 `json:"key,omitempty"`
}

type RegistryValueEntity added in v0.20241009.1142232

type RegistryValueEntity struct {
	Properties *RegistryValueEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (RegistryValueEntity) Entity added in v0.20241009.1142232

func (RegistryValueEntity) MarshalJSON added in v0.20241009.1142232

func (s RegistryValueEntity) MarshalJSON() ([]byte, error)

type RegistryValueEntityProperties added in v0.20241009.1142232

type RegistryValueEntityProperties struct {
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	FriendlyName   *string                 `json:"friendlyName,omitempty"`
	KeyEntityId    *string                 `json:"keyEntityId,omitempty"`
	ValueData      *string                 `json:"valueData,omitempty"`
	ValueName      *string                 `json:"valueName,omitempty"`
	ValueType      *RegistryValueKind      `json:"valueType,omitempty"`
}

type RegistryValueKind added in v0.20241009.1142232

type RegistryValueKind string
const (
	RegistryValueKindBinary       RegistryValueKind = "Binary"
	RegistryValueKindDWord        RegistryValueKind = "DWord"
	RegistryValueKindExpandString RegistryValueKind = "ExpandString"
	RegistryValueKindMultiString  RegistryValueKind = "MultiString"
	RegistryValueKindNone         RegistryValueKind = "None"
	RegistryValueKindQWord        RegistryValueKind = "QWord"
	RegistryValueKindString       RegistryValueKind = "String"
	RegistryValueKindUnknown      RegistryValueKind = "Unknown"
)

func (*RegistryValueKind) UnmarshalJSON added in v0.20241009.1142232

func (s *RegistryValueKind) UnmarshalJSON(bytes []byte) error

type SecurityAlert added in v0.20241009.1142232

type SecurityAlert struct {
	Properties *SecurityAlertProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (SecurityAlert) Entity added in v0.20241009.1142232

func (s SecurityAlert) Entity() BaseEntityImpl

func (SecurityAlert) MarshalJSON added in v0.20241009.1142232

func (s SecurityAlert) MarshalJSON() ([]byte, error)

type SecurityAlertProperties added in v0.20241009.1142232

type SecurityAlertProperties struct {
	AdditionalData        *map[string]interface{}                            `json:"additionalData,omitempty"`
	AlertDisplayName      *string                                            `json:"alertDisplayName,omitempty"`
	AlertLink             *string                                            `json:"alertLink,omitempty"`
	AlertType             *string                                            `json:"alertType,omitempty"`
	CompromisedEntity     *string                                            `json:"compromisedEntity,omitempty"`
	ConfidenceLevel       *ConfidenceLevel                                   `json:"confidenceLevel,omitempty"`
	ConfidenceReasons     *[]SecurityAlertPropertiesConfidenceReasonsInlined `json:"confidenceReasons,omitempty"`
	ConfidenceScore       *float64                                           `json:"confidenceScore,omitempty"`
	ConfidenceScoreStatus *ConfidenceScoreStatus                             `json:"confidenceScoreStatus,omitempty"`
	Description           *string                                            `json:"description,omitempty"`
	EndTimeUtc            *string                                            `json:"endTimeUtc,omitempty"`
	FriendlyName          *string                                            `json:"friendlyName,omitempty"`
	Intent                *KillChainIntent                                   `json:"intent,omitempty"`
	ProcessingEndTime     *string                                            `json:"processingEndTime,omitempty"`
	ProductComponentName  *string                                            `json:"productComponentName,omitempty"`
	ProductName           *string                                            `json:"productName,omitempty"`
	ProductVersion        *string                                            `json:"productVersion,omitempty"`
	ProviderAlertId       *string                                            `json:"providerAlertId,omitempty"`
	RemediationSteps      *[]string                                          `json:"remediationSteps,omitempty"`
	ResourceIdentifiers   *[]interface{}                                     `json:"resourceIdentifiers,omitempty"`
	Severity              *AlertSeverity                                     `json:"severity,omitempty"`
	StartTimeUtc          *string                                            `json:"startTimeUtc,omitempty"`
	Status                *AlertStatus                                       `json:"status,omitempty"`
	SystemAlertId         *string                                            `json:"systemAlertId,omitempty"`
	Tactics               *[]AttackTactic                                    `json:"tactics,omitempty"`
	TimeGenerated         *string                                            `json:"timeGenerated,omitempty"`
	VendorName            *string                                            `json:"vendorName,omitempty"`
}

func (*SecurityAlertProperties) GetEndTimeUtcAsTime added in v0.20241009.1142232

func (o *SecurityAlertProperties) GetEndTimeUtcAsTime() (*time.Time, error)

func (*SecurityAlertProperties) GetProcessingEndTimeAsTime added in v0.20241009.1142232

func (o *SecurityAlertProperties) GetProcessingEndTimeAsTime() (*time.Time, error)

func (*SecurityAlertProperties) GetStartTimeUtcAsTime added in v0.20241009.1142232

func (o *SecurityAlertProperties) GetStartTimeUtcAsTime() (*time.Time, error)

func (*SecurityAlertProperties) GetTimeGeneratedAsTime added in v0.20241009.1142232

func (o *SecurityAlertProperties) GetTimeGeneratedAsTime() (*time.Time, error)

func (*SecurityAlertProperties) SetEndTimeUtcAsTime added in v0.20241009.1142232

func (o *SecurityAlertProperties) SetEndTimeUtcAsTime(input time.Time)

func (*SecurityAlertProperties) SetProcessingEndTimeAsTime added in v0.20241009.1142232

func (o *SecurityAlertProperties) SetProcessingEndTimeAsTime(input time.Time)

func (*SecurityAlertProperties) SetStartTimeUtcAsTime added in v0.20241009.1142232

func (o *SecurityAlertProperties) SetStartTimeUtcAsTime(input time.Time)

func (*SecurityAlertProperties) SetTimeGeneratedAsTime added in v0.20241009.1142232

func (o *SecurityAlertProperties) SetTimeGeneratedAsTime(input time.Time)

type SecurityAlertPropertiesConfidenceReasonsInlined added in v0.20241009.1142232

type SecurityAlertPropertiesConfidenceReasonsInlined struct {
	Reason     *string `json:"reason,omitempty"`
	ReasonType *string `json:"reasonType,omitempty"`
}

type SecurityAlertTimelineItem

type SecurityAlertTimelineItem struct {
	AlertType       string           `json:"alertType"`
	AzureResourceId string           `json:"azureResourceId"`
	Description     *string          `json:"description,omitempty"`
	DisplayName     string           `json:"displayName"`
	EndTimeUtc      string           `json:"endTimeUtc"`
	Intent          *KillChainIntent `json:"intent,omitempty"`
	ProductName     *string          `json:"productName,omitempty"`
	Severity        AlertSeverity    `json:"severity"`
	StartTimeUtc    string           `json:"startTimeUtc"`
	Techniques      *[]string        `json:"techniques,omitempty"`
	TimeGenerated   string           `json:"timeGenerated"`

	Kind EntityTimelineKind `json:"kind"`
}

func (SecurityAlertTimelineItem) EntityTimelineItem added in v0.20240920.1135249

func (SecurityAlertTimelineItem) MarshalJSON

func (s SecurityAlertTimelineItem) MarshalJSON() ([]byte, error)

type SecurityGroupEntity added in v0.20241009.1142232

type SecurityGroupEntity struct {
	Properties *SecurityGroupEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (SecurityGroupEntity) Entity added in v0.20241009.1142232

func (SecurityGroupEntity) MarshalJSON added in v0.20241009.1142232

func (s SecurityGroupEntity) MarshalJSON() ([]byte, error)

type SecurityGroupEntityProperties added in v0.20241009.1142232

type SecurityGroupEntityProperties struct {
	AdditionalData    *map[string]interface{} `json:"additionalData,omitempty"`
	DistinguishedName *string                 `json:"distinguishedName,omitempty"`
	FriendlyName      *string                 `json:"friendlyName,omitempty"`
	ObjectGuid        *string                 `json:"objectGuid,omitempty"`
	Sid               *string                 `json:"sid,omitempty"`
}

type SubmissionMailEntity added in v0.20241009.1142232

type SubmissionMailEntity struct {
	Properties *SubmissionMailEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (SubmissionMailEntity) Entity added in v0.20241009.1142232

func (SubmissionMailEntity) MarshalJSON added in v0.20241009.1142232

func (s SubmissionMailEntity) MarshalJSON() ([]byte, error)

type SubmissionMailEntityProperties added in v0.20241009.1142232

type SubmissionMailEntityProperties struct {
	AdditionalData   *map[string]interface{} `json:"additionalData,omitempty"`
	FriendlyName     *string                 `json:"friendlyName,omitempty"`
	NetworkMessageId *string                 `json:"networkMessageId,omitempty"`
	Recipient        *string                 `json:"recipient,omitempty"`
	ReportType       *string                 `json:"reportType,omitempty"`
	Sender           *string                 `json:"sender,omitempty"`
	SenderIP         *string                 `json:"senderIp,omitempty"`
	Subject          *string                 `json:"subject,omitempty"`
	SubmissionDate   *string                 `json:"submissionDate,omitempty"`
	SubmissionId     *string                 `json:"submissionId,omitempty"`
	Submitter        *string                 `json:"submitter,omitempty"`
	Timestamp        *string                 `json:"timestamp,omitempty"`
}

func (*SubmissionMailEntityProperties) GetSubmissionDateAsTime added in v0.20241009.1142232

func (o *SubmissionMailEntityProperties) GetSubmissionDateAsTime() (*time.Time, error)

func (*SubmissionMailEntityProperties) GetTimestampAsTime added in v0.20241009.1142232

func (o *SubmissionMailEntityProperties) GetTimestampAsTime() (*time.Time, error)

func (*SubmissionMailEntityProperties) SetSubmissionDateAsTime added in v0.20241009.1142232

func (o *SubmissionMailEntityProperties) SetSubmissionDateAsTime(input time.Time)

func (*SubmissionMailEntityProperties) SetTimestampAsTime added in v0.20241009.1142232

func (o *SubmissionMailEntityProperties) SetTimestampAsTime(input time.Time)

type ThreatIntelligence added in v0.20241009.1142232

type ThreatIntelligence struct {
	Confidence        *float64 `json:"confidence,omitempty"`
	ProviderName      *string  `json:"providerName,omitempty"`
	ReportLink        *string  `json:"reportLink,omitempty"`
	ThreatDescription *string  `json:"threatDescription,omitempty"`
	ThreatName        *string  `json:"threatName,omitempty"`
	ThreatType        *string  `json:"threatType,omitempty"`
}

type TimelineAggregation

type TimelineAggregation struct {
	Count int64              `json:"count"`
	Kind  EntityTimelineKind `json:"kind"`
}

type TimelineError

type TimelineError struct {
	ErrorMessage string             `json:"errorMessage"`
	Kind         EntityTimelineKind `json:"kind"`
	QueryId      *string            `json:"queryId,omitempty"`
}

type TimelineResultsMetadata

type TimelineResultsMetadata struct {
	Aggregations []TimelineAggregation `json:"aggregations"`
	Errors       *[]TimelineError      `json:"errors,omitempty"`
	TotalCount   int64                 `json:"totalCount"`
}

type URLEntity added in v0.20241009.1142232

type URLEntity struct {
	Properties *URLEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (URLEntity) Entity added in v0.20241009.1142232

func (s URLEntity) Entity() BaseEntityImpl

func (URLEntity) MarshalJSON added in v0.20241009.1142232

func (s URLEntity) MarshalJSON() ([]byte, error)

type URLEntityProperties added in v0.20241009.1142232

type URLEntityProperties struct {
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	FriendlyName   *string                 `json:"friendlyName,omitempty"`
	Url            *string                 `json:"url,omitempty"`
}

type UserInfo

type UserInfo struct {
	Email    *string `json:"email,omitempty"`
	Name     *string `json:"name,omitempty"`
	ObjectId *string `json:"objectId,omitempty"`
}

type WorkspaceId

type WorkspaceId struct {
	SubscriptionId    string
	ResourceGroupName string
	WorkspaceName     string
}

WorkspaceId is a struct representing the Resource ID for a Workspace

func NewWorkspaceID

func NewWorkspaceID(subscriptionId string, resourceGroupName string, workspaceName string) WorkspaceId

NewWorkspaceID returns a new WorkspaceId struct

func ParseWorkspaceID

func ParseWorkspaceID(input string) (*WorkspaceId, error)

ParseWorkspaceID parses 'input' into a WorkspaceId

func ParseWorkspaceIDInsensitively

func ParseWorkspaceIDInsensitively(input string) (*WorkspaceId, error)

ParseWorkspaceIDInsensitively parses 'input' case-insensitively into a WorkspaceId note: this method should only be used for API response data and not user input

func (*WorkspaceId) FromParseResult

func (id *WorkspaceId) FromParseResult(input resourceids.ParseResult) error

func (WorkspaceId) ID

func (id WorkspaceId) ID() string

ID returns the formatted Workspace ID

func (WorkspaceId) Segments

func (id WorkspaceId) Segments() []resourceids.Segment

Segments returns a slice of Resource ID Segments which comprise this Workspace ID

func (WorkspaceId) String

func (id WorkspaceId) String() string

String returns a human-readable description of this Workspace ID

Source Files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL