entities

package
v0.20241205.1102105 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 5, 2024 License: MPL-2.0 Imports: 14 Imported by: 0

README

github.com/hashicorp/go-azure-sdk/resource-manager/securityinsights/2023-12-01-preview/entities Documentation

The entities SDK allows for interaction with Azure Resource Manager securityinsights (API Version 2023-12-01-preview).

This readme covers example usages, but further information on using this SDK can be found in the project root.

Import Path

import "github.com/hashicorp/go-azure-sdk/resource-manager/securityinsights/2023-12-01-preview/entities"

Client Initialization

client := entities.NewEntitiesClientWithBaseURI("https://management.azure.com")
client.Client.Authorizer = authorizer

Example Usage: EntitiesClient.Expand

ctx := context.TODO()
id := entities.NewEntityID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceName", "entityIdentifier")

payload := entities.EntityExpandParameters{
	// ...
}


read, err := client.Expand(ctx, id, payload)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: EntitiesClient.Get

ctx := context.TODO()
id := entities.NewEntityID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceName", "entityIdentifier")

read, err := client.Get(ctx, id)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: EntitiesClient.GetInsights

ctx := context.TODO()
id := entities.NewEntityID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceName", "entityIdentifier")

payload := entities.EntityGetInsightsParameters{
	// ...
}


read, err := client.GetInsights(ctx, id, payload)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: EntitiesClient.GetTimelinelist

ctx := context.TODO()
id := entities.NewEntityID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceName", "entityIdentifier")

payload := entities.EntityTimelineParameters{
	// ...
}


read, err := client.GetTimelinelist(ctx, id, payload)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: EntitiesClient.List

ctx := context.TODO()
id := entities.NewWorkspaceID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceName")

// alternatively `client.List(ctx, id)` can be used to do batched pagination
items, err := client.ListComplete(ctx, id)
if err != nil {
	// handle the error
}
for _, item := range items {
	// do something
}

Example Usage: EntitiesClient.Queries

ctx := context.TODO()
id := entities.NewEntityID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceName", "entityIdentifier")

read, err := client.Queries(ctx, id, entities.DefaultQueriesOperationOptions())
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func PossibleValuesForAlertSeverity 

func PossibleValuesForAlertSeverity() []string

func PossibleValuesForAlertStatus 

func PossibleValuesForAlertStatus() []string

func PossibleValuesForAntispamMailDirection 

func PossibleValuesForAntispamMailDirection() []string

func PossibleValuesForAttackTactic 

func PossibleValuesForAttackTactic() []string

func PossibleValuesForConfidenceLevel 

func PossibleValuesForConfidenceLevel() []string

func PossibleValuesForConfidenceScoreStatus 

func PossibleValuesForConfidenceScoreStatus() []string

func PossibleValuesForDeliveryAction 

func PossibleValuesForDeliveryAction() []string

func PossibleValuesForDeliveryLocation 

func PossibleValuesForDeliveryLocation() []string

func PossibleValuesForDeviceImportance 

func PossibleValuesForDeviceImportance() []string

func PossibleValuesForElevationToken 

func PossibleValuesForElevationToken() []string

func PossibleValuesForEntityItemQueryKind 

func PossibleValuesForEntityItemQueryKind() []string

func PossibleValuesForEntityKindEnum 

func PossibleValuesForEntityKindEnum() []string

func PossibleValuesForEntityQueryKind 

func PossibleValuesForEntityQueryKind() []string

func PossibleValuesForEntityTimelineKind 

func PossibleValuesForEntityTimelineKind() []string

func PossibleValuesForEntityType 

func PossibleValuesForEntityType() []string

func PossibleValuesForFileHashAlgorithm 

func PossibleValuesForFileHashAlgorithm() []string

func PossibleValuesForGetInsightsError 

func PossibleValuesForGetInsightsError() []string

func PossibleValuesForIncidentSeverity 

func PossibleValuesForIncidentSeverity() []string

func PossibleValuesForKillChainIntent 

func PossibleValuesForKillChainIntent() []string

func PossibleValuesForOSFamily 

func PossibleValuesForOSFamily() []string

func PossibleValuesForOutputType 

func PossibleValuesForOutputType() []string

func PossibleValuesForRegistryHive 

func PossibleValuesForRegistryHive() []string

func PossibleValuesForRegistryValueKind 

func PossibleValuesForRegistryValueKind() []string

func ValidateEntityID 

func ValidateEntityID(input interface{}, key string) (warnings []string, errors []error)

ValidateEntityID checks that 'input' can be parsed as a Entity ID

func ValidateWorkspaceID 

func ValidateWorkspaceID(input interface{}, key string) (warnings []string, errors []error)

ValidateWorkspaceID checks that 'input' can be parsed as a Workspace ID

Types

type AccountEntity 

type AccountEntity struct {
	Properties *AccountEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (AccountEntity) Entity 

func (s AccountEntity) Entity() BaseEntityImpl

func (AccountEntity) MarshalJSON 

func (s AccountEntity) MarshalJSON() ([]byte, error)

type AccountEntityProperties 

type AccountEntityProperties struct {
	AadTenantId    *string      `json:"aadTenantId,omitempty"`
	AadUserId      *string      `json:"aadUserId,omitempty"`
	AccountName    *string      `json:"accountName,omitempty"`
	AdditionalData *interface{} `json:"additionalData,omitempty"`
	DisplayName    *string      `json:"displayName,omitempty"`
	DnsDomain      *string      `json:"dnsDomain,omitempty"`
	FriendlyName   *string      `json:"friendlyName,omitempty"`
	HostEntityId   *string      `json:"hostEntityId,omitempty"`
	IsDomainJoined *bool        `json:"isDomainJoined,omitempty"`
	NtDomain       *string      `json:"ntDomain,omitempty"`
	ObjectGuid     *string      `json:"objectGuid,omitempty"`
	Puid           *string      `json:"puid,omitempty"`
	Sid            *string      `json:"sid,omitempty"`
	UpnSuffix      *string      `json:"upnSuffix,omitempty"`
}

type ActivityTimelineItem 

type ActivityTimelineItem struct {
	BucketEndTimeUTC     string `json:"bucketEndTimeUTC"`
	BucketStartTimeUTC   string `json:"bucketStartTimeUTC"`
	Content              string `json:"content"`
	FirstActivityTimeUTC string `json:"firstActivityTimeUTC"`
	LastActivityTimeUTC  string `json:"lastActivityTimeUTC"`
	QueryId              string `json:"queryId"`
	Title                string `json:"title"`

	Kind EntityTimelineKind `json:"kind"`
}

func (ActivityTimelineItem) EntityTimelineItem 

func (s ActivityTimelineItem) EntityTimelineItem() BaseEntityTimelineItemImpl

func (ActivityTimelineItem) MarshalJSON 

func (s ActivityTimelineItem) MarshalJSON() ([]byte, error)

type AlertSeverity 

type AlertSeverity string
const (
	AlertSeverityHigh          AlertSeverity = "High"
	AlertSeverityInformational AlertSeverity = "Informational"
	AlertSeverityLow           AlertSeverity = "Low"
	AlertSeverityMedium        AlertSeverity = "Medium"
)

func (*AlertSeverity) UnmarshalJSON 

func (s *AlertSeverity) UnmarshalJSON(bytes []byte) error

type AlertStatus 

type AlertStatus string
const (
	AlertStatusDismissed  AlertStatus = "Dismissed"
	AlertStatusInProgress AlertStatus = "InProgress"
	AlertStatusNew        AlertStatus = "New"
	AlertStatusResolved   AlertStatus = "Resolved"
	AlertStatusUnknown    AlertStatus = "Unknown"
)

func (*AlertStatus) UnmarshalJSON 

func (s *AlertStatus) UnmarshalJSON(bytes []byte) error

type AnomalyTimelineItem 

type AnomalyTimelineItem struct {
	AzureResourceId string    `json:"azureResourceId"`
	Description     *string   `json:"description,omitempty"`
	DisplayName     string    `json:"displayName"`
	EndTimeUtc      string    `json:"endTimeUtc"`
	Intent          *string   `json:"intent,omitempty"`
	ProductName     *string   `json:"productName,omitempty"`
	Reasons         *[]string `json:"reasons,omitempty"`
	StartTimeUtc    string    `json:"startTimeUtc"`
	Techniques      *[]string `json:"techniques,omitempty"`
	TimeGenerated   string    `json:"timeGenerated"`
	Vendor          *string   `json:"vendor,omitempty"`

	Kind EntityTimelineKind `json:"kind"`
}

func (AnomalyTimelineItem) EntityTimelineItem 

func (s AnomalyTimelineItem) EntityTimelineItem() BaseEntityTimelineItemImpl

func (AnomalyTimelineItem) MarshalJSON 

func (s AnomalyTimelineItem) MarshalJSON() ([]byte, error)

type AntispamMailDirection 

type AntispamMailDirection string
const (
	AntispamMailDirectionInbound  AntispamMailDirection = "Inbound"
	AntispamMailDirectionIntraorg AntispamMailDirection = "Intraorg"
	AntispamMailDirectionOutbound AntispamMailDirection = "Outbound"
	AntispamMailDirectionUnknown  AntispamMailDirection = "Unknown"
)

func (*AntispamMailDirection) UnmarshalJSON 

func (s *AntispamMailDirection) UnmarshalJSON(bytes []byte) error

type AttackTactic 

type AttackTactic string
const (
	AttackTacticCollection              AttackTactic = "Collection"
	AttackTacticCommandAndControl       AttackTactic = "CommandAndControl"
	AttackTacticCredentialAccess        AttackTactic = "CredentialAccess"
	AttackTacticDefenseEvasion          AttackTactic = "DefenseEvasion"
	AttackTacticDiscovery               AttackTactic = "Discovery"
	AttackTacticExecution               AttackTactic = "Execution"
	AttackTacticExfiltration            AttackTactic = "Exfiltration"
	AttackTacticImpact                  AttackTactic = "Impact"
	AttackTacticImpairProcessControl    AttackTactic = "ImpairProcessControl"
	AttackTacticInhibitResponseFunction AttackTactic = "InhibitResponseFunction"
	AttackTacticInitialAccess           AttackTactic = "InitialAccess"
	AttackTacticLateralMovement         AttackTactic = "LateralMovement"
	AttackTacticPersistence             AttackTactic = "Persistence"
	AttackTacticPreAttack               AttackTactic = "PreAttack"
	AttackTacticPrivilegeEscalation     AttackTactic = "PrivilegeEscalation"
	AttackTacticReconnaissance          AttackTactic = "Reconnaissance"
	AttackTacticResourceDevelopment     AttackTactic = "ResourceDevelopment"
)

func (*AttackTactic) UnmarshalJSON 

func (s *AttackTactic) UnmarshalJSON(bytes []byte) error

type AzureResourceEntity 

type AzureResourceEntity struct {
	Properties *AzureResourceEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (AzureResourceEntity) Entity 

func (s AzureResourceEntity) Entity() BaseEntityImpl

func (AzureResourceEntity) MarshalJSON 

func (s AzureResourceEntity) MarshalJSON() ([]byte, error)

type AzureResourceEntityProperties 

type AzureResourceEntityProperties struct {
	AdditionalData *interface{} `json:"additionalData,omitempty"`
	FriendlyName   *string      `json:"friendlyName,omitempty"`
	ResourceId     *string      `json:"resourceId,omitempty"`
	SubscriptionId *string      `json:"subscriptionId,omitempty"`
}

type BaseEntityImpl 

type BaseEntityImpl struct {
	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (BaseEntityImpl) Entity 

func (s BaseEntityImpl) Entity() BaseEntityImpl

type BaseEntityQueryItemImpl 

type BaseEntityQueryItemImpl struct {
	Id   *string         `json:"id,omitempty"`
	Kind EntityQueryKind `json:"kind"`
	Name *string         `json:"name,omitempty"`
	Type *string         `json:"type,omitempty"`
}

func (BaseEntityQueryItemImpl) EntityQueryItem 

func (s BaseEntityQueryItemImpl) EntityQueryItem() BaseEntityQueryItemImpl

type BaseEntityTimelineItemImpl 

type BaseEntityTimelineItemImpl struct {
	Kind EntityTimelineKind `json:"kind"`
}

func (BaseEntityTimelineItemImpl) EntityTimelineItem 

func (s BaseEntityTimelineItemImpl) EntityTimelineItem() BaseEntityTimelineItemImpl

type BookmarkTimelineItem 

type BookmarkTimelineItem struct {
	AzureResourceId string    `json:"azureResourceId"`
	CreatedBy       *UserInfo `json:"createdBy,omitempty"`
	DisplayName     *string   `json:"displayName,omitempty"`
	EndTimeUtc      *string   `json:"endTimeUtc,omitempty"`
	EventTime       *string   `json:"eventTime,omitempty"`
	Labels          *[]string `json:"labels,omitempty"`
	Notes           *string   `json:"notes,omitempty"`
	StartTimeUtc    *string   `json:"startTimeUtc,omitempty"`

	Kind EntityTimelineKind `json:"kind"`
}

func (BookmarkTimelineItem) EntityTimelineItem 

func (s BookmarkTimelineItem) EntityTimelineItem() BaseEntityTimelineItemImpl

func (BookmarkTimelineItem) MarshalJSON 

func (s BookmarkTimelineItem) MarshalJSON() ([]byte, error)

type CloudApplicationEntity 

type CloudApplicationEntity struct {
	Properties *CloudApplicationEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (CloudApplicationEntity) Entity 

func (s CloudApplicationEntity) Entity() BaseEntityImpl

func (CloudApplicationEntity) MarshalJSON 

func (s CloudApplicationEntity) MarshalJSON() ([]byte, error)

type CloudApplicationEntityProperties 

type CloudApplicationEntityProperties struct {
	AdditionalData *interface{} `json:"additionalData,omitempty"`
	AppId          *int64       `json:"appId,omitempty"`
	AppName        *string      `json:"appName,omitempty"`
	FriendlyName   *string      `json:"friendlyName,omitempty"`
	InstanceName   *string      `json:"instanceName,omitempty"`
}

type ConfidenceLevel 

type ConfidenceLevel string
const (
	ConfidenceLevelHigh    ConfidenceLevel = "High"
	ConfidenceLevelLow     ConfidenceLevel = "Low"
	ConfidenceLevelUnknown ConfidenceLevel = "Unknown"
)

func (*ConfidenceLevel) UnmarshalJSON 

func (s *ConfidenceLevel) UnmarshalJSON(bytes []byte) error

type ConfidenceScoreStatus 

type ConfidenceScoreStatus string
const (
	ConfidenceScoreStatusFinal         ConfidenceScoreStatus = "Final"
	ConfidenceScoreStatusInProcess     ConfidenceScoreStatus = "InProcess"
	ConfidenceScoreStatusNotApplicable ConfidenceScoreStatus = "NotApplicable"
	ConfidenceScoreStatusNotFinal      ConfidenceScoreStatus = "NotFinal"
)

func (*ConfidenceScoreStatus) UnmarshalJSON 

func (s *ConfidenceScoreStatus) UnmarshalJSON(bytes []byte) error

type DeliveryAction 

type DeliveryAction string
const (
	DeliveryActionBlocked         DeliveryAction = "Blocked"
	DeliveryActionDelivered       DeliveryAction = "Delivered"
	DeliveryActionDeliveredAsSpam DeliveryAction = "DeliveredAsSpam"
	DeliveryActionReplaced        DeliveryAction = "Replaced"
	DeliveryActionUnknown         DeliveryAction = "Unknown"
)

func (*DeliveryAction) UnmarshalJSON 

func (s *DeliveryAction) UnmarshalJSON(bytes []byte) error

type DeliveryLocation 

type DeliveryLocation string
const (
	DeliveryLocationDeletedFolder DeliveryLocation = "DeletedFolder"
	DeliveryLocationDropped       DeliveryLocation = "Dropped"
	DeliveryLocationExternal      DeliveryLocation = "External"
	DeliveryLocationFailed        DeliveryLocation = "Failed"
	DeliveryLocationForwarded     DeliveryLocation = "Forwarded"
	DeliveryLocationInbox         DeliveryLocation = "Inbox"
	DeliveryLocationJunkFolder    DeliveryLocation = "JunkFolder"
	DeliveryLocationQuarantine    DeliveryLocation = "Quarantine"
	DeliveryLocationUnknown       DeliveryLocation = "Unknown"
)

func (*DeliveryLocation) UnmarshalJSON 

func (s *DeliveryLocation) UnmarshalJSON(bytes []byte) error

type DeviceImportance 

type DeviceImportance string
const (
	DeviceImportanceHigh    DeviceImportance = "High"
	DeviceImportanceLow     DeviceImportance = "Low"
	DeviceImportanceNormal  DeviceImportance = "Normal"
	DeviceImportanceUnknown DeviceImportance = "Unknown"
)

func (*DeviceImportance) UnmarshalJSON 

func (s *DeviceImportance) UnmarshalJSON(bytes []byte) error

type DnsEntity 

type DnsEntity struct {
	Properties *DnsEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (DnsEntity) Entity 

func (s DnsEntity) Entity() BaseEntityImpl

func (DnsEntity) MarshalJSON 

func (s DnsEntity) MarshalJSON() ([]byte, error)

type DnsEntityProperties 

type DnsEntityProperties struct {
	AdditionalData        *interface{} `json:"additionalData,omitempty"`
	DnsServerIPEntityId   *string      `json:"dnsServerIpEntityId,omitempty"`
	DomainName            *string      `json:"domainName,omitempty"`
	FriendlyName          *string      `json:"friendlyName,omitempty"`
	HostIPAddressEntityId *string      `json:"hostIpAddressEntityId,omitempty"`
	IPAddressEntityIds    *[]string    `json:"ipAddressEntityIds,omitempty"`
}

type ElevationToken 

type ElevationToken string
const (
	ElevationTokenDefault ElevationToken = "Default"
	ElevationTokenFull    ElevationToken = "Full"
	ElevationTokenLimited ElevationToken = "Limited"
)

func (*ElevationToken) UnmarshalJSON 

func (s *ElevationToken) UnmarshalJSON(bytes []byte) error

type EntitiesClient 

type EntitiesClient struct {
	Client *resourcemanager.Client
}

func NewEntitiesClientWithBaseURI 

func NewEntitiesClientWithBaseURI(sdkApi sdkEnv.Api) (*EntitiesClient, error)

func (EntitiesClient) Expand 

func (c EntitiesClient) Expand(ctx context.Context, id EntityId, input EntityExpandParameters) (result ExpandOperationResponse, err error)

Expand ...

func (EntitiesClient) Get 

func (c EntitiesClient) Get(ctx context.Context, id EntityId) (result GetOperationResponse, err error)

Get ...

func (EntitiesClient) GetInsights 

func (c EntitiesClient) GetInsights(ctx context.Context, id EntityId, input EntityGetInsightsParameters) (result GetInsightsOperationResponse, err error)

GetInsights ...

func (EntitiesClient) GetTimelinelist 

func (c EntitiesClient) GetTimelinelist(ctx context.Context, id EntityId, input EntityTimelineParameters) (result GetTimelinelistOperationResponse, err error)

GetTimelinelist ...

func (EntitiesClient) List 

func (c EntitiesClient) List(ctx context.Context, id WorkspaceId) (result ListOperationResponse, err error)

List ...

func (EntitiesClient) ListComplete 

func (c EntitiesClient) ListComplete(ctx context.Context, id WorkspaceId) (ListCompleteResult, error)

ListComplete retrieves all the results into a single object

func (EntitiesClient) ListCompleteMatchingPredicate 

func (c EntitiesClient) ListCompleteMatchingPredicate(ctx context.Context, id WorkspaceId, predicate EntityOperationPredicate) (result ListCompleteResult, err error)

ListCompleteMatchingPredicate retrieves all the results and then applies the predicate

func (EntitiesClient) Queries 

func (c EntitiesClient) Queries(ctx context.Context, id EntityId, options QueriesOperationOptions) (result QueriesOperationResponse, err error)

Queries ...

type Entity 

type Entity interface {
	Entity() BaseEntityImpl
}

func UnmarshalEntityImplementation 

func UnmarshalEntityImplementation(input []byte) (Entity, error)

type EntityEdges 

type EntityEdges struct {
	AdditionalData *interface{} `json:"additionalData,omitempty"`
	TargetEntityId *string      `json:"targetEntityId,omitempty"`
}

type EntityExpandParameters 

type EntityExpandParameters struct {
	EndTime     *string `json:"endTime,omitempty"`
	ExpansionId *string `json:"expansionId,omitempty"`
	StartTime   *string `json:"startTime,omitempty"`
}

func (*EntityExpandParameters) GetEndTimeAsTime 

func (o *EntityExpandParameters) GetEndTimeAsTime() (*time.Time, error)

func (*EntityExpandParameters) GetStartTimeAsTime 

func (o *EntityExpandParameters) GetStartTimeAsTime() (*time.Time, error)

func (*EntityExpandParameters) SetEndTimeAsTime 

func (o *EntityExpandParameters) SetEndTimeAsTime(input time.Time)

func (*EntityExpandParameters) SetStartTimeAsTime 

func (o *EntityExpandParameters) SetStartTimeAsTime(input time.Time)

type EntityExpandResponse 

type EntityExpandResponse struct {
	MetaData *ExpansionResultsMetadata  `json:"metaData,omitempty"`
	Value    *EntityExpandResponseValue `json:"value,omitempty"`
}

type EntityExpandResponseValue 

type EntityExpandResponseValue struct {
	Edges    *[]EntityEdges `json:"edges,omitempty"`
	Entities *[]Entity      `json:"entities,omitempty"`
}

func (*EntityExpandResponseValue) UnmarshalJSON 

func (s *EntityExpandResponseValue) UnmarshalJSON(bytes []byte) error

type EntityGetInsightsParameters 

type EntityGetInsightsParameters struct {
	AddDefaultExtendedTimeRange *bool     `json:"addDefaultExtendedTimeRange,omitempty"`
	EndTime                     string    `json:"endTime"`
	InsightQueryIds             *[]string `json:"insightQueryIds,omitempty"`
	StartTime                   string    `json:"startTime"`
}

func (*EntityGetInsightsParameters) GetEndTimeAsTime 

func (o *EntityGetInsightsParameters) GetEndTimeAsTime() (*time.Time, error)

func (*EntityGetInsightsParameters) GetStartTimeAsTime 

func (o *EntityGetInsightsParameters) GetStartTimeAsTime() (*time.Time, error)

func (*EntityGetInsightsParameters) SetEndTimeAsTime 

func (o *EntityGetInsightsParameters) SetEndTimeAsTime(input time.Time)

func (*EntityGetInsightsParameters) SetStartTimeAsTime 

func (o *EntityGetInsightsParameters) SetStartTimeAsTime(input time.Time)

type EntityGetInsightsResponse 

type EntityGetInsightsResponse struct {
	MetaData *GetInsightsResultsMetadata `json:"metaData,omitempty"`
	Value    *[]EntityInsightItem        `json:"value,omitempty"`
}

type EntityId 

type EntityId struct {
	SubscriptionId    string
	ResourceGroupName string
	WorkspaceName     string
	EntityIdentifier  string
}

EntityId is a struct representing the Resource ID for a Entity

func NewEntityID 

func NewEntityID(subscriptionId string, resourceGroupName string, workspaceName string, entityIdentifier string) EntityId

NewEntityID returns a new EntityId struct

func ParseEntityID 

func ParseEntityID(input string) (*EntityId, error)

ParseEntityID parses 'input' into a EntityId

func ParseEntityIDInsensitively 

func ParseEntityIDInsensitively(input string) (*EntityId, error)

ParseEntityIDInsensitively parses 'input' case-insensitively into a EntityId note: this method should only be used for API response data and not user input

func (*EntityId) FromParseResult 

func (id *EntityId) FromParseResult(input resourceids.ParseResult) error

func (EntityId) ID 

func (id EntityId) ID() string

ID returns the formatted Entity ID

func (EntityId) Segments 

func (id EntityId) Segments() []resourceids.Segment

Segments returns a slice of Resource ID Segments which comprise this Entity ID

func (EntityId) String 

func (id EntityId) String() string

String returns a human-readable description of this Entity ID

type EntityInsightItem 

type EntityInsightItem struct {
	ChartQueryResults *[]InsightsTableResult              `json:"chartQueryResults,omitempty"`
	QueryId           *string                             `json:"queryId,omitempty"`
	QueryTimeInterval *EntityInsightItemQueryTimeInterval `json:"queryTimeInterval,omitempty"`
	TableQueryResults *InsightsTableResult                `json:"tableQueryResults,omitempty"`
}

type EntityInsightItemQueryTimeInterval 

type EntityInsightItemQueryTimeInterval struct {
	EndTime   *string `json:"endTime,omitempty"`
	StartTime *string `json:"startTime,omitempty"`
}

func (*EntityInsightItemQueryTimeInterval) GetEndTimeAsTime 

func (o *EntityInsightItemQueryTimeInterval) GetEndTimeAsTime() (*time.Time, error)

func (*EntityInsightItemQueryTimeInterval) GetStartTimeAsTime 

func (o *EntityInsightItemQueryTimeInterval) GetStartTimeAsTime() (*time.Time, error)

func (*EntityInsightItemQueryTimeInterval) SetEndTimeAsTime 

func (o *EntityInsightItemQueryTimeInterval) SetEndTimeAsTime(input time.Time)

func (*EntityInsightItemQueryTimeInterval) SetStartTimeAsTime 

func (o *EntityInsightItemQueryTimeInterval) SetStartTimeAsTime(input time.Time)

type EntityItemQueryKind 

type EntityItemQueryKind string
const (
	EntityItemQueryKindInsight EntityItemQueryKind = "Insight"
)

func (*EntityItemQueryKind) UnmarshalJSON 

func (s *EntityItemQueryKind) UnmarshalJSON(bytes []byte) error

type EntityKindEnum 

type EntityKindEnum string
const (
	EntityKindEnumAccount          EntityKindEnum = "Account"
	EntityKindEnumAzureResource    EntityKindEnum = "AzureResource"
	EntityKindEnumBookmark         EntityKindEnum = "Bookmark"
	EntityKindEnumCloudApplication EntityKindEnum = "CloudApplication"
	EntityKindEnumDnsResolution    EntityKindEnum = "DnsResolution"
	EntityKindEnumFile             EntityKindEnum = "File"
	EntityKindEnumFileHash         EntityKindEnum = "FileHash"
	EntityKindEnumHost             EntityKindEnum = "Host"
	EntityKindEnumIP               EntityKindEnum = "Ip"
	EntityKindEnumIoTDevice        EntityKindEnum = "IoTDevice"
	EntityKindEnumMailCluster      EntityKindEnum = "MailCluster"
	EntityKindEnumMailMessage      EntityKindEnum = "MailMessage"
	EntityKindEnumMailbox          EntityKindEnum = "Mailbox"
	EntityKindEnumMalware          EntityKindEnum = "Malware"
	EntityKindEnumNic              EntityKindEnum = "Nic"
	EntityKindEnumProcess          EntityKindEnum = "Process"
	EntityKindEnumRegistryKey      EntityKindEnum = "RegistryKey"
	EntityKindEnumRegistryValue    EntityKindEnum = "RegistryValue"
	EntityKindEnumSecurityAlert    EntityKindEnum = "SecurityAlert"
	EntityKindEnumSecurityGroup    EntityKindEnum = "SecurityGroup"
	EntityKindEnumSubmissionMail   EntityKindEnum = "SubmissionMail"
	EntityKindEnumURL              EntityKindEnum = "Url"
)

func (*EntityKindEnum) UnmarshalJSON 

func (s *EntityKindEnum) UnmarshalJSON(bytes []byte) error

type EntityOperationPredicate 

type EntityOperationPredicate struct {
}

func (EntityOperationPredicate) Matches 

func (p EntityOperationPredicate) Matches(input Entity) bool

type EntityQueryItem 

type EntityQueryItem interface {
	EntityQueryItem() BaseEntityQueryItemImpl
}

func UnmarshalEntityQueryItemImplementation 

func UnmarshalEntityQueryItemImplementation(input []byte) (EntityQueryItem, error)

type EntityQueryItemPropertiesDataTypesInlined 

type EntityQueryItemPropertiesDataTypesInlined struct {
	DataType *string `json:"dataType,omitempty"`
}

type EntityQueryKind 

type EntityQueryKind string
const (
	EntityQueryKindActivity  EntityQueryKind = "Activity"
	EntityQueryKindExpansion EntityQueryKind = "Expansion"
	EntityQueryKindInsight   EntityQueryKind = "Insight"
)

func (*EntityQueryKind) UnmarshalJSON 

func (s *EntityQueryKind) UnmarshalJSON(bytes []byte) error

type EntityTimelineItem 

type EntityTimelineItem interface {
	EntityTimelineItem() BaseEntityTimelineItemImpl
}

func UnmarshalEntityTimelineItemImplementation 

func UnmarshalEntityTimelineItemImplementation(input []byte) (EntityTimelineItem, error)

type EntityTimelineKind 

type EntityTimelineKind string
const (
	EntityTimelineKindActivity      EntityTimelineKind = "Activity"
	EntityTimelineKindAnomaly       EntityTimelineKind = "Anomaly"
	EntityTimelineKindBookmark      EntityTimelineKind = "Bookmark"
	EntityTimelineKindSecurityAlert EntityTimelineKind = "SecurityAlert"
)

func (*EntityTimelineKind) UnmarshalJSON 

func (s *EntityTimelineKind) UnmarshalJSON(bytes []byte) error

type EntityTimelineParameters 

type EntityTimelineParameters struct {
	EndTime        string                `json:"endTime"`
	Kinds          *[]EntityTimelineKind `json:"kinds,omitempty"`
	NumberOfBucket *int64                `json:"numberOfBucket,omitempty"`
	StartTime      string                `json:"startTime"`
}

func (*EntityTimelineParameters) GetEndTimeAsTime 

func (o *EntityTimelineParameters) GetEndTimeAsTime() (*time.Time, error)

func (*EntityTimelineParameters) GetStartTimeAsTime 

func (o *EntityTimelineParameters) GetStartTimeAsTime() (*time.Time, error)

func (*EntityTimelineParameters) SetEndTimeAsTime 

func (o *EntityTimelineParameters) SetEndTimeAsTime(input time.Time)

func (*EntityTimelineParameters) SetStartTimeAsTime 

func (o *EntityTimelineParameters) SetStartTimeAsTime(input time.Time)

type EntityTimelineResponse 

type EntityTimelineResponse struct {
	MetaData *TimelineResultsMetadata `json:"metaData,omitempty"`
	Value    *[]EntityTimelineItem    `json:"value,omitempty"`
}

func (*EntityTimelineResponse) UnmarshalJSON 

func (s *EntityTimelineResponse) UnmarshalJSON(bytes []byte) error

type EntityType 

type EntityType string
const (
	EntityTypeAccount          EntityType = "Account"
	EntityTypeAzureResource    EntityType = "AzureResource"
	EntityTypeCloudApplication EntityType = "CloudApplication"
	EntityTypeDNS              EntityType = "DNS"
	EntityTypeFile             EntityType = "File"
	EntityTypeFileHash         EntityType = "FileHash"
	EntityTypeHost             EntityType = "Host"
	EntityTypeHuntingBookmark  EntityType = "HuntingBookmark"
	EntityTypeIP               EntityType = "IP"
	EntityTypeIoTDevice        EntityType = "IoTDevice"
	EntityTypeMailCluster      EntityType = "MailCluster"
	EntityTypeMailMessage      EntityType = "MailMessage"
	EntityTypeMailbox          EntityType = "Mailbox"
	EntityTypeMalware          EntityType = "Malware"
	EntityTypeNic              EntityType = "Nic"
	EntityTypeProcess          EntityType = "Process"
	EntityTypeRegistryKey      EntityType = "RegistryKey"
	EntityTypeRegistryValue    EntityType = "RegistryValue"
	EntityTypeSecurityAlert    EntityType = "SecurityAlert"
	EntityTypeSecurityGroup    EntityType = "SecurityGroup"
	EntityTypeSubmissionMail   EntityType = "SubmissionMail"
	EntityTypeURL              EntityType = "URL"
)

func (*EntityType) UnmarshalJSON 

func (s *EntityType) UnmarshalJSON(bytes []byte) error

type ExpandOperationResponse 

type ExpandOperationResponse struct {
	HttpResponse *http.Response
	OData        *odata.OData
	Model        *EntityExpandResponse
}

type ExpansionResultAggregation 

type ExpansionResultAggregation struct {
	AggregationType *string        `json:"aggregationType,omitempty"`
	Count           int64          `json:"count"`
	DisplayName     *string        `json:"displayName,omitempty"`
	EntityKind      EntityKindEnum `json:"entityKind"`
}

type ExpansionResultsMetadata 

type ExpansionResultsMetadata struct {
	Aggregations *[]ExpansionResultAggregation `json:"aggregations,omitempty"`
}

type FileEntity 

type FileEntity struct {
	Properties *FileEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (FileEntity) Entity 

func (s FileEntity) Entity() BaseEntityImpl

func (FileEntity) MarshalJSON 

func (s FileEntity) MarshalJSON() ([]byte, error)

type FileEntityProperties 

type FileEntityProperties struct {
	AdditionalData    *interface{} `json:"additionalData,omitempty"`
	Directory         *string      `json:"directory,omitempty"`
	FileHashEntityIds *[]string    `json:"fileHashEntityIds,omitempty"`
	FileName          *string      `json:"fileName,omitempty"`
	FriendlyName      *string      `json:"friendlyName,omitempty"`
	HostEntityId      *string      `json:"hostEntityId,omitempty"`
}

type FileHashAlgorithm 

type FileHashAlgorithm string
const (
	FileHashAlgorithmMDFive          FileHashAlgorithm = "MD5"
	FileHashAlgorithmSHAOne          FileHashAlgorithm = "SHA1"
	FileHashAlgorithmSHATwoFiveSix   FileHashAlgorithm = "SHA256"
	FileHashAlgorithmSHATwoFiveSixAC FileHashAlgorithm = "SHA256AC"
	FileHashAlgorithmUnknown         FileHashAlgorithm = "Unknown"
)

func (*FileHashAlgorithm) UnmarshalJSON 

func (s *FileHashAlgorithm) UnmarshalJSON(bytes []byte) error

type FileHashEntity 

type FileHashEntity struct {
	Properties *FileHashEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (FileHashEntity) Entity 

func (s FileHashEntity) Entity() BaseEntityImpl

func (FileHashEntity) MarshalJSON 

func (s FileHashEntity) MarshalJSON() ([]byte, error)

type FileHashEntityProperties 

type FileHashEntityProperties struct {
	AdditionalData *interface{}       `json:"additionalData,omitempty"`
	Algorithm      *FileHashAlgorithm `json:"algorithm,omitempty"`
	FriendlyName   *string            `json:"friendlyName,omitempty"`
	HashValue      *string            `json:"hashValue,omitempty"`
}

type GeoLocation 

type GeoLocation struct {
	Asn         *int64   `json:"asn,omitempty"`
	City        *string  `json:"city,omitempty"`
	CountryCode *string  `json:"countryCode,omitempty"`
	CountryName *string  `json:"countryName,omitempty"`
	Latitude    *float64 `json:"latitude,omitempty"`
	Longitude   *float64 `json:"longitude,omitempty"`
	State       *string  `json:"state,omitempty"`
}

type GetInsightsError 

type GetInsightsError string
const (
	GetInsightsErrorInsight GetInsightsError = "Insight"
)

func (*GetInsightsError) UnmarshalJSON 

func (s *GetInsightsError) UnmarshalJSON(bytes []byte) error

type GetInsightsErrorKind 

type GetInsightsErrorKind struct {
	ErrorMessage string           `json:"errorMessage"`
	Kind         GetInsightsError `json:"kind"`
	QueryId      *string          `json:"queryId,omitempty"`
}

type GetInsightsOperationResponse 

type GetInsightsOperationResponse struct {
	HttpResponse *http.Response
	OData        *odata.OData
	Model        *EntityGetInsightsResponse
}

type GetInsightsResultsMetadata 

type GetInsightsResultsMetadata struct {
	Errors     *[]GetInsightsErrorKind `json:"errors,omitempty"`
	TotalCount int64                   `json:"totalCount"`
}

type GetOperationResponse 

type GetOperationResponse struct {
	HttpResponse *http.Response
	OData        *odata.OData
	Model        Entity
}

type GetQueriesResponse 

type GetQueriesResponse struct {
	Value *[]EntityQueryItem `json:"value,omitempty"`
}

func (*GetQueriesResponse) UnmarshalJSON 

func (s *GetQueriesResponse) UnmarshalJSON(bytes []byte) error

type GetTimelinelistOperationResponse 

type GetTimelinelistOperationResponse struct {
	HttpResponse *http.Response
	OData        *odata.OData
	Model        *EntityTimelineResponse
}

type HostEntity 

type HostEntity struct {
	Properties *HostEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (HostEntity) Entity 

func (s HostEntity) Entity() BaseEntityImpl

func (HostEntity) MarshalJSON 

func (s HostEntity) MarshalJSON() ([]byte, error)

type HostEntityProperties 

type HostEntityProperties struct {
	AdditionalData *interface{} `json:"additionalData,omitempty"`
	AzureID        *string      `json:"azureID,omitempty"`
	DnsDomain      *string      `json:"dnsDomain,omitempty"`
	FriendlyName   *string      `json:"friendlyName,omitempty"`
	HostName       *string      `json:"hostName,omitempty"`
	IsDomainJoined *bool        `json:"isDomainJoined,omitempty"`
	NetBiosName    *string      `json:"netBiosName,omitempty"`
	NtDomain       *string      `json:"ntDomain,omitempty"`
	OmsAgentID     *string      `json:"omsAgentID,omitempty"`
	OsFamily       *OSFamily    `json:"osFamily,omitempty"`
	OsVersion      *string      `json:"osVersion,omitempty"`
}

type HuntingBookmark 

type HuntingBookmark struct {
	Properties *HuntingBookmarkProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (HuntingBookmark) Entity 

func (s HuntingBookmark) Entity() BaseEntityImpl

func (HuntingBookmark) MarshalJSON 

func (s HuntingBookmark) MarshalJSON() ([]byte, error)

type HuntingBookmarkProperties 

type HuntingBookmarkProperties struct {
	AdditionalData *interface{}  `json:"additionalData,omitempty"`
	Created        *string       `json:"created,omitempty"`
	CreatedBy      *UserInfo     `json:"createdBy,omitempty"`
	DisplayName    string        `json:"displayName"`
	EventTime      *string       `json:"eventTime,omitempty"`
	FriendlyName   *string       `json:"friendlyName,omitempty"`
	IncidentInfo   *IncidentInfo `json:"incidentInfo,omitempty"`
	Labels         *[]string     `json:"labels,omitempty"`
	Notes          *string       `json:"notes,omitempty"`
	Query          string        `json:"query"`
	QueryResult    *string       `json:"queryResult,omitempty"`
	Updated        *string       `json:"updated,omitempty"`
	UpdatedBy      *UserInfo     `json:"updatedBy,omitempty"`
}

func (*HuntingBookmarkProperties) GetCreatedAsTime 

func (o *HuntingBookmarkProperties) GetCreatedAsTime() (*time.Time, error)

func (*HuntingBookmarkProperties) GetEventTimeAsTime 

func (o *HuntingBookmarkProperties) GetEventTimeAsTime() (*time.Time, error)

func (*HuntingBookmarkProperties) GetUpdatedAsTime 

func (o *HuntingBookmarkProperties) GetUpdatedAsTime() (*time.Time, error)

func (*HuntingBookmarkProperties) SetCreatedAsTime 

func (o *HuntingBookmarkProperties) SetCreatedAsTime(input time.Time)

func (*HuntingBookmarkProperties) SetEventTimeAsTime 

func (o *HuntingBookmarkProperties) SetEventTimeAsTime(input time.Time)

func (*HuntingBookmarkProperties) SetUpdatedAsTime 

func (o *HuntingBookmarkProperties) SetUpdatedAsTime(input time.Time)

type IPEntity 

type IPEntity struct {
	Properties *IPEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (IPEntity) Entity 

func (s IPEntity) Entity() BaseEntityImpl

func (IPEntity) MarshalJSON 

func (s IPEntity) MarshalJSON() ([]byte, error)

type IPEntityProperties 

type IPEntityProperties struct {
	AdditionalData     *interface{}          `json:"additionalData,omitempty"`
	Address            *string               `json:"address,omitempty"`
	FriendlyName       *string               `json:"friendlyName,omitempty"`
	Location           *GeoLocation          `json:"location,omitempty"`
	ThreatIntelligence *[]ThreatIntelligence `json:"threatIntelligence,omitempty"`
}

type IncidentInfo 

type IncidentInfo struct {
	IncidentId   *string           `json:"incidentId,omitempty"`
	RelationName *string           `json:"relationName,omitempty"`
	Severity     *IncidentSeverity `json:"severity,omitempty"`
	Title        *string           `json:"title,omitempty"`
}

type IncidentSeverity 

type IncidentSeverity string
const (
	IncidentSeverityHigh          IncidentSeverity = "High"
	IncidentSeverityInformational IncidentSeverity = "Informational"
	IncidentSeverityLow           IncidentSeverity = "Low"
	IncidentSeverityMedium        IncidentSeverity = "Medium"
)

func (*IncidentSeverity) UnmarshalJSON 

func (s *IncidentSeverity) UnmarshalJSON(bytes []byte) error

type InsightQueryItem 

type InsightQueryItem struct {
	Properties *InsightQueryItemProperties `json:"properties,omitempty"`

	Id   *string         `json:"id,omitempty"`
	Kind EntityQueryKind `json:"kind"`
	Name *string         `json:"name,omitempty"`
	Type *string         `json:"type,omitempty"`
}

func (InsightQueryItem) EntityQueryItem 

func (s InsightQueryItem) EntityQueryItem() BaseEntityQueryItemImpl

func (InsightQueryItem) MarshalJSON 

func (s InsightQueryItem) MarshalJSON() ([]byte, error)

type InsightQueryItemProperties 

type InsightQueryItemProperties struct {
	AdditionalQuery         *InsightQueryItemPropertiesAdditionalQuery    `json:"additionalQuery,omitempty"`
	BaseQuery               *string                                       `json:"baseQuery,omitempty"`
	ChartQuery              *interface{}                                  `json:"chartQuery,omitempty"`
	DataTypes               *[]EntityQueryItemPropertiesDataTypesInlined  `json:"dataTypes,omitempty"`
	DefaultTimeRange        *InsightQueryItemPropertiesDefaultTimeRange   `json:"defaultTimeRange,omitempty"`
	Description             *string                                       `json:"description,omitempty"`
	DisplayName             *string                                       `json:"displayName,omitempty"`
	EntitiesFilter          *interface{}                                  `json:"entitiesFilter,omitempty"`
	InputEntityType         *EntityType                                   `json:"inputEntityType,omitempty"`
	ReferenceTimeRange      *InsightQueryItemPropertiesReferenceTimeRange `json:"referenceTimeRange,omitempty"`
	RequiredInputFieldsSets *[][]string                                   `json:"requiredInputFieldsSets,omitempty"`
	TableQuery              *InsightQueryItemPropertiesTableQuery         `json:"tableQuery,omitempty"`
}

type InsightQueryItemPropertiesAdditionalQuery 

type InsightQueryItemPropertiesAdditionalQuery struct {
	Query *string `json:"query,omitempty"`
	Text  *string `json:"text,omitempty"`
}

type InsightQueryItemPropertiesDefaultTimeRange 

type InsightQueryItemPropertiesDefaultTimeRange struct {
	AfterRange  *string `json:"afterRange,omitempty"`
	BeforeRange *string `json:"beforeRange,omitempty"`
}

type InsightQueryItemPropertiesReferenceTimeRange 

type InsightQueryItemPropertiesReferenceTimeRange struct {
	BeforeRange *string `json:"beforeRange,omitempty"`
}

type InsightQueryItemPropertiesTableQuery 

type InsightQueryItemPropertiesTableQuery struct {
	ColumnsDefinitions *[]InsightQueryItemPropertiesTableQueryColumnsDefinitionsInlined `json:"columnsDefinitions,omitempty"`
	QueriesDefinitions *[]InsightQueryItemPropertiesTableQueryQueriesDefinitionsInlined `json:"queriesDefinitions,omitempty"`
}

type InsightQueryItemPropertiesTableQueryColumnsDefinitionsInlined 

type InsightQueryItemPropertiesTableQueryColumnsDefinitionsInlined struct {
	Header          *string     `json:"header,omitempty"`
	OutputType      *OutputType `json:"outputType,omitempty"`
	SupportDeepLink *bool       `json:"supportDeepLink,omitempty"`
}

type InsightQueryItemPropertiesTableQueryQueriesDefinitionsInlined 

type InsightQueryItemPropertiesTableQueryQueriesDefinitionsInlined struct {
	Filter                 *string                                                                                       `json:"filter,omitempty"`
	LinkColumnsDefinitions *[]InsightQueryItemPropertiesTableQueryQueriesDefinitionsInlinedLinkColumnsDefinitionsInlined `json:"linkColumnsDefinitions,omitempty"`
	Project                *string                                                                                       `json:"project,omitempty"`
	Summarize              *string                                                                                       `json:"summarize,omitempty"`
}

type InsightQueryItemPropertiesTableQueryQueriesDefinitionsInlinedLinkColumnsDefinitionsInlined 

type InsightQueryItemPropertiesTableQueryQueriesDefinitionsInlinedLinkColumnsDefinitionsInlined struct {
	ProjectedName *string `json:"projectedName,omitempty"`
	Query         *string `json:"Query,omitempty"`
}

type InsightsTableResult 

type InsightsTableResult struct {
	Columns *[]InsightsTableResultColumnsInlined `json:"columns,omitempty"`
	Rows    *[][]string                          `json:"rows,omitempty"`
}

type InsightsTableResultColumnsInlined 

type InsightsTableResultColumnsInlined struct {
	Name *string `json:"name,omitempty"`
	Type *string `json:"type,omitempty"`
}

type IoTDeviceEntity 

type IoTDeviceEntity struct {
	Properties *IoTDeviceEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (IoTDeviceEntity) Entity 

func (s IoTDeviceEntity) Entity() BaseEntityImpl

func (IoTDeviceEntity) MarshalJSON 

func (s IoTDeviceEntity) MarshalJSON() ([]byte, error)

type IoTDeviceEntityProperties 

type IoTDeviceEntityProperties struct {
	AdditionalData     *interface{}          `json:"additionalData,omitempty"`
	DeviceId           *string               `json:"deviceId,omitempty"`
	DeviceName         *string               `json:"deviceName,omitempty"`
	DeviceSubType      *string               `json:"deviceSubType,omitempty"`
	DeviceType         *string               `json:"deviceType,omitempty"`
	EdgeId             *string               `json:"edgeId,omitempty"`
	FirmwareVersion    *string               `json:"firmwareVersion,omitempty"`
	FriendlyName       *string               `json:"friendlyName,omitempty"`
	HostEntityId       *string               `json:"hostEntityId,omitempty"`
	IPAddressEntityId  *string               `json:"ipAddressEntityId,omitempty"`
	Importance         *DeviceImportance     `json:"importance,omitempty"`
	IotHubEntityId     *string               `json:"iotHubEntityId,omitempty"`
	IotSecurityAgentId *string               `json:"iotSecurityAgentId,omitempty"`
	IsAuthorized       *bool                 `json:"isAuthorized,omitempty"`
	IsProgramming      *bool                 `json:"isProgramming,omitempty"`
	IsScanner          *bool                 `json:"isScanner,omitempty"`
	MacAddress         *string               `json:"macAddress,omitempty"`
	Model              *string               `json:"model,omitempty"`
	NicEntityIds       *[]string             `json:"nicEntityIds,omitempty"`
	OperatingSystem    *string               `json:"operatingSystem,omitempty"`
	Owners             *[]string             `json:"owners,omitempty"`
	Protocols          *[]string             `json:"protocols,omitempty"`
	PurdueLayer        *string               `json:"purdueLayer,omitempty"`
	Sensor             *string               `json:"sensor,omitempty"`
	SerialNumber       *string               `json:"serialNumber,omitempty"`
	Site               *string               `json:"site,omitempty"`
	Source             *string               `json:"source,omitempty"`
	ThreatIntelligence *[]ThreatIntelligence `json:"threatIntelligence,omitempty"`
	Vendor             *string               `json:"vendor,omitempty"`
	Zone               *string               `json:"zone,omitempty"`
}

type KillChainIntent 

type KillChainIntent string
const (
	KillChainIntentCollection          KillChainIntent = "Collection"
	KillChainIntentCommandAndControl   KillChainIntent = "CommandAndControl"
	KillChainIntentCredentialAccess    KillChainIntent = "CredentialAccess"
	KillChainIntentDefenseEvasion      KillChainIntent = "DefenseEvasion"
	KillChainIntentDiscovery           KillChainIntent = "Discovery"
	KillChainIntentExecution           KillChainIntent = "Execution"
	KillChainIntentExfiltration        KillChainIntent = "Exfiltration"
	KillChainIntentExploitation        KillChainIntent = "Exploitation"
	KillChainIntentImpact              KillChainIntent = "Impact"
	KillChainIntentLateralMovement     KillChainIntent = "LateralMovement"
	KillChainIntentPersistence         KillChainIntent = "Persistence"
	KillChainIntentPrivilegeEscalation KillChainIntent = "PrivilegeEscalation"
	KillChainIntentProbing             KillChainIntent = "Probing"
	KillChainIntentUnknown             KillChainIntent = "Unknown"
)

func (*KillChainIntent) UnmarshalJSON 

func (s *KillChainIntent) UnmarshalJSON(bytes []byte) error

type ListCompleteResult 

type ListCompleteResult struct {
	LatestHttpResponse *http.Response
	Items              []Entity
}

type ListCustomPager 

type ListCustomPager struct {
	NextLink *odata.Link `json:"nextLink"`
}
func (p *ListCustomPager) NextPageLink() *odata.Link

type ListOperationResponse 

type ListOperationResponse struct {
	HttpResponse *http.Response
	OData        *odata.OData
	Model        *[]Entity
}

type MailClusterEntity 

type MailClusterEntity struct {
	Properties *MailClusterEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (MailClusterEntity) Entity 

func (s MailClusterEntity) Entity() BaseEntityImpl

func (MailClusterEntity) MarshalJSON 

func (s MailClusterEntity) MarshalJSON() ([]byte, error)

type MailClusterEntityProperties 

type MailClusterEntityProperties struct {
	AdditionalData          *interface{} `json:"additionalData,omitempty"`
	ClusterGroup            *string      `json:"clusterGroup,omitempty"`
	ClusterQueryEndTime     *string      `json:"clusterQueryEndTime,omitempty"`
	ClusterQueryStartTime   *string      `json:"clusterQueryStartTime,omitempty"`
	ClusterSourceIdentifier *string      `json:"clusterSourceIdentifier,omitempty"`
	ClusterSourceType       *string      `json:"clusterSourceType,omitempty"`
	CountByDeliveryStatus   *interface{} `json:"countByDeliveryStatus,omitempty"`
	CountByProtectionStatus *interface{} `json:"countByProtectionStatus,omitempty"`
	CountByThreatType       *interface{} `json:"countByThreatType,omitempty"`
	FriendlyName            *string      `json:"friendlyName,omitempty"`
	IsVolumeAnomaly         *bool        `json:"isVolumeAnomaly,omitempty"`
	MailCount               *int64       `json:"mailCount,omitempty"`
	NetworkMessageIds       *[]string    `json:"networkMessageIds,omitempty"`
	Query                   *string      `json:"query,omitempty"`
	QueryTime               *string      `json:"queryTime,omitempty"`
	Source                  *string      `json:"source,omitempty"`
	Threats                 *[]string    `json:"threats,omitempty"`
}

func (*MailClusterEntityProperties) GetClusterQueryEndTimeAsTime 

func (o *MailClusterEntityProperties) GetClusterQueryEndTimeAsTime() (*time.Time, error)

func (*MailClusterEntityProperties) GetClusterQueryStartTimeAsTime 

func (o *MailClusterEntityProperties) GetClusterQueryStartTimeAsTime() (*time.Time, error)

func (*MailClusterEntityProperties) GetQueryTimeAsTime 

func (o *MailClusterEntityProperties) GetQueryTimeAsTime() (*time.Time, error)

func (*MailClusterEntityProperties) SetClusterQueryEndTimeAsTime 

func (o *MailClusterEntityProperties) SetClusterQueryEndTimeAsTime(input time.Time)

func (*MailClusterEntityProperties) SetClusterQueryStartTimeAsTime 

func (o *MailClusterEntityProperties) SetClusterQueryStartTimeAsTime(input time.Time)

func (*MailClusterEntityProperties) SetQueryTimeAsTime 

func (o *MailClusterEntityProperties) SetQueryTimeAsTime(input time.Time)

type MailMessageEntity 

type MailMessageEntity struct {
	Properties *MailMessageEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (MailMessageEntity) Entity 

func (s MailMessageEntity) Entity() BaseEntityImpl

func (MailMessageEntity) MarshalJSON 

func (s MailMessageEntity) MarshalJSON() ([]byte, error)

type MailMessageEntityProperties 

type MailMessageEntityProperties struct {
	AdditionalData         *interface{}           `json:"additionalData,omitempty"`
	AntispamDirection      *AntispamMailDirection `json:"antispamDirection,omitempty"`
	BodyFingerprintBin1    *int64                 `json:"bodyFingerprintBin1,omitempty"`
	BodyFingerprintBin2    *int64                 `json:"bodyFingerprintBin2,omitempty"`
	BodyFingerprintBin3    *int64                 `json:"bodyFingerprintBin3,omitempty"`
	BodyFingerprintBin4    *int64                 `json:"bodyFingerprintBin4,omitempty"`
	BodyFingerprintBin5    *int64                 `json:"bodyFingerprintBin5,omitempty"`
	DeliveryAction         *DeliveryAction        `json:"deliveryAction,omitempty"`
	DeliveryLocation       *DeliveryLocation      `json:"deliveryLocation,omitempty"`
	FileEntityIds          *[]string              `json:"fileEntityIds,omitempty"`
	FriendlyName           *string                `json:"friendlyName,omitempty"`
	InternetMessageId      *string                `json:"internetMessageId,omitempty"`
	Language               *string                `json:"language,omitempty"`
	NetworkMessageId       *string                `json:"networkMessageId,omitempty"`
	P1Sender               *string                `json:"p1Sender,omitempty"`
	P1SenderDisplayName    *string                `json:"p1SenderDisplayName,omitempty"`
	P1SenderDomain         *string                `json:"p1SenderDomain,omitempty"`
	P2Sender               *string                `json:"p2Sender,omitempty"`
	P2SenderDisplayName    *string                `json:"p2SenderDisplayName,omitempty"`
	P2SenderDomain         *string                `json:"p2SenderDomain,omitempty"`
	ReceiveDate            *string                `json:"receiveDate,omitempty"`
	Recipient              *string                `json:"recipient,omitempty"`
	SenderIP               *string                `json:"senderIP,omitempty"`
	Subject                *string                `json:"subject,omitempty"`
	ThreatDetectionMethods *[]string              `json:"threatDetectionMethods,omitempty"`
	Threats                *[]string              `json:"threats,omitempty"`
	Urls                   *[]string              `json:"urls,omitempty"`
}

func (*MailMessageEntityProperties) GetReceiveDateAsTime 

func (o *MailMessageEntityProperties) GetReceiveDateAsTime() (*time.Time, error)

func (*MailMessageEntityProperties) SetReceiveDateAsTime 

func (o *MailMessageEntityProperties) SetReceiveDateAsTime(input time.Time)

type MailboxEntity 

type MailboxEntity struct {
	Properties *MailboxEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (MailboxEntity) Entity 

func (s MailboxEntity) Entity() BaseEntityImpl

func (MailboxEntity) MarshalJSON 

func (s MailboxEntity) MarshalJSON() ([]byte, error)

type MailboxEntityProperties 

type MailboxEntityProperties struct {
	AdditionalData            *interface{} `json:"additionalData,omitempty"`
	DisplayName               *string      `json:"displayName,omitempty"`
	ExternalDirectoryObjectId *string      `json:"externalDirectoryObjectId,omitempty"`
	FriendlyName              *string      `json:"friendlyName,omitempty"`
	MailboxPrimaryAddress     *string      `json:"mailboxPrimaryAddress,omitempty"`
	Upn                       *string      `json:"upn,omitempty"`
}

type MalwareEntity 

type MalwareEntity struct {
	Properties *MalwareEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (MalwareEntity) Entity 

func (s MalwareEntity) Entity() BaseEntityImpl

func (MalwareEntity) MarshalJSON 

func (s MalwareEntity) MarshalJSON() ([]byte, error)

type MalwareEntityProperties 

type MalwareEntityProperties struct {
	AdditionalData   *interface{} `json:"additionalData,omitempty"`
	Category         *string      `json:"category,omitempty"`
	FileEntityIds    *[]string    `json:"fileEntityIds,omitempty"`
	FriendlyName     *string      `json:"friendlyName,omitempty"`
	MalwareName      *string      `json:"malwareName,omitempty"`
	ProcessEntityIds *[]string    `json:"processEntityIds,omitempty"`
}

type NicEntity 

type NicEntity struct {
	Properties *NicEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (NicEntity) Entity 

func (s NicEntity) Entity() BaseEntityImpl

func (NicEntity) MarshalJSON 

func (s NicEntity) MarshalJSON() ([]byte, error)

type NicEntityProperties 

type NicEntityProperties struct {
	AdditionalData    *interface{} `json:"additionalData,omitempty"`
	FriendlyName      *string      `json:"friendlyName,omitempty"`
	IPAddressEntityId *string      `json:"ipAddressEntityId,omitempty"`
	MacAddress        *string      `json:"macAddress,omitempty"`
	Vlans             *[]string    `json:"vlans,omitempty"`
}

type OSFamily 

type OSFamily string
const (
	OSFamilyAndroid OSFamily = "Android"
	OSFamilyIOS     OSFamily = "IOS"
	OSFamilyLinux   OSFamily = "Linux"
	OSFamilyUnknown OSFamily = "Unknown"
	OSFamilyWindows OSFamily = "Windows"
)

func (*OSFamily) UnmarshalJSON 

func (s *OSFamily) UnmarshalJSON(bytes []byte) error

type OutputType 

type OutputType string
const (
	OutputTypeDate   OutputType = "Date"
	OutputTypeEntity OutputType = "Entity"
	OutputTypeNumber OutputType = "Number"
	OutputTypeString OutputType = "String"
)

func (*OutputType) UnmarshalJSON 

func (s *OutputType) UnmarshalJSON(bytes []byte) error

type ProcessEntity 

type ProcessEntity struct {
	Properties *ProcessEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (ProcessEntity) Entity 

func (s ProcessEntity) Entity() BaseEntityImpl

func (ProcessEntity) MarshalJSON 

func (s ProcessEntity) MarshalJSON() ([]byte, error)

type ProcessEntityProperties 

type ProcessEntityProperties struct {
	AccountEntityId          *string         `json:"accountEntityId,omitempty"`
	AdditionalData           *interface{}    `json:"additionalData,omitempty"`
	CommandLine              *string         `json:"commandLine,omitempty"`
	CreationTimeUtc          *string         `json:"creationTimeUtc,omitempty"`
	ElevationToken           *ElevationToken `json:"elevationToken,omitempty"`
	FriendlyName             *string         `json:"friendlyName,omitempty"`
	HostEntityId             *string         `json:"hostEntityId,omitempty"`
	HostLogonSessionEntityId *string         `json:"hostLogonSessionEntityId,omitempty"`
	ImageFileEntityId        *string         `json:"imageFileEntityId,omitempty"`
	ParentProcessEntityId    *string         `json:"parentProcessEntityId,omitempty"`
	ProcessId                *string         `json:"processId,omitempty"`
}

func (*ProcessEntityProperties) GetCreationTimeUtcAsTime 

func (o *ProcessEntityProperties) GetCreationTimeUtcAsTime() (*time.Time, error)

func (*ProcessEntityProperties) SetCreationTimeUtcAsTime 

func (o *ProcessEntityProperties) SetCreationTimeUtcAsTime(input time.Time)

type QueriesOperationOptions 

type QueriesOperationOptions struct {
	Kind *EntityItemQueryKind
}

func DefaultQueriesOperationOptions 

func DefaultQueriesOperationOptions() QueriesOperationOptions

func (QueriesOperationOptions) ToHeaders 

func (o QueriesOperationOptions) ToHeaders() *client.Headers

func (QueriesOperationOptions) ToOData 

func (o QueriesOperationOptions) ToOData() *odata.Query

func (QueriesOperationOptions) ToQuery 

func (o QueriesOperationOptions) ToQuery() *client.QueryParams

type QueriesOperationResponse 

type QueriesOperationResponse struct {
	HttpResponse *http.Response
	OData        *odata.OData
	Model        *GetQueriesResponse
}

type RawEntityImpl 

type RawEntityImpl struct {
	Type   string
	Values map[string]interface{}
	// contains filtered or unexported fields
}

RawEntityImpl is returned when the Discriminated Value doesn't match any of the defined types NOTE: this should only be used when a type isn't defined for this type of Object (as a workaround) and is used only for Deserialization (e.g. this cannot be used as a Request Payload).

func (RawEntityImpl) Entity 

func (s RawEntityImpl) Entity() BaseEntityImpl

type RawEntityQueryItemImpl 

type RawEntityQueryItemImpl struct {
	Type   string
	Values map[string]interface{}
	// contains filtered or unexported fields
}

RawEntityQueryItemImpl is returned when the Discriminated Value doesn't match any of the defined types NOTE: this should only be used when a type isn't defined for this type of Object (as a workaround) and is used only for Deserialization (e.g. this cannot be used as a Request Payload).

func (RawEntityQueryItemImpl) EntityQueryItem 

func (s RawEntityQueryItemImpl) EntityQueryItem() BaseEntityQueryItemImpl

type RawEntityTimelineItemImpl 

type RawEntityTimelineItemImpl struct {
	Type   string
	Values map[string]interface{}
	// contains filtered or unexported fields
}

RawEntityTimelineItemImpl is returned when the Discriminated Value doesn't match any of the defined types NOTE: this should only be used when a type isn't defined for this type of Object (as a workaround) and is used only for Deserialization (e.g. this cannot be used as a Request Payload).

func (RawEntityTimelineItemImpl) EntityTimelineItem 

func (s RawEntityTimelineItemImpl) EntityTimelineItem() BaseEntityTimelineItemImpl

type RegistryHive 

type RegistryHive string
const (
	RegistryHiveHKEYA                        RegistryHive = "HKEY_A"
	RegistryHiveHKEYCLASSESROOT              RegistryHive = "HKEY_CLASSES_ROOT"
	RegistryHiveHKEYCURRENTCONFIG            RegistryHive = "HKEY_CURRENT_CONFIG"
	RegistryHiveHKEYCURRENTUSER              RegistryHive = "HKEY_CURRENT_USER"
	RegistryHiveHKEYCURRENTUSERLOCALSETTINGS RegistryHive = "HKEY_CURRENT_USER_LOCAL_SETTINGS"
	RegistryHiveHKEYLOCALMACHINE             RegistryHive = "HKEY_LOCAL_MACHINE"
	RegistryHiveHKEYPERFORMANCEDATA          RegistryHive = "HKEY_PERFORMANCE_DATA"
	RegistryHiveHKEYPERFORMANCENLSTEXT       RegistryHive = "HKEY_PERFORMANCE_NLSTEXT"
	RegistryHiveHKEYPERFORMANCETEXT          RegistryHive = "HKEY_PERFORMANCE_TEXT"
	RegistryHiveHKEYUSERS                    RegistryHive = "HKEY_USERS"
)

func (*RegistryHive) UnmarshalJSON 

func (s *RegistryHive) UnmarshalJSON(bytes []byte) error

type RegistryKeyEntity 

type RegistryKeyEntity struct {
	Properties *RegistryKeyEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (RegistryKeyEntity) Entity 

func (s RegistryKeyEntity) Entity() BaseEntityImpl

func (RegistryKeyEntity) MarshalJSON 

func (s RegistryKeyEntity) MarshalJSON() ([]byte, error)

type RegistryKeyEntityProperties 

type RegistryKeyEntityProperties struct {
	AdditionalData *interface{}  `json:"additionalData,omitempty"`
	FriendlyName   *string       `json:"friendlyName,omitempty"`
	Hive           *RegistryHive `json:"hive,omitempty"`
	Key            *string       `json:"key,omitempty"`
}

type RegistryValueEntity 

type RegistryValueEntity struct {
	Properties *RegistryValueEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (RegistryValueEntity) Entity 

func (s RegistryValueEntity) Entity() BaseEntityImpl

func (RegistryValueEntity) MarshalJSON 

func (s RegistryValueEntity) MarshalJSON() ([]byte, error)

type RegistryValueEntityProperties 

type RegistryValueEntityProperties struct {
	AdditionalData *interface{}       `json:"additionalData,omitempty"`
	FriendlyName   *string            `json:"friendlyName,omitempty"`
	KeyEntityId    *string            `json:"keyEntityId,omitempty"`
	ValueData      *string            `json:"valueData,omitempty"`
	ValueName      *string            `json:"valueName,omitempty"`
	ValueType      *RegistryValueKind `json:"valueType,omitempty"`
}

type RegistryValueKind 

type RegistryValueKind string
const (
	RegistryValueKindBinary       RegistryValueKind = "Binary"
	RegistryValueKindDWord        RegistryValueKind = "DWord"
	RegistryValueKindExpandString RegistryValueKind = "ExpandString"
	RegistryValueKindMultiString  RegistryValueKind = "MultiString"
	RegistryValueKindNone         RegistryValueKind = "None"
	RegistryValueKindQWord        RegistryValueKind = "QWord"
	RegistryValueKindString       RegistryValueKind = "String"
	RegistryValueKindUnknown      RegistryValueKind = "Unknown"
)

func (*RegistryValueKind) UnmarshalJSON 

func (s *RegistryValueKind) UnmarshalJSON(bytes []byte) error

type SecurityAlert 

type SecurityAlert struct {
	Properties *SecurityAlertProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (SecurityAlert) Entity 

func (s SecurityAlert) Entity() BaseEntityImpl

func (SecurityAlert) MarshalJSON 

func (s SecurityAlert) MarshalJSON() ([]byte, error)

type SecurityAlertProperties 

type SecurityAlertProperties struct {
	AdditionalData        *interface{}                                       `json:"additionalData,omitempty"`
	AlertDisplayName      *string                                            `json:"alertDisplayName,omitempty"`
	AlertLink             *string                                            `json:"alertLink,omitempty"`
	AlertType             *string                                            `json:"alertType,omitempty"`
	CompromisedEntity     *string                                            `json:"compromisedEntity,omitempty"`
	ConfidenceLevel       *ConfidenceLevel                                   `json:"confidenceLevel,omitempty"`
	ConfidenceReasons     *[]SecurityAlertPropertiesConfidenceReasonsInlined `json:"confidenceReasons,omitempty"`
	ConfidenceScore       *float64                                           `json:"confidenceScore,omitempty"`
	ConfidenceScoreStatus *ConfidenceScoreStatus                             `json:"confidenceScoreStatus,omitempty"`
	Description           *string                                            `json:"description,omitempty"`
	EndTimeUtc            *string                                            `json:"endTimeUtc,omitempty"`
	FriendlyName          *string                                            `json:"friendlyName,omitempty"`
	Intent                *KillChainIntent                                   `json:"intent,omitempty"`
	ProcessingEndTime     *string                                            `json:"processingEndTime,omitempty"`
	ProductComponentName  *string                                            `json:"productComponentName,omitempty"`
	ProductName           *string                                            `json:"productName,omitempty"`
	ProductVersion        *string                                            `json:"productVersion,omitempty"`
	ProviderAlertId       *string                                            `json:"providerAlertId,omitempty"`
	RemediationSteps      *[]string                                          `json:"remediationSteps,omitempty"`
	ResourceIdentifiers   *[]interface{}                                     `json:"resourceIdentifiers,omitempty"`
	Severity              *AlertSeverity                                     `json:"severity,omitempty"`
	StartTimeUtc          *string                                            `json:"startTimeUtc,omitempty"`
	Status                *AlertStatus                                       `json:"status,omitempty"`
	SystemAlertId         *string                                            `json:"systemAlertId,omitempty"`
	Tactics               *[]AttackTactic                                    `json:"tactics,omitempty"`
	TimeGenerated         *string                                            `json:"timeGenerated,omitempty"`
	VendorName            *string                                            `json:"vendorName,omitempty"`
}

func (*SecurityAlertProperties) GetEndTimeUtcAsTime 

func (o *SecurityAlertProperties) GetEndTimeUtcAsTime() (*time.Time, error)

func (*SecurityAlertProperties) GetProcessingEndTimeAsTime 

func (o *SecurityAlertProperties) GetProcessingEndTimeAsTime() (*time.Time, error)

func (*SecurityAlertProperties) GetStartTimeUtcAsTime 

func (o *SecurityAlertProperties) GetStartTimeUtcAsTime() (*time.Time, error)

func (*SecurityAlertProperties) GetTimeGeneratedAsTime 

func (o *SecurityAlertProperties) GetTimeGeneratedAsTime() (*time.Time, error)

func (*SecurityAlertProperties) SetEndTimeUtcAsTime 

func (o *SecurityAlertProperties) SetEndTimeUtcAsTime(input time.Time)

func (*SecurityAlertProperties) SetProcessingEndTimeAsTime 

func (o *SecurityAlertProperties) SetProcessingEndTimeAsTime(input time.Time)

func (*SecurityAlertProperties) SetStartTimeUtcAsTime 

func (o *SecurityAlertProperties) SetStartTimeUtcAsTime(input time.Time)

func (*SecurityAlertProperties) SetTimeGeneratedAsTime 

func (o *SecurityAlertProperties) SetTimeGeneratedAsTime(input time.Time)

type SecurityAlertPropertiesConfidenceReasonsInlined 

type SecurityAlertPropertiesConfidenceReasonsInlined struct {
	Reason     *string `json:"reason,omitempty"`
	ReasonType *string `json:"reasonType,omitempty"`
}

type SecurityAlertTimelineItem 

type SecurityAlertTimelineItem struct {
	AlertType       string           `json:"alertType"`
	AzureResourceId string           `json:"azureResourceId"`
	Description     *string          `json:"description,omitempty"`
	DisplayName     string           `json:"displayName"`
	EndTimeUtc      string           `json:"endTimeUtc"`
	Intent          *KillChainIntent `json:"intent,omitempty"`
	ProductName     *string          `json:"productName,omitempty"`
	Severity        AlertSeverity    `json:"severity"`
	StartTimeUtc    string           `json:"startTimeUtc"`
	Techniques      *[]string        `json:"techniques,omitempty"`
	TimeGenerated   string           `json:"timeGenerated"`

	Kind EntityTimelineKind `json:"kind"`
}

func (SecurityAlertTimelineItem) EntityTimelineItem 

func (s SecurityAlertTimelineItem) EntityTimelineItem() BaseEntityTimelineItemImpl

func (SecurityAlertTimelineItem) MarshalJSON 

func (s SecurityAlertTimelineItem) MarshalJSON() ([]byte, error)

type SecurityGroupEntity 

type SecurityGroupEntity struct {
	Properties *SecurityGroupEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (SecurityGroupEntity) Entity 

func (s SecurityGroupEntity) Entity() BaseEntityImpl

func (SecurityGroupEntity) MarshalJSON 

func (s SecurityGroupEntity) MarshalJSON() ([]byte, error)

type SecurityGroupEntityProperties 

type SecurityGroupEntityProperties struct {
	AdditionalData    *interface{} `json:"additionalData,omitempty"`
	DistinguishedName *string      `json:"distinguishedName,omitempty"`
	FriendlyName      *string      `json:"friendlyName,omitempty"`
	ObjectGuid        *string      `json:"objectGuid,omitempty"`
	Sid               *string      `json:"sid,omitempty"`
}

type SubmissionMailEntity 

type SubmissionMailEntity struct {
	Properties *SubmissionMailEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (SubmissionMailEntity) Entity 

func (s SubmissionMailEntity) Entity() BaseEntityImpl

func (SubmissionMailEntity) MarshalJSON 

func (s SubmissionMailEntity) MarshalJSON() ([]byte, error)

type SubmissionMailEntityProperties 

type SubmissionMailEntityProperties struct {
	AdditionalData   *interface{} `json:"additionalData,omitempty"`
	FriendlyName     *string      `json:"friendlyName,omitempty"`
	NetworkMessageId *string      `json:"networkMessageId,omitempty"`
	Recipient        *string      `json:"recipient,omitempty"`
	ReportType       *string      `json:"reportType,omitempty"`
	Sender           *string      `json:"sender,omitempty"`
	SenderIP         *string      `json:"senderIp,omitempty"`
	Subject          *string      `json:"subject,omitempty"`
	SubmissionDate   *string      `json:"submissionDate,omitempty"`
	SubmissionId     *string      `json:"submissionId,omitempty"`
	Submitter        *string      `json:"submitter,omitempty"`
	Timestamp        *string      `json:"timestamp,omitempty"`
}

func (*SubmissionMailEntityProperties) GetSubmissionDateAsTime 

func (o *SubmissionMailEntityProperties) GetSubmissionDateAsTime() (*time.Time, error)

func (*SubmissionMailEntityProperties) GetTimestampAsTime 

func (o *SubmissionMailEntityProperties) GetTimestampAsTime() (*time.Time, error)

func (*SubmissionMailEntityProperties) SetSubmissionDateAsTime 

func (o *SubmissionMailEntityProperties) SetSubmissionDateAsTime(input time.Time)

func (*SubmissionMailEntityProperties) SetTimestampAsTime 

func (o *SubmissionMailEntityProperties) SetTimestampAsTime(input time.Time)

type ThreatIntelligence 

type ThreatIntelligence struct {
	Confidence        *float64 `json:"confidence,omitempty"`
	ProviderName      *string  `json:"providerName,omitempty"`
	ReportLink        *string  `json:"reportLink,omitempty"`
	ThreatDescription *string  `json:"threatDescription,omitempty"`
	ThreatName        *string  `json:"threatName,omitempty"`
	ThreatType        *string  `json:"threatType,omitempty"`
}

type TimelineAggregation 

type TimelineAggregation struct {
	Count int64              `json:"count"`
	Kind  EntityTimelineKind `json:"kind"`
}

type TimelineError 

type TimelineError struct {
	ErrorMessage string             `json:"errorMessage"`
	Kind         EntityTimelineKind `json:"kind"`
	QueryId      *string            `json:"queryId,omitempty"`
}

type TimelineResultsMetadata 

type TimelineResultsMetadata struct {
	Aggregations []TimelineAggregation `json:"aggregations"`
	Errors       *[]TimelineError      `json:"errors,omitempty"`
	TotalCount   int64                 `json:"totalCount"`
}

type URLEntity 

type URLEntity struct {
	Properties *URLEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (URLEntity) Entity 

func (s URLEntity) Entity() BaseEntityImpl

func (URLEntity) MarshalJSON 

func (s URLEntity) MarshalJSON() ([]byte, error)

type URLEntityProperties 

type URLEntityProperties struct {
	AdditionalData *interface{} `json:"additionalData,omitempty"`
	FriendlyName   *string      `json:"friendlyName,omitempty"`
	Url            *string      `json:"url,omitempty"`
}

type UserInfo 

type UserInfo struct {
	Email    *string `json:"email,omitempty"`
	Name     *string `json:"name,omitempty"`
	ObjectId *string `json:"objectId,omitempty"`
}

type WorkspaceId 

type WorkspaceId struct {
	SubscriptionId    string
	ResourceGroupName string
	WorkspaceName     string
}

WorkspaceId is a struct representing the Resource ID for a Workspace

func NewWorkspaceID 

func NewWorkspaceID(subscriptionId string, resourceGroupName string, workspaceName string) WorkspaceId

NewWorkspaceID returns a new WorkspaceId struct

func ParseWorkspaceID 

func ParseWorkspaceID(input string) (*WorkspaceId, error)

ParseWorkspaceID parses 'input' into a WorkspaceId

func ParseWorkspaceIDInsensitively 

func ParseWorkspaceIDInsensitively(input string) (*WorkspaceId, error)

ParseWorkspaceIDInsensitively parses 'input' case-insensitively into a WorkspaceId note: this method should only be used for API response data and not user input

func (*WorkspaceId) FromParseResult 

func (id *WorkspaceId) FromParseResult(input resourceids.ParseResult) error

func (WorkspaceId) ID 

func (id WorkspaceId) ID() string

ID returns the formatted Workspace ID

func (WorkspaceId) Segments 

func (id WorkspaceId) Segments() []resourceids.Segment

Segments returns a slice of Resource ID Segments which comprise this Workspace ID

func (WorkspaceId) String 

func (id WorkspaceId) String() string

String returns a human-readable description of this Workspace ID

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.