incidentalerts

package
v0.20250110.1074108 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 10, 2025 License: MPL-2.0 Imports: 14 Imported by: 1

README

github.com/hashicorp/go-azure-sdk/resource-manager/securityinsights/2023-02-01/incidentalerts Documentation

The incidentalerts SDK allows for interaction with Azure Resource Manager securityinsights (API Version 2023-02-01).

This readme covers example usages, but further information on using this SDK can be found in the project root.

Import Path

import "github.com/hashicorp/go-azure-sdk/resource-manager/securityinsights/2023-02-01/incidentalerts"

Client Initialization

client := incidentalerts.NewIncidentAlertsClientWithBaseURI("https://management.azure.com")
client.Client.Authorizer = authorizer

Example Usage: IncidentAlertsClient.IncidentsListAlerts

ctx := context.TODO()
id := incidentalerts.NewIncidentID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceName", "incidentId")

read, err := client.IncidentsListAlerts(ctx, id)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func PossibleValuesForAlertSeverity

func PossibleValuesForAlertSeverity() []string

func PossibleValuesForAlertStatus

func PossibleValuesForAlertStatus() []string

func PossibleValuesForAntispamMailDirection added in v0.20241009.1142232

func PossibleValuesForAntispamMailDirection() []string

func PossibleValuesForAttackTactic

func PossibleValuesForAttackTactic() []string

func PossibleValuesForConfidenceLevel

func PossibleValuesForConfidenceLevel() []string

func PossibleValuesForConfidenceScoreStatus

func PossibleValuesForConfidenceScoreStatus() []string

func PossibleValuesForDeliveryAction added in v0.20241009.1142232

func PossibleValuesForDeliveryAction() []string

func PossibleValuesForDeliveryLocation added in v0.20241009.1142232

func PossibleValuesForDeliveryLocation() []string

func PossibleValuesForElevationToken added in v0.20241009.1142232

func PossibleValuesForElevationToken() []string

func PossibleValuesForEntityKindEnum

func PossibleValuesForEntityKindEnum() []string

func PossibleValuesForFileHashAlgorithm added in v0.20241009.1142232

func PossibleValuesForFileHashAlgorithm() []string

func PossibleValuesForIncidentSeverity

func PossibleValuesForIncidentSeverity() []string

func PossibleValuesForKillChainIntent

func PossibleValuesForKillChainIntent() []string

func PossibleValuesForOSFamily added in v0.20241009.1142232

func PossibleValuesForOSFamily() []string

func PossibleValuesForRegistryHive added in v0.20241009.1142232

func PossibleValuesForRegistryHive() []string

func PossibleValuesForRegistryValueKind added in v0.20241009.1142232

func PossibleValuesForRegistryValueKind() []string

func ValidateIncidentID

func ValidateIncidentID(input interface{}, key string) (warnings []string, errors []error)

ValidateIncidentID checks that 'input' can be parsed as a Incident ID

Types

type AccountEntity added in v0.20241009.1142232

type AccountEntity struct {
	Properties *AccountEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (AccountEntity) Entity added in v0.20241009.1142232

func (s AccountEntity) Entity() BaseEntityImpl

func (AccountEntity) MarshalJSON added in v0.20241009.1142232

func (s AccountEntity) MarshalJSON() ([]byte, error)

type AccountEntityProperties added in v0.20241009.1142232

type AccountEntityProperties struct {
	AadTenantId    *string      `json:"aadTenantId,omitempty"`
	AadUserId      *string      `json:"aadUserId,omitempty"`
	AccountName    *string      `json:"accountName,omitempty"`
	AdditionalData *interface{} `json:"additionalData,omitempty"`
	DisplayName    *string      `json:"displayName,omitempty"`
	DnsDomain      *string      `json:"dnsDomain,omitempty"`
	FriendlyName   *string      `json:"friendlyName,omitempty"`
	HostEntityId   *string      `json:"hostEntityId,omitempty"`
	IsDomainJoined *bool        `json:"isDomainJoined,omitempty"`
	NtDomain       *string      `json:"ntDomain,omitempty"`
	ObjectGuid     *string      `json:"objectGuid,omitempty"`
	Puid           *string      `json:"puid,omitempty"`
	Sid            *string      `json:"sid,omitempty"`
	UpnSuffix      *string      `json:"upnSuffix,omitempty"`
}

type AlertSeverity

type AlertSeverity string
const (
	AlertSeverityHigh          AlertSeverity = "High"
	AlertSeverityInformational AlertSeverity = "Informational"
	AlertSeverityLow           AlertSeverity = "Low"
	AlertSeverityMedium        AlertSeverity = "Medium"
)

func (*AlertSeverity) UnmarshalJSON added in v0.20240221.1115631

func (s *AlertSeverity) UnmarshalJSON(bytes []byte) error

type AlertStatus

type AlertStatus string
const (
	AlertStatusDismissed  AlertStatus = "Dismissed"
	AlertStatusInProgress AlertStatus = "InProgress"
	AlertStatusNew        AlertStatus = "New"
	AlertStatusResolved   AlertStatus = "Resolved"
	AlertStatusUnknown    AlertStatus = "Unknown"
)

func (*AlertStatus) UnmarshalJSON added in v0.20240221.1115631

func (s *AlertStatus) UnmarshalJSON(bytes []byte) error

type AntispamMailDirection added in v0.20241009.1142232

type AntispamMailDirection string
const (
	AntispamMailDirectionInbound  AntispamMailDirection = "Inbound"
	AntispamMailDirectionIntraorg AntispamMailDirection = "Intraorg"
	AntispamMailDirectionOutbound AntispamMailDirection = "Outbound"
	AntispamMailDirectionUnknown  AntispamMailDirection = "Unknown"
)

func (*AntispamMailDirection) UnmarshalJSON added in v0.20241009.1142232

func (s *AntispamMailDirection) UnmarshalJSON(bytes []byte) error

type AttackTactic

type AttackTactic string
const (
	AttackTacticCollection              AttackTactic = "Collection"
	AttackTacticCommandAndControl       AttackTactic = "CommandAndControl"
	AttackTacticCredentialAccess        AttackTactic = "CredentialAccess"
	AttackTacticDefenseEvasion          AttackTactic = "DefenseEvasion"
	AttackTacticDiscovery               AttackTactic = "Discovery"
	AttackTacticExecution               AttackTactic = "Execution"
	AttackTacticExfiltration            AttackTactic = "Exfiltration"
	AttackTacticImpact                  AttackTactic = "Impact"
	AttackTacticImpairProcessControl    AttackTactic = "ImpairProcessControl"
	AttackTacticInhibitResponseFunction AttackTactic = "InhibitResponseFunction"
	AttackTacticInitialAccess           AttackTactic = "InitialAccess"
	AttackTacticLateralMovement         AttackTactic = "LateralMovement"
	AttackTacticPersistence             AttackTactic = "Persistence"
	AttackTacticPreAttack               AttackTactic = "PreAttack"
	AttackTacticPrivilegeEscalation     AttackTactic = "PrivilegeEscalation"
	AttackTacticReconnaissance          AttackTactic = "Reconnaissance"
	AttackTacticResourceDevelopment     AttackTactic = "ResourceDevelopment"
)

func (*AttackTactic) UnmarshalJSON added in v0.20240221.1115631

func (s *AttackTactic) UnmarshalJSON(bytes []byte) error

type AzureResourceEntity added in v0.20241009.1142232

type AzureResourceEntity struct {
	Properties *AzureResourceEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (AzureResourceEntity) Entity added in v0.20241009.1142232

func (AzureResourceEntity) MarshalJSON added in v0.20241009.1142232

func (s AzureResourceEntity) MarshalJSON() ([]byte, error)

type AzureResourceEntityProperties added in v0.20241009.1142232

type AzureResourceEntityProperties struct {
	AdditionalData *interface{} `json:"additionalData,omitempty"`
	FriendlyName   *string      `json:"friendlyName,omitempty"`
	ResourceId     *string      `json:"resourceId,omitempty"`
	SubscriptionId *string      `json:"subscriptionId,omitempty"`
}

type BaseEntityImpl added in v0.20240920.1135249

type BaseEntityImpl struct {
	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (BaseEntityImpl) Entity added in v0.20240920.1135249

func (s BaseEntityImpl) Entity() BaseEntityImpl

type CloudApplicationEntity added in v0.20241009.1142232

type CloudApplicationEntity struct {
	Properties *CloudApplicationEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (CloudApplicationEntity) Entity added in v0.20241009.1142232

func (CloudApplicationEntity) MarshalJSON added in v0.20241009.1142232

func (s CloudApplicationEntity) MarshalJSON() ([]byte, error)

type CloudApplicationEntityProperties added in v0.20241009.1142232

type CloudApplicationEntityProperties struct {
	AdditionalData *interface{} `json:"additionalData,omitempty"`
	AppId          *int64       `json:"appId,omitempty"`
	AppName        *string      `json:"appName,omitempty"`
	FriendlyName   *string      `json:"friendlyName,omitempty"`
	InstanceName   *string      `json:"instanceName,omitempty"`
}

type ConfidenceLevel

type ConfidenceLevel string
const (
	ConfidenceLevelHigh    ConfidenceLevel = "High"
	ConfidenceLevelLow     ConfidenceLevel = "Low"
	ConfidenceLevelUnknown ConfidenceLevel = "Unknown"
)

func (*ConfidenceLevel) UnmarshalJSON added in v0.20240221.1115631

func (s *ConfidenceLevel) UnmarshalJSON(bytes []byte) error

type ConfidenceScoreStatus

type ConfidenceScoreStatus string
const (
	ConfidenceScoreStatusFinal         ConfidenceScoreStatus = "Final"
	ConfidenceScoreStatusInProcess     ConfidenceScoreStatus = "InProcess"
	ConfidenceScoreStatusNotApplicable ConfidenceScoreStatus = "NotApplicable"
	ConfidenceScoreStatusNotFinal      ConfidenceScoreStatus = "NotFinal"
)

func (*ConfidenceScoreStatus) UnmarshalJSON added in v0.20240221.1115631

func (s *ConfidenceScoreStatus) UnmarshalJSON(bytes []byte) error

type DeliveryAction added in v0.20241009.1142232

type DeliveryAction string
const (
	DeliveryActionBlocked         DeliveryAction = "Blocked"
	DeliveryActionDelivered       DeliveryAction = "Delivered"
	DeliveryActionDeliveredAsSpam DeliveryAction = "DeliveredAsSpam"
	DeliveryActionReplaced        DeliveryAction = "Replaced"
	DeliveryActionUnknown         DeliveryAction = "Unknown"
)

func (*DeliveryAction) UnmarshalJSON added in v0.20241009.1142232

func (s *DeliveryAction) UnmarshalJSON(bytes []byte) error

type DeliveryLocation added in v0.20241009.1142232

type DeliveryLocation string
const (
	DeliveryLocationDeletedFolder DeliveryLocation = "DeletedFolder"
	DeliveryLocationDropped       DeliveryLocation = "Dropped"
	DeliveryLocationExternal      DeliveryLocation = "External"
	DeliveryLocationFailed        DeliveryLocation = "Failed"
	DeliveryLocationForwarded     DeliveryLocation = "Forwarded"
	DeliveryLocationInbox         DeliveryLocation = "Inbox"
	DeliveryLocationJunkFolder    DeliveryLocation = "JunkFolder"
	DeliveryLocationQuarantine    DeliveryLocation = "Quarantine"
	DeliveryLocationUnknown       DeliveryLocation = "Unknown"
)

func (*DeliveryLocation) UnmarshalJSON added in v0.20241009.1142232

func (s *DeliveryLocation) UnmarshalJSON(bytes []byte) error

type DnsEntity added in v0.20241009.1142232

type DnsEntity struct {
	Properties *DnsEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (DnsEntity) Entity added in v0.20241009.1142232

func (s DnsEntity) Entity() BaseEntityImpl

func (DnsEntity) MarshalJSON added in v0.20241009.1142232

func (s DnsEntity) MarshalJSON() ([]byte, error)

type DnsEntityProperties added in v0.20241009.1142232

type DnsEntityProperties struct {
	AdditionalData        *interface{} `json:"additionalData,omitempty"`
	DnsServerIPEntityId   *string      `json:"dnsServerIpEntityId,omitempty"`
	DomainName            *string      `json:"domainName,omitempty"`
	FriendlyName          *string      `json:"friendlyName,omitempty"`
	HostIPAddressEntityId *string      `json:"hostIpAddressEntityId,omitempty"`
	IPAddressEntityIds    *[]string    `json:"ipAddressEntityIds,omitempty"`
}

type ElevationToken added in v0.20241009.1142232

type ElevationToken string
const (
	ElevationTokenDefault ElevationToken = "Default"
	ElevationTokenFull    ElevationToken = "Full"
	ElevationTokenLimited ElevationToken = "Limited"
)

func (*ElevationToken) UnmarshalJSON added in v0.20241009.1142232

func (s *ElevationToken) UnmarshalJSON(bytes []byte) error

type Entity

type Entity interface {
	Entity() BaseEntityImpl
}

func UnmarshalEntityImplementation added in v0.20240920.1135249

func UnmarshalEntityImplementation(input []byte) (Entity, error)

type EntityKindEnum

type EntityKindEnum string
const (
	EntityKindEnumAccount          EntityKindEnum = "Account"
	EntityKindEnumAzureResource    EntityKindEnum = "AzureResource"
	EntityKindEnumBookmark         EntityKindEnum = "Bookmark"
	EntityKindEnumCloudApplication EntityKindEnum = "CloudApplication"
	EntityKindEnumDnsResolution    EntityKindEnum = "DnsResolution"
	EntityKindEnumFile             EntityKindEnum = "File"
	EntityKindEnumFileHash         EntityKindEnum = "FileHash"
	EntityKindEnumHost             EntityKindEnum = "Host"
	EntityKindEnumIP               EntityKindEnum = "Ip"
	EntityKindEnumIoTDevice        EntityKindEnum = "IoTDevice"
	EntityKindEnumMailCluster      EntityKindEnum = "MailCluster"
	EntityKindEnumMailMessage      EntityKindEnum = "MailMessage"
	EntityKindEnumMailbox          EntityKindEnum = "Mailbox"
	EntityKindEnumMalware          EntityKindEnum = "Malware"
	EntityKindEnumProcess          EntityKindEnum = "Process"
	EntityKindEnumRegistryKey      EntityKindEnum = "RegistryKey"
	EntityKindEnumRegistryValue    EntityKindEnum = "RegistryValue"
	EntityKindEnumSecurityAlert    EntityKindEnum = "SecurityAlert"
	EntityKindEnumSecurityGroup    EntityKindEnum = "SecurityGroup"
	EntityKindEnumSubmissionMail   EntityKindEnum = "SubmissionMail"
	EntityKindEnumURL              EntityKindEnum = "Url"
)

func (*EntityKindEnum) UnmarshalJSON added in v0.20240221.1115631

func (s *EntityKindEnum) UnmarshalJSON(bytes []byte) error

type FileEntity added in v0.20241009.1142232

type FileEntity struct {
	Properties *FileEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (FileEntity) Entity added in v0.20241009.1142232

func (s FileEntity) Entity() BaseEntityImpl

func (FileEntity) MarshalJSON added in v0.20241009.1142232

func (s FileEntity) MarshalJSON() ([]byte, error)

type FileEntityProperties added in v0.20241009.1142232

type FileEntityProperties struct {
	AdditionalData    *interface{} `json:"additionalData,omitempty"`
	Directory         *string      `json:"directory,omitempty"`
	FileHashEntityIds *[]string    `json:"fileHashEntityIds,omitempty"`
	FileName          *string      `json:"fileName,omitempty"`
	FriendlyName      *string      `json:"friendlyName,omitempty"`
	HostEntityId      *string      `json:"hostEntityId,omitempty"`
}

type FileHashAlgorithm added in v0.20241009.1142232

type FileHashAlgorithm string
const (
	FileHashAlgorithmMDFive          FileHashAlgorithm = "MD5"
	FileHashAlgorithmSHAOne          FileHashAlgorithm = "SHA1"
	FileHashAlgorithmSHATwoFiveSix   FileHashAlgorithm = "SHA256"
	FileHashAlgorithmSHATwoFiveSixAC FileHashAlgorithm = "SHA256AC"
	FileHashAlgorithmUnknown         FileHashAlgorithm = "Unknown"
)

func (*FileHashAlgorithm) UnmarshalJSON added in v0.20241009.1142232

func (s *FileHashAlgorithm) UnmarshalJSON(bytes []byte) error

type FileHashEntity added in v0.20241009.1142232

type FileHashEntity struct {
	Properties *FileHashEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (FileHashEntity) Entity added in v0.20241009.1142232

func (s FileHashEntity) Entity() BaseEntityImpl

func (FileHashEntity) MarshalJSON added in v0.20241009.1142232

func (s FileHashEntity) MarshalJSON() ([]byte, error)

type FileHashEntityProperties added in v0.20241009.1142232

type FileHashEntityProperties struct {
	AdditionalData *interface{}       `json:"additionalData,omitempty"`
	Algorithm      *FileHashAlgorithm `json:"algorithm,omitempty"`
	FriendlyName   *string            `json:"friendlyName,omitempty"`
	HashValue      *string            `json:"hashValue,omitempty"`
}

type GeoLocation added in v0.20241009.1142232

type GeoLocation struct {
	Asn         *int64   `json:"asn,omitempty"`
	City        *string  `json:"city,omitempty"`
	CountryCode *string  `json:"countryCode,omitempty"`
	CountryName *string  `json:"countryName,omitempty"`
	Latitude    *float64 `json:"latitude,omitempty"`
	Longitude   *float64 `json:"longitude,omitempty"`
	State       *string  `json:"state,omitempty"`
}

type HostEntity added in v0.20241009.1142232

type HostEntity struct {
	Properties *HostEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (HostEntity) Entity added in v0.20241009.1142232

func (s HostEntity) Entity() BaseEntityImpl

func (HostEntity) MarshalJSON added in v0.20241009.1142232

func (s HostEntity) MarshalJSON() ([]byte, error)

type HostEntityProperties added in v0.20241009.1142232

type HostEntityProperties struct {
	AdditionalData *interface{} `json:"additionalData,omitempty"`
	AzureID        *string      `json:"azureID,omitempty"`
	DnsDomain      *string      `json:"dnsDomain,omitempty"`
	FriendlyName   *string      `json:"friendlyName,omitempty"`
	HostName       *string      `json:"hostName,omitempty"`
	IsDomainJoined *bool        `json:"isDomainJoined,omitempty"`
	NetBiosName    *string      `json:"netBiosName,omitempty"`
	NtDomain       *string      `json:"ntDomain,omitempty"`
	OmsAgentID     *string      `json:"omsAgentID,omitempty"`
	OsFamily       *OSFamily    `json:"osFamily,omitempty"`
	OsVersion      *string      `json:"osVersion,omitempty"`
}

type HuntingBookmark

type HuntingBookmark struct {
	Properties *HuntingBookmarkProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (HuntingBookmark) Entity added in v0.20240920.1135249

func (s HuntingBookmark) Entity() BaseEntityImpl

func (HuntingBookmark) MarshalJSON

func (s HuntingBookmark) MarshalJSON() ([]byte, error)

type HuntingBookmarkProperties

type HuntingBookmarkProperties struct {
	AdditionalData *interface{}  `json:"additionalData,omitempty"`
	Created        *string       `json:"created,omitempty"`
	CreatedBy      *UserInfo     `json:"createdBy,omitempty"`
	DisplayName    string        `json:"displayName"`
	EventTime      *string       `json:"eventTime,omitempty"`
	FriendlyName   *string       `json:"friendlyName,omitempty"`
	IncidentInfo   *IncidentInfo `json:"incidentInfo,omitempty"`
	Labels         *[]string     `json:"labels,omitempty"`
	Notes          *string       `json:"notes,omitempty"`
	Query          string        `json:"query"`
	QueryResult    *string       `json:"queryResult,omitempty"`
	Updated        *string       `json:"updated,omitempty"`
	UpdatedBy      *UserInfo     `json:"updatedBy,omitempty"`
}

func (*HuntingBookmarkProperties) GetCreatedAsTime

func (o *HuntingBookmarkProperties) GetCreatedAsTime() (*time.Time, error)

func (*HuntingBookmarkProperties) GetEventTimeAsTime

func (o *HuntingBookmarkProperties) GetEventTimeAsTime() (*time.Time, error)

func (*HuntingBookmarkProperties) GetUpdatedAsTime

func (o *HuntingBookmarkProperties) GetUpdatedAsTime() (*time.Time, error)

func (*HuntingBookmarkProperties) SetCreatedAsTime

func (o *HuntingBookmarkProperties) SetCreatedAsTime(input time.Time)

func (*HuntingBookmarkProperties) SetEventTimeAsTime

func (o *HuntingBookmarkProperties) SetEventTimeAsTime(input time.Time)

func (*HuntingBookmarkProperties) SetUpdatedAsTime

func (o *HuntingBookmarkProperties) SetUpdatedAsTime(input time.Time)

type IPEntity added in v0.20241009.1142232

type IPEntity struct {
	Properties *IPEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (IPEntity) Entity added in v0.20241009.1142232

func (s IPEntity) Entity() BaseEntityImpl

func (IPEntity) MarshalJSON added in v0.20241009.1142232

func (s IPEntity) MarshalJSON() ([]byte, error)

type IPEntityProperties added in v0.20241009.1142232

type IPEntityProperties struct {
	AdditionalData     *interface{}          `json:"additionalData,omitempty"`
	Address            *string               `json:"address,omitempty"`
	FriendlyName       *string               `json:"friendlyName,omitempty"`
	Location           *GeoLocation          `json:"location,omitempty"`
	ThreatIntelligence *[]ThreatIntelligence `json:"threatIntelligence,omitempty"`
}

type IncidentAlertList

type IncidentAlertList struct {
	Value []SecurityAlert `json:"value"`
}

type IncidentAlertsClient

type IncidentAlertsClient struct {
	Client *resourcemanager.Client
}

func NewIncidentAlertsClientWithBaseURI

func NewIncidentAlertsClientWithBaseURI(sdkApi sdkEnv.Api) (*IncidentAlertsClient, error)

func (IncidentAlertsClient) IncidentsListAlerts

func (c IncidentAlertsClient) IncidentsListAlerts(ctx context.Context, id IncidentId) (result IncidentsListAlertsOperationResponse, err error)

IncidentsListAlerts ...

type IncidentId

type IncidentId struct {
	SubscriptionId    string
	ResourceGroupName string
	WorkspaceName     string
	IncidentId        string
}

IncidentId is a struct representing the Resource ID for a Incident

func NewIncidentID

func NewIncidentID(subscriptionId string, resourceGroupName string, workspaceName string, incidentId string) IncidentId

NewIncidentID returns a new IncidentId struct

func ParseIncidentID

func ParseIncidentID(input string) (*IncidentId, error)

ParseIncidentID parses 'input' into a IncidentId

func ParseIncidentIDInsensitively

func ParseIncidentIDInsensitively(input string) (*IncidentId, error)

ParseIncidentIDInsensitively parses 'input' case-insensitively into a IncidentId note: this method should only be used for API response data and not user input

func (*IncidentId) FromParseResult

func (id *IncidentId) FromParseResult(input resourceids.ParseResult) error

func (IncidentId) ID

func (id IncidentId) ID() string

ID returns the formatted Incident ID

func (IncidentId) Segments

func (id IncidentId) Segments() []resourceids.Segment

Segments returns a slice of Resource ID Segments which comprise this Incident ID

func (IncidentId) String

func (id IncidentId) String() string

String returns a human-readable description of this Incident ID

type IncidentInfo

type IncidentInfo struct {
	IncidentId   *string           `json:"incidentId,omitempty"`
	RelationName *string           `json:"relationName,omitempty"`
	Severity     *IncidentSeverity `json:"severity,omitempty"`
	Title        *string           `json:"title,omitempty"`
}

type IncidentSeverity

type IncidentSeverity string
const (
	IncidentSeverityHigh          IncidentSeverity = "High"
	IncidentSeverityInformational IncidentSeverity = "Informational"
	IncidentSeverityLow           IncidentSeverity = "Low"
	IncidentSeverityMedium        IncidentSeverity = "Medium"
)

func (*IncidentSeverity) UnmarshalJSON added in v0.20240221.1115631

func (s *IncidentSeverity) UnmarshalJSON(bytes []byte) error

type IncidentsListAlertsOperationResponse

type IncidentsListAlertsOperationResponse struct {
	HttpResponse *http.Response
	OData        *odata.OData
	Model        *IncidentAlertList
}

type IoTDeviceEntity added in v0.20241009.1142232

type IoTDeviceEntity struct {
	Properties *IoTDeviceEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (IoTDeviceEntity) Entity added in v0.20241009.1142232

func (s IoTDeviceEntity) Entity() BaseEntityImpl

func (IoTDeviceEntity) MarshalJSON added in v0.20241009.1142232

func (s IoTDeviceEntity) MarshalJSON() ([]byte, error)

type IoTDeviceEntityProperties added in v0.20241009.1142232

type IoTDeviceEntityProperties struct {
	AdditionalData     *interface{}          `json:"additionalData,omitempty"`
	DeviceId           *string               `json:"deviceId,omitempty"`
	DeviceName         *string               `json:"deviceName,omitempty"`
	DeviceType         *string               `json:"deviceType,omitempty"`
	EdgeId             *string               `json:"edgeId,omitempty"`
	FirmwareVersion    *string               `json:"firmwareVersion,omitempty"`
	FriendlyName       *string               `json:"friendlyName,omitempty"`
	HostEntityId       *string               `json:"hostEntityId,omitempty"`
	IPAddressEntityId  *string               `json:"ipAddressEntityId,omitempty"`
	IotHubEntityId     *string               `json:"iotHubEntityId,omitempty"`
	IotSecurityAgentId *string               `json:"iotSecurityAgentId,omitempty"`
	MacAddress         *string               `json:"macAddress,omitempty"`
	Model              *string               `json:"model,omitempty"`
	OperatingSystem    *string               `json:"operatingSystem,omitempty"`
	Protocols          *[]string             `json:"protocols,omitempty"`
	SerialNumber       *string               `json:"serialNumber,omitempty"`
	Source             *string               `json:"source,omitempty"`
	ThreatIntelligence *[]ThreatIntelligence `json:"threatIntelligence,omitempty"`
	Vendor             *string               `json:"vendor,omitempty"`
}

type KillChainIntent

type KillChainIntent string
const (
	KillChainIntentCollection          KillChainIntent = "Collection"
	KillChainIntentCommandAndControl   KillChainIntent = "CommandAndControl"
	KillChainIntentCredentialAccess    KillChainIntent = "CredentialAccess"
	KillChainIntentDefenseEvasion      KillChainIntent = "DefenseEvasion"
	KillChainIntentDiscovery           KillChainIntent = "Discovery"
	KillChainIntentExecution           KillChainIntent = "Execution"
	KillChainIntentExfiltration        KillChainIntent = "Exfiltration"
	KillChainIntentExploitation        KillChainIntent = "Exploitation"
	KillChainIntentImpact              KillChainIntent = "Impact"
	KillChainIntentLateralMovement     KillChainIntent = "LateralMovement"
	KillChainIntentPersistence         KillChainIntent = "Persistence"
	KillChainIntentPrivilegeEscalation KillChainIntent = "PrivilegeEscalation"
	KillChainIntentProbing             KillChainIntent = "Probing"
	KillChainIntentUnknown             KillChainIntent = "Unknown"
)

func (*KillChainIntent) UnmarshalJSON added in v0.20240221.1115631

func (s *KillChainIntent) UnmarshalJSON(bytes []byte) error

type MailClusterEntity added in v0.20241009.1142232

type MailClusterEntity struct {
	Properties *MailClusterEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (MailClusterEntity) Entity added in v0.20241009.1142232

func (s MailClusterEntity) Entity() BaseEntityImpl

func (MailClusterEntity) MarshalJSON added in v0.20241009.1142232

func (s MailClusterEntity) MarshalJSON() ([]byte, error)

type MailClusterEntityProperties added in v0.20241009.1142232

type MailClusterEntityProperties struct {
	AdditionalData          *interface{} `json:"additionalData,omitempty"`
	ClusterGroup            *string      `json:"clusterGroup,omitempty"`
	ClusterQueryEndTime     *string      `json:"clusterQueryEndTime,omitempty"`
	ClusterQueryStartTime   *string      `json:"clusterQueryStartTime,omitempty"`
	ClusterSourceIdentifier *string      `json:"clusterSourceIdentifier,omitempty"`
	ClusterSourceType       *string      `json:"clusterSourceType,omitempty"`
	CountByDeliveryStatus   *interface{} `json:"countByDeliveryStatus,omitempty"`
	CountByProtectionStatus *interface{} `json:"countByProtectionStatus,omitempty"`
	CountByThreatType       *interface{} `json:"countByThreatType,omitempty"`
	FriendlyName            *string      `json:"friendlyName,omitempty"`
	IsVolumeAnomaly         *bool        `json:"isVolumeAnomaly,omitempty"`
	MailCount               *int64       `json:"mailCount,omitempty"`
	NetworkMessageIds       *[]string    `json:"networkMessageIds,omitempty"`
	Query                   *string      `json:"query,omitempty"`
	QueryTime               *string      `json:"queryTime,omitempty"`
	Source                  *string      `json:"source,omitempty"`
	Threats                 *[]string    `json:"threats,omitempty"`
}

func (*MailClusterEntityProperties) GetClusterQueryEndTimeAsTime added in v0.20241009.1142232

func (o *MailClusterEntityProperties) GetClusterQueryEndTimeAsTime() (*time.Time, error)

func (*MailClusterEntityProperties) GetClusterQueryStartTimeAsTime added in v0.20241009.1142232

func (o *MailClusterEntityProperties) GetClusterQueryStartTimeAsTime() (*time.Time, error)

func (*MailClusterEntityProperties) GetQueryTimeAsTime added in v0.20241009.1142232

func (o *MailClusterEntityProperties) GetQueryTimeAsTime() (*time.Time, error)

func (*MailClusterEntityProperties) SetClusterQueryEndTimeAsTime added in v0.20241009.1142232

func (o *MailClusterEntityProperties) SetClusterQueryEndTimeAsTime(input time.Time)

func (*MailClusterEntityProperties) SetClusterQueryStartTimeAsTime added in v0.20241009.1142232

func (o *MailClusterEntityProperties) SetClusterQueryStartTimeAsTime(input time.Time)

func (*MailClusterEntityProperties) SetQueryTimeAsTime added in v0.20241009.1142232

func (o *MailClusterEntityProperties) SetQueryTimeAsTime(input time.Time)

type MailMessageEntity added in v0.20241009.1142232

type MailMessageEntity struct {
	Properties *MailMessageEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (MailMessageEntity) Entity added in v0.20241009.1142232

func (s MailMessageEntity) Entity() BaseEntityImpl

func (MailMessageEntity) MarshalJSON added in v0.20241009.1142232

func (s MailMessageEntity) MarshalJSON() ([]byte, error)

type MailMessageEntityProperties added in v0.20241009.1142232

type MailMessageEntityProperties struct {
	AdditionalData         *interface{}           `json:"additionalData,omitempty"`
	AntispamDirection      *AntispamMailDirection `json:"antispamDirection,omitempty"`
	BodyFingerprintBin1    *int64                 `json:"bodyFingerprintBin1,omitempty"`
	BodyFingerprintBin2    *int64                 `json:"bodyFingerprintBin2,omitempty"`
	BodyFingerprintBin3    *int64                 `json:"bodyFingerprintBin3,omitempty"`
	BodyFingerprintBin4    *int64                 `json:"bodyFingerprintBin4,omitempty"`
	BodyFingerprintBin5    *int64                 `json:"bodyFingerprintBin5,omitempty"`
	DeliveryAction         *DeliveryAction        `json:"deliveryAction,omitempty"`
	DeliveryLocation       *DeliveryLocation      `json:"deliveryLocation,omitempty"`
	FileEntityIds          *[]string              `json:"fileEntityIds,omitempty"`
	FriendlyName           *string                `json:"friendlyName,omitempty"`
	InternetMessageId      *string                `json:"internetMessageId,omitempty"`
	Language               *string                `json:"language,omitempty"`
	NetworkMessageId       *string                `json:"networkMessageId,omitempty"`
	P1Sender               *string                `json:"p1Sender,omitempty"`
	P1SenderDisplayName    *string                `json:"p1SenderDisplayName,omitempty"`
	P1SenderDomain         *string                `json:"p1SenderDomain,omitempty"`
	P2Sender               *string                `json:"p2Sender,omitempty"`
	P2SenderDisplayName    *string                `json:"p2SenderDisplayName,omitempty"`
	P2SenderDomain         *string                `json:"p2SenderDomain,omitempty"`
	ReceiveDate            *string                `json:"receiveDate,omitempty"`
	Recipient              *string                `json:"recipient,omitempty"`
	SenderIP               *string                `json:"senderIP,omitempty"`
	Subject                *string                `json:"subject,omitempty"`
	ThreatDetectionMethods *[]string              `json:"threatDetectionMethods,omitempty"`
	Threats                *[]string              `json:"threats,omitempty"`
	Urls                   *[]string              `json:"urls,omitempty"`
}

func (*MailMessageEntityProperties) GetReceiveDateAsTime added in v0.20241009.1142232

func (o *MailMessageEntityProperties) GetReceiveDateAsTime() (*time.Time, error)

func (*MailMessageEntityProperties) SetReceiveDateAsTime added in v0.20241009.1142232

func (o *MailMessageEntityProperties) SetReceiveDateAsTime(input time.Time)

type MailboxEntity added in v0.20241009.1142232

type MailboxEntity struct {
	Properties *MailboxEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (MailboxEntity) Entity added in v0.20241009.1142232

func (s MailboxEntity) Entity() BaseEntityImpl

func (MailboxEntity) MarshalJSON added in v0.20241009.1142232

func (s MailboxEntity) MarshalJSON() ([]byte, error)

type MailboxEntityProperties added in v0.20241009.1142232

type MailboxEntityProperties struct {
	AdditionalData            *interface{} `json:"additionalData,omitempty"`
	DisplayName               *string      `json:"displayName,omitempty"`
	ExternalDirectoryObjectId *string      `json:"externalDirectoryObjectId,omitempty"`
	FriendlyName              *string      `json:"friendlyName,omitempty"`
	MailboxPrimaryAddress     *string      `json:"mailboxPrimaryAddress,omitempty"`
	Upn                       *string      `json:"upn,omitempty"`
}

type MalwareEntity added in v0.20241009.1142232

type MalwareEntity struct {
	Properties *MalwareEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (MalwareEntity) Entity added in v0.20241009.1142232

func (s MalwareEntity) Entity() BaseEntityImpl

func (MalwareEntity) MarshalJSON added in v0.20241009.1142232

func (s MalwareEntity) MarshalJSON() ([]byte, error)

type MalwareEntityProperties added in v0.20241009.1142232

type MalwareEntityProperties struct {
	AdditionalData   *interface{} `json:"additionalData,omitempty"`
	Category         *string      `json:"category,omitempty"`
	FileEntityIds    *[]string    `json:"fileEntityIds,omitempty"`
	FriendlyName     *string      `json:"friendlyName,omitempty"`
	MalwareName      *string      `json:"malwareName,omitempty"`
	ProcessEntityIds *[]string    `json:"processEntityIds,omitempty"`
}

type OSFamily added in v0.20241009.1142232

type OSFamily string
const (
	OSFamilyAndroid OSFamily = "Android"
	OSFamilyIOS     OSFamily = "IOS"
	OSFamilyLinux   OSFamily = "Linux"
	OSFamilyUnknown OSFamily = "Unknown"
	OSFamilyWindows OSFamily = "Windows"
)

func (*OSFamily) UnmarshalJSON added in v0.20241009.1142232

func (s *OSFamily) UnmarshalJSON(bytes []byte) error

type ProcessEntity added in v0.20241009.1142232

type ProcessEntity struct {
	Properties *ProcessEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (ProcessEntity) Entity added in v0.20241009.1142232

func (s ProcessEntity) Entity() BaseEntityImpl

func (ProcessEntity) MarshalJSON added in v0.20241009.1142232

func (s ProcessEntity) MarshalJSON() ([]byte, error)

type ProcessEntityProperties added in v0.20241009.1142232

type ProcessEntityProperties struct {
	AccountEntityId          *string         `json:"accountEntityId,omitempty"`
	AdditionalData           *interface{}    `json:"additionalData,omitempty"`
	CommandLine              *string         `json:"commandLine,omitempty"`
	CreationTimeUtc          *string         `json:"creationTimeUtc,omitempty"`
	ElevationToken           *ElevationToken `json:"elevationToken,omitempty"`
	FriendlyName             *string         `json:"friendlyName,omitempty"`
	HostEntityId             *string         `json:"hostEntityId,omitempty"`
	HostLogonSessionEntityId *string         `json:"hostLogonSessionEntityId,omitempty"`
	ImageFileEntityId        *string         `json:"imageFileEntityId,omitempty"`
	ParentProcessEntityId    *string         `json:"parentProcessEntityId,omitempty"`
	ProcessId                *string         `json:"processId,omitempty"`
}

func (*ProcessEntityProperties) GetCreationTimeUtcAsTime added in v0.20241009.1142232

func (o *ProcessEntityProperties) GetCreationTimeUtcAsTime() (*time.Time, error)

func (*ProcessEntityProperties) SetCreationTimeUtcAsTime added in v0.20241009.1142232

func (o *ProcessEntityProperties) SetCreationTimeUtcAsTime(input time.Time)

type RawEntityImpl

type RawEntityImpl struct {
	Type   string
	Values map[string]interface{}
	// contains filtered or unexported fields
}

RawEntityImpl is returned when the Discriminated Value doesn't match any of the defined types NOTE: this should only be used when a type isn't defined for this type of Object (as a workaround) and is used only for Deserialization (e.g. this cannot be used as a Request Payload).

func (RawEntityImpl) Entity added in v0.20240920.1135249

func (s RawEntityImpl) Entity() BaseEntityImpl

type RegistryHive added in v0.20241009.1142232

type RegistryHive string
const (
	RegistryHiveHKEYA                        RegistryHive = "HKEY_A"
	RegistryHiveHKEYCLASSESROOT              RegistryHive = "HKEY_CLASSES_ROOT"
	RegistryHiveHKEYCURRENTCONFIG            RegistryHive = "HKEY_CURRENT_CONFIG"
	RegistryHiveHKEYCURRENTUSER              RegistryHive = "HKEY_CURRENT_USER"
	RegistryHiveHKEYCURRENTUSERLOCALSETTINGS RegistryHive = "HKEY_CURRENT_USER_LOCAL_SETTINGS"
	RegistryHiveHKEYLOCALMACHINE             RegistryHive = "HKEY_LOCAL_MACHINE"
	RegistryHiveHKEYPERFORMANCEDATA          RegistryHive = "HKEY_PERFORMANCE_DATA"
	RegistryHiveHKEYPERFORMANCENLSTEXT       RegistryHive = "HKEY_PERFORMANCE_NLSTEXT"
	RegistryHiveHKEYPERFORMANCETEXT          RegistryHive = "HKEY_PERFORMANCE_TEXT"
	RegistryHiveHKEYUSERS                    RegistryHive = "HKEY_USERS"
)

func (*RegistryHive) UnmarshalJSON added in v0.20241009.1142232

func (s *RegistryHive) UnmarshalJSON(bytes []byte) error

type RegistryKeyEntity added in v0.20241009.1142232

type RegistryKeyEntity struct {
	Properties *RegistryKeyEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (RegistryKeyEntity) Entity added in v0.20241009.1142232

func (s RegistryKeyEntity) Entity() BaseEntityImpl

func (RegistryKeyEntity) MarshalJSON added in v0.20241009.1142232

func (s RegistryKeyEntity) MarshalJSON() ([]byte, error)

type RegistryKeyEntityProperties added in v0.20241009.1142232

type RegistryKeyEntityProperties struct {
	AdditionalData *interface{}  `json:"additionalData,omitempty"`
	FriendlyName   *string       `json:"friendlyName,omitempty"`
	Hive           *RegistryHive `json:"hive,omitempty"`
	Key            *string       `json:"key,omitempty"`
}

type RegistryValueEntity added in v0.20241009.1142232

type RegistryValueEntity struct {
	Properties *RegistryValueEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (RegistryValueEntity) Entity added in v0.20241009.1142232

func (RegistryValueEntity) MarshalJSON added in v0.20241009.1142232

func (s RegistryValueEntity) MarshalJSON() ([]byte, error)

type RegistryValueEntityProperties added in v0.20241009.1142232

type RegistryValueEntityProperties struct {
	AdditionalData *interface{}       `json:"additionalData,omitempty"`
	FriendlyName   *string            `json:"friendlyName,omitempty"`
	KeyEntityId    *string            `json:"keyEntityId,omitempty"`
	ValueData      *string            `json:"valueData,omitempty"`
	ValueName      *string            `json:"valueName,omitempty"`
	ValueType      *RegistryValueKind `json:"valueType,omitempty"`
}

type RegistryValueKind added in v0.20241009.1142232

type RegistryValueKind string
const (
	RegistryValueKindBinary       RegistryValueKind = "Binary"
	RegistryValueKindDWord        RegistryValueKind = "DWord"
	RegistryValueKindExpandString RegistryValueKind = "ExpandString"
	RegistryValueKindMultiString  RegistryValueKind = "MultiString"
	RegistryValueKindNone         RegistryValueKind = "None"
	RegistryValueKindQWord        RegistryValueKind = "QWord"
	RegistryValueKindString       RegistryValueKind = "String"
	RegistryValueKindUnknown      RegistryValueKind = "Unknown"
)

func (*RegistryValueKind) UnmarshalJSON added in v0.20241009.1142232

func (s *RegistryValueKind) UnmarshalJSON(bytes []byte) error

type SecurityAlert

type SecurityAlert struct {
	Properties *SecurityAlertProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (SecurityAlert) Entity added in v0.20240920.1135249

func (s SecurityAlert) Entity() BaseEntityImpl

func (SecurityAlert) MarshalJSON

func (s SecurityAlert) MarshalJSON() ([]byte, error)

type SecurityAlertProperties

type SecurityAlertProperties struct {
	AdditionalData        *interface{}                                       `json:"additionalData,omitempty"`
	AlertDisplayName      *string                                            `json:"alertDisplayName,omitempty"`
	AlertLink             *string                                            `json:"alertLink,omitempty"`
	AlertType             *string                                            `json:"alertType,omitempty"`
	CompromisedEntity     *string                                            `json:"compromisedEntity,omitempty"`
	ConfidenceLevel       *ConfidenceLevel                                   `json:"confidenceLevel,omitempty"`
	ConfidenceReasons     *[]SecurityAlertPropertiesConfidenceReasonsInlined `json:"confidenceReasons,omitempty"`
	ConfidenceScore       *float64                                           `json:"confidenceScore,omitempty"`
	ConfidenceScoreStatus *ConfidenceScoreStatus                             `json:"confidenceScoreStatus,omitempty"`
	Description           *string                                            `json:"description,omitempty"`
	EndTimeUtc            *string                                            `json:"endTimeUtc,omitempty"`
	FriendlyName          *string                                            `json:"friendlyName,omitempty"`
	Intent                *KillChainIntent                                   `json:"intent,omitempty"`
	ProcessingEndTime     *string                                            `json:"processingEndTime,omitempty"`
	ProductComponentName  *string                                            `json:"productComponentName,omitempty"`
	ProductName           *string                                            `json:"productName,omitempty"`
	ProductVersion        *string                                            `json:"productVersion,omitempty"`
	ProviderAlertId       *string                                            `json:"providerAlertId,omitempty"`
	RemediationSteps      *[]string                                          `json:"remediationSteps,omitempty"`
	ResourceIdentifiers   *[]interface{}                                     `json:"resourceIdentifiers,omitempty"`
	Severity              *AlertSeverity                                     `json:"severity,omitempty"`
	StartTimeUtc          *string                                            `json:"startTimeUtc,omitempty"`
	Status                *AlertStatus                                       `json:"status,omitempty"`
	SystemAlertId         *string                                            `json:"systemAlertId,omitempty"`
	Tactics               *[]AttackTactic                                    `json:"tactics,omitempty"`
	TimeGenerated         *string                                            `json:"timeGenerated,omitempty"`
	VendorName            *string                                            `json:"vendorName,omitempty"`
}

func (*SecurityAlertProperties) GetEndTimeUtcAsTime

func (o *SecurityAlertProperties) GetEndTimeUtcAsTime() (*time.Time, error)

func (*SecurityAlertProperties) GetProcessingEndTimeAsTime

func (o *SecurityAlertProperties) GetProcessingEndTimeAsTime() (*time.Time, error)

func (*SecurityAlertProperties) GetStartTimeUtcAsTime

func (o *SecurityAlertProperties) GetStartTimeUtcAsTime() (*time.Time, error)

func (*SecurityAlertProperties) GetTimeGeneratedAsTime

func (o *SecurityAlertProperties) GetTimeGeneratedAsTime() (*time.Time, error)

func (*SecurityAlertProperties) SetEndTimeUtcAsTime

func (o *SecurityAlertProperties) SetEndTimeUtcAsTime(input time.Time)

func (*SecurityAlertProperties) SetProcessingEndTimeAsTime

func (o *SecurityAlertProperties) SetProcessingEndTimeAsTime(input time.Time)

func (*SecurityAlertProperties) SetStartTimeUtcAsTime

func (o *SecurityAlertProperties) SetStartTimeUtcAsTime(input time.Time)

func (*SecurityAlertProperties) SetTimeGeneratedAsTime

func (o *SecurityAlertProperties) SetTimeGeneratedAsTime(input time.Time)

type SecurityAlertPropertiesConfidenceReasonsInlined

type SecurityAlertPropertiesConfidenceReasonsInlined struct {
	Reason     *string `json:"reason,omitempty"`
	ReasonType *string `json:"reasonType,omitempty"`
}

type SecurityGroupEntity added in v0.20241009.1142232

type SecurityGroupEntity struct {
	Properties *SecurityGroupEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (SecurityGroupEntity) Entity added in v0.20241009.1142232

func (SecurityGroupEntity) MarshalJSON added in v0.20241009.1142232

func (s SecurityGroupEntity) MarshalJSON() ([]byte, error)

type SecurityGroupEntityProperties added in v0.20241009.1142232

type SecurityGroupEntityProperties struct {
	AdditionalData    *interface{} `json:"additionalData,omitempty"`
	DistinguishedName *string      `json:"distinguishedName,omitempty"`
	FriendlyName      *string      `json:"friendlyName,omitempty"`
	ObjectGuid        *string      `json:"objectGuid,omitempty"`
	Sid               *string      `json:"sid,omitempty"`
}

type SubmissionMailEntity added in v0.20241009.1142232

type SubmissionMailEntity struct {
	Properties *SubmissionMailEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (SubmissionMailEntity) Entity added in v0.20241009.1142232

func (SubmissionMailEntity) MarshalJSON added in v0.20241009.1142232

func (s SubmissionMailEntity) MarshalJSON() ([]byte, error)

type SubmissionMailEntityProperties added in v0.20241009.1142232

type SubmissionMailEntityProperties struct {
	AdditionalData   *interface{} `json:"additionalData,omitempty"`
	FriendlyName     *string      `json:"friendlyName,omitempty"`
	NetworkMessageId *string      `json:"networkMessageId,omitempty"`
	Recipient        *string      `json:"recipient,omitempty"`
	ReportType       *string      `json:"reportType,omitempty"`
	Sender           *string      `json:"sender,omitempty"`
	SenderIP         *string      `json:"senderIp,omitempty"`
	Subject          *string      `json:"subject,omitempty"`
	SubmissionDate   *string      `json:"submissionDate,omitempty"`
	SubmissionId     *string      `json:"submissionId,omitempty"`
	Submitter        *string      `json:"submitter,omitempty"`
	Timestamp        *string      `json:"timestamp,omitempty"`
}

func (*SubmissionMailEntityProperties) GetSubmissionDateAsTime added in v0.20241009.1142232

func (o *SubmissionMailEntityProperties) GetSubmissionDateAsTime() (*time.Time, error)

func (*SubmissionMailEntityProperties) GetTimestampAsTime added in v0.20241009.1142232

func (o *SubmissionMailEntityProperties) GetTimestampAsTime() (*time.Time, error)

func (*SubmissionMailEntityProperties) SetSubmissionDateAsTime added in v0.20241009.1142232

func (o *SubmissionMailEntityProperties) SetSubmissionDateAsTime(input time.Time)

func (*SubmissionMailEntityProperties) SetTimestampAsTime added in v0.20241009.1142232

func (o *SubmissionMailEntityProperties) SetTimestampAsTime(input time.Time)

type ThreatIntelligence added in v0.20241009.1142232

type ThreatIntelligence struct {
	Confidence        *float64 `json:"confidence,omitempty"`
	ProviderName      *string  `json:"providerName,omitempty"`
	ReportLink        *string  `json:"reportLink,omitempty"`
	ThreatDescription *string  `json:"threatDescription,omitempty"`
	ThreatName        *string  `json:"threatName,omitempty"`
	ThreatType        *string  `json:"threatType,omitempty"`
}

type URLEntity added in v0.20241009.1142232

type URLEntity struct {
	Properties *URLEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKindEnum         `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (URLEntity) Entity added in v0.20241009.1142232

func (s URLEntity) Entity() BaseEntityImpl

func (URLEntity) MarshalJSON added in v0.20241009.1142232

func (s URLEntity) MarshalJSON() ([]byte, error)

type URLEntityProperties added in v0.20241009.1142232

type URLEntityProperties struct {
	AdditionalData *interface{} `json:"additionalData,omitempty"`
	FriendlyName   *string      `json:"friendlyName,omitempty"`
	Url            *string      `json:"url,omitempty"`
}

type UserInfo

type UserInfo struct {
	Email    *string `json:"email,omitempty"`
	Name     *string `json:"name,omitempty"`
	ObjectId *string `json:"objectId,omitempty"`
}

Source Files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL