incidentbookmarks

package
v0.20250115.1141151 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 15, 2025 License: MPL-2.0 Imports: 14 Imported by: 1

README

github.com/hashicorp/go-azure-sdk/resource-manager/securityinsights/2022-10-01-preview/incidentbookmarks Documentation

The incidentbookmarks SDK allows for interaction with Azure Resource Manager securityinsights (API Version 2022-10-01-preview).

This readme covers example usages, but further information on using this SDK can be found in the project root.

Import Path

import "github.com/hashicorp/go-azure-sdk/resource-manager/securityinsights/2022-10-01-preview/incidentbookmarks"

Client Initialization

client := incidentbookmarks.NewIncidentBookmarksClientWithBaseURI("https://management.azure.com")
client.Client.Authorizer = authorizer

Example Usage: IncidentBookmarksClient.IncidentsListBookmarks

ctx := context.TODO()
id := incidentbookmarks.NewIncidentID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceName", "incidentIdentifier")

read, err := client.IncidentsListBookmarks(ctx, id)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func PossibleValuesForAlertSeverity

func PossibleValuesForAlertSeverity() []string

func PossibleValuesForAlertStatus

func PossibleValuesForAlertStatus() []string

func PossibleValuesForAntispamMailDirection added in v0.20241009.1142232

func PossibleValuesForAntispamMailDirection() []string

func PossibleValuesForAttackTactic

func PossibleValuesForAttackTactic() []string

func PossibleValuesForConfidenceLevel

func PossibleValuesForConfidenceLevel() []string

func PossibleValuesForConfidenceScoreStatus

func PossibleValuesForConfidenceScoreStatus() []string

func PossibleValuesForDeliveryAction added in v0.20241009.1142232

func PossibleValuesForDeliveryAction() []string

func PossibleValuesForDeliveryLocation added in v0.20241009.1142232

func PossibleValuesForDeliveryLocation() []string

func PossibleValuesForDeviceImportance added in v0.20241009.1142232

func PossibleValuesForDeviceImportance() []string

func PossibleValuesForElevationToken added in v0.20241009.1142232

func PossibleValuesForElevationToken() []string

func PossibleValuesForEntityKind

func PossibleValuesForEntityKind() []string

func PossibleValuesForFileHashAlgorithm added in v0.20241009.1142232

func PossibleValuesForFileHashAlgorithm() []string

func PossibleValuesForIncidentSeverity

func PossibleValuesForIncidentSeverity() []string

func PossibleValuesForKillChainIntent

func PossibleValuesForKillChainIntent() []string

func PossibleValuesForOSFamily added in v0.20241009.1142232

func PossibleValuesForOSFamily() []string

func PossibleValuesForRegistryHive added in v0.20241009.1142232

func PossibleValuesForRegistryHive() []string

func PossibleValuesForRegistryValueKind added in v0.20241009.1142232

func PossibleValuesForRegistryValueKind() []string

func ValidateIncidentID

func ValidateIncidentID(input interface{}, key string) (warnings []string, errors []error)

ValidateIncidentID checks that 'input' can be parsed as a Incident ID

Types

type AccountEntity added in v0.20241009.1142232

type AccountEntity struct {
	Properties *AccountEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (AccountEntity) Entity added in v0.20241009.1142232

func (s AccountEntity) Entity() BaseEntityImpl

func (AccountEntity) MarshalJSON added in v0.20241009.1142232

func (s AccountEntity) MarshalJSON() ([]byte, error)

type AccountEntityProperties added in v0.20241009.1142232

type AccountEntityProperties struct {
	AadTenantId    *string                 `json:"aadTenantId,omitempty"`
	AadUserId      *string                 `json:"aadUserId,omitempty"`
	AccountName    *string                 `json:"accountName,omitempty"`
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	DisplayName    *string                 `json:"displayName,omitempty"`
	DnsDomain      *string                 `json:"dnsDomain,omitempty"`
	FriendlyName   *string                 `json:"friendlyName,omitempty"`
	HostEntityId   *string                 `json:"hostEntityId,omitempty"`
	IsDomainJoined *bool                   `json:"isDomainJoined,omitempty"`
	NtDomain       *string                 `json:"ntDomain,omitempty"`
	ObjectGuid     *string                 `json:"objectGuid,omitempty"`
	Puid           *string                 `json:"puid,omitempty"`
	Sid            *string                 `json:"sid,omitempty"`
	UpnSuffix      *string                 `json:"upnSuffix,omitempty"`
}

type AlertSeverity

type AlertSeverity string
const (
	AlertSeverityHigh          AlertSeverity = "High"
	AlertSeverityInformational AlertSeverity = "Informational"
	AlertSeverityLow           AlertSeverity = "Low"
	AlertSeverityMedium        AlertSeverity = "Medium"
)

func (*AlertSeverity) UnmarshalJSON added in v0.20240221.1115631

func (s *AlertSeverity) UnmarshalJSON(bytes []byte) error

type AlertStatus

type AlertStatus string
const (
	AlertStatusDismissed  AlertStatus = "Dismissed"
	AlertStatusInProgress AlertStatus = "InProgress"
	AlertStatusNew        AlertStatus = "New"
	AlertStatusResolved   AlertStatus = "Resolved"
	AlertStatusUnknown    AlertStatus = "Unknown"
)

func (*AlertStatus) UnmarshalJSON added in v0.20240221.1115631

func (s *AlertStatus) UnmarshalJSON(bytes []byte) error

type AntispamMailDirection added in v0.20241009.1142232

type AntispamMailDirection string
const (
	AntispamMailDirectionInbound  AntispamMailDirection = "Inbound"
	AntispamMailDirectionIntraorg AntispamMailDirection = "Intraorg"
	AntispamMailDirectionOutbound AntispamMailDirection = "Outbound"
	AntispamMailDirectionUnknown  AntispamMailDirection = "Unknown"
)

func (*AntispamMailDirection) UnmarshalJSON added in v0.20241009.1142232

func (s *AntispamMailDirection) UnmarshalJSON(bytes []byte) error

type AttackTactic

type AttackTactic string
const (
	AttackTacticCollection              AttackTactic = "Collection"
	AttackTacticCommandAndControl       AttackTactic = "CommandAndControl"
	AttackTacticCredentialAccess        AttackTactic = "CredentialAccess"
	AttackTacticDefenseEvasion          AttackTactic = "DefenseEvasion"
	AttackTacticDiscovery               AttackTactic = "Discovery"
	AttackTacticExecution               AttackTactic = "Execution"
	AttackTacticExfiltration            AttackTactic = "Exfiltration"
	AttackTacticImpact                  AttackTactic = "Impact"
	AttackTacticImpairProcessControl    AttackTactic = "ImpairProcessControl"
	AttackTacticInhibitResponseFunction AttackTactic = "InhibitResponseFunction"
	AttackTacticInitialAccess           AttackTactic = "InitialAccess"
	AttackTacticLateralMovement         AttackTactic = "LateralMovement"
	AttackTacticPersistence             AttackTactic = "Persistence"
	AttackTacticPreAttack               AttackTactic = "PreAttack"
	AttackTacticPrivilegeEscalation     AttackTactic = "PrivilegeEscalation"
	AttackTacticReconnaissance          AttackTactic = "Reconnaissance"
	AttackTacticResourceDevelopment     AttackTactic = "ResourceDevelopment"
)

func (*AttackTactic) UnmarshalJSON added in v0.20240221.1115631

func (s *AttackTactic) UnmarshalJSON(bytes []byte) error

type AzureResourceEntity added in v0.20241009.1142232

type AzureResourceEntity struct {
	Properties *AzureResourceEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (AzureResourceEntity) Entity added in v0.20241009.1142232

func (AzureResourceEntity) MarshalJSON added in v0.20241009.1142232

func (s AzureResourceEntity) MarshalJSON() ([]byte, error)

type AzureResourceEntityProperties added in v0.20241009.1142232

type AzureResourceEntityProperties struct {
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	FriendlyName   *string                 `json:"friendlyName,omitempty"`
	ResourceId     *string                 `json:"resourceId,omitempty"`
	SubscriptionId *string                 `json:"subscriptionId,omitempty"`
}

type BaseEntityImpl added in v0.20240920.1135249

type BaseEntityImpl struct {
	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (BaseEntityImpl) Entity added in v0.20240920.1135249

func (s BaseEntityImpl) Entity() BaseEntityImpl

type CloudApplicationEntity added in v0.20241009.1142232

type CloudApplicationEntity struct {
	Properties *CloudApplicationEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (CloudApplicationEntity) Entity added in v0.20241009.1142232

func (CloudApplicationEntity) MarshalJSON added in v0.20241009.1142232

func (s CloudApplicationEntity) MarshalJSON() ([]byte, error)

type CloudApplicationEntityProperties added in v0.20241009.1142232

type CloudApplicationEntityProperties struct {
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	AppId          *int64                  `json:"appId,omitempty"`
	AppName        *string                 `json:"appName,omitempty"`
	FriendlyName   *string                 `json:"friendlyName,omitempty"`
	InstanceName   *string                 `json:"instanceName,omitempty"`
}

type ConfidenceLevel

type ConfidenceLevel string
const (
	ConfidenceLevelHigh    ConfidenceLevel = "High"
	ConfidenceLevelLow     ConfidenceLevel = "Low"
	ConfidenceLevelUnknown ConfidenceLevel = "Unknown"
)

func (*ConfidenceLevel) UnmarshalJSON added in v0.20240221.1115631

func (s *ConfidenceLevel) UnmarshalJSON(bytes []byte) error

type ConfidenceScoreStatus

type ConfidenceScoreStatus string
const (
	ConfidenceScoreStatusFinal         ConfidenceScoreStatus = "Final"
	ConfidenceScoreStatusInProcess     ConfidenceScoreStatus = "InProcess"
	ConfidenceScoreStatusNotApplicable ConfidenceScoreStatus = "NotApplicable"
	ConfidenceScoreStatusNotFinal      ConfidenceScoreStatus = "NotFinal"
)

func (*ConfidenceScoreStatus) UnmarshalJSON added in v0.20240221.1115631

func (s *ConfidenceScoreStatus) UnmarshalJSON(bytes []byte) error

type DeliveryAction added in v0.20241009.1142232

type DeliveryAction string
const (
	DeliveryActionBlocked         DeliveryAction = "Blocked"
	DeliveryActionDelivered       DeliveryAction = "Delivered"
	DeliveryActionDeliveredAsSpam DeliveryAction = "DeliveredAsSpam"
	DeliveryActionReplaced        DeliveryAction = "Replaced"
	DeliveryActionUnknown         DeliveryAction = "Unknown"
)

func (*DeliveryAction) UnmarshalJSON added in v0.20241009.1142232

func (s *DeliveryAction) UnmarshalJSON(bytes []byte) error

type DeliveryLocation added in v0.20241009.1142232

type DeliveryLocation string
const (
	DeliveryLocationDeletedFolder DeliveryLocation = "DeletedFolder"
	DeliveryLocationDropped       DeliveryLocation = "Dropped"
	DeliveryLocationExternal      DeliveryLocation = "External"
	DeliveryLocationFailed        DeliveryLocation = "Failed"
	DeliveryLocationForwarded     DeliveryLocation = "Forwarded"
	DeliveryLocationInbox         DeliveryLocation = "Inbox"
	DeliveryLocationJunkFolder    DeliveryLocation = "JunkFolder"
	DeliveryLocationQuarantine    DeliveryLocation = "Quarantine"
	DeliveryLocationUnknown       DeliveryLocation = "Unknown"
)

func (*DeliveryLocation) UnmarshalJSON added in v0.20241009.1142232

func (s *DeliveryLocation) UnmarshalJSON(bytes []byte) error

type DeviceImportance added in v0.20241009.1142232

type DeviceImportance string
const (
	DeviceImportanceHigh    DeviceImportance = "High"
	DeviceImportanceLow     DeviceImportance = "Low"
	DeviceImportanceNormal  DeviceImportance = "Normal"
	DeviceImportanceUnknown DeviceImportance = "Unknown"
)

func (*DeviceImportance) UnmarshalJSON added in v0.20241009.1142232

func (s *DeviceImportance) UnmarshalJSON(bytes []byte) error

type DnsEntity added in v0.20241009.1142232

type DnsEntity struct {
	Properties *DnsEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (DnsEntity) Entity added in v0.20241009.1142232

func (s DnsEntity) Entity() BaseEntityImpl

func (DnsEntity) MarshalJSON added in v0.20241009.1142232

func (s DnsEntity) MarshalJSON() ([]byte, error)

type DnsEntityProperties added in v0.20241009.1142232

type DnsEntityProperties struct {
	AdditionalData        *map[string]interface{} `json:"additionalData,omitempty"`
	DnsServerIPEntityId   *string                 `json:"dnsServerIpEntityId,omitempty"`
	DomainName            *string                 `json:"domainName,omitempty"`
	FriendlyName          *string                 `json:"friendlyName,omitempty"`
	HostIPAddressEntityId *string                 `json:"hostIpAddressEntityId,omitempty"`
	IPAddressEntityIds    *[]string               `json:"ipAddressEntityIds,omitempty"`
}

type ElevationToken added in v0.20241009.1142232

type ElevationToken string
const (
	ElevationTokenDefault ElevationToken = "Default"
	ElevationTokenFull    ElevationToken = "Full"
	ElevationTokenLimited ElevationToken = "Limited"
)

func (*ElevationToken) UnmarshalJSON added in v0.20241009.1142232

func (s *ElevationToken) UnmarshalJSON(bytes []byte) error

type Entity

type Entity interface {
	Entity() BaseEntityImpl
}

func UnmarshalEntityImplementation added in v0.20240920.1135249

func UnmarshalEntityImplementation(input []byte) (Entity, error)

type EntityKind

type EntityKind string
const (
	EntityKindAccount          EntityKind = "Account"
	EntityKindAzureResource    EntityKind = "AzureResource"
	EntityKindBookmark         EntityKind = "Bookmark"
	EntityKindCloudApplication EntityKind = "CloudApplication"
	EntityKindDnsResolution    EntityKind = "DnsResolution"
	EntityKindFile             EntityKind = "File"
	EntityKindFileHash         EntityKind = "FileHash"
	EntityKindHost             EntityKind = "Host"
	EntityKindIP               EntityKind = "Ip"
	EntityKindIoTDevice        EntityKind = "IoTDevice"
	EntityKindMailCluster      EntityKind = "MailCluster"
	EntityKindMailMessage      EntityKind = "MailMessage"
	EntityKindMailbox          EntityKind = "Mailbox"
	EntityKindMalware          EntityKind = "Malware"
	EntityKindNic              EntityKind = "Nic"
	EntityKindProcess          EntityKind = "Process"
	EntityKindRegistryKey      EntityKind = "RegistryKey"
	EntityKindRegistryValue    EntityKind = "RegistryValue"
	EntityKindSecurityAlert    EntityKind = "SecurityAlert"
	EntityKindSecurityGroup    EntityKind = "SecurityGroup"
	EntityKindSubmissionMail   EntityKind = "SubmissionMail"
	EntityKindURL              EntityKind = "Url"
)

func (*EntityKind) UnmarshalJSON added in v0.20240221.1115631

func (s *EntityKind) UnmarshalJSON(bytes []byte) error

type FileEntity added in v0.20241009.1142232

type FileEntity struct {
	Properties *FileEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (FileEntity) Entity added in v0.20241009.1142232

func (s FileEntity) Entity() BaseEntityImpl

func (FileEntity) MarshalJSON added in v0.20241009.1142232

func (s FileEntity) MarshalJSON() ([]byte, error)

type FileEntityProperties added in v0.20241009.1142232

type FileEntityProperties struct {
	AdditionalData    *map[string]interface{} `json:"additionalData,omitempty"`
	Directory         *string                 `json:"directory,omitempty"`
	FileHashEntityIds *[]string               `json:"fileHashEntityIds,omitempty"`
	FileName          *string                 `json:"fileName,omitempty"`
	FriendlyName      *string                 `json:"friendlyName,omitempty"`
	HostEntityId      *string                 `json:"hostEntityId,omitempty"`
}

type FileHashAlgorithm added in v0.20241009.1142232

type FileHashAlgorithm string
const (
	FileHashAlgorithmMDFive          FileHashAlgorithm = "MD5"
	FileHashAlgorithmSHAOne          FileHashAlgorithm = "SHA1"
	FileHashAlgorithmSHATwoFiveSix   FileHashAlgorithm = "SHA256"
	FileHashAlgorithmSHATwoFiveSixAC FileHashAlgorithm = "SHA256AC"
	FileHashAlgorithmUnknown         FileHashAlgorithm = "Unknown"
)

func (*FileHashAlgorithm) UnmarshalJSON added in v0.20241009.1142232

func (s *FileHashAlgorithm) UnmarshalJSON(bytes []byte) error

type FileHashEntity added in v0.20241009.1142232

type FileHashEntity struct {
	Properties *FileHashEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (FileHashEntity) Entity added in v0.20241009.1142232

func (s FileHashEntity) Entity() BaseEntityImpl

func (FileHashEntity) MarshalJSON added in v0.20241009.1142232

func (s FileHashEntity) MarshalJSON() ([]byte, error)

type FileHashEntityProperties added in v0.20241009.1142232

type FileHashEntityProperties struct {
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	Algorithm      *FileHashAlgorithm      `json:"algorithm,omitempty"`
	FriendlyName   *string                 `json:"friendlyName,omitempty"`
	HashValue      *string                 `json:"hashValue,omitempty"`
}

type GeoLocation added in v0.20241009.1142232

type GeoLocation struct {
	Asn         *int64   `json:"asn,omitempty"`
	City        *string  `json:"city,omitempty"`
	CountryCode *string  `json:"countryCode,omitempty"`
	CountryName *string  `json:"countryName,omitempty"`
	Latitude    *float64 `json:"latitude,omitempty"`
	Longitude   *float64 `json:"longitude,omitempty"`
	State       *string  `json:"state,omitempty"`
}

type HostEntity added in v0.20241009.1142232

type HostEntity struct {
	Properties *HostEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (HostEntity) Entity added in v0.20241009.1142232

func (s HostEntity) Entity() BaseEntityImpl

func (HostEntity) MarshalJSON added in v0.20241009.1142232

func (s HostEntity) MarshalJSON() ([]byte, error)

type HostEntityProperties added in v0.20241009.1142232

type HostEntityProperties struct {
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	AzureID        *string                 `json:"azureID,omitempty"`
	DnsDomain      *string                 `json:"dnsDomain,omitempty"`
	FriendlyName   *string                 `json:"friendlyName,omitempty"`
	HostName       *string                 `json:"hostName,omitempty"`
	IsDomainJoined *bool                   `json:"isDomainJoined,omitempty"`
	NetBiosName    *string                 `json:"netBiosName,omitempty"`
	NtDomain       *string                 `json:"ntDomain,omitempty"`
	OmsAgentID     *string                 `json:"omsAgentID,omitempty"`
	OsFamily       *OSFamily               `json:"osFamily,omitempty"`
	OsVersion      *string                 `json:"osVersion,omitempty"`
}

type HuntingBookmark

type HuntingBookmark struct {
	Properties *HuntingBookmarkProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (HuntingBookmark) Entity added in v0.20240920.1135249

func (s HuntingBookmark) Entity() BaseEntityImpl

func (HuntingBookmark) MarshalJSON

func (s HuntingBookmark) MarshalJSON() ([]byte, error)

type HuntingBookmarkProperties

type HuntingBookmarkProperties struct {
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	Created        *string                 `json:"created,omitempty"`
	CreatedBy      *UserInfo               `json:"createdBy,omitempty"`
	DisplayName    string                  `json:"displayName"`
	EventTime      *string                 `json:"eventTime,omitempty"`
	FriendlyName   *string                 `json:"friendlyName,omitempty"`
	IncidentInfo   *IncidentInfo           `json:"incidentInfo,omitempty"`
	Labels         *[]string               `json:"labels,omitempty"`
	Notes          *string                 `json:"notes,omitempty"`
	Query          string                  `json:"query"`
	QueryResult    *string                 `json:"queryResult,omitempty"`
	Updated        *string                 `json:"updated,omitempty"`
	UpdatedBy      *UserInfo               `json:"updatedBy,omitempty"`
}

func (*HuntingBookmarkProperties) GetCreatedAsTime

func (o *HuntingBookmarkProperties) GetCreatedAsTime() (*time.Time, error)

func (*HuntingBookmarkProperties) GetEventTimeAsTime

func (o *HuntingBookmarkProperties) GetEventTimeAsTime() (*time.Time, error)

func (*HuntingBookmarkProperties) GetUpdatedAsTime

func (o *HuntingBookmarkProperties) GetUpdatedAsTime() (*time.Time, error)

func (*HuntingBookmarkProperties) SetCreatedAsTime

func (o *HuntingBookmarkProperties) SetCreatedAsTime(input time.Time)

func (*HuntingBookmarkProperties) SetEventTimeAsTime

func (o *HuntingBookmarkProperties) SetEventTimeAsTime(input time.Time)

func (*HuntingBookmarkProperties) SetUpdatedAsTime

func (o *HuntingBookmarkProperties) SetUpdatedAsTime(input time.Time)

type IPEntity added in v0.20241009.1142232

type IPEntity struct {
	Properties *IPEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (IPEntity) Entity added in v0.20241009.1142232

func (s IPEntity) Entity() BaseEntityImpl

func (IPEntity) MarshalJSON added in v0.20241009.1142232

func (s IPEntity) MarshalJSON() ([]byte, error)

type IPEntityProperties added in v0.20241009.1142232

type IPEntityProperties struct {
	AdditionalData     *map[string]interface{} `json:"additionalData,omitempty"`
	Address            *string                 `json:"address,omitempty"`
	FriendlyName       *string                 `json:"friendlyName,omitempty"`
	Location           *GeoLocation            `json:"location,omitempty"`
	ThreatIntelligence *[]ThreatIntelligence   `json:"threatIntelligence,omitempty"`
}

type IncidentBookmarkList

type IncidentBookmarkList struct {
	Value []HuntingBookmark `json:"value"`
}

type IncidentBookmarksClient

type IncidentBookmarksClient struct {
	Client *resourcemanager.Client
}

func NewIncidentBookmarksClientWithBaseURI

func NewIncidentBookmarksClientWithBaseURI(sdkApi sdkEnv.Api) (*IncidentBookmarksClient, error)

func (IncidentBookmarksClient) IncidentsListBookmarks

func (c IncidentBookmarksClient) IncidentsListBookmarks(ctx context.Context, id IncidentId) (result IncidentsListBookmarksOperationResponse, err error)

IncidentsListBookmarks ...

type IncidentId

type IncidentId struct {
	SubscriptionId     string
	ResourceGroupName  string
	WorkspaceName      string
	IncidentIdentifier string
}

IncidentId is a struct representing the Resource ID for a Incident

func NewIncidentID

func NewIncidentID(subscriptionId string, resourceGroupName string, workspaceName string, incidentIdentifier string) IncidentId

NewIncidentID returns a new IncidentId struct

func ParseIncidentID

func ParseIncidentID(input string) (*IncidentId, error)

ParseIncidentID parses 'input' into a IncidentId

func ParseIncidentIDInsensitively

func ParseIncidentIDInsensitively(input string) (*IncidentId, error)

ParseIncidentIDInsensitively parses 'input' case-insensitively into a IncidentId note: this method should only be used for API response data and not user input

func (*IncidentId) FromParseResult

func (id *IncidentId) FromParseResult(input resourceids.ParseResult) error

func (IncidentId) ID

func (id IncidentId) ID() string

ID returns the formatted Incident ID

func (IncidentId) Segments

func (id IncidentId) Segments() []resourceids.Segment

Segments returns a slice of Resource ID Segments which comprise this Incident ID

func (IncidentId) String

func (id IncidentId) String() string

String returns a human-readable description of this Incident ID

type IncidentInfo

type IncidentInfo struct {
	IncidentId   *string           `json:"incidentId,omitempty"`
	RelationName *string           `json:"relationName,omitempty"`
	Severity     *IncidentSeverity `json:"severity,omitempty"`
	Title        *string           `json:"title,omitempty"`
}

type IncidentSeverity

type IncidentSeverity string
const (
	IncidentSeverityHigh          IncidentSeverity = "High"
	IncidentSeverityInformational IncidentSeverity = "Informational"
	IncidentSeverityLow           IncidentSeverity = "Low"
	IncidentSeverityMedium        IncidentSeverity = "Medium"
)

func (*IncidentSeverity) UnmarshalJSON added in v0.20240221.1115631

func (s *IncidentSeverity) UnmarshalJSON(bytes []byte) error

type IncidentsListBookmarksOperationResponse

type IncidentsListBookmarksOperationResponse struct {
	HttpResponse *http.Response
	OData        *odata.OData
	Model        *IncidentBookmarkList
}

type IoTDeviceEntity added in v0.20241009.1142232

type IoTDeviceEntity struct {
	Properties *IoTDeviceEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (IoTDeviceEntity) Entity added in v0.20241009.1142232

func (s IoTDeviceEntity) Entity() BaseEntityImpl

func (IoTDeviceEntity) MarshalJSON added in v0.20241009.1142232

func (s IoTDeviceEntity) MarshalJSON() ([]byte, error)

type IoTDeviceEntityProperties added in v0.20241009.1142232

type IoTDeviceEntityProperties struct {
	AdditionalData     *map[string]interface{} `json:"additionalData,omitempty"`
	DeviceId           *string                 `json:"deviceId,omitempty"`
	DeviceName         *string                 `json:"deviceName,omitempty"`
	DeviceSubType      *string                 `json:"deviceSubType,omitempty"`
	DeviceType         *string                 `json:"deviceType,omitempty"`
	EdgeId             *string                 `json:"edgeId,omitempty"`
	FirmwareVersion    *string                 `json:"firmwareVersion,omitempty"`
	FriendlyName       *string                 `json:"friendlyName,omitempty"`
	HostEntityId       *string                 `json:"hostEntityId,omitempty"`
	IPAddressEntityId  *string                 `json:"ipAddressEntityId,omitempty"`
	Importance         *DeviceImportance       `json:"importance,omitempty"`
	IotHubEntityId     *string                 `json:"iotHubEntityId,omitempty"`
	IotSecurityAgentId *string                 `json:"iotSecurityAgentId,omitempty"`
	IsAuthorized       *bool                   `json:"isAuthorized,omitempty"`
	IsProgramming      *bool                   `json:"isProgramming,omitempty"`
	IsScanner          *bool                   `json:"isScanner,omitempty"`
	MacAddress         *string                 `json:"macAddress,omitempty"`
	Model              *string                 `json:"model,omitempty"`
	NicEntityIds       *[]string               `json:"nicEntityIds,omitempty"`
	OperatingSystem    *string                 `json:"operatingSystem,omitempty"`
	Owners             *[]string               `json:"owners,omitempty"`
	Protocols          *[]string               `json:"protocols,omitempty"`
	PurdueLayer        *string                 `json:"purdueLayer,omitempty"`
	Sensor             *string                 `json:"sensor,omitempty"`
	SerialNumber       *string                 `json:"serialNumber,omitempty"`
	Site               *string                 `json:"site,omitempty"`
	Source             *string                 `json:"source,omitempty"`
	ThreatIntelligence *[]ThreatIntelligence   `json:"threatIntelligence,omitempty"`
	Vendor             *string                 `json:"vendor,omitempty"`
	Zone               *string                 `json:"zone,omitempty"`
}

type KillChainIntent

type KillChainIntent string
const (
	KillChainIntentCollection          KillChainIntent = "Collection"
	KillChainIntentCommandAndControl   KillChainIntent = "CommandAndControl"
	KillChainIntentCredentialAccess    KillChainIntent = "CredentialAccess"
	KillChainIntentDefenseEvasion      KillChainIntent = "DefenseEvasion"
	KillChainIntentDiscovery           KillChainIntent = "Discovery"
	KillChainIntentExecution           KillChainIntent = "Execution"
	KillChainIntentExfiltration        KillChainIntent = "Exfiltration"
	KillChainIntentExploitation        KillChainIntent = "Exploitation"
	KillChainIntentImpact              KillChainIntent = "Impact"
	KillChainIntentLateralMovement     KillChainIntent = "LateralMovement"
	KillChainIntentPersistence         KillChainIntent = "Persistence"
	KillChainIntentPrivilegeEscalation KillChainIntent = "PrivilegeEscalation"
	KillChainIntentProbing             KillChainIntent = "Probing"
	KillChainIntentUnknown             KillChainIntent = "Unknown"
)

func (*KillChainIntent) UnmarshalJSON added in v0.20240221.1115631

func (s *KillChainIntent) UnmarshalJSON(bytes []byte) error

type MailClusterEntity added in v0.20241009.1142232

type MailClusterEntity struct {
	Properties *MailClusterEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (MailClusterEntity) Entity added in v0.20241009.1142232

func (s MailClusterEntity) Entity() BaseEntityImpl

func (MailClusterEntity) MarshalJSON added in v0.20241009.1142232

func (s MailClusterEntity) MarshalJSON() ([]byte, error)

type MailClusterEntityProperties added in v0.20241009.1142232

type MailClusterEntityProperties struct {
	AdditionalData          *map[string]interface{} `json:"additionalData,omitempty"`
	ClusterGroup            *string                 `json:"clusterGroup,omitempty"`
	ClusterQueryEndTime     *string                 `json:"clusterQueryEndTime,omitempty"`
	ClusterQueryStartTime   *string                 `json:"clusterQueryStartTime,omitempty"`
	ClusterSourceIdentifier *string                 `json:"clusterSourceIdentifier,omitempty"`
	ClusterSourceType       *string                 `json:"clusterSourceType,omitempty"`
	CountByDeliveryStatus   *interface{}            `json:"countByDeliveryStatus,omitempty"`
	CountByProtectionStatus *interface{}            `json:"countByProtectionStatus,omitempty"`
	CountByThreatType       *interface{}            `json:"countByThreatType,omitempty"`
	FriendlyName            *string                 `json:"friendlyName,omitempty"`
	IsVolumeAnomaly         *bool                   `json:"isVolumeAnomaly,omitempty"`
	MailCount               *int64                  `json:"mailCount,omitempty"`
	NetworkMessageIds       *[]string               `json:"networkMessageIds,omitempty"`
	Query                   *string                 `json:"query,omitempty"`
	QueryTime               *string                 `json:"queryTime,omitempty"`
	Source                  *string                 `json:"source,omitempty"`
	Threats                 *[]string               `json:"threats,omitempty"`
}

func (*MailClusterEntityProperties) GetClusterQueryEndTimeAsTime added in v0.20241009.1142232

func (o *MailClusterEntityProperties) GetClusterQueryEndTimeAsTime() (*time.Time, error)

func (*MailClusterEntityProperties) GetClusterQueryStartTimeAsTime added in v0.20241009.1142232

func (o *MailClusterEntityProperties) GetClusterQueryStartTimeAsTime() (*time.Time, error)

func (*MailClusterEntityProperties) GetQueryTimeAsTime added in v0.20241009.1142232

func (o *MailClusterEntityProperties) GetQueryTimeAsTime() (*time.Time, error)

func (*MailClusterEntityProperties) SetClusterQueryEndTimeAsTime added in v0.20241009.1142232

func (o *MailClusterEntityProperties) SetClusterQueryEndTimeAsTime(input time.Time)

func (*MailClusterEntityProperties) SetClusterQueryStartTimeAsTime added in v0.20241009.1142232

func (o *MailClusterEntityProperties) SetClusterQueryStartTimeAsTime(input time.Time)

func (*MailClusterEntityProperties) SetQueryTimeAsTime added in v0.20241009.1142232

func (o *MailClusterEntityProperties) SetQueryTimeAsTime(input time.Time)

type MailMessageEntity added in v0.20241009.1142232

type MailMessageEntity struct {
	Properties *MailMessageEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (MailMessageEntity) Entity added in v0.20241009.1142232

func (s MailMessageEntity) Entity() BaseEntityImpl

func (MailMessageEntity) MarshalJSON added in v0.20241009.1142232

func (s MailMessageEntity) MarshalJSON() ([]byte, error)

type MailMessageEntityProperties added in v0.20241009.1142232

type MailMessageEntityProperties struct {
	AdditionalData         *map[string]interface{} `json:"additionalData,omitempty"`
	AntispamDirection      *AntispamMailDirection  `json:"antispamDirection,omitempty"`
	BodyFingerprintBin1    *int64                  `json:"bodyFingerprintBin1,omitempty"`
	BodyFingerprintBin2    *int64                  `json:"bodyFingerprintBin2,omitempty"`
	BodyFingerprintBin3    *int64                  `json:"bodyFingerprintBin3,omitempty"`
	BodyFingerprintBin4    *int64                  `json:"bodyFingerprintBin4,omitempty"`
	BodyFingerprintBin5    *int64                  `json:"bodyFingerprintBin5,omitempty"`
	DeliveryAction         *DeliveryAction         `json:"deliveryAction,omitempty"`
	DeliveryLocation       *DeliveryLocation       `json:"deliveryLocation,omitempty"`
	FileEntityIds          *[]string               `json:"fileEntityIds,omitempty"`
	FriendlyName           *string                 `json:"friendlyName,omitempty"`
	InternetMessageId      *string                 `json:"internetMessageId,omitempty"`
	Language               *string                 `json:"language,omitempty"`
	NetworkMessageId       *string                 `json:"networkMessageId,omitempty"`
	P1Sender               *string                 `json:"p1Sender,omitempty"`
	P1SenderDisplayName    *string                 `json:"p1SenderDisplayName,omitempty"`
	P1SenderDomain         *string                 `json:"p1SenderDomain,omitempty"`
	P2Sender               *string                 `json:"p2Sender,omitempty"`
	P2SenderDisplayName    *string                 `json:"p2SenderDisplayName,omitempty"`
	P2SenderDomain         *string                 `json:"p2SenderDomain,omitempty"`
	ReceiveDate            *string                 `json:"receiveDate,omitempty"`
	Recipient              *string                 `json:"recipient,omitempty"`
	SenderIP               *string                 `json:"senderIP,omitempty"`
	Subject                *string                 `json:"subject,omitempty"`
	ThreatDetectionMethods *[]string               `json:"threatDetectionMethods,omitempty"`
	Threats                *[]string               `json:"threats,omitempty"`
	Urls                   *[]string               `json:"urls,omitempty"`
}

func (*MailMessageEntityProperties) GetReceiveDateAsTime added in v0.20241009.1142232

func (o *MailMessageEntityProperties) GetReceiveDateAsTime() (*time.Time, error)

func (*MailMessageEntityProperties) SetReceiveDateAsTime added in v0.20241009.1142232

func (o *MailMessageEntityProperties) SetReceiveDateAsTime(input time.Time)

type MailboxEntity added in v0.20241009.1142232

type MailboxEntity struct {
	Properties *MailboxEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (MailboxEntity) Entity added in v0.20241009.1142232

func (s MailboxEntity) Entity() BaseEntityImpl

func (MailboxEntity) MarshalJSON added in v0.20241009.1142232

func (s MailboxEntity) MarshalJSON() ([]byte, error)

type MailboxEntityProperties added in v0.20241009.1142232

type MailboxEntityProperties struct {
	AdditionalData            *map[string]interface{} `json:"additionalData,omitempty"`
	DisplayName               *string                 `json:"displayName,omitempty"`
	ExternalDirectoryObjectId *string                 `json:"externalDirectoryObjectId,omitempty"`
	FriendlyName              *string                 `json:"friendlyName,omitempty"`
	MailboxPrimaryAddress     *string                 `json:"mailboxPrimaryAddress,omitempty"`
	Upn                       *string                 `json:"upn,omitempty"`
}

type MalwareEntity added in v0.20241009.1142232

type MalwareEntity struct {
	Properties *MalwareEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (MalwareEntity) Entity added in v0.20241009.1142232

func (s MalwareEntity) Entity() BaseEntityImpl

func (MalwareEntity) MarshalJSON added in v0.20241009.1142232

func (s MalwareEntity) MarshalJSON() ([]byte, error)

type MalwareEntityProperties added in v0.20241009.1142232

type MalwareEntityProperties struct {
	AdditionalData   *map[string]interface{} `json:"additionalData,omitempty"`
	Category         *string                 `json:"category,omitempty"`
	FileEntityIds    *[]string               `json:"fileEntityIds,omitempty"`
	FriendlyName     *string                 `json:"friendlyName,omitempty"`
	MalwareName      *string                 `json:"malwareName,omitempty"`
	ProcessEntityIds *[]string               `json:"processEntityIds,omitempty"`
}

type NicEntity added in v0.20241009.1142232

type NicEntity struct {
	Properties *NicEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (NicEntity) Entity added in v0.20241009.1142232

func (s NicEntity) Entity() BaseEntityImpl

func (NicEntity) MarshalJSON added in v0.20241009.1142232

func (s NicEntity) MarshalJSON() ([]byte, error)

type NicEntityProperties added in v0.20241009.1142232

type NicEntityProperties struct {
	AdditionalData    *map[string]interface{} `json:"additionalData,omitempty"`
	FriendlyName      *string                 `json:"friendlyName,omitempty"`
	IPAddressEntityId *string                 `json:"ipAddressEntityId,omitempty"`
	MacAddress        *string                 `json:"macAddress,omitempty"`
	Vlans             *[]string               `json:"vlans,omitempty"`
}

type OSFamily added in v0.20241009.1142232

type OSFamily string
const (
	OSFamilyAndroid OSFamily = "Android"
	OSFamilyIOS     OSFamily = "IOS"
	OSFamilyLinux   OSFamily = "Linux"
	OSFamilyUnknown OSFamily = "Unknown"
	OSFamilyWindows OSFamily = "Windows"
)

func (*OSFamily) UnmarshalJSON added in v0.20241009.1142232

func (s *OSFamily) UnmarshalJSON(bytes []byte) error

type ProcessEntity added in v0.20241009.1142232

type ProcessEntity struct {
	Properties *ProcessEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (ProcessEntity) Entity added in v0.20241009.1142232

func (s ProcessEntity) Entity() BaseEntityImpl

func (ProcessEntity) MarshalJSON added in v0.20241009.1142232

func (s ProcessEntity) MarshalJSON() ([]byte, error)

type ProcessEntityProperties added in v0.20241009.1142232

type ProcessEntityProperties struct {
	AccountEntityId          *string                 `json:"accountEntityId,omitempty"`
	AdditionalData           *map[string]interface{} `json:"additionalData,omitempty"`
	CommandLine              *string                 `json:"commandLine,omitempty"`
	CreationTimeUtc          *string                 `json:"creationTimeUtc,omitempty"`
	ElevationToken           *ElevationToken         `json:"elevationToken,omitempty"`
	FriendlyName             *string                 `json:"friendlyName,omitempty"`
	HostEntityId             *string                 `json:"hostEntityId,omitempty"`
	HostLogonSessionEntityId *string                 `json:"hostLogonSessionEntityId,omitempty"`
	ImageFileEntityId        *string                 `json:"imageFileEntityId,omitempty"`
	ParentProcessEntityId    *string                 `json:"parentProcessEntityId,omitempty"`
	ProcessId                *string                 `json:"processId,omitempty"`
}

func (*ProcessEntityProperties) GetCreationTimeUtcAsTime added in v0.20241009.1142232

func (o *ProcessEntityProperties) GetCreationTimeUtcAsTime() (*time.Time, error)

func (*ProcessEntityProperties) SetCreationTimeUtcAsTime added in v0.20241009.1142232

func (o *ProcessEntityProperties) SetCreationTimeUtcAsTime(input time.Time)

type RawEntityImpl

type RawEntityImpl struct {
	Type   string
	Values map[string]interface{}
	// contains filtered or unexported fields
}

RawEntityImpl is returned when the Discriminated Value doesn't match any of the defined types NOTE: this should only be used when a type isn't defined for this type of Object (as a workaround) and is used only for Deserialization (e.g. this cannot be used as a Request Payload).

func (RawEntityImpl) Entity added in v0.20240920.1135249

func (s RawEntityImpl) Entity() BaseEntityImpl

type RegistryHive added in v0.20241009.1142232

type RegistryHive string
const (
	RegistryHiveHKEYA                        RegistryHive = "HKEY_A"
	RegistryHiveHKEYCLASSESROOT              RegistryHive = "HKEY_CLASSES_ROOT"
	RegistryHiveHKEYCURRENTCONFIG            RegistryHive = "HKEY_CURRENT_CONFIG"
	RegistryHiveHKEYCURRENTUSER              RegistryHive = "HKEY_CURRENT_USER"
	RegistryHiveHKEYCURRENTUSERLOCALSETTINGS RegistryHive = "HKEY_CURRENT_USER_LOCAL_SETTINGS"
	RegistryHiveHKEYLOCALMACHINE             RegistryHive = "HKEY_LOCAL_MACHINE"
	RegistryHiveHKEYPERFORMANCEDATA          RegistryHive = "HKEY_PERFORMANCE_DATA"
	RegistryHiveHKEYPERFORMANCENLSTEXT       RegistryHive = "HKEY_PERFORMANCE_NLSTEXT"
	RegistryHiveHKEYPERFORMANCETEXT          RegistryHive = "HKEY_PERFORMANCE_TEXT"
	RegistryHiveHKEYUSERS                    RegistryHive = "HKEY_USERS"
)

func (*RegistryHive) UnmarshalJSON added in v0.20241009.1142232

func (s *RegistryHive) UnmarshalJSON(bytes []byte) error

type RegistryKeyEntity added in v0.20241009.1142232

type RegistryKeyEntity struct {
	Properties *RegistryKeyEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (RegistryKeyEntity) Entity added in v0.20241009.1142232

func (s RegistryKeyEntity) Entity() BaseEntityImpl

func (RegistryKeyEntity) MarshalJSON added in v0.20241009.1142232

func (s RegistryKeyEntity) MarshalJSON() ([]byte, error)

type RegistryKeyEntityProperties added in v0.20241009.1142232

type RegistryKeyEntityProperties struct {
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	FriendlyName   *string                 `json:"friendlyName,omitempty"`
	Hive           *RegistryHive           `json:"hive,omitempty"`
	Key            *string                 `json:"key,omitempty"`
}

type RegistryValueEntity added in v0.20241009.1142232

type RegistryValueEntity struct {
	Properties *RegistryValueEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (RegistryValueEntity) Entity added in v0.20241009.1142232

func (RegistryValueEntity) MarshalJSON added in v0.20241009.1142232

func (s RegistryValueEntity) MarshalJSON() ([]byte, error)

type RegistryValueEntityProperties added in v0.20241009.1142232

type RegistryValueEntityProperties struct {
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	FriendlyName   *string                 `json:"friendlyName,omitempty"`
	KeyEntityId    *string                 `json:"keyEntityId,omitempty"`
	ValueData      *string                 `json:"valueData,omitempty"`
	ValueName      *string                 `json:"valueName,omitempty"`
	ValueType      *RegistryValueKind      `json:"valueType,omitempty"`
}

type RegistryValueKind added in v0.20241009.1142232

type RegistryValueKind string
const (
	RegistryValueKindBinary       RegistryValueKind = "Binary"
	RegistryValueKindDWord        RegistryValueKind = "DWord"
	RegistryValueKindExpandString RegistryValueKind = "ExpandString"
	RegistryValueKindMultiString  RegistryValueKind = "MultiString"
	RegistryValueKindNone         RegistryValueKind = "None"
	RegistryValueKindQWord        RegistryValueKind = "QWord"
	RegistryValueKindString       RegistryValueKind = "String"
	RegistryValueKindUnknown      RegistryValueKind = "Unknown"
)

func (*RegistryValueKind) UnmarshalJSON added in v0.20241009.1142232

func (s *RegistryValueKind) UnmarshalJSON(bytes []byte) error

type SecurityAlert

type SecurityAlert struct {
	Properties *SecurityAlertProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (SecurityAlert) Entity added in v0.20240920.1135249

func (s SecurityAlert) Entity() BaseEntityImpl

func (SecurityAlert) MarshalJSON

func (s SecurityAlert) MarshalJSON() ([]byte, error)

type SecurityAlertProperties

type SecurityAlertProperties struct {
	AdditionalData        *map[string]interface{}                            `json:"additionalData,omitempty"`
	AlertDisplayName      *string                                            `json:"alertDisplayName,omitempty"`
	AlertLink             *string                                            `json:"alertLink,omitempty"`
	AlertType             *string                                            `json:"alertType,omitempty"`
	CompromisedEntity     *string                                            `json:"compromisedEntity,omitempty"`
	ConfidenceLevel       *ConfidenceLevel                                   `json:"confidenceLevel,omitempty"`
	ConfidenceReasons     *[]SecurityAlertPropertiesConfidenceReasonsInlined `json:"confidenceReasons,omitempty"`
	ConfidenceScore       *float64                                           `json:"confidenceScore,omitempty"`
	ConfidenceScoreStatus *ConfidenceScoreStatus                             `json:"confidenceScoreStatus,omitempty"`
	Description           *string                                            `json:"description,omitempty"`
	EndTimeUtc            *string                                            `json:"endTimeUtc,omitempty"`
	FriendlyName          *string                                            `json:"friendlyName,omitempty"`
	Intent                *KillChainIntent                                   `json:"intent,omitempty"`
	ProcessingEndTime     *string                                            `json:"processingEndTime,omitempty"`
	ProductComponentName  *string                                            `json:"productComponentName,omitempty"`
	ProductName           *string                                            `json:"productName,omitempty"`
	ProductVersion        *string                                            `json:"productVersion,omitempty"`
	ProviderAlertId       *string                                            `json:"providerAlertId,omitempty"`
	RemediationSteps      *[]string                                          `json:"remediationSteps,omitempty"`
	ResourceIdentifiers   *[]interface{}                                     `json:"resourceIdentifiers,omitempty"`
	Severity              *AlertSeverity                                     `json:"severity,omitempty"`
	StartTimeUtc          *string                                            `json:"startTimeUtc,omitempty"`
	Status                *AlertStatus                                       `json:"status,omitempty"`
	SystemAlertId         *string                                            `json:"systemAlertId,omitempty"`
	Tactics               *[]AttackTactic                                    `json:"tactics,omitempty"`
	TimeGenerated         *string                                            `json:"timeGenerated,omitempty"`
	VendorName            *string                                            `json:"vendorName,omitempty"`
}

func (*SecurityAlertProperties) GetEndTimeUtcAsTime

func (o *SecurityAlertProperties) GetEndTimeUtcAsTime() (*time.Time, error)

func (*SecurityAlertProperties) GetProcessingEndTimeAsTime

func (o *SecurityAlertProperties) GetProcessingEndTimeAsTime() (*time.Time, error)

func (*SecurityAlertProperties) GetStartTimeUtcAsTime

func (o *SecurityAlertProperties) GetStartTimeUtcAsTime() (*time.Time, error)

func (*SecurityAlertProperties) GetTimeGeneratedAsTime

func (o *SecurityAlertProperties) GetTimeGeneratedAsTime() (*time.Time, error)

func (*SecurityAlertProperties) SetEndTimeUtcAsTime

func (o *SecurityAlertProperties) SetEndTimeUtcAsTime(input time.Time)

func (*SecurityAlertProperties) SetProcessingEndTimeAsTime

func (o *SecurityAlertProperties) SetProcessingEndTimeAsTime(input time.Time)

func (*SecurityAlertProperties) SetStartTimeUtcAsTime

func (o *SecurityAlertProperties) SetStartTimeUtcAsTime(input time.Time)

func (*SecurityAlertProperties) SetTimeGeneratedAsTime

func (o *SecurityAlertProperties) SetTimeGeneratedAsTime(input time.Time)

type SecurityAlertPropertiesConfidenceReasonsInlined

type SecurityAlertPropertiesConfidenceReasonsInlined struct {
	Reason     *string `json:"reason,omitempty"`
	ReasonType *string `json:"reasonType,omitempty"`
}

type SecurityGroupEntity added in v0.20241009.1142232

type SecurityGroupEntity struct {
	Properties *SecurityGroupEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (SecurityGroupEntity) Entity added in v0.20241009.1142232

func (SecurityGroupEntity) MarshalJSON added in v0.20241009.1142232

func (s SecurityGroupEntity) MarshalJSON() ([]byte, error)

type SecurityGroupEntityProperties added in v0.20241009.1142232

type SecurityGroupEntityProperties struct {
	AdditionalData    *map[string]interface{} `json:"additionalData,omitempty"`
	DistinguishedName *string                 `json:"distinguishedName,omitempty"`
	FriendlyName      *string                 `json:"friendlyName,omitempty"`
	ObjectGuid        *string                 `json:"objectGuid,omitempty"`
	Sid               *string                 `json:"sid,omitempty"`
}

type SubmissionMailEntity added in v0.20241009.1142232

type SubmissionMailEntity struct {
	Properties *SubmissionMailEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (SubmissionMailEntity) Entity added in v0.20241009.1142232

func (SubmissionMailEntity) MarshalJSON added in v0.20241009.1142232

func (s SubmissionMailEntity) MarshalJSON() ([]byte, error)

type SubmissionMailEntityProperties added in v0.20241009.1142232

type SubmissionMailEntityProperties struct {
	AdditionalData   *map[string]interface{} `json:"additionalData,omitempty"`
	FriendlyName     *string                 `json:"friendlyName,omitempty"`
	NetworkMessageId *string                 `json:"networkMessageId,omitempty"`
	Recipient        *string                 `json:"recipient,omitempty"`
	ReportType       *string                 `json:"reportType,omitempty"`
	Sender           *string                 `json:"sender,omitempty"`
	SenderIP         *string                 `json:"senderIp,omitempty"`
	Subject          *string                 `json:"subject,omitempty"`
	SubmissionDate   *string                 `json:"submissionDate,omitempty"`
	SubmissionId     *string                 `json:"submissionId,omitempty"`
	Submitter        *string                 `json:"submitter,omitempty"`
	Timestamp        *string                 `json:"timestamp,omitempty"`
}

func (*SubmissionMailEntityProperties) GetSubmissionDateAsTime added in v0.20241009.1142232

func (o *SubmissionMailEntityProperties) GetSubmissionDateAsTime() (*time.Time, error)

func (*SubmissionMailEntityProperties) GetTimestampAsTime added in v0.20241009.1142232

func (o *SubmissionMailEntityProperties) GetTimestampAsTime() (*time.Time, error)

func (*SubmissionMailEntityProperties) SetSubmissionDateAsTime added in v0.20241009.1142232

func (o *SubmissionMailEntityProperties) SetSubmissionDateAsTime(input time.Time)

func (*SubmissionMailEntityProperties) SetTimestampAsTime added in v0.20241009.1142232

func (o *SubmissionMailEntityProperties) SetTimestampAsTime(input time.Time)

type ThreatIntelligence added in v0.20241009.1142232

type ThreatIntelligence struct {
	Confidence        *float64 `json:"confidence,omitempty"`
	ProviderName      *string  `json:"providerName,omitempty"`
	ReportLink        *string  `json:"reportLink,omitempty"`
	ThreatDescription *string  `json:"threatDescription,omitempty"`
	ThreatName        *string  `json:"threatName,omitempty"`
	ThreatType        *string  `json:"threatType,omitempty"`
}

type URLEntity added in v0.20241009.1142232

type URLEntity struct {
	Properties *URLEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (URLEntity) Entity added in v0.20241009.1142232

func (s URLEntity) Entity() BaseEntityImpl

func (URLEntity) MarshalJSON added in v0.20241009.1142232

func (s URLEntity) MarshalJSON() ([]byte, error)

type URLEntityProperties added in v0.20241009.1142232

type URLEntityProperties struct {
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	FriendlyName   *string                 `json:"friendlyName,omitempty"`
	Url            *string                 `json:"url,omitempty"`
}

type UserInfo

type UserInfo struct {
	Email    *string `json:"email,omitempty"`
	Name     *string `json:"name,omitempty"`
	ObjectId *string `json:"objectId,omitempty"`
}

Source Files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL