incidents

package
v0.20230712.1084117 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 12, 2023 License: MPL-2.0 Imports: 11 Imported by: 0

README

github.com/hashicorp/go-azure-sdk/resource-manager/securityinsights/2021-09-01-preview/incidents Documentation

The incidents SDK allows for interaction with the Azure Resource Manager Service securityinsights (API Version 2021-09-01-preview).

This readme covers example usages, but further information on using this SDK can be found in the project root.

Import Path

import "github.com/hashicorp/go-azure-sdk/resource-manager/securityinsights/2021-09-01-preview/incidents"

Client Initialization

client := incidents.NewIncidentsClientWithBaseURI("https://management.azure.com")
client.Client.Authorizer = authorizer

Example Usage: IncidentsClient.CreateOrUpdate

ctx := context.TODO()
id := incidents.NewIncidentID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue", "incidentIdValue")

payload := incidents.Incident{
	// ...
}


read, err := client.CreateOrUpdate(ctx, id, payload)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: IncidentsClient.Delete

ctx := context.TODO()
id := incidents.NewIncidentID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue", "incidentIdValue")

read, err := client.Delete(ctx, id)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: IncidentsClient.Get

ctx := context.TODO()
id := incidents.NewIncidentID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue", "incidentIdValue")

read, err := client.Get(ctx, id)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: IncidentsClient.List

ctx := context.TODO()
id := incidents.NewWorkspaceID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue")

// alternatively `client.List(ctx, id, incidents.DefaultListOperationOptions())` can be used to do batched pagination
items, err := client.ListComplete(ctx, id, incidents.DefaultListOperationOptions())
if err != nil {
	// handle the error
}
for _, item := range items {
	// do something
}

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func PossibleValuesForAttackTactic

func PossibleValuesForAttackTactic() []string

func PossibleValuesForIncidentClassification

func PossibleValuesForIncidentClassification() []string

func PossibleValuesForIncidentClassificationReason

func PossibleValuesForIncidentClassificationReason() []string

func PossibleValuesForIncidentLabelType

func PossibleValuesForIncidentLabelType() []string

func PossibleValuesForIncidentSeverity

func PossibleValuesForIncidentSeverity() []string

func PossibleValuesForIncidentStatus

func PossibleValuesForIncidentStatus() []string

func PossibleValuesForOwnerType

func PossibleValuesForOwnerType() []string

func ValidateIncidentID

func ValidateIncidentID(input interface{}, key string) (warnings []string, errors []error)

ValidateIncidentID checks that 'input' can be parsed as a Incident ID

func ValidateWorkspaceID

func ValidateWorkspaceID(input interface{}, key string) (warnings []string, errors []error)

ValidateWorkspaceID checks that 'input' can be parsed as a Workspace ID

Types

type AttackTactic

type AttackTactic string
const (
	AttackTacticCollection          AttackTactic = "Collection"
	AttackTacticCommandAndControl   AttackTactic = "CommandAndControl"
	AttackTacticCredentialAccess    AttackTactic = "CredentialAccess"
	AttackTacticDefenseEvasion      AttackTactic = "DefenseEvasion"
	AttackTacticDiscovery           AttackTactic = "Discovery"
	AttackTacticExecution           AttackTactic = "Execution"
	AttackTacticExfiltration        AttackTactic = "Exfiltration"
	AttackTacticImpact              AttackTactic = "Impact"
	AttackTacticInitialAccess       AttackTactic = "InitialAccess"
	AttackTacticLateralMovement     AttackTactic = "LateralMovement"
	AttackTacticPersistence         AttackTactic = "Persistence"
	AttackTacticPreAttack           AttackTactic = "PreAttack"
	AttackTacticPrivilegeEscalation AttackTactic = "PrivilegeEscalation"
)

type CreateOrUpdateOperationResponse

type CreateOrUpdateOperationResponse struct {
	HttpResponse *http.Response
	Model        *Incident
}

type DeleteOperationResponse

type DeleteOperationResponse struct {
	HttpResponse *http.Response
}

type GetOperationResponse

type GetOperationResponse struct {
	HttpResponse *http.Response
	Model        *Incident
}

type Incident

type Incident struct {
	Etag       *string                `json:"etag,omitempty"`
	Id         *string                `json:"id,omitempty"`
	Name       *string                `json:"name,omitempty"`
	Properties *IncidentProperties    `json:"properties,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

type IncidentAdditionalData

type IncidentAdditionalData struct {
	AlertProductNames *[]string       `json:"alertProductNames,omitempty"`
	AlertsCount       *int64          `json:"alertsCount,omitempty"`
	BookmarksCount    *int64          `json:"bookmarksCount,omitempty"`
	CommentsCount     *int64          `json:"commentsCount,omitempty"`
	Tactics           *[]AttackTactic `json:"tactics,omitempty"`
}

type IncidentClassification

type IncidentClassification string
const (
	IncidentClassificationBenignPositive IncidentClassification = "BenignPositive"
	IncidentClassificationFalsePositive  IncidentClassification = "FalsePositive"
	IncidentClassificationTruePositive   IncidentClassification = "TruePositive"
	IncidentClassificationUndetermined   IncidentClassification = "Undetermined"
)

type IncidentClassificationReason

type IncidentClassificationReason string
const (
	IncidentClassificationReasonInaccurateData        IncidentClassificationReason = "InaccurateData"
	IncidentClassificationReasonIncorrectAlertLogic   IncidentClassificationReason = "IncorrectAlertLogic"
	IncidentClassificationReasonSuspiciousActivity    IncidentClassificationReason = "SuspiciousActivity"
	IncidentClassificationReasonSuspiciousButExpected IncidentClassificationReason = "SuspiciousButExpected"
)

type IncidentId

type IncidentId struct {
	SubscriptionId    string
	ResourceGroupName string
	WorkspaceName     string
	IncidentId        string
}

IncidentId is a struct representing the Resource ID for a Incident

func NewIncidentID

func NewIncidentID(subscriptionId string, resourceGroupName string, workspaceName string, incidentId string) IncidentId

NewIncidentID returns a new IncidentId struct

func ParseIncidentID

func ParseIncidentID(input string) (*IncidentId, error)

ParseIncidentID parses 'input' into a IncidentId

func ParseIncidentIDInsensitively

func ParseIncidentIDInsensitively(input string) (*IncidentId, error)

ParseIncidentIDInsensitively parses 'input' case-insensitively into a IncidentId note: this method should only be used for API response data and not user input

func (IncidentId) ID

func (id IncidentId) ID() string

ID returns the formatted Incident ID

func (IncidentId) Segments

func (id IncidentId) Segments() []resourceids.Segment

Segments returns a slice of Resource ID Segments which comprise this Incident ID

func (IncidentId) String

func (id IncidentId) String() string

String returns a human-readable description of this Incident ID

type IncidentLabel

type IncidentLabel struct {
	LabelName string             `json:"labelName"`
	LabelType *IncidentLabelType `json:"labelType,omitempty"`
}

type IncidentLabelType

type IncidentLabelType string
const (
	IncidentLabelTypeSystem IncidentLabelType = "System"
	IncidentLabelTypeUser   IncidentLabelType = "User"
)

type IncidentOperationPredicate

type IncidentOperationPredicate struct {
	Etag *string
	Id   *string
	Name *string
	Type *string
}

func (IncidentOperationPredicate) Matches

func (p IncidentOperationPredicate) Matches(input Incident) bool

type IncidentOwnerInfo

type IncidentOwnerInfo struct {
	AssignedTo        *string    `json:"assignedTo,omitempty"`
	Email             *string    `json:"email,omitempty"`
	ObjectId          *string    `json:"objectId,omitempty"`
	OwnerType         *OwnerType `json:"ownerType,omitempty"`
	UserPrincipalName *string    `json:"userPrincipalName,omitempty"`
}

type IncidentProperties

type IncidentProperties struct {
	AdditionalData         *IncidentAdditionalData       `json:"additionalData,omitempty"`
	Classification         *IncidentClassification       `json:"classification,omitempty"`
	ClassificationComment  *string                       `json:"classificationComment,omitempty"`
	ClassificationReason   *IncidentClassificationReason `json:"classificationReason,omitempty"`
	CreatedTimeUtc         *string                       `json:"createdTimeUtc,omitempty"`
	Description            *string                       `json:"description,omitempty"`
	FirstActivityTimeUtc   *string                       `json:"firstActivityTimeUtc,omitempty"`
	IncidentNumber         *int64                        `json:"incidentNumber,omitempty"`
	IncidentUrl            *string                       `json:"incidentUrl,omitempty"`
	Labels                 *[]IncidentLabel              `json:"labels,omitempty"`
	LastActivityTimeUtc    *string                       `json:"lastActivityTimeUtc,omitempty"`
	LastModifiedTimeUtc    *string                       `json:"lastModifiedTimeUtc,omitempty"`
	Owner                  *IncidentOwnerInfo            `json:"owner,omitempty"`
	ProviderIncidentId     *string                       `json:"providerIncidentId,omitempty"`
	ProviderName           *string                       `json:"providerName,omitempty"`
	RelatedAnalyticRuleIds *[]string                     `json:"relatedAnalyticRuleIds,omitempty"`
	Severity               IncidentSeverity              `json:"severity"`
	Status                 IncidentStatus                `json:"status"`
	TeamInformation        *TeamInformation              `json:"teamInformation,omitempty"`
	Title                  string                        `json:"title"`
}

func (*IncidentProperties) GetCreatedTimeUtcAsTime

func (o *IncidentProperties) GetCreatedTimeUtcAsTime() (*time.Time, error)

func (*IncidentProperties) GetFirstActivityTimeUtcAsTime

func (o *IncidentProperties) GetFirstActivityTimeUtcAsTime() (*time.Time, error)

func (*IncidentProperties) GetLastActivityTimeUtcAsTime

func (o *IncidentProperties) GetLastActivityTimeUtcAsTime() (*time.Time, error)

func (*IncidentProperties) GetLastModifiedTimeUtcAsTime

func (o *IncidentProperties) GetLastModifiedTimeUtcAsTime() (*time.Time, error)

func (*IncidentProperties) SetCreatedTimeUtcAsTime

func (o *IncidentProperties) SetCreatedTimeUtcAsTime(input time.Time)

func (*IncidentProperties) SetFirstActivityTimeUtcAsTime

func (o *IncidentProperties) SetFirstActivityTimeUtcAsTime(input time.Time)

func (*IncidentProperties) SetLastActivityTimeUtcAsTime

func (o *IncidentProperties) SetLastActivityTimeUtcAsTime(input time.Time)

func (*IncidentProperties) SetLastModifiedTimeUtcAsTime

func (o *IncidentProperties) SetLastModifiedTimeUtcAsTime(input time.Time)

type IncidentSeverity

type IncidentSeverity string
const (
	IncidentSeverityHigh          IncidentSeverity = "High"
	IncidentSeverityInformational IncidentSeverity = "Informational"
	IncidentSeverityLow           IncidentSeverity = "Low"
	IncidentSeverityMedium        IncidentSeverity = "Medium"
)

type IncidentStatus

type IncidentStatus string
const (
	IncidentStatusActive IncidentStatus = "Active"
	IncidentStatusClosed IncidentStatus = "Closed"
	IncidentStatusNew    IncidentStatus = "New"
)

type IncidentsClient

type IncidentsClient struct {
	Client autorest.Client
	// contains filtered or unexported fields
}

func NewIncidentsClientWithBaseURI

func NewIncidentsClientWithBaseURI(endpoint string) IncidentsClient

func (IncidentsClient) CreateOrUpdate

func (c IncidentsClient) CreateOrUpdate(ctx context.Context, id IncidentId, input Incident) (result CreateOrUpdateOperationResponse, err error)

CreateOrUpdate ...

func (IncidentsClient) Delete

func (c IncidentsClient) Delete(ctx context.Context, id IncidentId) (result DeleteOperationResponse, err error)

Delete ...

func (IncidentsClient) Get

func (c IncidentsClient) Get(ctx context.Context, id IncidentId) (result GetOperationResponse, err error)

Get ...

func (IncidentsClient) List

List ...

func (IncidentsClient) ListComplete

ListComplete retrieves all of the results into a single object

func (IncidentsClient) ListCompleteMatchingPredicate

func (c IncidentsClient) ListCompleteMatchingPredicate(ctx context.Context, id WorkspaceId, options ListOperationOptions, predicate IncidentOperationPredicate) (resp ListCompleteResult, err error)

ListCompleteMatchingPredicate retrieves all of the results and then applied the predicate

type ListCompleteResult

type ListCompleteResult struct {
	Items []Incident
}

type ListOperationOptions

type ListOperationOptions struct {
	Filter  *string
	Orderby *string
	Top     *int64
}

func DefaultListOperationOptions

func DefaultListOperationOptions() ListOperationOptions

type ListOperationResponse

type ListOperationResponse struct {
	HttpResponse *http.Response
	Model        *[]Incident
	// contains filtered or unexported fields
}

func (ListOperationResponse) HasMore

func (r ListOperationResponse) HasMore() bool

func (ListOperationResponse) LoadMore

func (r ListOperationResponse) LoadMore(ctx context.Context) (resp ListOperationResponse, err error)

type OwnerType

type OwnerType string
const (
	OwnerTypeGroup   OwnerType = "Group"
	OwnerTypeUnknown OwnerType = "Unknown"
	OwnerTypeUser    OwnerType = "User"
)

type TeamInformation

type TeamInformation struct {
	Description         *string `json:"description,omitempty"`
	Name                *string `json:"name,omitempty"`
	PrimaryChannelUrl   *string `json:"primaryChannelUrl,omitempty"`
	TeamCreationTimeUtc *string `json:"teamCreationTimeUtc,omitempty"`
	TeamId              *string `json:"teamId,omitempty"`
}

func (*TeamInformation) GetTeamCreationTimeUtcAsTime

func (o *TeamInformation) GetTeamCreationTimeUtcAsTime() (*time.Time, error)

func (*TeamInformation) SetTeamCreationTimeUtcAsTime

func (o *TeamInformation) SetTeamCreationTimeUtcAsTime(input time.Time)

type WorkspaceId

type WorkspaceId struct {
	SubscriptionId    string
	ResourceGroupName string
	WorkspaceName     string
}

WorkspaceId is a struct representing the Resource ID for a Workspace

func NewWorkspaceID

func NewWorkspaceID(subscriptionId string, resourceGroupName string, workspaceName string) WorkspaceId

NewWorkspaceID returns a new WorkspaceId struct

func ParseWorkspaceID

func ParseWorkspaceID(input string) (*WorkspaceId, error)

ParseWorkspaceID parses 'input' into a WorkspaceId

func ParseWorkspaceIDInsensitively

func ParseWorkspaceIDInsensitively(input string) (*WorkspaceId, error)

ParseWorkspaceIDInsensitively parses 'input' case-insensitively into a WorkspaceId note: this method should only be used for API response data and not user input

func (WorkspaceId) ID

func (id WorkspaceId) ID() string

ID returns the formatted Workspace ID

func (WorkspaceId) Segments

func (id WorkspaceId) Segments() []resourceids.Segment

Segments returns a slice of Resource ID Segments which comprise this Workspace ID

func (WorkspaceId) String

func (id WorkspaceId) String() string

String returns a human-readable description of this Workspace ID

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL