entities

package
v0.20230823.1052657 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 23, 2023 License: MPL-2.0 Imports: 12 Imported by: 1

README

github.com/hashicorp/go-azure-sdk/resource-manager/securityinsights/2022-10-01-preview/entities Documentation

The entities SDK allows for interaction with the Azure Resource Manager Service securityinsights (API Version 2022-10-01-preview).

This readme covers example usages, but further information on using this SDK can be found in the project root.

Import Path

import "github.com/hashicorp/go-azure-sdk/resource-manager/securityinsights/2022-10-01-preview/entities"

Client Initialization

client := entities.NewEntitiesClientWithBaseURI("https://management.azure.com")
client.Client.Authorizer = authorizer

Example Usage: EntitiesClient.Expand

ctx := context.TODO()
id := entities.NewEntityID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue", "entityIdValue")

payload := entities.EntityExpandParameters{
	// ...
}


read, err := client.Expand(ctx, id, payload)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: EntitiesClient.Get

ctx := context.TODO()
id := entities.NewEntityID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue", "entityIdValue")

read, err := client.Get(ctx, id)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: EntitiesClient.GetInsights

ctx := context.TODO()
id := entities.NewEntityID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue", "entityIdValue")

payload := entities.EntityGetInsightsParameters{
	// ...
}


read, err := client.GetInsights(ctx, id, payload)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: EntitiesClient.GetTimelinelist

ctx := context.TODO()
id := entities.NewEntityID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue", "entityIdValue")

payload := entities.EntityTimelineParameters{
	// ...
}


read, err := client.GetTimelinelist(ctx, id, payload)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: EntitiesClient.List

ctx := context.TODO()
id := entities.NewWorkspaceID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue")

// alternatively `client.List(ctx, id)` can be used to do batched pagination
items, err := client.ListComplete(ctx, id)
if err != nil {
	// handle the error
}
for _, item := range items {
	// do something
}

Example Usage: EntitiesClient.Queries

ctx := context.TODO()
id := entities.NewEntityID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue", "entityIdValue")

read, err := client.Queries(ctx, id, entities.DefaultQueriesOperationOptions())
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func PossibleValuesForAlertSeverity 

func PossibleValuesForAlertSeverity() []string

func PossibleValuesForEntityItemQueryKind 

func PossibleValuesForEntityItemQueryKind() []string

func PossibleValuesForEntityKind 

func PossibleValuesForEntityKind() []string

func PossibleValuesForEntityQueryKind 

func PossibleValuesForEntityQueryKind() []string

func PossibleValuesForEntityTimelineKind 

func PossibleValuesForEntityTimelineKind() []string

func PossibleValuesForEntityType 

func PossibleValuesForEntityType() []string

func PossibleValuesForGetInsightsError 

func PossibleValuesForGetInsightsError() []string

func PossibleValuesForKillChainIntent 

func PossibleValuesForKillChainIntent() []string

func PossibleValuesForOutputType 

func PossibleValuesForOutputType() []string

func ValidateEntityID 

func ValidateEntityID(input interface{}, key string) (warnings []string, errors []error)

ValidateEntityID checks that 'input' can be parsed as a Entity ID

func ValidateWorkspaceID 

func ValidateWorkspaceID(input interface{}, key string) (warnings []string, errors []error)

ValidateWorkspaceID checks that 'input' can be parsed as a Workspace ID

Types

type ActivityTimelineItem 

type ActivityTimelineItem struct {
	BucketEndTimeUTC     string `json:"bucketEndTimeUTC"`
	BucketStartTimeUTC   string `json:"bucketStartTimeUTC"`
	Content              string `json:"content"`
	FirstActivityTimeUTC string `json:"firstActivityTimeUTC"`
	LastActivityTimeUTC  string `json:"lastActivityTimeUTC"`
	QueryId              string `json:"queryId"`
	Title                string `json:"title"`
}

func (ActivityTimelineItem) MarshalJSON 

func (s ActivityTimelineItem) MarshalJSON() ([]byte, error)

type AlertSeverity 

type AlertSeverity string
const (
	AlertSeverityHigh          AlertSeverity = "High"
	AlertSeverityInformational AlertSeverity = "Informational"
	AlertSeverityLow           AlertSeverity = "Low"
	AlertSeverityMedium        AlertSeverity = "Medium"
)

type AnomalyTimelineItem 

type AnomalyTimelineItem struct {
	AzureResourceId string    `json:"azureResourceId"`
	Description     *string   `json:"description,omitempty"`
	DisplayName     string    `json:"displayName"`
	EndTimeUtc      string    `json:"endTimeUtc"`
	Intent          *string   `json:"intent,omitempty"`
	ProductName     *string   `json:"productName,omitempty"`
	Reasons         *[]string `json:"reasons,omitempty"`
	StartTimeUtc    string    `json:"startTimeUtc"`
	Techniques      *[]string `json:"techniques,omitempty"`
	TimeGenerated   string    `json:"timeGenerated"`
	Vendor          *string   `json:"vendor,omitempty"`
}

func (AnomalyTimelineItem) MarshalJSON 

func (s AnomalyTimelineItem) MarshalJSON() ([]byte, error)

type BookmarkTimelineItem 

type BookmarkTimelineItem struct {
	AzureResourceId string    `json:"azureResourceId"`
	CreatedBy       *UserInfo `json:"createdBy,omitempty"`
	DisplayName     *string   `json:"displayName,omitempty"`
	EndTimeUtc      *string   `json:"endTimeUtc,omitempty"`
	EventTime       *string   `json:"eventTime,omitempty"`
	Labels          *[]string `json:"labels,omitempty"`
	Notes           *string   `json:"notes,omitempty"`
	StartTimeUtc    *string   `json:"startTimeUtc,omitempty"`
}

func (BookmarkTimelineItem) MarshalJSON 

func (s BookmarkTimelineItem) MarshalJSON() ([]byte, error)

type EntitiesClient 

type EntitiesClient struct {
	Client autorest.Client
	// contains filtered or unexported fields
}

func NewEntitiesClientWithBaseURI 

func NewEntitiesClientWithBaseURI(endpoint string) EntitiesClient

func (EntitiesClient) Expand 

func (c EntitiesClient) Expand(ctx context.Context, id EntityId, input EntityExpandParameters) (result ExpandOperationResponse, err error)

Expand ...

func (EntitiesClient) Get 

func (c EntitiesClient) Get(ctx context.Context, id EntityId) (result GetOperationResponse, err error)

Get ...

func (EntitiesClient) GetInsights 

func (c EntitiesClient) GetInsights(ctx context.Context, id EntityId, input EntityGetInsightsParameters) (result GetInsightsOperationResponse, err error)

GetInsights ...

func (EntitiesClient) GetTimelinelist 

func (c EntitiesClient) GetTimelinelist(ctx context.Context, id EntityId, input EntityTimelineParameters) (result GetTimelinelistOperationResponse, err error)

GetTimelinelist ...

func (EntitiesClient) List 

func (c EntitiesClient) List(ctx context.Context, id WorkspaceId) (resp ListOperationResponse, err error)

List ...

func (EntitiesClient) ListComplete 

func (c EntitiesClient) ListComplete(ctx context.Context, id WorkspaceId) (ListCompleteResult, error)

ListComplete retrieves all of the results into a single object

func (EntitiesClient) ListCompleteMatchingPredicate 

func (c EntitiesClient) ListCompleteMatchingPredicate(ctx context.Context, id WorkspaceId, predicate EntityOperationPredicate) (resp ListCompleteResult, err error)

ListCompleteMatchingPredicate retrieves all of the results and then applied the predicate

func (EntitiesClient) Queries 

func (c EntitiesClient) Queries(ctx context.Context, id EntityId, options QueriesOperationOptions) (result QueriesOperationResponse, err error)

Queries ...

type Entity 

type Entity struct {
	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

type EntityEdges 

type EntityEdges struct {
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	TargetEntityId *string                 `json:"targetEntityId,omitempty"`
}

type EntityExpandParameters 

type EntityExpandParameters struct {
	EndTime     *string `json:"endTime,omitempty"`
	ExpansionId *string `json:"expansionId,omitempty"`
	StartTime   *string `json:"startTime,omitempty"`
}

func (*EntityExpandParameters) GetEndTimeAsTime 

func (o *EntityExpandParameters) GetEndTimeAsTime() (*time.Time, error)

func (*EntityExpandParameters) GetStartTimeAsTime 

func (o *EntityExpandParameters) GetStartTimeAsTime() (*time.Time, error)

func (*EntityExpandParameters) SetEndTimeAsTime 

func (o *EntityExpandParameters) SetEndTimeAsTime(input time.Time)

func (*EntityExpandParameters) SetStartTimeAsTime 

func (o *EntityExpandParameters) SetStartTimeAsTime(input time.Time)

type EntityExpandResponse 

type EntityExpandResponse struct {
	MetaData *ExpansionResultsMetadata  `json:"metaData,omitempty"`
	Value    *EntityExpandResponseValue `json:"value,omitempty"`
}

type EntityExpandResponseValue 

type EntityExpandResponseValue struct {
	Edges    *[]EntityEdges `json:"edges,omitempty"`
	Entities *[]Entity      `json:"entities,omitempty"`
}

type EntityGetInsightsParameters 

type EntityGetInsightsParameters struct {
	AddDefaultExtendedTimeRange *bool     `json:"addDefaultExtendedTimeRange,omitempty"`
	EndTime                     string    `json:"endTime"`
	InsightQueryIds             *[]string `json:"insightQueryIds,omitempty"`
	StartTime                   string    `json:"startTime"`
}

func (*EntityGetInsightsParameters) GetEndTimeAsTime 

func (o *EntityGetInsightsParameters) GetEndTimeAsTime() (*time.Time, error)

func (*EntityGetInsightsParameters) GetStartTimeAsTime 

func (o *EntityGetInsightsParameters) GetStartTimeAsTime() (*time.Time, error)

func (*EntityGetInsightsParameters) SetEndTimeAsTime 

func (o *EntityGetInsightsParameters) SetEndTimeAsTime(input time.Time)

func (*EntityGetInsightsParameters) SetStartTimeAsTime 

func (o *EntityGetInsightsParameters) SetStartTimeAsTime(input time.Time)

type EntityGetInsightsResponse 

type EntityGetInsightsResponse struct {
	MetaData *GetInsightsResultsMetadata `json:"metaData,omitempty"`
	Value    *[]EntityInsightItem        `json:"value,omitempty"`
}

type EntityId 

type EntityId struct {
	SubscriptionId    string
	ResourceGroupName string
	WorkspaceName     string
	EntityId          string
}

EntityId is a struct representing the Resource ID for a Entity

func NewEntityID 

func NewEntityID(subscriptionId string, resourceGroupName string, workspaceName string, entityId string) EntityId

NewEntityID returns a new EntityId struct

func ParseEntityID 

func ParseEntityID(input string) (*EntityId, error)

ParseEntityID parses 'input' into a EntityId

func ParseEntityIDInsensitively 

func ParseEntityIDInsensitively(input string) (*EntityId, error)

ParseEntityIDInsensitively parses 'input' case-insensitively into a EntityId note: this method should only be used for API response data and not user input

func (EntityId) ID 

func (id EntityId) ID() string

ID returns the formatted Entity ID

func (EntityId) Segments 

func (id EntityId) Segments() []resourceids.Segment

Segments returns a slice of Resource ID Segments which comprise this Entity ID

func (EntityId) String 

func (id EntityId) String() string

String returns a human-readable description of this Entity ID

type EntityInsightItem 

type EntityInsightItem struct {
	ChartQueryResults *[]InsightsTableResult              `json:"chartQueryResults,omitempty"`
	QueryId           *string                             `json:"queryId,omitempty"`
	QueryTimeInterval *EntityInsightItemQueryTimeInterval `json:"queryTimeInterval,omitempty"`
	TableQueryResults *InsightsTableResult                `json:"tableQueryResults,omitempty"`
}

type EntityInsightItemQueryTimeInterval 

type EntityInsightItemQueryTimeInterval struct {
	EndTime   *string `json:"endTime,omitempty"`
	StartTime *string `json:"startTime,omitempty"`
}

func (*EntityInsightItemQueryTimeInterval) GetEndTimeAsTime 

func (o *EntityInsightItemQueryTimeInterval) GetEndTimeAsTime() (*time.Time, error)

func (*EntityInsightItemQueryTimeInterval) GetStartTimeAsTime 

func (o *EntityInsightItemQueryTimeInterval) GetStartTimeAsTime() (*time.Time, error)

func (*EntityInsightItemQueryTimeInterval) SetEndTimeAsTime 

func (o *EntityInsightItemQueryTimeInterval) SetEndTimeAsTime(input time.Time)

func (*EntityInsightItemQueryTimeInterval) SetStartTimeAsTime 

func (o *EntityInsightItemQueryTimeInterval) SetStartTimeAsTime(input time.Time)

type EntityItemQueryKind 

type EntityItemQueryKind string
const (
	EntityItemQueryKindInsight EntityItemQueryKind = "Insight"
)

type EntityKind 

type EntityKind string
const (
	EntityKindAccount          EntityKind = "Account"
	EntityKindAzureResource    EntityKind = "AzureResource"
	EntityKindBookmark         EntityKind = "Bookmark"
	EntityKindCloudApplication EntityKind = "CloudApplication"
	EntityKindDnsResolution    EntityKind = "DnsResolution"
	EntityKindFile             EntityKind = "File"
	EntityKindFileHash         EntityKind = "FileHash"
	EntityKindHost             EntityKind = "Host"
	EntityKindIP               EntityKind = "Ip"
	EntityKindIoTDevice        EntityKind = "IoTDevice"
	EntityKindMailCluster      EntityKind = "MailCluster"
	EntityKindMailMessage      EntityKind = "MailMessage"
	EntityKindMailbox          EntityKind = "Mailbox"
	EntityKindMalware          EntityKind = "Malware"
	EntityKindNic              EntityKind = "Nic"
	EntityKindProcess          EntityKind = "Process"
	EntityKindRegistryKey      EntityKind = "RegistryKey"
	EntityKindRegistryValue    EntityKind = "RegistryValue"
	EntityKindSecurityAlert    EntityKind = "SecurityAlert"
	EntityKindSecurityGroup    EntityKind = "SecurityGroup"
	EntityKindSubmissionMail   EntityKind = "SubmissionMail"
	EntityKindUrl              EntityKind = "Url"
)

type EntityOperationPredicate 

type EntityOperationPredicate struct {
	Id   *string
	Name *string
	Type *string
}

func (EntityOperationPredicate) Matches 

func (p EntityOperationPredicate) Matches(input Entity) bool

type EntityQueryItem 

type EntityQueryItem interface {
}

type EntityQueryItemPropertiesDataTypesInlined 

type EntityQueryItemPropertiesDataTypesInlined struct {
	DataType *string `json:"dataType,omitempty"`
}

type EntityQueryKind 

type EntityQueryKind string
const (
	EntityQueryKindActivity  EntityQueryKind = "Activity"
	EntityQueryKindExpansion EntityQueryKind = "Expansion"
	EntityQueryKindInsight   EntityQueryKind = "Insight"
)

type EntityTimelineItem 

type EntityTimelineItem interface {
}

type EntityTimelineKind 

type EntityTimelineKind string
const (
	EntityTimelineKindActivity      EntityTimelineKind = "Activity"
	EntityTimelineKindAnomaly       EntityTimelineKind = "Anomaly"
	EntityTimelineKindBookmark      EntityTimelineKind = "Bookmark"
	EntityTimelineKindSecurityAlert EntityTimelineKind = "SecurityAlert"
)

type EntityTimelineParameters 

type EntityTimelineParameters struct {
	EndTime        string                `json:"endTime"`
	Kinds          *[]EntityTimelineKind `json:"kinds,omitempty"`
	NumberOfBucket *int64                `json:"numberOfBucket,omitempty"`
	StartTime      string                `json:"startTime"`
}

func (*EntityTimelineParameters) GetEndTimeAsTime 

func (o *EntityTimelineParameters) GetEndTimeAsTime() (*time.Time, error)

func (*EntityTimelineParameters) GetStartTimeAsTime 

func (o *EntityTimelineParameters) GetStartTimeAsTime() (*time.Time, error)

func (*EntityTimelineParameters) SetEndTimeAsTime 

func (o *EntityTimelineParameters) SetEndTimeAsTime(input time.Time)

func (*EntityTimelineParameters) SetStartTimeAsTime 

func (o *EntityTimelineParameters) SetStartTimeAsTime(input time.Time)

type EntityTimelineResponse 

type EntityTimelineResponse struct {
	MetaData *TimelineResultsMetadata `json:"metaData,omitempty"`
	Value    *[]EntityTimelineItem    `json:"value,omitempty"`
}

func (*EntityTimelineResponse) UnmarshalJSON 

func (s *EntityTimelineResponse) UnmarshalJSON(bytes []byte) error

type EntityType 

type EntityType string
const (
	EntityTypeAccount          EntityType = "Account"
	EntityTypeAzureResource    EntityType = "AzureResource"
	EntityTypeCloudApplication EntityType = "CloudApplication"
	EntityTypeDNS              EntityType = "DNS"
	EntityTypeFile             EntityType = "File"
	EntityTypeFileHash         EntityType = "FileHash"
	EntityTypeHost             EntityType = "Host"
	EntityTypeHuntingBookmark  EntityType = "HuntingBookmark"
	EntityTypeIP               EntityType = "IP"
	EntityTypeIoTDevice        EntityType = "IoTDevice"
	EntityTypeMailCluster      EntityType = "MailCluster"
	EntityTypeMailMessage      EntityType = "MailMessage"
	EntityTypeMailbox          EntityType = "Mailbox"
	EntityTypeMalware          EntityType = "Malware"
	EntityTypeNic              EntityType = "Nic"
	EntityTypeProcess          EntityType = "Process"
	EntityTypeRegistryKey      EntityType = "RegistryKey"
	EntityTypeRegistryValue    EntityType = "RegistryValue"
	EntityTypeSecurityAlert    EntityType = "SecurityAlert"
	EntityTypeSecurityGroup    EntityType = "SecurityGroup"
	EntityTypeSubmissionMail   EntityType = "SubmissionMail"
	EntityTypeURL              EntityType = "URL"
)

type ExpandOperationResponse 

type ExpandOperationResponse struct {
	HttpResponse *http.Response
	Model        *EntityExpandResponse
}

type ExpansionResultAggregation 

type ExpansionResultAggregation struct {
	AggregationType *string    `json:"aggregationType,omitempty"`
	Count           int64      `json:"count"`
	DisplayName     *string    `json:"displayName,omitempty"`
	EntityKind      EntityKind `json:"entityKind"`
}

type ExpansionResultsMetadata 

type ExpansionResultsMetadata struct {
	Aggregations *[]ExpansionResultAggregation `json:"aggregations,omitempty"`
}

type GetInsightsError 

type GetInsightsError string
const (
	GetInsightsErrorInsight GetInsightsError = "Insight"
)

type GetInsightsErrorKind 

type GetInsightsErrorKind struct {
	ErrorMessage string           `json:"errorMessage"`
	Kind         GetInsightsError `json:"kind"`
	QueryId      *string          `json:"queryId,omitempty"`
}

type GetInsightsOperationResponse 

type GetInsightsOperationResponse struct {
	HttpResponse *http.Response
	Model        *EntityGetInsightsResponse
}

type GetInsightsResultsMetadata 

type GetInsightsResultsMetadata struct {
	Errors     *[]GetInsightsErrorKind `json:"errors,omitempty"`
	TotalCount int64                   `json:"totalCount"`
}

type GetOperationResponse 

type GetOperationResponse struct {
	HttpResponse *http.Response
	Model        *Entity
}

type GetQueriesResponse 

type GetQueriesResponse struct {
	Value *[]EntityQueryItem `json:"value,omitempty"`
}

func (*GetQueriesResponse) UnmarshalJSON 

func (s *GetQueriesResponse) UnmarshalJSON(bytes []byte) error

type GetTimelinelistOperationResponse 

type GetTimelinelistOperationResponse struct {
	HttpResponse *http.Response
	Model        *EntityTimelineResponse
}

type InsightQueryItem 

type InsightQueryItem struct {
	Properties *InsightQueryItemProperties `json:"properties,omitempty"`

	// Fields inherited from EntityQueryItem
	Id   *string `json:"id,omitempty"`
	Name *string `json:"name,omitempty"`
	Type *string `json:"type,omitempty"`
}

func (InsightQueryItem) MarshalJSON 

func (s InsightQueryItem) MarshalJSON() ([]byte, error)

type InsightQueryItemProperties 

type InsightQueryItemProperties struct {
	AdditionalQuery         *InsightQueryItemPropertiesAdditionalQuery    `json:"additionalQuery,omitempty"`
	BaseQuery               *string                                       `json:"baseQuery,omitempty"`
	ChartQuery              *interface{}                                  `json:"chartQuery,omitempty"`
	DataTypes               *[]EntityQueryItemPropertiesDataTypesInlined  `json:"dataTypes,omitempty"`
	DefaultTimeRange        *InsightQueryItemPropertiesDefaultTimeRange   `json:"defaultTimeRange,omitempty"`
	Description             *string                                       `json:"description,omitempty"`
	DisplayName             *string                                       `json:"displayName,omitempty"`
	EntitiesFilter          *interface{}                                  `json:"entitiesFilter,omitempty"`
	InputEntityType         *EntityType                                   `json:"inputEntityType,omitempty"`
	ReferenceTimeRange      *InsightQueryItemPropertiesReferenceTimeRange `json:"referenceTimeRange,omitempty"`
	RequiredInputFieldsSets *[][]string                                   `json:"requiredInputFieldsSets,omitempty"`
	TableQuery              *InsightQueryItemPropertiesTableQuery         `json:"tableQuery,omitempty"`
}

type InsightQueryItemPropertiesAdditionalQuery 

type InsightQueryItemPropertiesAdditionalQuery struct {
	Query *string `json:"query,omitempty"`
	Text  *string `json:"text,omitempty"`
}

type InsightQueryItemPropertiesDefaultTimeRange 

type InsightQueryItemPropertiesDefaultTimeRange struct {
	AfterRange  *string `json:"afterRange,omitempty"`
	BeforeRange *string `json:"beforeRange,omitempty"`
}

type InsightQueryItemPropertiesReferenceTimeRange 

type InsightQueryItemPropertiesReferenceTimeRange struct {
	BeforeRange *string `json:"beforeRange,omitempty"`
}

type InsightQueryItemPropertiesTableQuery 

type InsightQueryItemPropertiesTableQuery struct {
	ColumnsDefinitions *[]InsightQueryItemPropertiesTableQueryColumnsDefinitionsInlined `json:"columnsDefinitions,omitempty"`
	QueriesDefinitions *[]InsightQueryItemPropertiesTableQueryQueriesDefinitionsInlined `json:"queriesDefinitions,omitempty"`
}

type InsightQueryItemPropertiesTableQueryColumnsDefinitionsInlined 

type InsightQueryItemPropertiesTableQueryColumnsDefinitionsInlined struct {
	Header          *string     `json:"header,omitempty"`
	OutputType      *OutputType `json:"outputType,omitempty"`
	SupportDeepLink *bool       `json:"supportDeepLink,omitempty"`
}

type InsightQueryItemPropertiesTableQueryQueriesDefinitionsInlined 

type InsightQueryItemPropertiesTableQueryQueriesDefinitionsInlined struct {
	Filter                 *string                                                                                       `json:"filter,omitempty"`
	LinkColumnsDefinitions *[]InsightQueryItemPropertiesTableQueryQueriesDefinitionsInlinedLinkColumnsDefinitionsInlined `json:"linkColumnsDefinitions,omitempty"`
	Project                *string                                                                                       `json:"project,omitempty"`
	Summarize              *string                                                                                       `json:"summarize,omitempty"`
}

type InsightQueryItemPropertiesTableQueryQueriesDefinitionsInlinedLinkColumnsDefinitionsInlined 

type InsightQueryItemPropertiesTableQueryQueriesDefinitionsInlinedLinkColumnsDefinitionsInlined struct {
	ProjectedName *string `json:"projectedName,omitempty"`
	Query         *string `json:"Query,omitempty"`
}

type InsightsTableResult 

type InsightsTableResult struct {
	Columns *[]InsightsTableResultColumnsInlined `json:"columns,omitempty"`
	Rows    *[][]string                          `json:"rows,omitempty"`
}

type InsightsTableResultColumnsInlined 

type InsightsTableResultColumnsInlined struct {
	Name *string `json:"name,omitempty"`
	Type *string `json:"type,omitempty"`
}

type KillChainIntent 

type KillChainIntent string
const (
	KillChainIntentCollection          KillChainIntent = "Collection"
	KillChainIntentCommandAndControl   KillChainIntent = "CommandAndControl"
	KillChainIntentCredentialAccess    KillChainIntent = "CredentialAccess"
	KillChainIntentDefenseEvasion      KillChainIntent = "DefenseEvasion"
	KillChainIntentDiscovery           KillChainIntent = "Discovery"
	KillChainIntentExecution           KillChainIntent = "Execution"
	KillChainIntentExfiltration        KillChainIntent = "Exfiltration"
	KillChainIntentExploitation        KillChainIntent = "Exploitation"
	KillChainIntentImpact              KillChainIntent = "Impact"
	KillChainIntentLateralMovement     KillChainIntent = "LateralMovement"
	KillChainIntentPersistence         KillChainIntent = "Persistence"
	KillChainIntentPrivilegeEscalation KillChainIntent = "PrivilegeEscalation"
	KillChainIntentProbing             KillChainIntent = "Probing"
	KillChainIntentUnknown             KillChainIntent = "Unknown"
)

type ListCompleteResult 

type ListCompleteResult struct {
	Items []Entity
}

type ListOperationResponse 

type ListOperationResponse struct {
	HttpResponse *http.Response
	Model        *[]Entity
	// contains filtered or unexported fields
}

func (ListOperationResponse) HasMore 

func (r ListOperationResponse) HasMore() bool

func (ListOperationResponse) LoadMore 

func (r ListOperationResponse) LoadMore(ctx context.Context) (resp ListOperationResponse, err error)

type OutputType 

type OutputType string
const (
	OutputTypeDate   OutputType = "Date"
	OutputTypeEntity OutputType = "Entity"
	OutputTypeNumber OutputType = "Number"
	OutputTypeString OutputType = "String"
)

type QueriesOperationOptions 

type QueriesOperationOptions struct {
	Kind *EntityItemQueryKind
}

func DefaultQueriesOperationOptions 

func DefaultQueriesOperationOptions() QueriesOperationOptions

type QueriesOperationResponse 

type QueriesOperationResponse struct {
	HttpResponse *http.Response
	Model        *GetQueriesResponse
}

type RawEntityQueryItemImpl added in v0.20230807.1063129 

type RawEntityQueryItemImpl struct {
	Type   string
	Values map[string]interface{}
}

RawModeOfTransitImpl is returned when the Discriminated Value doesn't match any of the defined types NOTE: this should only be used when a type isn't defined for this type of Object (as a workaround) and is used only for Deserialization (e.g. this cannot be used as a Request Payload).

type RawEntityTimelineItemImpl added in v0.20230807.1063129 

type RawEntityTimelineItemImpl struct {
	Type   string
	Values map[string]interface{}
}

RawModeOfTransitImpl is returned when the Discriminated Value doesn't match any of the defined types NOTE: this should only be used when a type isn't defined for this type of Object (as a workaround) and is used only for Deserialization (e.g. this cannot be used as a Request Payload).

type SecurityAlertTimelineItem 

type SecurityAlertTimelineItem struct {
	AlertType       string           `json:"alertType"`
	AzureResourceId string           `json:"azureResourceId"`
	Description     *string          `json:"description,omitempty"`
	DisplayName     string           `json:"displayName"`
	EndTimeUtc      string           `json:"endTimeUtc"`
	Intent          *KillChainIntent `json:"intent,omitempty"`
	ProductName     *string          `json:"productName,omitempty"`
	Severity        AlertSeverity    `json:"severity"`
	StartTimeUtc    string           `json:"startTimeUtc"`
	Techniques      *[]string        `json:"techniques,omitempty"`
	TimeGenerated   string           `json:"timeGenerated"`
}

func (SecurityAlertTimelineItem) MarshalJSON 

func (s SecurityAlertTimelineItem) MarshalJSON() ([]byte, error)

type TimelineAggregation 

type TimelineAggregation struct {
	Count int64              `json:"count"`
	Kind  EntityTimelineKind `json:"kind"`
}

type TimelineError 

type TimelineError struct {
	ErrorMessage string             `json:"errorMessage"`
	Kind         EntityTimelineKind `json:"kind"`
	QueryId      *string            `json:"queryId,omitempty"`
}

type TimelineResultsMetadata 

type TimelineResultsMetadata struct {
	Aggregations []TimelineAggregation `json:"aggregations"`
	Errors       *[]TimelineError      `json:"errors,omitempty"`
	TotalCount   int64                 `json:"totalCount"`
}

type UserInfo 

type UserInfo struct {
	Email    *string `json:"email,omitempty"`
	Name     *string `json:"name,omitempty"`
	ObjectId *string `json:"objectId,omitempty"`
}

type WorkspaceId 

type WorkspaceId struct {
	SubscriptionId    string
	ResourceGroupName string
	WorkspaceName     string
}

WorkspaceId is a struct representing the Resource ID for a Workspace

func NewWorkspaceID 

func NewWorkspaceID(subscriptionId string, resourceGroupName string, workspaceName string) WorkspaceId

NewWorkspaceID returns a new WorkspaceId struct

func ParseWorkspaceID 

func ParseWorkspaceID(input string) (*WorkspaceId, error)

ParseWorkspaceID parses 'input' into a WorkspaceId

func ParseWorkspaceIDInsensitively 

func ParseWorkspaceIDInsensitively(input string) (*WorkspaceId, error)

ParseWorkspaceIDInsensitively parses 'input' case-insensitively into a WorkspaceId note: this method should only be used for API response data and not user input

func (WorkspaceId) ID 

func (id WorkspaceId) ID() string

ID returns the formatted Workspace ID

func (WorkspaceId) Segments 

func (id WorkspaceId) Segments() []resourceids.Segment

Segments returns a slice of Resource ID Segments which comprise this Workspace ID

func (WorkspaceId) String 

func (id WorkspaceId) String() string

String returns a human-readable description of this Workspace ID

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.