threatintelligence

package
v0.20230905.1084740 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 5, 2023 License: MPL-2.0 Imports: 10 Imported by: 0

README

github.com/hashicorp/go-azure-sdk/resource-manager/securityinsights/2021-09-01-preview/threatintelligence Documentation

The threatintelligence SDK allows for interaction with the Azure Resource Manager Service securityinsights (API Version 2021-09-01-preview).

This readme covers example usages, but further information on using this SDK can be found in the project root.

Import Path

import "github.com/hashicorp/go-azure-sdk/resource-manager/securityinsights/2021-09-01-preview/threatintelligence"

Client Initialization

client := threatintelligence.NewThreatIntelligenceClientWithBaseURI("https://management.azure.com")
client.Client.Authorizer = authorizer

Example Usage: ThreatIntelligenceClient.IndicatorAppendTags

ctx := context.TODO()
id := threatintelligence.NewIndicatorID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue", "indicatorValue")

payload := threatintelligence.ThreatIntelligenceAppendTags{
	// ...
}


read, err := client.IndicatorAppendTags(ctx, id, payload)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: ThreatIntelligenceClient.IndicatorCreate

ctx := context.TODO()
id := threatintelligence.NewIndicatorID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue", "indicatorValue")

payload := threatintelligence.ThreatIntelligenceIndicatorModelForRequestBody{
	// ...
}


read, err := client.IndicatorCreate(ctx, id, payload)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: ThreatIntelligenceClient.IndicatorCreateIndicator

ctx := context.TODO()
id := threatintelligence.NewWorkspaceID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue")

payload := threatintelligence.ThreatIntelligenceIndicatorModelForRequestBody{
	// ...
}


read, err := client.IndicatorCreateIndicator(ctx, id, payload)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: ThreatIntelligenceClient.IndicatorDelete

ctx := context.TODO()
id := threatintelligence.NewIndicatorID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue", "indicatorValue")

read, err := client.IndicatorDelete(ctx, id)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: ThreatIntelligenceClient.IndicatorGet

ctx := context.TODO()
id := threatintelligence.NewIndicatorID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue", "indicatorValue")

read, err := client.IndicatorGet(ctx, id)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: ThreatIntelligenceClient.IndicatorMetricsList

ctx := context.TODO()
id := threatintelligence.NewWorkspaceID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue")

read, err := client.IndicatorMetricsList(ctx, id)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: ThreatIntelligenceClient.IndicatorQueryIndicators

ctx := context.TODO()
id := threatintelligence.NewWorkspaceID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue")

payload := threatintelligence.ThreatIntelligenceFilteringCriteria{
	// ...
}


// alternatively `client.IndicatorQueryIndicators(ctx, id, payload)` can be used to do batched pagination
items, err := client.IndicatorQueryIndicatorsComplete(ctx, id, payload)
if err != nil {
	// handle the error
}
for _, item := range items {
	// do something
}

Example Usage: ThreatIntelligenceClient.IndicatorReplaceTags

ctx := context.TODO()
id := threatintelligence.NewIndicatorID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue", "indicatorValue")

payload := threatintelligence.ThreatIntelligenceIndicatorModelForRequestBody{
	// ...
}


read, err := client.IndicatorReplaceTags(ctx, id, payload)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: ThreatIntelligenceClient.IndicatorsList

ctx := context.TODO()
id := threatintelligence.NewWorkspaceID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue")

// alternatively `client.IndicatorsList(ctx, id, threatintelligence.DefaultIndicatorsListOperationOptions())` can be used to do batched pagination
items, err := client.IndicatorsListComplete(ctx, id, threatintelligence.DefaultIndicatorsListOperationOptions())
if err != nil {
	// handle the error
}
for _, item := range items {
	// do something
}

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func PossibleValuesForThreatIntelligenceResourceKindEnum

func PossibleValuesForThreatIntelligenceResourceKindEnum() []string

func PossibleValuesForThreatIntelligenceSortingCriteriaEnum

func PossibleValuesForThreatIntelligenceSortingCriteriaEnum() []string

func ValidateIndicatorID

func ValidateIndicatorID(input interface{}, key string) (warnings []string, errors []error)

ValidateIndicatorID checks that 'input' can be parsed as a Indicator ID

func ValidateWorkspaceID

func ValidateWorkspaceID(input interface{}, key string) (warnings []string, errors []error)

ValidateWorkspaceID checks that 'input' can be parsed as a Workspace ID

Types

type IndicatorAppendTagsOperationResponse

type IndicatorAppendTagsOperationResponse struct {
	HttpResponse *http.Response
}

type IndicatorCreateIndicatorOperationResponse

type IndicatorCreateIndicatorOperationResponse struct {
	HttpResponse *http.Response
	Model        *ThreatIntelligenceInformation
}

type IndicatorCreateOperationResponse

type IndicatorCreateOperationResponse struct {
	HttpResponse *http.Response
	Model        *ThreatIntelligenceInformation
}

type IndicatorDeleteOperationResponse

type IndicatorDeleteOperationResponse struct {
	HttpResponse *http.Response
}

type IndicatorGetOperationResponse

type IndicatorGetOperationResponse struct {
	HttpResponse *http.Response
	Model        *ThreatIntelligenceInformation
}

type IndicatorId

type IndicatorId struct {
	SubscriptionId    string
	ResourceGroupName string
	WorkspaceName     string
	IndicatorName     string
}

IndicatorId is a struct representing the Resource ID for a Indicator

func NewIndicatorID

func NewIndicatorID(subscriptionId string, resourceGroupName string, workspaceName string, indicatorName string) IndicatorId

NewIndicatorID returns a new IndicatorId struct

func ParseIndicatorID

func ParseIndicatorID(input string) (*IndicatorId, error)

ParseIndicatorID parses 'input' into a IndicatorId

func ParseIndicatorIDInsensitively

func ParseIndicatorIDInsensitively(input string) (*IndicatorId, error)

ParseIndicatorIDInsensitively parses 'input' case-insensitively into a IndicatorId note: this method should only be used for API response data and not user input

func (IndicatorId) ID

func (id IndicatorId) ID() string

ID returns the formatted Indicator ID

func (IndicatorId) Segments

func (id IndicatorId) Segments() []resourceids.Segment

Segments returns a slice of Resource ID Segments which comprise this Indicator ID

func (IndicatorId) String

func (id IndicatorId) String() string

String returns a human-readable description of this Indicator ID

type IndicatorMetricsListOperationResponse

type IndicatorMetricsListOperationResponse struct {
	HttpResponse *http.Response
	Model        *ThreatIntelligenceMetricsList
}

type IndicatorQueryIndicatorsCompleteResult

type IndicatorQueryIndicatorsCompleteResult struct {
	Items []ThreatIntelligenceInformation
}

type IndicatorQueryIndicatorsOperationResponse

type IndicatorQueryIndicatorsOperationResponse struct {
	HttpResponse *http.Response
	Model        *[]ThreatIntelligenceInformation
	// contains filtered or unexported fields
}

func (IndicatorQueryIndicatorsOperationResponse) HasMore

func (IndicatorQueryIndicatorsOperationResponse) LoadMore

type IndicatorReplaceTagsOperationResponse

type IndicatorReplaceTagsOperationResponse struct {
	HttpResponse *http.Response
	Model        *ThreatIntelligenceInformation
}

type IndicatorsListCompleteResult

type IndicatorsListCompleteResult struct {
	Items []ThreatIntelligenceInformation
}

type IndicatorsListOperationOptions

type IndicatorsListOperationOptions struct {
	Filter  *string
	Orderby *string
	Top     *int64
}

func DefaultIndicatorsListOperationOptions

func DefaultIndicatorsListOperationOptions() IndicatorsListOperationOptions

type IndicatorsListOperationResponse

type IndicatorsListOperationResponse struct {
	HttpResponse *http.Response
	Model        *[]ThreatIntelligenceInformation
	// contains filtered or unexported fields
}

func (IndicatorsListOperationResponse) HasMore

func (IndicatorsListOperationResponse) LoadMore

type RawThreatIntelligenceInformationImpl added in v0.20230807.1063129

type RawThreatIntelligenceInformationImpl struct {
	Type   string
	Values map[string]interface{}
}

RawModeOfTransitImpl is returned when the Discriminated Value doesn't match any of the defined types NOTE: this should only be used when a type isn't defined for this type of Object (as a workaround) and is used only for Deserialization (e.g. this cannot be used as a Request Payload).

type ThreatIntelligenceAppendTags

type ThreatIntelligenceAppendTags struct {
	ThreatIntelligenceTags *[]string `json:"threatIntelligenceTags,omitempty"`
}

type ThreatIntelligenceClient

type ThreatIntelligenceClient struct {
	Client autorest.Client
	// contains filtered or unexported fields
}

func NewThreatIntelligenceClientWithBaseURI

func NewThreatIntelligenceClientWithBaseURI(endpoint string) ThreatIntelligenceClient

func (ThreatIntelligenceClient) IndicatorAppendTags

IndicatorAppendTags ...

func (ThreatIntelligenceClient) IndicatorCreate

IndicatorCreate ...

func (ThreatIntelligenceClient) IndicatorCreateIndicator

IndicatorCreateIndicator ...

func (ThreatIntelligenceClient) IndicatorDelete

IndicatorDelete ...

func (ThreatIntelligenceClient) IndicatorGet

IndicatorGet ...

func (ThreatIntelligenceClient) IndicatorMetricsList

IndicatorMetricsList ...

func (ThreatIntelligenceClient) IndicatorQueryIndicators

IndicatorQueryIndicators ...

func (ThreatIntelligenceClient) IndicatorQueryIndicatorsComplete

IndicatorQueryIndicatorsComplete retrieves all of the results into a single object

func (ThreatIntelligenceClient) IndicatorQueryIndicatorsCompleteMatchingPredicate

IndicatorQueryIndicatorsCompleteMatchingPredicate retrieves all of the results and then applied the predicate

func (ThreatIntelligenceClient) IndicatorReplaceTags

IndicatorReplaceTags ...

func (ThreatIntelligenceClient) IndicatorsList

IndicatorsList ...

func (ThreatIntelligenceClient) IndicatorsListComplete

IndicatorsListComplete retrieves all of the results into a single object

func (ThreatIntelligenceClient) IndicatorsListCompleteMatchingPredicate

IndicatorsListCompleteMatchingPredicate retrieves all of the results and then applied the predicate

type ThreatIntelligenceExternalReference

type ThreatIntelligenceExternalReference struct {
	Description *string            `json:"description,omitempty"`
	ExternalId  *string            `json:"externalId,omitempty"`
	Hashes      *map[string]string `json:"hashes,omitempty"`
	SourceName  *string            `json:"sourceName,omitempty"`
	Url         *string            `json:"url,omitempty"`
}

type ThreatIntelligenceFilteringCriteria

type ThreatIntelligenceFilteringCriteria struct {
	Ids             *[]string                            `json:"ids,omitempty"`
	IncludeDisabled *bool                                `json:"includeDisabled,omitempty"`
	Keywords        *[]string                            `json:"keywords,omitempty"`
	MaxConfidence   *int64                               `json:"maxConfidence,omitempty"`
	MaxValidUntil   *string                              `json:"maxValidUntil,omitempty"`
	MinConfidence   *int64                               `json:"minConfidence,omitempty"`
	MinValidUntil   *string                              `json:"minValidUntil,omitempty"`
	PageSize        *int64                               `json:"pageSize,omitempty"`
	PatternTypes    *[]string                            `json:"patternTypes,omitempty"`
	SkipToken       *string                              `json:"skipToken,omitempty"`
	SortBy          *[]ThreatIntelligenceSortingCriteria `json:"sortBy,omitempty"`
	Sources         *[]string                            `json:"sources,omitempty"`
	ThreatTypes     *[]string                            `json:"threatTypes,omitempty"`
}

type ThreatIntelligenceGranularMarkingModel

type ThreatIntelligenceGranularMarkingModel struct {
	Language   *string   `json:"language,omitempty"`
	MarkingRef *int64    `json:"markingRef,omitempty"`
	Selectors  *[]string `json:"selectors,omitempty"`
}

type ThreatIntelligenceIndicatorModel

type ThreatIntelligenceIndicatorModel struct {
	Properties *ThreatIntelligenceIndicatorProperties `json:"properties,omitempty"`

	// Fields inherited from ThreatIntelligenceInformation
	Etag       *string                `json:"etag,omitempty"`
	Id         *string                `json:"id,omitempty"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (ThreatIntelligenceIndicatorModel) MarshalJSON

func (s ThreatIntelligenceIndicatorModel) MarshalJSON() ([]byte, error)

type ThreatIntelligenceIndicatorModelForRequestBody

type ThreatIntelligenceIndicatorModelForRequestBody struct {
	Etag       *string                                `json:"etag,omitempty"`
	Kind       ThreatIntelligenceResourceKindEnum     `json:"kind"`
	Properties *ThreatIntelligenceIndicatorProperties `json:"properties,omitempty"`
}

type ThreatIntelligenceIndicatorProperties

type ThreatIntelligenceIndicatorProperties struct {
	AdditionalData             *map[string]interface{}                   `json:"additionalData,omitempty"`
	Confidence                 *int64                                    `json:"confidence,omitempty"`
	Created                    *string                                   `json:"created,omitempty"`
	CreatedByRef               *string                                   `json:"createdByRef,omitempty"`
	Defanged                   *bool                                     `json:"defanged,omitempty"`
	Description                *string                                   `json:"description,omitempty"`
	DisplayName                *string                                   `json:"displayName,omitempty"`
	Extensions                 *interface{}                              `json:"extensions,omitempty"`
	ExternalId                 *string                                   `json:"externalId,omitempty"`
	ExternalLastUpdatedTimeUtc *string                                   `json:"externalLastUpdatedTimeUtc,omitempty"`
	ExternalReferences         *[]ThreatIntelligenceExternalReference    `json:"externalReferences,omitempty"`
	FriendlyName               *string                                   `json:"friendlyName,omitempty"`
	GranularMarkings           *[]ThreatIntelligenceGranularMarkingModel `json:"granularMarkings,omitempty"`
	IndicatorTypes             *[]string                                 `json:"indicatorTypes,omitempty"`
	KillChainPhases            *[]ThreatIntelligenceKillChainPhase       `json:"killChainPhases,omitempty"`
	Labels                     *[]string                                 `json:"labels,omitempty"`
	Language                   *string                                   `json:"language,omitempty"`
	LastUpdatedTimeUtc         *string                                   `json:"lastUpdatedTimeUtc,omitempty"`
	Modified                   *string                                   `json:"modified,omitempty"`
	ObjectMarkingRefs          *[]string                                 `json:"objectMarkingRefs,omitempty"`
	ParsedPattern              *[]ThreatIntelligenceParsedPattern        `json:"parsedPattern,omitempty"`
	Pattern                    *string                                   `json:"pattern,omitempty"`
	PatternType                *string                                   `json:"patternType,omitempty"`
	PatternVersion             *string                                   `json:"patternVersion,omitempty"`
	Revoked                    *bool                                     `json:"revoked,omitempty"`
	Source                     *string                                   `json:"source,omitempty"`
	ThreatIntelligenceTags     *[]string                                 `json:"threatIntelligenceTags,omitempty"`
	ThreatTypes                *[]string                                 `json:"threatTypes,omitempty"`
	ValidFrom                  *string                                   `json:"validFrom,omitempty"`
	ValidUntil                 *string                                   `json:"validUntil,omitempty"`
}

type ThreatIntelligenceInformation

type ThreatIntelligenceInformation interface {
}

type ThreatIntelligenceInformationOperationPredicate

type ThreatIntelligenceInformationOperationPredicate struct {
}

func (ThreatIntelligenceInformationOperationPredicate) Matches

type ThreatIntelligenceKillChainPhase

type ThreatIntelligenceKillChainPhase struct {
	KillChainName *string `json:"killChainName,omitempty"`
	PhaseName     *string `json:"phaseName,omitempty"`
}

type ThreatIntelligenceMetric

type ThreatIntelligenceMetric struct {
	LastUpdatedTimeUtc *string                           `json:"lastUpdatedTimeUtc,omitempty"`
	PatternTypeMetrics *[]ThreatIntelligenceMetricEntity `json:"patternTypeMetrics,omitempty"`
	SourceMetrics      *[]ThreatIntelligenceMetricEntity `json:"sourceMetrics,omitempty"`
	ThreatTypeMetrics  *[]ThreatIntelligenceMetricEntity `json:"threatTypeMetrics,omitempty"`
}

type ThreatIntelligenceMetricEntity

type ThreatIntelligenceMetricEntity struct {
	MetricName  *string `json:"metricName,omitempty"`
	MetricValue *int64  `json:"metricValue,omitempty"`
}

type ThreatIntelligenceMetrics

type ThreatIntelligenceMetrics struct {
	Properties *ThreatIntelligenceMetric `json:"properties,omitempty"`
}

type ThreatIntelligenceMetricsList

type ThreatIntelligenceMetricsList struct {
	Value []ThreatIntelligenceMetrics `json:"value"`
}

type ThreatIntelligenceParsedPattern

type ThreatIntelligenceParsedPattern struct {
	PatternTypeKey    *string                                     `json:"patternTypeKey,omitempty"`
	PatternTypeValues *[]ThreatIntelligenceParsedPatternTypeValue `json:"patternTypeValues,omitempty"`
}

type ThreatIntelligenceParsedPatternTypeValue

type ThreatIntelligenceParsedPatternTypeValue struct {
	Value     *string `json:"value,omitempty"`
	ValueType *string `json:"valueType,omitempty"`
}

type ThreatIntelligenceResourceKindEnum

type ThreatIntelligenceResourceKindEnum string
const (
	ThreatIntelligenceResourceKindEnumIndicator ThreatIntelligenceResourceKindEnum = "indicator"
)

type ThreatIntelligenceSortingCriteria

type ThreatIntelligenceSortingCriteria struct {
	ItemKey   *string                                `json:"itemKey,omitempty"`
	SortOrder *ThreatIntelligenceSortingCriteriaEnum `json:"sortOrder,omitempty"`
}

type ThreatIntelligenceSortingCriteriaEnum

type ThreatIntelligenceSortingCriteriaEnum string
const (
	ThreatIntelligenceSortingCriteriaEnumAscending  ThreatIntelligenceSortingCriteriaEnum = "ascending"
	ThreatIntelligenceSortingCriteriaEnumDescending ThreatIntelligenceSortingCriteriaEnum = "descending"
	ThreatIntelligenceSortingCriteriaEnumUnsorted   ThreatIntelligenceSortingCriteriaEnum = "unsorted"
)

type WorkspaceId

type WorkspaceId struct {
	SubscriptionId    string
	ResourceGroupName string
	WorkspaceName     string
}

WorkspaceId is a struct representing the Resource ID for a Workspace

func NewWorkspaceID

func NewWorkspaceID(subscriptionId string, resourceGroupName string, workspaceName string) WorkspaceId

NewWorkspaceID returns a new WorkspaceId struct

func ParseWorkspaceID

func ParseWorkspaceID(input string) (*WorkspaceId, error)

ParseWorkspaceID parses 'input' into a WorkspaceId

func ParseWorkspaceIDInsensitively

func ParseWorkspaceIDInsensitively(input string) (*WorkspaceId, error)

ParseWorkspaceIDInsensitively parses 'input' case-insensitively into a WorkspaceId note: this method should only be used for API response data and not user input

func (WorkspaceId) ID

func (id WorkspaceId) ID() string

ID returns the formatted Workspace ID

func (WorkspaceId) Segments

func (id WorkspaceId) Segments() []resourceids.Segment

Segments returns a slice of Resource ID Segments which comprise this Workspace ID

func (WorkspaceId) String

func (id WorkspaceId) String() string

String returns a human-readable description of this Workspace ID

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL