alertruletemplates

package
v0.20231109.1104441 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 9, 2023 License: MPL-2.0 Imports: 12 Imported by: 0

README

github.com/hashicorp/go-azure-sdk/resource-manager/securityinsights/2021-09-01-preview/alertruletemplates Documentation

The alertruletemplates SDK allows for interaction with the Azure Resource Manager Service securityinsights (API Version 2021-09-01-preview).

This readme covers example usages, but further information on using this SDK can be found in the project root.

Import Path

import "github.com/hashicorp/go-azure-sdk/resource-manager/securityinsights/2021-09-01-preview/alertruletemplates"

Client Initialization

client := alertruletemplates.NewAlertRuleTemplatesClientWithBaseURI("https://management.azure.com")
client.Client.Authorizer = authorizer

Example Usage: AlertRuleTemplatesClient.Get

ctx := context.TODO()
id := alertruletemplates.NewAlertRuleTemplateID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue", "alertRuleTemplateIdValue")

read, err := client.Get(ctx, id)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: AlertRuleTemplatesClient.List

ctx := context.TODO()
id := alertruletemplates.NewWorkspaceID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceValue")

// alternatively `client.List(ctx, id)` can be used to do batched pagination
items, err := client.ListComplete(ctx, id)
if err != nil {
	// handle the error
}
for _, item := range items {
	// do something
}

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func PossibleValuesForAlertRuleKind

func PossibleValuesForAlertRuleKind() []string

func PossibleValuesForAlertSeverity

func PossibleValuesForAlertSeverity() []string

func PossibleValuesForAttackTactic

func PossibleValuesForAttackTactic() []string

func PossibleValuesForEntityMappingType added in v0.20221021.1074650

func PossibleValuesForEntityMappingType() []string

func PossibleValuesForEventGroupingAggregationKind added in v0.20221021.1074650

func PossibleValuesForEventGroupingAggregationKind() []string

func PossibleValuesForMicrosoftSecurityProductName added in v0.20230503.1140953

func PossibleValuesForMicrosoftSecurityProductName() []string

func PossibleValuesForTemplateStatus added in v0.20221021.1074650

func PossibleValuesForTemplateStatus() []string

func PossibleValuesForTriggerOperator added in v0.20221021.1074650

func PossibleValuesForTriggerOperator() []string

func ValidateAlertRuleTemplateID

func ValidateAlertRuleTemplateID(input interface{}, key string) (warnings []string, errors []error)

ValidateAlertRuleTemplateID checks that 'input' can be parsed as a Alert Rule Template ID

func ValidateWorkspaceID

func ValidateWorkspaceID(input interface{}, key string) (warnings []string, errors []error)

ValidateWorkspaceID checks that 'input' can be parsed as a Workspace ID

Types

type AlertDetailsOverride added in v0.20221021.1074650

type AlertDetailsOverride struct {
	AlertDescriptionFormat  *string `json:"alertDescriptionFormat,omitempty"`
	AlertDisplayNameFormat  *string `json:"alertDisplayNameFormat,omitempty"`
	AlertSeverityColumnName *string `json:"alertSeverityColumnName,omitempty"`
	AlertTacticsColumnName  *string `json:"alertTacticsColumnName,omitempty"`
}

type AlertRuleKind

type AlertRuleKind string
const (
	AlertRuleKindFusion                            AlertRuleKind = "Fusion"
	AlertRuleKindMLBehaviorAnalytics               AlertRuleKind = "MLBehaviorAnalytics"
	AlertRuleKindMicrosoftSecurityIncidentCreation AlertRuleKind = "MicrosoftSecurityIncidentCreation"
	AlertRuleKindNRT                               AlertRuleKind = "NRT"
	AlertRuleKindScheduled                         AlertRuleKind = "Scheduled"
	AlertRuleKindThreatIntelligence                AlertRuleKind = "ThreatIntelligence"
)

type AlertRuleTemplate

type AlertRuleTemplate interface {
}

type AlertRuleTemplateDataSource added in v0.20221021.1074650

type AlertRuleTemplateDataSource struct {
	ConnectorId *string   `json:"connectorId,omitempty"`
	DataTypes   *[]string `json:"dataTypes,omitempty"`
}

type AlertRuleTemplateId

type AlertRuleTemplateId struct {
	SubscriptionId      string
	ResourceGroupName   string
	WorkspaceName       string
	AlertRuleTemplateId string
}

AlertRuleTemplateId is a struct representing the Resource ID for a Alert Rule Template

func NewAlertRuleTemplateID

func NewAlertRuleTemplateID(subscriptionId string, resourceGroupName string, workspaceName string, alertRuleTemplateId string) AlertRuleTemplateId

NewAlertRuleTemplateID returns a new AlertRuleTemplateId struct

func ParseAlertRuleTemplateID

func ParseAlertRuleTemplateID(input string) (*AlertRuleTemplateId, error)

ParseAlertRuleTemplateID parses 'input' into a AlertRuleTemplateId

func ParseAlertRuleTemplateIDInsensitively

func ParseAlertRuleTemplateIDInsensitively(input string) (*AlertRuleTemplateId, error)

ParseAlertRuleTemplateIDInsensitively parses 'input' case-insensitively into a AlertRuleTemplateId note: this method should only be used for API response data and not user input

func (AlertRuleTemplateId) ID

func (id AlertRuleTemplateId) ID() string

ID returns the formatted Alert Rule Template ID

func (AlertRuleTemplateId) Segments

func (id AlertRuleTemplateId) Segments() []resourceids.Segment

Segments returns a slice of Resource ID Segments which comprise this Alert Rule Template ID

func (AlertRuleTemplateId) String

func (id AlertRuleTemplateId) String() string

String returns a human-readable description of this Alert Rule Template ID

type AlertRuleTemplateOperationPredicate

type AlertRuleTemplateOperationPredicate struct {
}

func (AlertRuleTemplateOperationPredicate) Matches

type AlertRuleTemplatesClient

type AlertRuleTemplatesClient struct {
	Client autorest.Client
	// contains filtered or unexported fields
}

func NewAlertRuleTemplatesClientWithBaseURI

func NewAlertRuleTemplatesClientWithBaseURI(endpoint string) AlertRuleTemplatesClient

func (AlertRuleTemplatesClient) Get added in v0.20230906.1160501

Get ...

func (AlertRuleTemplatesClient) List added in v0.20230906.1160501

List ...

func (AlertRuleTemplatesClient) ListComplete added in v0.20230906.1160501

ListComplete retrieves all of the results into a single object

func (AlertRuleTemplatesClient) ListCompleteMatchingPredicate added in v0.20230906.1160501

func (c AlertRuleTemplatesClient) ListCompleteMatchingPredicate(ctx context.Context, id WorkspaceId, predicate AlertRuleTemplateOperationPredicate) (resp ListCompleteResult, err error)

ListCompleteMatchingPredicate retrieves all of the results and then applied the predicate

type AlertSeverity

type AlertSeverity string
const (
	AlertSeverityHigh          AlertSeverity = "High"
	AlertSeverityInformational AlertSeverity = "Informational"
	AlertSeverityLow           AlertSeverity = "Low"
	AlertSeverityMedium        AlertSeverity = "Medium"
)

type AttackTactic

type AttackTactic string
const (
	AttackTacticCollection          AttackTactic = "Collection"
	AttackTacticCommandAndControl   AttackTactic = "CommandAndControl"
	AttackTacticCredentialAccess    AttackTactic = "CredentialAccess"
	AttackTacticDefenseEvasion      AttackTactic = "DefenseEvasion"
	AttackTacticDiscovery           AttackTactic = "Discovery"
	AttackTacticExecution           AttackTactic = "Execution"
	AttackTacticExfiltration        AttackTactic = "Exfiltration"
	AttackTacticImpact              AttackTactic = "Impact"
	AttackTacticInitialAccess       AttackTactic = "InitialAccess"
	AttackTacticLateralMovement     AttackTactic = "LateralMovement"
	AttackTacticPersistence         AttackTactic = "Persistence"
	AttackTacticPreAttack           AttackTactic = "PreAttack"
	AttackTacticPrivilegeEscalation AttackTactic = "PrivilegeEscalation"
)

type EntityMapping added in v0.20221021.1074650

type EntityMapping struct {
	EntityType    *EntityMappingType `json:"entityType,omitempty"`
	FieldMappings *[]FieldMapping    `json:"fieldMappings,omitempty"`
}

type EntityMappingType added in v0.20221021.1074650

type EntityMappingType string
const (
	EntityMappingTypeAccount          EntityMappingType = "Account"
	EntityMappingTypeAzureResource    EntityMappingType = "AzureResource"
	EntityMappingTypeCloudApplication EntityMappingType = "CloudApplication"
	EntityMappingTypeDNS              EntityMappingType = "DNS"
	EntityMappingTypeFile             EntityMappingType = "File"
	EntityMappingTypeFileHash         EntityMappingType = "FileHash"
	EntityMappingTypeHost             EntityMappingType = "Host"
	EntityMappingTypeIP               EntityMappingType = "IP"
	EntityMappingTypeMailCluster      EntityMappingType = "MailCluster"
	EntityMappingTypeMailMessage      EntityMappingType = "MailMessage"
	EntityMappingTypeMailbox          EntityMappingType = "Mailbox"
	EntityMappingTypeMalware          EntityMappingType = "Malware"
	EntityMappingTypeProcess          EntityMappingType = "Process"
	EntityMappingTypeRegistryKey      EntityMappingType = "RegistryKey"
	EntityMappingTypeRegistryValue    EntityMappingType = "RegistryValue"
	EntityMappingTypeSecurityGroup    EntityMappingType = "SecurityGroup"
	EntityMappingTypeSubmissionMail   EntityMappingType = "SubmissionMail"
	EntityMappingTypeURL              EntityMappingType = "URL"
)

type EventGroupingAggregationKind added in v0.20221021.1074650

type EventGroupingAggregationKind string
const (
	EventGroupingAggregationKindAlertPerResult EventGroupingAggregationKind = "AlertPerResult"
	EventGroupingAggregationKindSingleAlert    EventGroupingAggregationKind = "SingleAlert"
)

type EventGroupingSettings added in v0.20221021.1074650

type EventGroupingSettings struct {
	AggregationKind *EventGroupingAggregationKind `json:"aggregationKind,omitempty"`
}

type FieldMapping added in v0.20221021.1074650

type FieldMapping struct {
	ColumnName *string `json:"columnName,omitempty"`
	Identifier *string `json:"identifier,omitempty"`
}

type FusionAlertRuleTemplate

type FusionAlertRuleTemplate struct {
	Properties *FusionAlertRuleTemplateProperties `json:"properties,omitempty"`

	// Fields inherited from AlertRuleTemplate
	Id         *string                `json:"id,omitempty"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (FusionAlertRuleTemplate) MarshalJSON

func (s FusionAlertRuleTemplate) MarshalJSON() ([]byte, error)

type FusionAlertRuleTemplateProperties

type FusionAlertRuleTemplateProperties struct {
	AlertRulesCreatedByTemplateCount int64                          `json:"alertRulesCreatedByTemplateCount"`
	CreatedDateUTC                   *string                        `json:"createdDateUTC,omitempty"`
	Description                      string                         `json:"description"`
	DisplayName                      string                         `json:"displayName"`
	LastUpdatedDateUTC               *string                        `json:"lastUpdatedDateUTC,omitempty"`
	RequiredDataConnectors           *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"`
	Severity                         AlertSeverity                  `json:"severity"`
	Status                           TemplateStatus                 `json:"status"`
	Tactics                          *[]AttackTactic                `json:"tactics,omitempty"`
}

func (*FusionAlertRuleTemplateProperties) GetCreatedDateUTCAsTime added in v0.20221021.1074650

func (o *FusionAlertRuleTemplateProperties) GetCreatedDateUTCAsTime() (*time.Time, error)

func (*FusionAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime added in v0.20221021.1074650

func (o *FusionAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime() (*time.Time, error)

func (*FusionAlertRuleTemplateProperties) SetCreatedDateUTCAsTime added in v0.20221021.1074650

func (o *FusionAlertRuleTemplateProperties) SetCreatedDateUTCAsTime(input time.Time)

func (*FusionAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime added in v0.20221021.1074650

func (o *FusionAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime(input time.Time)

type GetOperationResponse added in v0.20230906.1160501

type GetOperationResponse struct {
	HttpResponse *http.Response
	Model        *AlertRuleTemplate
}

type ListCompleteResult added in v0.20230906.1160501

type ListCompleteResult struct {
	Items []AlertRuleTemplate
}

type ListOperationResponse added in v0.20230906.1160501

type ListOperationResponse struct {
	HttpResponse *http.Response
	Model        *[]AlertRuleTemplate
	// contains filtered or unexported fields
}

func (ListOperationResponse) HasMore added in v0.20230906.1160501

func (r ListOperationResponse) HasMore() bool

func (ListOperationResponse) LoadMore added in v0.20230906.1160501

func (r ListOperationResponse) LoadMore(ctx context.Context) (resp ListOperationResponse, err error)

type MLBehaviorAnalyticsAlertRuleTemplate

type MLBehaviorAnalyticsAlertRuleTemplate struct {
	Properties *MLBehaviorAnalyticsAlertRuleTemplateProperties `json:"properties,omitempty"`

	// Fields inherited from AlertRuleTemplate
	Id         *string                `json:"id,omitempty"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (MLBehaviorAnalyticsAlertRuleTemplate) MarshalJSON

func (s MLBehaviorAnalyticsAlertRuleTemplate) MarshalJSON() ([]byte, error)

type MLBehaviorAnalyticsAlertRuleTemplateProperties

type MLBehaviorAnalyticsAlertRuleTemplateProperties struct {
	AlertRulesCreatedByTemplateCount int64                          `json:"alertRulesCreatedByTemplateCount"`
	CreatedDateUTC                   *string                        `json:"createdDateUTC,omitempty"`
	Description                      string                         `json:"description"`
	DisplayName                      string                         `json:"displayName"`
	LastUpdatedDateUTC               *string                        `json:"lastUpdatedDateUTC,omitempty"`
	RequiredDataConnectors           *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"`
	Severity                         AlertSeverity                  `json:"severity"`
	Status                           TemplateStatus                 `json:"status"`
	Tactics                          *[]AttackTactic                `json:"tactics,omitempty"`
}

func (*MLBehaviorAnalyticsAlertRuleTemplateProperties) GetCreatedDateUTCAsTime added in v0.20221021.1074650

func (o *MLBehaviorAnalyticsAlertRuleTemplateProperties) GetCreatedDateUTCAsTime() (*time.Time, error)

func (*MLBehaviorAnalyticsAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime added in v0.20221021.1074650

func (o *MLBehaviorAnalyticsAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime() (*time.Time, error)

func (*MLBehaviorAnalyticsAlertRuleTemplateProperties) SetCreatedDateUTCAsTime added in v0.20221021.1074650

func (o *MLBehaviorAnalyticsAlertRuleTemplateProperties) SetCreatedDateUTCAsTime(input time.Time)

func (*MLBehaviorAnalyticsAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime added in v0.20221021.1074650

func (o *MLBehaviorAnalyticsAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime(input time.Time)

type MicrosoftSecurityIncidentCreationAlertRuleTemplate

type MicrosoftSecurityIncidentCreationAlertRuleTemplate struct {
	Properties *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties `json:"properties,omitempty"`

	// Fields inherited from AlertRuleTemplate
	Id         *string                `json:"id,omitempty"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (MicrosoftSecurityIncidentCreationAlertRuleTemplate) MarshalJSON

type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties added in v0.20230503.1140953

type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties struct {
	AlertRulesCreatedByTemplateCount int64                          `json:"alertRulesCreatedByTemplateCount"`
	CreatedDateUTC                   string                         `json:"createdDateUTC"`
	Description                      string                         `json:"description"`
	DisplayName                      string                         `json:"displayName"`
	DisplayNamesExcludeFilter        *[]string                      `json:"displayNamesExcludeFilter,omitempty"`
	DisplayNamesFilter               *[]string                      `json:"displayNamesFilter,omitempty"`
	LastUpdatedDateUTC               *string                        `json:"lastUpdatedDateUTC,omitempty"`
	ProductFilter                    MicrosoftSecurityProductName   `json:"productFilter"`
	RequiredDataConnectors           *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"`
	SeveritiesFilter                 *[]AlertSeverity               `json:"severitiesFilter,omitempty"`
	Status                           TemplateStatus                 `json:"status"`
}

func (*MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) GetCreatedDateUTCAsTime added in v0.20230503.1140953

func (*MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime added in v0.20230503.1140953

func (o *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime() (*time.Time, error)

func (*MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) SetCreatedDateUTCAsTime added in v0.20230503.1140953

func (*MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime added in v0.20230503.1140953

func (o *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime(input time.Time)

type MicrosoftSecurityProductName added in v0.20230503.1140953

type MicrosoftSecurityProductName string
const (
	MicrosoftSecurityProductNameAzureActiveDirectoryIdentityProtection     MicrosoftSecurityProductName = "Azure Active Directory Identity Protection"
	MicrosoftSecurityProductNameAzureAdvancedThreatProtection              MicrosoftSecurityProductName = "Azure Advanced Threat Protection"
	MicrosoftSecurityProductNameAzureSecurityCenter                        MicrosoftSecurityProductName = "Azure Security Center"
	MicrosoftSecurityProductNameAzureSecurityCenterForIoT                  MicrosoftSecurityProductName = "Azure Security Center for IoT"
	MicrosoftSecurityProductNameMicrosoftCloudAppSecurity                  MicrosoftSecurityProductName = "Microsoft Cloud App Security"
	MicrosoftSecurityProductNameMicrosoftDefenderAdvancedThreatProtection  MicrosoftSecurityProductName = "Microsoft Defender Advanced Threat Protection"
	MicrosoftSecurityProductNameOfficeThreeSixFiveAdvancedThreatProtection MicrosoftSecurityProductName = "Office 365 Advanced Threat Protection"
)

type NrtAlertRuleTemplate

type NrtAlertRuleTemplate struct {
	Properties *NrtAlertRuleTemplateProperties `json:"properties,omitempty"`

	// Fields inherited from AlertRuleTemplate
	Id         *string                `json:"id,omitempty"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (NrtAlertRuleTemplate) MarshalJSON

func (s NrtAlertRuleTemplate) MarshalJSON() ([]byte, error)

type NrtAlertRuleTemplateProperties added in v0.20230503.1140953

type NrtAlertRuleTemplateProperties struct {
	AlertDetailsOverride             *AlertDetailsOverride          `json:"alertDetailsOverride,omitempty"`
	AlertRulesCreatedByTemplateCount int64                          `json:"alertRulesCreatedByTemplateCount"`
	CreatedDateUTC                   *string                        `json:"createdDateUTC,omitempty"`
	CustomDetails                    *map[string]string             `json:"customDetails,omitempty"`
	Description                      string                         `json:"description"`
	DisplayName                      string                         `json:"displayName"`
	EntityMappings                   *[]EntityMapping               `json:"entityMappings,omitempty"`
	LastUpdatedDateUTC               *string                        `json:"lastUpdatedDateUTC,omitempty"`
	Query                            string                         `json:"query"`
	RequiredDataConnectors           *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"`
	Severity                         AlertSeverity                  `json:"severity"`
	Status                           TemplateStatus                 `json:"status"`
	Tactics                          *[]AttackTactic                `json:"tactics,omitempty"`
	Version                          string                         `json:"version"`
}

func (*NrtAlertRuleTemplateProperties) GetCreatedDateUTCAsTime added in v0.20230503.1140953

func (o *NrtAlertRuleTemplateProperties) GetCreatedDateUTCAsTime() (*time.Time, error)

func (*NrtAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime added in v0.20230503.1140953

func (o *NrtAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime() (*time.Time, error)

func (*NrtAlertRuleTemplateProperties) SetCreatedDateUTCAsTime added in v0.20230503.1140953

func (o *NrtAlertRuleTemplateProperties) SetCreatedDateUTCAsTime(input time.Time)

func (*NrtAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime added in v0.20230503.1140953

func (o *NrtAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime(input time.Time)

type RawAlertRuleTemplateImpl added in v0.20230807.1063129

type RawAlertRuleTemplateImpl struct {
	Type   string
	Values map[string]interface{}
}

RawAlertRuleTemplateImpl is returned when the Discriminated Value doesn't match any of the defined types NOTE: this should only be used when a type isn't defined for this type of Object (as a workaround) and is used only for Deserialization (e.g. this cannot be used as a Request Payload).

type ScheduledAlertRuleTemplate

type ScheduledAlertRuleTemplate struct {
	Properties *ScheduledAlertRuleTemplateProperties `json:"properties,omitempty"`

	// Fields inherited from AlertRuleTemplate
	Id         *string                `json:"id,omitempty"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (ScheduledAlertRuleTemplate) MarshalJSON

func (s ScheduledAlertRuleTemplate) MarshalJSON() ([]byte, error)

type ScheduledAlertRuleTemplateProperties

type ScheduledAlertRuleTemplateProperties struct {
	AlertDetailsOverride             *AlertDetailsOverride          `json:"alertDetailsOverride,omitempty"`
	AlertRulesCreatedByTemplateCount int64                          `json:"alertRulesCreatedByTemplateCount"`
	CreatedDateUTC                   *string                        `json:"createdDateUTC,omitempty"`
	CustomDetails                    *map[string]string             `json:"customDetails,omitempty"`
	Description                      string                         `json:"description"`
	DisplayName                      string                         `json:"displayName"`
	EntityMappings                   *[]EntityMapping               `json:"entityMappings,omitempty"`
	EventGroupingSettings            *EventGroupingSettings         `json:"eventGroupingSettings,omitempty"`
	LastUpdatedDateUTC               *string                        `json:"lastUpdatedDateUTC,omitempty"`
	Query                            string                         `json:"query"`
	QueryFrequency                   string                         `json:"queryFrequency"`
	QueryPeriod                      string                         `json:"queryPeriod"`
	RequiredDataConnectors           *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"`
	Severity                         AlertSeverity                  `json:"severity"`
	Status                           TemplateStatus                 `json:"status"`
	Tactics                          *[]AttackTactic                `json:"tactics,omitempty"`
	TriggerOperator                  TriggerOperator                `json:"triggerOperator"`
	TriggerThreshold                 int64                          `json:"triggerThreshold"`
	Version                          string                         `json:"version"`
}

func (*ScheduledAlertRuleTemplateProperties) GetCreatedDateUTCAsTime added in v0.20221021.1074650

func (o *ScheduledAlertRuleTemplateProperties) GetCreatedDateUTCAsTime() (*time.Time, error)

func (*ScheduledAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime added in v0.20221021.1074650

func (o *ScheduledAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime() (*time.Time, error)

func (*ScheduledAlertRuleTemplateProperties) SetCreatedDateUTCAsTime added in v0.20221021.1074650

func (o *ScheduledAlertRuleTemplateProperties) SetCreatedDateUTCAsTime(input time.Time)

func (*ScheduledAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime added in v0.20221021.1074650

func (o *ScheduledAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime(input time.Time)

type TemplateStatus added in v0.20221021.1074650

type TemplateStatus string
const (
	TemplateStatusAvailable    TemplateStatus = "Available"
	TemplateStatusInstalled    TemplateStatus = "Installed"
	TemplateStatusNotAvailable TemplateStatus = "NotAvailable"
)

type ThreatIntelligenceAlertRuleTemplate

type ThreatIntelligenceAlertRuleTemplate struct {
	Properties *ThreatIntelligenceAlertRuleTemplateProperties `json:"properties,omitempty"`

	// Fields inherited from AlertRuleTemplate
	Id         *string                `json:"id,omitempty"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (ThreatIntelligenceAlertRuleTemplate) MarshalJSON

func (s ThreatIntelligenceAlertRuleTemplate) MarshalJSON() ([]byte, error)

type ThreatIntelligenceAlertRuleTemplateProperties

type ThreatIntelligenceAlertRuleTemplateProperties struct {
	AlertRulesCreatedByTemplateCount int64                          `json:"alertRulesCreatedByTemplateCount"`
	CreatedDateUTC                   *string                        `json:"createdDateUTC,omitempty"`
	Description                      string                         `json:"description"`
	DisplayName                      string                         `json:"displayName"`
	LastUpdatedDateUTC               *string                        `json:"lastUpdatedDateUTC,omitempty"`
	RequiredDataConnectors           *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"`
	Severity                         AlertSeverity                  `json:"severity"`
	Status                           TemplateStatus                 `json:"status"`
	Tactics                          *[]AttackTactic                `json:"tactics,omitempty"`
}

func (*ThreatIntelligenceAlertRuleTemplateProperties) GetCreatedDateUTCAsTime added in v0.20221021.1074650

func (o *ThreatIntelligenceAlertRuleTemplateProperties) GetCreatedDateUTCAsTime() (*time.Time, error)

func (*ThreatIntelligenceAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime added in v0.20221021.1074650

func (o *ThreatIntelligenceAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime() (*time.Time, error)

func (*ThreatIntelligenceAlertRuleTemplateProperties) SetCreatedDateUTCAsTime added in v0.20221021.1074650

func (o *ThreatIntelligenceAlertRuleTemplateProperties) SetCreatedDateUTCAsTime(input time.Time)

func (*ThreatIntelligenceAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime added in v0.20221021.1074650

func (o *ThreatIntelligenceAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime(input time.Time)

type TriggerOperator added in v0.20221021.1074650

type TriggerOperator string
const (
	TriggerOperatorEqual       TriggerOperator = "Equal"
	TriggerOperatorGreaterThan TriggerOperator = "GreaterThan"
	TriggerOperatorLessThan    TriggerOperator = "LessThan"
	TriggerOperatorNotEqual    TriggerOperator = "NotEqual"
)

type WorkspaceId

type WorkspaceId struct {
	SubscriptionId    string
	ResourceGroupName string
	WorkspaceName     string
}

WorkspaceId is a struct representing the Resource ID for a Workspace

func NewWorkspaceID

func NewWorkspaceID(subscriptionId string, resourceGroupName string, workspaceName string) WorkspaceId

NewWorkspaceID returns a new WorkspaceId struct

func ParseWorkspaceID

func ParseWorkspaceID(input string) (*WorkspaceId, error)

ParseWorkspaceID parses 'input' into a WorkspaceId

func ParseWorkspaceIDInsensitively

func ParseWorkspaceIDInsensitively(input string) (*WorkspaceId, error)

ParseWorkspaceIDInsensitively parses 'input' case-insensitively into a WorkspaceId note: this method should only be used for API response data and not user input

func (WorkspaceId) ID

func (id WorkspaceId) ID() string

ID returns the formatted Workspace ID

func (WorkspaceId) Segments

func (id WorkspaceId) Segments() []resourceids.Segment

Segments returns a slice of Resource ID Segments which comprise this Workspace ID

func (WorkspaceId) String

func (id WorkspaceId) String() string

String returns a human-readable description of this Workspace ID

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL