Documentation ¶
Index ¶
- func PossibleValuesForAlertRuleKind() []string
- func PossibleValuesForAlertSeverity() []string
- func PossibleValuesForAttackTactic() []string
- func PossibleValuesForEntityMappingType() []string
- func PossibleValuesForEventGroupingAggregationKind() []string
- func PossibleValuesForMicrosoftSecurityProductName() []string
- func PossibleValuesForTemplateStatus() []string
- func PossibleValuesForTriggerOperator() []string
- func ValidateAlertRuleTemplateID(input interface{}, key string) (warnings []string, errors []error)
- func ValidateWorkspaceID(input interface{}, key string) (warnings []string, errors []error)
- type AlertDetailsOverride
- type AlertRuleKind
- type AlertRuleTemplate
- type AlertRuleTemplateDataSource
- type AlertRuleTemplateId
- type AlertRuleTemplateOperationPredicate
- type AlertRuleTemplatesClient
- func (c AlertRuleTemplatesClient) Get(ctx context.Context, id AlertRuleTemplateId) (result GetOperationResponse, err error)
- func (c AlertRuleTemplatesClient) List(ctx context.Context, id WorkspaceId) (resp ListOperationResponse, err error)
- func (c AlertRuleTemplatesClient) ListComplete(ctx context.Context, id WorkspaceId) (ListCompleteResult, error)
- func (c AlertRuleTemplatesClient) ListCompleteMatchingPredicate(ctx context.Context, id WorkspaceId, ...) (resp ListCompleteResult, err error)
- type AlertSeverity
- type AttackTactic
- type EntityMapping
- type EntityMappingType
- type EventGroupingAggregationKind
- type EventGroupingSettings
- type FieldMapping
- type FusionAlertRuleTemplate
- type FusionAlertRuleTemplateProperties
- func (o *FusionAlertRuleTemplateProperties) GetCreatedDateUTCAsTime() (*time.Time, error)
- func (o *FusionAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime() (*time.Time, error)
- func (o *FusionAlertRuleTemplateProperties) SetCreatedDateUTCAsTime(input time.Time)
- func (o *FusionAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime(input time.Time)
- type GetOperationResponse
- type ListCompleteResult
- type ListOperationResponse
- type MLBehaviorAnalyticsAlertRuleTemplate
- type MLBehaviorAnalyticsAlertRuleTemplateProperties
- func (o *MLBehaviorAnalyticsAlertRuleTemplateProperties) GetCreatedDateUTCAsTime() (*time.Time, error)
- func (o *MLBehaviorAnalyticsAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime() (*time.Time, error)
- func (o *MLBehaviorAnalyticsAlertRuleTemplateProperties) SetCreatedDateUTCAsTime(input time.Time)
- func (o *MLBehaviorAnalyticsAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime(input time.Time)
- type MicrosoftSecurityIncidentCreationAlertRuleTemplate
- type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties
- func (o *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) GetCreatedDateUTCAsTime() (*time.Time, error)
- func (o *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime() (*time.Time, error)
- func (o *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) SetCreatedDateUTCAsTime(input time.Time)
- func (o *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime(input time.Time)
- type MicrosoftSecurityProductName
- type NrtAlertRuleTemplate
- type NrtAlertRuleTemplateProperties
- func (o *NrtAlertRuleTemplateProperties) GetCreatedDateUTCAsTime() (*time.Time, error)
- func (o *NrtAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime() (*time.Time, error)
- func (o *NrtAlertRuleTemplateProperties) SetCreatedDateUTCAsTime(input time.Time)
- func (o *NrtAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime(input time.Time)
- type RawAlertRuleTemplateImpl
- type ScheduledAlertRuleTemplate
- type ScheduledAlertRuleTemplateProperties
- func (o *ScheduledAlertRuleTemplateProperties) GetCreatedDateUTCAsTime() (*time.Time, error)
- func (o *ScheduledAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime() (*time.Time, error)
- func (o *ScheduledAlertRuleTemplateProperties) SetCreatedDateUTCAsTime(input time.Time)
- func (o *ScheduledAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime(input time.Time)
- type TemplateStatus
- type ThreatIntelligenceAlertRuleTemplate
- type ThreatIntelligenceAlertRuleTemplateProperties
- func (o *ThreatIntelligenceAlertRuleTemplateProperties) GetCreatedDateUTCAsTime() (*time.Time, error)
- func (o *ThreatIntelligenceAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime() (*time.Time, error)
- func (o *ThreatIntelligenceAlertRuleTemplateProperties) SetCreatedDateUTCAsTime(input time.Time)
- func (o *ThreatIntelligenceAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime(input time.Time)
- type TriggerOperator
- type WorkspaceId
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func PossibleValuesForAlertRuleKind ¶
func PossibleValuesForAlertRuleKind() []string
func PossibleValuesForAlertSeverity ¶
func PossibleValuesForAlertSeverity() []string
func PossibleValuesForAttackTactic ¶
func PossibleValuesForAttackTactic() []string
func PossibleValuesForEntityMappingType ¶ added in v0.20221021.1074650
func PossibleValuesForEntityMappingType() []string
func PossibleValuesForEventGroupingAggregationKind ¶ added in v0.20221021.1074650
func PossibleValuesForEventGroupingAggregationKind() []string
func PossibleValuesForMicrosoftSecurityProductName ¶ added in v0.20230503.1140953
func PossibleValuesForMicrosoftSecurityProductName() []string
func PossibleValuesForTemplateStatus ¶ added in v0.20221021.1074650
func PossibleValuesForTemplateStatus() []string
func PossibleValuesForTriggerOperator ¶ added in v0.20221021.1074650
func PossibleValuesForTriggerOperator() []string
func ValidateAlertRuleTemplateID ¶
ValidateAlertRuleTemplateID checks that 'input' can be parsed as a Alert Rule Template ID
func ValidateWorkspaceID ¶
ValidateWorkspaceID checks that 'input' can be parsed as a Workspace ID
Types ¶
type AlertDetailsOverride ¶ added in v0.20221021.1074650
type AlertDetailsOverride struct { AlertDescriptionFormat *string `json:"alertDescriptionFormat,omitempty"` AlertDisplayNameFormat *string `json:"alertDisplayNameFormat,omitempty"` AlertSeverityColumnName *string `json:"alertSeverityColumnName,omitempty"` AlertTacticsColumnName *string `json:"alertTacticsColumnName,omitempty"` }
type AlertRuleKind ¶
type AlertRuleKind string
const ( AlertRuleKindFusion AlertRuleKind = "Fusion" AlertRuleKindMLBehaviorAnalytics AlertRuleKind = "MLBehaviorAnalytics" AlertRuleKindMicrosoftSecurityIncidentCreation AlertRuleKind = "MicrosoftSecurityIncidentCreation" AlertRuleKindNRT AlertRuleKind = "NRT" AlertRuleKindScheduled AlertRuleKind = "Scheduled" AlertRuleKindThreatIntelligence AlertRuleKind = "ThreatIntelligence" )
type AlertRuleTemplate ¶
type AlertRuleTemplate interface { }
type AlertRuleTemplateDataSource ¶ added in v0.20221021.1074650
type AlertRuleTemplateId ¶
type AlertRuleTemplateId struct { SubscriptionId string ResourceGroupName string WorkspaceName string AlertRuleTemplateId string }
AlertRuleTemplateId is a struct representing the Resource ID for a Alert Rule Template
func NewAlertRuleTemplateID ¶
func NewAlertRuleTemplateID(subscriptionId string, resourceGroupName string, workspaceName string, alertRuleTemplateId string) AlertRuleTemplateId
NewAlertRuleTemplateID returns a new AlertRuleTemplateId struct
func ParseAlertRuleTemplateID ¶
func ParseAlertRuleTemplateID(input string) (*AlertRuleTemplateId, error)
ParseAlertRuleTemplateID parses 'input' into a AlertRuleTemplateId
func ParseAlertRuleTemplateIDInsensitively ¶
func ParseAlertRuleTemplateIDInsensitively(input string) (*AlertRuleTemplateId, error)
ParseAlertRuleTemplateIDInsensitively parses 'input' case-insensitively into a AlertRuleTemplateId note: this method should only be used for API response data and not user input
func (AlertRuleTemplateId) ID ¶
func (id AlertRuleTemplateId) ID() string
ID returns the formatted Alert Rule Template ID
func (AlertRuleTemplateId) Segments ¶
func (id AlertRuleTemplateId) Segments() []resourceids.Segment
Segments returns a slice of Resource ID Segments which comprise this Alert Rule Template ID
func (AlertRuleTemplateId) String ¶
func (id AlertRuleTemplateId) String() string
String returns a human-readable description of this Alert Rule Template ID
type AlertRuleTemplateOperationPredicate ¶
type AlertRuleTemplateOperationPredicate struct { }
func (AlertRuleTemplateOperationPredicate) Matches ¶
func (p AlertRuleTemplateOperationPredicate) Matches(input AlertRuleTemplate) bool
type AlertRuleTemplatesClient ¶
type AlertRuleTemplatesClient struct { Client autorest.Client // contains filtered or unexported fields }
func NewAlertRuleTemplatesClientWithBaseURI ¶
func NewAlertRuleTemplatesClientWithBaseURI(endpoint string) AlertRuleTemplatesClient
func (AlertRuleTemplatesClient) Get ¶ added in v0.20230906.1160501
func (c AlertRuleTemplatesClient) Get(ctx context.Context, id AlertRuleTemplateId) (result GetOperationResponse, err error)
Get ...
func (AlertRuleTemplatesClient) List ¶ added in v0.20230906.1160501
func (c AlertRuleTemplatesClient) List(ctx context.Context, id WorkspaceId) (resp ListOperationResponse, err error)
List ...
func (AlertRuleTemplatesClient) ListComplete ¶ added in v0.20230906.1160501
func (c AlertRuleTemplatesClient) ListComplete(ctx context.Context, id WorkspaceId) (ListCompleteResult, error)
ListComplete retrieves all of the results into a single object
func (AlertRuleTemplatesClient) ListCompleteMatchingPredicate ¶ added in v0.20230906.1160501
func (c AlertRuleTemplatesClient) ListCompleteMatchingPredicate(ctx context.Context, id WorkspaceId, predicate AlertRuleTemplateOperationPredicate) (resp ListCompleteResult, err error)
ListCompleteMatchingPredicate retrieves all of the results and then applied the predicate
type AlertSeverity ¶
type AlertSeverity string
const ( AlertSeverityHigh AlertSeverity = "High" AlertSeverityInformational AlertSeverity = "Informational" AlertSeverityLow AlertSeverity = "Low" AlertSeverityMedium AlertSeverity = "Medium" )
type AttackTactic ¶
type AttackTactic string
const ( AttackTacticCollection AttackTactic = "Collection" AttackTacticCommandAndControl AttackTactic = "CommandAndControl" AttackTacticCredentialAccess AttackTactic = "CredentialAccess" AttackTacticDefenseEvasion AttackTactic = "DefenseEvasion" AttackTacticDiscovery AttackTactic = "Discovery" AttackTacticExecution AttackTactic = "Execution" AttackTacticExfiltration AttackTactic = "Exfiltration" AttackTacticImpact AttackTactic = "Impact" AttackTacticInitialAccess AttackTactic = "InitialAccess" AttackTacticLateralMovement AttackTactic = "LateralMovement" AttackTacticPersistence AttackTactic = "Persistence" AttackTacticPreAttack AttackTactic = "PreAttack" AttackTacticPrivilegeEscalation AttackTactic = "PrivilegeEscalation" )
type EntityMapping ¶ added in v0.20221021.1074650
type EntityMapping struct { EntityType *EntityMappingType `json:"entityType,omitempty"` FieldMappings *[]FieldMapping `json:"fieldMappings,omitempty"` }
type EntityMappingType ¶ added in v0.20221021.1074650
type EntityMappingType string
const ( EntityMappingTypeAccount EntityMappingType = "Account" EntityMappingTypeAzureResource EntityMappingType = "AzureResource" EntityMappingTypeCloudApplication EntityMappingType = "CloudApplication" EntityMappingTypeDNS EntityMappingType = "DNS" EntityMappingTypeFile EntityMappingType = "File" EntityMappingTypeFileHash EntityMappingType = "FileHash" EntityMappingTypeHost EntityMappingType = "Host" EntityMappingTypeIP EntityMappingType = "IP" EntityMappingTypeMailCluster EntityMappingType = "MailCluster" EntityMappingTypeMailMessage EntityMappingType = "MailMessage" EntityMappingTypeMailbox EntityMappingType = "Mailbox" EntityMappingTypeMalware EntityMappingType = "Malware" EntityMappingTypeProcess EntityMappingType = "Process" EntityMappingTypeRegistryKey EntityMappingType = "RegistryKey" EntityMappingTypeRegistryValue EntityMappingType = "RegistryValue" EntityMappingTypeSecurityGroup EntityMappingType = "SecurityGroup" EntityMappingTypeSubmissionMail EntityMappingType = "SubmissionMail" EntityMappingTypeURL EntityMappingType = "URL" )
type EventGroupingAggregationKind ¶ added in v0.20221021.1074650
type EventGroupingAggregationKind string
const ( EventGroupingAggregationKindAlertPerResult EventGroupingAggregationKind = "AlertPerResult" EventGroupingAggregationKindSingleAlert EventGroupingAggregationKind = "SingleAlert" )
type EventGroupingSettings ¶ added in v0.20221021.1074650
type EventGroupingSettings struct {
AggregationKind *EventGroupingAggregationKind `json:"aggregationKind,omitempty"`
}
type FieldMapping ¶ added in v0.20221021.1074650
type FusionAlertRuleTemplate ¶
type FusionAlertRuleTemplate struct { Properties *FusionAlertRuleTemplateProperties `json:"properties,omitempty"` // Fields inherited from AlertRuleTemplate Id *string `json:"id,omitempty"` Name *string `json:"name,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
func (FusionAlertRuleTemplate) MarshalJSON ¶
func (s FusionAlertRuleTemplate) MarshalJSON() ([]byte, error)
type FusionAlertRuleTemplateProperties ¶
type FusionAlertRuleTemplateProperties struct { AlertRulesCreatedByTemplateCount int64 `json:"alertRulesCreatedByTemplateCount"` CreatedDateUTC *string `json:"createdDateUTC,omitempty"` Description string `json:"description"` DisplayName string `json:"displayName"` LastUpdatedDateUTC *string `json:"lastUpdatedDateUTC,omitempty"` RequiredDataConnectors *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"` Severity AlertSeverity `json:"severity"` Status TemplateStatus `json:"status"` Tactics *[]AttackTactic `json:"tactics,omitempty"` }
func (*FusionAlertRuleTemplateProperties) GetCreatedDateUTCAsTime ¶ added in v0.20221021.1074650
func (o *FusionAlertRuleTemplateProperties) GetCreatedDateUTCAsTime() (*time.Time, error)
func (*FusionAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime ¶ added in v0.20221021.1074650
func (o *FusionAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime() (*time.Time, error)
func (*FusionAlertRuleTemplateProperties) SetCreatedDateUTCAsTime ¶ added in v0.20221021.1074650
func (o *FusionAlertRuleTemplateProperties) SetCreatedDateUTCAsTime(input time.Time)
func (*FusionAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime ¶ added in v0.20221021.1074650
func (o *FusionAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime(input time.Time)
type GetOperationResponse ¶ added in v0.20230906.1160501
type GetOperationResponse struct { HttpResponse *http.Response Model *AlertRuleTemplate }
type ListCompleteResult ¶ added in v0.20230906.1160501
type ListCompleteResult struct {
Items []AlertRuleTemplate
}
type ListOperationResponse ¶ added in v0.20230906.1160501
type ListOperationResponse struct { HttpResponse *http.Response Model *[]AlertRuleTemplate // contains filtered or unexported fields }
func (ListOperationResponse) HasMore ¶ added in v0.20230906.1160501
func (r ListOperationResponse) HasMore() bool
func (ListOperationResponse) LoadMore ¶ added in v0.20230906.1160501
func (r ListOperationResponse) LoadMore(ctx context.Context) (resp ListOperationResponse, err error)
type MLBehaviorAnalyticsAlertRuleTemplate ¶
type MLBehaviorAnalyticsAlertRuleTemplate struct { Properties *MLBehaviorAnalyticsAlertRuleTemplateProperties `json:"properties,omitempty"` // Fields inherited from AlertRuleTemplate Id *string `json:"id,omitempty"` Name *string `json:"name,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
func (MLBehaviorAnalyticsAlertRuleTemplate) MarshalJSON ¶
func (s MLBehaviorAnalyticsAlertRuleTemplate) MarshalJSON() ([]byte, error)
type MLBehaviorAnalyticsAlertRuleTemplateProperties ¶
type MLBehaviorAnalyticsAlertRuleTemplateProperties struct { AlertRulesCreatedByTemplateCount int64 `json:"alertRulesCreatedByTemplateCount"` CreatedDateUTC *string `json:"createdDateUTC,omitempty"` Description string `json:"description"` DisplayName string `json:"displayName"` LastUpdatedDateUTC *string `json:"lastUpdatedDateUTC,omitempty"` RequiredDataConnectors *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"` Severity AlertSeverity `json:"severity"` Status TemplateStatus `json:"status"` Tactics *[]AttackTactic `json:"tactics,omitempty"` }
func (*MLBehaviorAnalyticsAlertRuleTemplateProperties) GetCreatedDateUTCAsTime ¶ added in v0.20221021.1074650
func (o *MLBehaviorAnalyticsAlertRuleTemplateProperties) GetCreatedDateUTCAsTime() (*time.Time, error)
func (*MLBehaviorAnalyticsAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime ¶ added in v0.20221021.1074650
func (o *MLBehaviorAnalyticsAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime() (*time.Time, error)
func (*MLBehaviorAnalyticsAlertRuleTemplateProperties) SetCreatedDateUTCAsTime ¶ added in v0.20221021.1074650
func (o *MLBehaviorAnalyticsAlertRuleTemplateProperties) SetCreatedDateUTCAsTime(input time.Time)
func (*MLBehaviorAnalyticsAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime ¶ added in v0.20221021.1074650
func (o *MLBehaviorAnalyticsAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime(input time.Time)
type MicrosoftSecurityIncidentCreationAlertRuleTemplate ¶
type MicrosoftSecurityIncidentCreationAlertRuleTemplate struct { Properties *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties `json:"properties,omitempty"` // Fields inherited from AlertRuleTemplate Id *string `json:"id,omitempty"` Name *string `json:"name,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
func (MicrosoftSecurityIncidentCreationAlertRuleTemplate) MarshalJSON ¶
func (s MicrosoftSecurityIncidentCreationAlertRuleTemplate) MarshalJSON() ([]byte, error)
type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties ¶ added in v0.20230503.1140953
type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties struct { AlertRulesCreatedByTemplateCount int64 `json:"alertRulesCreatedByTemplateCount"` CreatedDateUTC string `json:"createdDateUTC"` Description string `json:"description"` DisplayName string `json:"displayName"` DisplayNamesExcludeFilter *[]string `json:"displayNamesExcludeFilter,omitempty"` DisplayNamesFilter *[]string `json:"displayNamesFilter,omitempty"` LastUpdatedDateUTC *string `json:"lastUpdatedDateUTC,omitempty"` ProductFilter MicrosoftSecurityProductName `json:"productFilter"` RequiredDataConnectors *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"` SeveritiesFilter *[]AlertSeverity `json:"severitiesFilter,omitempty"` Status TemplateStatus `json:"status"` }
func (*MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) GetCreatedDateUTCAsTime ¶ added in v0.20230503.1140953
func (o *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) GetCreatedDateUTCAsTime() (*time.Time, error)
func (*MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime ¶ added in v0.20230503.1140953
func (o *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime() (*time.Time, error)
func (*MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) SetCreatedDateUTCAsTime ¶ added in v0.20230503.1140953
func (o *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) SetCreatedDateUTCAsTime(input time.Time)
func (*MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime ¶ added in v0.20230503.1140953
func (o *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime(input time.Time)
type MicrosoftSecurityProductName ¶ added in v0.20230503.1140953
type MicrosoftSecurityProductName string
const ( MicrosoftSecurityProductNameAzureActiveDirectoryIdentityProtection MicrosoftSecurityProductName = "Azure Active Directory Identity Protection" MicrosoftSecurityProductNameAzureAdvancedThreatProtection MicrosoftSecurityProductName = "Azure Advanced Threat Protection" MicrosoftSecurityProductNameAzureSecurityCenter MicrosoftSecurityProductName = "Azure Security Center" MicrosoftSecurityProductNameAzureSecurityCenterForIoT MicrosoftSecurityProductName = "Azure Security Center for IoT" MicrosoftSecurityProductNameMicrosoftCloudAppSecurity MicrosoftSecurityProductName = "Microsoft Cloud App Security" MicrosoftSecurityProductNameMicrosoftDefenderAdvancedThreatProtection MicrosoftSecurityProductName = "Microsoft Defender Advanced Threat Protection" MicrosoftSecurityProductNameOfficeThreeSixFiveAdvancedThreatProtection MicrosoftSecurityProductName = "Office 365 Advanced Threat Protection" )
type NrtAlertRuleTemplate ¶
type NrtAlertRuleTemplate struct { Properties *NrtAlertRuleTemplateProperties `json:"properties,omitempty"` // Fields inherited from AlertRuleTemplate Id *string `json:"id,omitempty"` Name *string `json:"name,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
func (NrtAlertRuleTemplate) MarshalJSON ¶
func (s NrtAlertRuleTemplate) MarshalJSON() ([]byte, error)
type NrtAlertRuleTemplateProperties ¶ added in v0.20230503.1140953
type NrtAlertRuleTemplateProperties struct { AlertDetailsOverride *AlertDetailsOverride `json:"alertDetailsOverride,omitempty"` AlertRulesCreatedByTemplateCount int64 `json:"alertRulesCreatedByTemplateCount"` CreatedDateUTC *string `json:"createdDateUTC,omitempty"` CustomDetails *map[string]string `json:"customDetails,omitempty"` Description string `json:"description"` DisplayName string `json:"displayName"` EntityMappings *[]EntityMapping `json:"entityMappings,omitempty"` LastUpdatedDateUTC *string `json:"lastUpdatedDateUTC,omitempty"` Query string `json:"query"` RequiredDataConnectors *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"` Severity AlertSeverity `json:"severity"` Status TemplateStatus `json:"status"` Tactics *[]AttackTactic `json:"tactics,omitempty"` Version string `json:"version"` }
func (*NrtAlertRuleTemplateProperties) GetCreatedDateUTCAsTime ¶ added in v0.20230503.1140953
func (o *NrtAlertRuleTemplateProperties) GetCreatedDateUTCAsTime() (*time.Time, error)
func (*NrtAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime ¶ added in v0.20230503.1140953
func (o *NrtAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime() (*time.Time, error)
func (*NrtAlertRuleTemplateProperties) SetCreatedDateUTCAsTime ¶ added in v0.20230503.1140953
func (o *NrtAlertRuleTemplateProperties) SetCreatedDateUTCAsTime(input time.Time)
func (*NrtAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime ¶ added in v0.20230503.1140953
func (o *NrtAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime(input time.Time)
type RawAlertRuleTemplateImpl ¶ added in v0.20230807.1063129
RawAlertRuleTemplateImpl is returned when the Discriminated Value doesn't match any of the defined types NOTE: this should only be used when a type isn't defined for this type of Object (as a workaround) and is used only for Deserialization (e.g. this cannot be used as a Request Payload).
type ScheduledAlertRuleTemplate ¶
type ScheduledAlertRuleTemplate struct { Properties *ScheduledAlertRuleTemplateProperties `json:"properties,omitempty"` // Fields inherited from AlertRuleTemplate Id *string `json:"id,omitempty"` Name *string `json:"name,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
func (ScheduledAlertRuleTemplate) MarshalJSON ¶
func (s ScheduledAlertRuleTemplate) MarshalJSON() ([]byte, error)
type ScheduledAlertRuleTemplateProperties ¶
type ScheduledAlertRuleTemplateProperties struct { AlertDetailsOverride *AlertDetailsOverride `json:"alertDetailsOverride,omitempty"` AlertRulesCreatedByTemplateCount int64 `json:"alertRulesCreatedByTemplateCount"` CreatedDateUTC *string `json:"createdDateUTC,omitempty"` CustomDetails *map[string]string `json:"customDetails,omitempty"` Description string `json:"description"` DisplayName string `json:"displayName"` EntityMappings *[]EntityMapping `json:"entityMappings,omitempty"` EventGroupingSettings *EventGroupingSettings `json:"eventGroupingSettings,omitempty"` LastUpdatedDateUTC *string `json:"lastUpdatedDateUTC,omitempty"` Query string `json:"query"` QueryFrequency string `json:"queryFrequency"` QueryPeriod string `json:"queryPeriod"` RequiredDataConnectors *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"` Severity AlertSeverity `json:"severity"` Status TemplateStatus `json:"status"` Tactics *[]AttackTactic `json:"tactics,omitempty"` TriggerOperator TriggerOperator `json:"triggerOperator"` TriggerThreshold int64 `json:"triggerThreshold"` Version string `json:"version"` }
func (*ScheduledAlertRuleTemplateProperties) GetCreatedDateUTCAsTime ¶ added in v0.20221021.1074650
func (o *ScheduledAlertRuleTemplateProperties) GetCreatedDateUTCAsTime() (*time.Time, error)
func (*ScheduledAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime ¶ added in v0.20221021.1074650
func (o *ScheduledAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime() (*time.Time, error)
func (*ScheduledAlertRuleTemplateProperties) SetCreatedDateUTCAsTime ¶ added in v0.20221021.1074650
func (o *ScheduledAlertRuleTemplateProperties) SetCreatedDateUTCAsTime(input time.Time)
func (*ScheduledAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime ¶ added in v0.20221021.1074650
func (o *ScheduledAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime(input time.Time)
type TemplateStatus ¶ added in v0.20221021.1074650
type TemplateStatus string
const ( TemplateStatusAvailable TemplateStatus = "Available" TemplateStatusInstalled TemplateStatus = "Installed" TemplateStatusNotAvailable TemplateStatus = "NotAvailable" )
type ThreatIntelligenceAlertRuleTemplate ¶
type ThreatIntelligenceAlertRuleTemplate struct { Properties *ThreatIntelligenceAlertRuleTemplateProperties `json:"properties,omitempty"` // Fields inherited from AlertRuleTemplate Id *string `json:"id,omitempty"` Name *string `json:"name,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
func (ThreatIntelligenceAlertRuleTemplate) MarshalJSON ¶
func (s ThreatIntelligenceAlertRuleTemplate) MarshalJSON() ([]byte, error)
type ThreatIntelligenceAlertRuleTemplateProperties ¶
type ThreatIntelligenceAlertRuleTemplateProperties struct { AlertRulesCreatedByTemplateCount int64 `json:"alertRulesCreatedByTemplateCount"` CreatedDateUTC *string `json:"createdDateUTC,omitempty"` Description string `json:"description"` DisplayName string `json:"displayName"` LastUpdatedDateUTC *string `json:"lastUpdatedDateUTC,omitempty"` RequiredDataConnectors *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"` Severity AlertSeverity `json:"severity"` Status TemplateStatus `json:"status"` Tactics *[]AttackTactic `json:"tactics,omitempty"` }
func (*ThreatIntelligenceAlertRuleTemplateProperties) GetCreatedDateUTCAsTime ¶ added in v0.20221021.1074650
func (o *ThreatIntelligenceAlertRuleTemplateProperties) GetCreatedDateUTCAsTime() (*time.Time, error)
func (*ThreatIntelligenceAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime ¶ added in v0.20221021.1074650
func (o *ThreatIntelligenceAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime() (*time.Time, error)
func (*ThreatIntelligenceAlertRuleTemplateProperties) SetCreatedDateUTCAsTime ¶ added in v0.20221021.1074650
func (o *ThreatIntelligenceAlertRuleTemplateProperties) SetCreatedDateUTCAsTime(input time.Time)
func (*ThreatIntelligenceAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime ¶ added in v0.20221021.1074650
func (o *ThreatIntelligenceAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime(input time.Time)
type TriggerOperator ¶ added in v0.20221021.1074650
type TriggerOperator string
const ( TriggerOperatorEqual TriggerOperator = "Equal" TriggerOperatorGreaterThan TriggerOperator = "GreaterThan" TriggerOperatorLessThan TriggerOperator = "LessThan" TriggerOperatorNotEqual TriggerOperator = "NotEqual" )
type WorkspaceId ¶
WorkspaceId is a struct representing the Resource ID for a Workspace
func NewWorkspaceID ¶
func NewWorkspaceID(subscriptionId string, resourceGroupName string, workspaceName string) WorkspaceId
NewWorkspaceID returns a new WorkspaceId struct
func ParseWorkspaceID ¶
func ParseWorkspaceID(input string) (*WorkspaceId, error)
ParseWorkspaceID parses 'input' into a WorkspaceId
func ParseWorkspaceIDInsensitively ¶
func ParseWorkspaceIDInsensitively(input string) (*WorkspaceId, error)
ParseWorkspaceIDInsensitively parses 'input' case-insensitively into a WorkspaceId note: this method should only be used for API response data and not user input
func (WorkspaceId) Segments ¶
func (id WorkspaceId) Segments() []resourceids.Segment
Segments returns a slice of Resource ID Segments which comprise this Workspace ID
func (WorkspaceId) String ¶
func (id WorkspaceId) String() string
String returns a human-readable description of this Workspace ID
Source Files ¶
- client.go
- constants.go
- id_alertruletemplate.go
- id_workspace.go
- method_get_autorest.go
- method_list_autorest.go
- model_alertdetailsoverride.go
- model_alertruletemplate.go
- model_alertruletemplatedatasource.go
- model_entitymapping.go
- model_eventgroupingsettings.go
- model_fieldmapping.go
- model_fusionalertruletemplate.go
- model_fusionalertruletemplateproperties.go
- model_microsoftsecurityincidentcreationalertruletemplate.go
- model_microsoftsecurityincidentcreationalertruletemplateproperties.go
- model_mlbehavioranalyticsalertruletemplate.go
- model_mlbehavioranalyticsalertruletemplateproperties.go
- model_nrtalertruletemplate.go
- model_nrtalertruletemplateproperties.go
- model_scheduledalertruletemplate.go
- model_scheduledalertruletemplateproperties.go
- model_threatintelligencealertruletemplate.go
- model_threatintelligencealertruletemplateproperties.go
- predicates.go
- version.go