Versions in this module Expand all Collapse all v0 v0.20241126.2320 Nov 26, 2024 v0.20241126.1723 Nov 26, 2024 Changes in this version + func PossibleValuesForAlertProperty() []string + func PossibleValuesForAlertRuleKind() []string + func PossibleValuesForAlertSeverity() []string + func PossibleValuesForAttackTactic() []string + func PossibleValuesForEntityMappingType() []string + func PossibleValuesForEventGroupingAggregationKind() []string + func PossibleValuesForMicrosoftSecurityProductName() []string + func PossibleValuesForTemplateStatus() []string + func PossibleValuesForTriggerOperator() []string + func ValidateAlertRuleTemplateID(input interface{}, key string) (warnings []string, errors []error) + func ValidateWorkspaceID(input interface{}, key string) (warnings []string, errors []error) + type AlertDetailsOverride struct + AlertDescriptionFormat *string + AlertDisplayNameFormat *string + AlertDynamicProperties *[]AlertPropertyMapping + AlertSeverityColumnName *string + AlertTacticsColumnName *string + type AlertProperty string + const AlertPropertyAlertLink + const AlertPropertyConfidenceLevel + const AlertPropertyConfidenceScore + const AlertPropertyExtendedLinks + const AlertPropertyProductComponentName + const AlertPropertyProductName + const AlertPropertyProviderName + const AlertPropertyRemediationSteps + const AlertPropertyTechniques + func (s *AlertProperty) UnmarshalJSON(bytes []byte) error + type AlertPropertyMapping struct + AlertProperty *AlertProperty + Value *string + type AlertRuleKind string + const AlertRuleKindFusion + const AlertRuleKindMLBehaviorAnalytics + const AlertRuleKindMicrosoftSecurityIncidentCreation + const AlertRuleKindNRT + const AlertRuleKindScheduled + const AlertRuleKindThreatIntelligence + func (s *AlertRuleKind) UnmarshalJSON(bytes []byte) error + type AlertRuleTemplate interface + AlertRuleTemplate func() BaseAlertRuleTemplateImpl + func UnmarshalAlertRuleTemplateImplementation(input []byte) (AlertRuleTemplate, error) + type AlertRuleTemplateDataSource struct + ConnectorId *string + DataTypes *[]string + type AlertRuleTemplateId struct + AlertRuleTemplateId string + ResourceGroupName string + SubscriptionId string + WorkspaceName string + func NewAlertRuleTemplateID(subscriptionId string, resourceGroupName string, workspaceName string, ...) AlertRuleTemplateId + func ParseAlertRuleTemplateID(input string) (*AlertRuleTemplateId, error) + func ParseAlertRuleTemplateIDInsensitively(input string) (*AlertRuleTemplateId, error) + func (id *AlertRuleTemplateId) FromParseResult(input resourceids.ParseResult) error + func (id AlertRuleTemplateId) ID() string + func (id AlertRuleTemplateId) Segments() []resourceids.Segment + func (id AlertRuleTemplateId) String() string + type AlertRuleTemplateOperationPredicate struct + func (p AlertRuleTemplateOperationPredicate) Matches(input AlertRuleTemplate) bool + type AlertRuleTemplatesClient struct + Client *resourcemanager.Client + func NewAlertRuleTemplatesClientWithBaseURI(sdkApi sdkEnv.Api) (*AlertRuleTemplatesClient, error) + func (c AlertRuleTemplatesClient) Get(ctx context.Context, id AlertRuleTemplateId) (result GetOperationResponse, err error) + func (c AlertRuleTemplatesClient) List(ctx context.Context, id WorkspaceId) (result ListOperationResponse, err error) + func (c AlertRuleTemplatesClient) ListComplete(ctx context.Context, id WorkspaceId) (ListCompleteResult, error) + func (c AlertRuleTemplatesClient) ListCompleteMatchingPredicate(ctx context.Context, id WorkspaceId, ...) (result ListCompleteResult, err error) + type AlertSeverity string + const AlertSeverityHigh + const AlertSeverityInformational + const AlertSeverityLow + const AlertSeverityMedium + func (s *AlertSeverity) UnmarshalJSON(bytes []byte) error + type AttackTactic string + const AttackTacticCollection + const AttackTacticCommandAndControl + const AttackTacticCredentialAccess + const AttackTacticDefenseEvasion + const AttackTacticDiscovery + const AttackTacticExecution + const AttackTacticExfiltration + const AttackTacticImpact + const AttackTacticImpairProcessControl + const AttackTacticInhibitResponseFunction + const AttackTacticInitialAccess + const AttackTacticLateralMovement + const AttackTacticPersistence + const AttackTacticPreAttack + const AttackTacticPrivilegeEscalation + const AttackTacticReconnaissance + const AttackTacticResourceDevelopment + func (s *AttackTactic) UnmarshalJSON(bytes []byte) error + type BaseAlertRuleTemplateImpl struct + Id *string + Kind AlertRuleKind + Name *string + SystemData *systemdata.SystemData + Type *string + func (s BaseAlertRuleTemplateImpl) AlertRuleTemplate() BaseAlertRuleTemplateImpl + type EntityMapping struct + EntityType *EntityMappingType + FieldMappings *[]FieldMapping + type EntityMappingType string + const EntityMappingTypeAccount + const EntityMappingTypeAzureResource + const EntityMappingTypeCloudApplication + const EntityMappingTypeDNS + const EntityMappingTypeFile + const EntityMappingTypeFileHash + const EntityMappingTypeHost + const EntityMappingTypeIP + const EntityMappingTypeMailCluster + const EntityMappingTypeMailMessage + const EntityMappingTypeMailbox + const EntityMappingTypeMalware + const EntityMappingTypeProcess + const EntityMappingTypeRegistryKey + const EntityMappingTypeRegistryValue + const EntityMappingTypeSecurityGroup + const EntityMappingTypeSubmissionMail + const EntityMappingTypeURL + func (s *EntityMappingType) UnmarshalJSON(bytes []byte) error + type EventGroupingAggregationKind string + const EventGroupingAggregationKindAlertPerResult + const EventGroupingAggregationKindSingleAlert + func (s *EventGroupingAggregationKind) UnmarshalJSON(bytes []byte) error + type EventGroupingSettings struct + AggregationKind *EventGroupingAggregationKind + type FieldMapping struct + ColumnName *string + Identifier *string + type FusionAlertRuleTemplate struct + Id *string + Kind AlertRuleKind + Name *string + Properties *FusionAlertRuleTemplateProperties + SystemData *systemdata.SystemData + Type *string + func (s FusionAlertRuleTemplate) AlertRuleTemplate() BaseAlertRuleTemplateImpl + func (s FusionAlertRuleTemplate) MarshalJSON() ([]byte, error) + type FusionAlertRuleTemplateProperties struct + AlertRulesCreatedByTemplateCount *int64 + CreatedDateUTC *string + Description *string + DisplayName *string + LastUpdatedDateUTC *string + RequiredDataConnectors *[]AlertRuleTemplateDataSource + Severity *AlertSeverity + SourceSettings *[]FusionTemplateSourceSetting + Status *TemplateStatus + Tactics *[]AttackTactic + Techniques *[]string + func (o *FusionAlertRuleTemplateProperties) GetCreatedDateUTCAsTime() (*time.Time, error) + func (o *FusionAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime() (*time.Time, error) + func (o *FusionAlertRuleTemplateProperties) SetCreatedDateUTCAsTime(input time.Time) + func (o *FusionAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime(input time.Time) + type FusionTemplateSourceSetting struct + SourceName string + SourceSubTypes *[]FusionTemplateSourceSubType + type FusionTemplateSourceSubType struct + SeverityFilter FusionTemplateSubTypeSeverityFilter + SourceSubTypeDisplayName *string + SourceSubTypeName string + type FusionTemplateSubTypeSeverityFilter struct + IsSupported bool + SeverityFilters *[]AlertSeverity + type GetOperationResponse struct + HttpResponse *http.Response + Model AlertRuleTemplate + OData *odata.OData + type ListCompleteResult struct + Items []AlertRuleTemplate + LatestHttpResponse *http.Response + type ListCustomPager struct + NextLink *odata.Link + func (p *ListCustomPager) NextPageLink() *odata.Link + type ListOperationResponse struct + HttpResponse *http.Response + Model *[]AlertRuleTemplate + OData *odata.OData + type MLBehaviorAnalyticsAlertRuleTemplate struct + Id *string + Kind AlertRuleKind + Name *string + Properties *MLBehaviorAnalyticsAlertRuleTemplateProperties + SystemData *systemdata.SystemData + Type *string + func (s MLBehaviorAnalyticsAlertRuleTemplate) AlertRuleTemplate() BaseAlertRuleTemplateImpl + func (s MLBehaviorAnalyticsAlertRuleTemplate) MarshalJSON() ([]byte, error) + type MLBehaviorAnalyticsAlertRuleTemplateProperties struct + Severity AlertSeverity + Tactics *[]AttackTactic + Techniques *[]string + type MicrosoftSecurityIncidentCreationAlertRuleTemplate struct + Id *string + Kind AlertRuleKind + Name *string + Properties *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties + SystemData *systemdata.SystemData + Type *string + func (s MicrosoftSecurityIncidentCreationAlertRuleTemplate) AlertRuleTemplate() BaseAlertRuleTemplateImpl + func (s MicrosoftSecurityIncidentCreationAlertRuleTemplate) MarshalJSON() ([]byte, error) + type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties struct + AlertRulesCreatedByTemplateCount *int64 + CreatedDateUTC *string + Description *string + DisplayName *string + DisplayNamesExcludeFilter *[]string + DisplayNamesFilter *[]string + LastUpdatedDateUTC *string + ProductFilter *MicrosoftSecurityProductName + RequiredDataConnectors *[]AlertRuleTemplateDataSource + SeveritiesFilter *[]AlertSeverity + Status *TemplateStatus + func (o *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) GetCreatedDateUTCAsTime() (*time.Time, error) + func (o *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime() (*time.Time, error) + func (o *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) SetCreatedDateUTCAsTime(input time.Time) + func (o *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime(input time.Time) + type MicrosoftSecurityProductName string + const MicrosoftSecurityProductNameAzureActiveDirectoryIdentityProtection + const MicrosoftSecurityProductNameAzureAdvancedThreatProtection + const MicrosoftSecurityProductNameAzureSecurityCenter + const MicrosoftSecurityProductNameAzureSecurityCenterForIoT + const MicrosoftSecurityProductNameMicrosoftCloudAppSecurity + const MicrosoftSecurityProductNameMicrosoftDefenderAdvancedThreatProtection + const MicrosoftSecurityProductNameOfficeThreeSixFiveAdvancedThreatProtection + func (s *MicrosoftSecurityProductName) UnmarshalJSON(bytes []byte) error + type NrtAlertRuleTemplate struct + Id *string + Kind AlertRuleKind + Name *string + Properties *NrtAlertRuleTemplateProperties + SystemData *systemdata.SystemData + Type *string + func (s NrtAlertRuleTemplate) AlertRuleTemplate() BaseAlertRuleTemplateImpl + func (s NrtAlertRuleTemplate) MarshalJSON() ([]byte, error) + type NrtAlertRuleTemplateProperties struct + AlertDetailsOverride *AlertDetailsOverride + CustomDetails *map[string]string + EntityMappings *[]EntityMapping + EventGroupingSettings *EventGroupingSettings + Query string + SentinelEntitiesMappings *[]SentinelEntityMapping + Severity AlertSeverity + Tactics *[]AttackTactic + Techniques *[]string + Version string + type RawAlertRuleTemplateImpl struct + Type string + Values map[string]interface{} + func (s RawAlertRuleTemplateImpl) AlertRuleTemplate() BaseAlertRuleTemplateImpl + type ScheduledAlertRuleTemplate struct + Id *string + Kind AlertRuleKind + Name *string + Properties *ScheduledAlertRuleTemplateProperties + SystemData *systemdata.SystemData + Type *string + func (s ScheduledAlertRuleTemplate) AlertRuleTemplate() BaseAlertRuleTemplateImpl + func (s ScheduledAlertRuleTemplate) MarshalJSON() ([]byte, error) + type ScheduledAlertRuleTemplateProperties struct + AlertDetailsOverride *AlertDetailsOverride + AlertRulesCreatedByTemplateCount *int64 + CreatedDateUTC *string + CustomDetails *map[string]string + Description *string + DisplayName *string + EntityMappings *[]EntityMapping + EventGroupingSettings *EventGroupingSettings + LastUpdatedDateUTC *string + Query *string + QueryFrequency *string + QueryPeriod *string + RequiredDataConnectors *[]AlertRuleTemplateDataSource + SentinelEntitiesMappings *[]SentinelEntityMapping + Severity *AlertSeverity + Status *TemplateStatus + Tactics *[]AttackTactic + Techniques *[]string + TriggerOperator *TriggerOperator + TriggerThreshold *int64 + Version *string + func (o *ScheduledAlertRuleTemplateProperties) GetCreatedDateUTCAsTime() (*time.Time, error) + func (o *ScheduledAlertRuleTemplateProperties) GetLastUpdatedDateUTCAsTime() (*time.Time, error) + func (o *ScheduledAlertRuleTemplateProperties) SetCreatedDateUTCAsTime(input time.Time) + func (o *ScheduledAlertRuleTemplateProperties) SetLastUpdatedDateUTCAsTime(input time.Time) + type SentinelEntityMapping struct + ColumnName *string + type TemplateStatus string + const TemplateStatusAvailable + const TemplateStatusInstalled + const TemplateStatusNotAvailable + func (s *TemplateStatus) UnmarshalJSON(bytes []byte) error + type ThreatIntelligenceAlertRuleTemplate struct + Id *string + Kind AlertRuleKind + Name *string + Properties *ThreatIntelligenceAlertRuleTemplateProperties + SystemData *systemdata.SystemData + Type *string + func (s ThreatIntelligenceAlertRuleTemplate) AlertRuleTemplate() BaseAlertRuleTemplateImpl + func (s ThreatIntelligenceAlertRuleTemplate) MarshalJSON() ([]byte, error) + type ThreatIntelligenceAlertRuleTemplateProperties struct + Severity AlertSeverity + Tactics *[]AttackTactic + Techniques *[]string + type TriggerOperator string + const TriggerOperatorEqual + const TriggerOperatorGreaterThan + const TriggerOperatorLessThan + const TriggerOperatorNotEqual + func (s *TriggerOperator) UnmarshalJSON(bytes []byte) error + type WorkspaceId struct + ResourceGroupName string + SubscriptionId string + WorkspaceName string + func NewWorkspaceID(subscriptionId string, resourceGroupName string, workspaceName string) WorkspaceId + func ParseWorkspaceID(input string) (*WorkspaceId, error) + func ParseWorkspaceIDInsensitively(input string) (*WorkspaceId, error) + func (id *WorkspaceId) FromParseResult(input resourceids.ParseResult) error + func (id WorkspaceId) ID() string + func (id WorkspaceId) Segments() []resourceids.Segment + func (id WorkspaceId) String() string
Go to main page