Documentation ¶
Index ¶
- func PossibleValuesForAlertSeverity() []string
- func PossibleValuesForAlertStatus() []string
- func PossibleValuesForAntispamMailDirection() []string
- func PossibleValuesForAttackTactic() []string
- func PossibleValuesForConfidenceLevel() []string
- func PossibleValuesForConfidenceScoreStatus() []string
- func PossibleValuesForDeliveryAction() []string
- func PossibleValuesForDeliveryLocation() []string
- func PossibleValuesForDeviceImportance() []string
- func PossibleValuesForElevationToken() []string
- func PossibleValuesForEntityKind() []string
- func PossibleValuesForFileHashAlgorithm() []string
- func PossibleValuesForIncidentSeverity() []string
- func PossibleValuesForKillChainIntent() []string
- func PossibleValuesForOSFamily() []string
- func PossibleValuesForRegistryHive() []string
- func PossibleValuesForRegistryValueKind() []string
- func ValidateBookmarkID(input interface{}, key string) (warnings []string, errors []error)
- type AccountEntity
- type AccountEntityProperties
- type AlertSeverity
- type AlertStatus
- type AntispamMailDirection
- type AttackTactic
- type AzureResourceEntity
- type AzureResourceEntityProperties
- type BaseEntityImpl
- type BookmarkClient
- type BookmarkExpandParameters
- type BookmarkExpandResponse
- type BookmarkExpandResponseValue
- type BookmarkId
- type CloudApplicationEntity
- type CloudApplicationEntityProperties
- type ConfidenceLevel
- type ConfidenceScoreStatus
- type ConnectedEntity
- type DeliveryAction
- type DeliveryLocation
- type DeviceImportance
- type DnsEntity
- type DnsEntityProperties
- type ElevationToken
- type Entity
- type EntityKind
- type ExpandOperationResponse
- type ExpansionResultAggregation
- type ExpansionResultsMetadata
- type FileEntity
- type FileEntityProperties
- type FileHashAlgorithm
- type FileHashEntity
- type FileHashEntityProperties
- type GeoLocation
- type HostEntity
- type HostEntityProperties
- type HuntingBookmark
- type HuntingBookmarkProperties
- func (o *HuntingBookmarkProperties) GetCreatedAsTime() (*time.Time, error)
- func (o *HuntingBookmarkProperties) GetEventTimeAsTime() (*time.Time, error)
- func (o *HuntingBookmarkProperties) GetUpdatedAsTime() (*time.Time, error)
- func (o *HuntingBookmarkProperties) SetCreatedAsTime(input time.Time)
- func (o *HuntingBookmarkProperties) SetEventTimeAsTime(input time.Time)
- func (o *HuntingBookmarkProperties) SetUpdatedAsTime(input time.Time)
- type IPEntity
- type IPEntityProperties
- type IncidentInfo
- type IncidentSeverity
- type IoTDeviceEntity
- type IoTDeviceEntityProperties
- type KillChainIntent
- type MailClusterEntity
- type MailClusterEntityProperties
- func (o *MailClusterEntityProperties) GetClusterQueryEndTimeAsTime() (*time.Time, error)
- func (o *MailClusterEntityProperties) GetClusterQueryStartTimeAsTime() (*time.Time, error)
- func (o *MailClusterEntityProperties) GetQueryTimeAsTime() (*time.Time, error)
- func (o *MailClusterEntityProperties) SetClusterQueryEndTimeAsTime(input time.Time)
- func (o *MailClusterEntityProperties) SetClusterQueryStartTimeAsTime(input time.Time)
- func (o *MailClusterEntityProperties) SetQueryTimeAsTime(input time.Time)
- type MailMessageEntity
- type MailMessageEntityProperties
- type MailboxEntity
- type MailboxEntityProperties
- type MalwareEntity
- type MalwareEntityProperties
- type NicEntity
- type NicEntityProperties
- type OSFamily
- type ProcessEntity
- type ProcessEntityProperties
- type RawEntityImpl
- type RegistryHive
- type RegistryKeyEntity
- type RegistryKeyEntityProperties
- type RegistryValueEntity
- type RegistryValueEntityProperties
- type RegistryValueKind
- type SecurityAlert
- type SecurityAlertProperties
- func (o *SecurityAlertProperties) GetEndTimeUtcAsTime() (*time.Time, error)
- func (o *SecurityAlertProperties) GetProcessingEndTimeAsTime() (*time.Time, error)
- func (o *SecurityAlertProperties) GetStartTimeUtcAsTime() (*time.Time, error)
- func (o *SecurityAlertProperties) GetTimeGeneratedAsTime() (*time.Time, error)
- func (o *SecurityAlertProperties) SetEndTimeUtcAsTime(input time.Time)
- func (o *SecurityAlertProperties) SetProcessingEndTimeAsTime(input time.Time)
- func (o *SecurityAlertProperties) SetStartTimeUtcAsTime(input time.Time)
- func (o *SecurityAlertProperties) SetTimeGeneratedAsTime(input time.Time)
- type SecurityAlertPropertiesConfidenceReasonsInlined
- type SecurityGroupEntity
- type SecurityGroupEntityProperties
- type SubmissionMailEntity
- type SubmissionMailEntityProperties
- func (o *SubmissionMailEntityProperties) GetSubmissionDateAsTime() (*time.Time, error)
- func (o *SubmissionMailEntityProperties) GetTimestampAsTime() (*time.Time, error)
- func (o *SubmissionMailEntityProperties) SetSubmissionDateAsTime(input time.Time)
- func (o *SubmissionMailEntityProperties) SetTimestampAsTime(input time.Time)
- type ThreatIntelligence
- type URLEntity
- type URLEntityProperties
- type UserInfo
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func PossibleValuesForAlertSeverity ¶
func PossibleValuesForAlertSeverity() []string
func PossibleValuesForAlertStatus ¶
func PossibleValuesForAlertStatus() []string
func PossibleValuesForAntispamMailDirection ¶
func PossibleValuesForAntispamMailDirection() []string
func PossibleValuesForAttackTactic ¶
func PossibleValuesForAttackTactic() []string
func PossibleValuesForConfidenceLevel ¶
func PossibleValuesForConfidenceLevel() []string
func PossibleValuesForConfidenceScoreStatus ¶
func PossibleValuesForConfidenceScoreStatus() []string
func PossibleValuesForDeliveryAction ¶
func PossibleValuesForDeliveryAction() []string
func PossibleValuesForDeliveryLocation ¶
func PossibleValuesForDeliveryLocation() []string
func PossibleValuesForDeviceImportance ¶
func PossibleValuesForDeviceImportance() []string
func PossibleValuesForElevationToken ¶
func PossibleValuesForElevationToken() []string
func PossibleValuesForEntityKind ¶
func PossibleValuesForEntityKind() []string
func PossibleValuesForFileHashAlgorithm ¶
func PossibleValuesForFileHashAlgorithm() []string
func PossibleValuesForIncidentSeverity ¶
func PossibleValuesForIncidentSeverity() []string
func PossibleValuesForKillChainIntent ¶
func PossibleValuesForKillChainIntent() []string
func PossibleValuesForOSFamily ¶
func PossibleValuesForOSFamily() []string
func PossibleValuesForRegistryHive ¶
func PossibleValuesForRegistryHive() []string
func PossibleValuesForRegistryValueKind ¶
func PossibleValuesForRegistryValueKind() []string
func ValidateBookmarkID ¶
ValidateBookmarkID checks that 'input' can be parsed as a Bookmark ID
Types ¶
type AccountEntity ¶
type AccountEntity struct { Properties *AccountEntityProperties `json:"properties,omitempty"` Id *string `json:"id,omitempty"` Kind EntityKind `json:"kind"` Name *string `json:"name,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
func (AccountEntity) Entity ¶
func (s AccountEntity) Entity() BaseEntityImpl
func (AccountEntity) MarshalJSON ¶
func (s AccountEntity) MarshalJSON() ([]byte, error)
type AccountEntityProperties ¶
type AccountEntityProperties struct { AadTenantId *string `json:"aadTenantId,omitempty"` AadUserId *string `json:"aadUserId,omitempty"` AccountName *string `json:"accountName,omitempty"` AdditionalData *map[string]interface{} `json:"additionalData,omitempty"` DisplayName *string `json:"displayName,omitempty"` DnsDomain *string `json:"dnsDomain,omitempty"` FriendlyName *string `json:"friendlyName,omitempty"` HostEntityId *string `json:"hostEntityId,omitempty"` IsDomainJoined *bool `json:"isDomainJoined,omitempty"` NtDomain *string `json:"ntDomain,omitempty"` ObjectGuid *string `json:"objectGuid,omitempty"` Puid *string `json:"puid,omitempty"` Sid *string `json:"sid,omitempty"` UpnSuffix *string `json:"upnSuffix,omitempty"` }
type AlertSeverity ¶
type AlertSeverity string
const ( AlertSeverityHigh AlertSeverity = "High" AlertSeverityInformational AlertSeverity = "Informational" AlertSeverityLow AlertSeverity = "Low" AlertSeverityMedium AlertSeverity = "Medium" )
func (*AlertSeverity) UnmarshalJSON ¶
func (s *AlertSeverity) UnmarshalJSON(bytes []byte) error
type AlertStatus ¶
type AlertStatus string
const ( AlertStatusDismissed AlertStatus = "Dismissed" AlertStatusInProgress AlertStatus = "InProgress" AlertStatusNew AlertStatus = "New" AlertStatusResolved AlertStatus = "Resolved" AlertStatusUnknown AlertStatus = "Unknown" )
func (*AlertStatus) UnmarshalJSON ¶
func (s *AlertStatus) UnmarshalJSON(bytes []byte) error
type AntispamMailDirection ¶
type AntispamMailDirection string
const ( AntispamMailDirectionInbound AntispamMailDirection = "Inbound" AntispamMailDirectionIntraorg AntispamMailDirection = "Intraorg" AntispamMailDirectionOutbound AntispamMailDirection = "Outbound" AntispamMailDirectionUnknown AntispamMailDirection = "Unknown" )
func (*AntispamMailDirection) UnmarshalJSON ¶
func (s *AntispamMailDirection) UnmarshalJSON(bytes []byte) error
type AttackTactic ¶
type AttackTactic string
const ( AttackTacticCollection AttackTactic = "Collection" AttackTacticCommandAndControl AttackTactic = "CommandAndControl" AttackTacticCredentialAccess AttackTactic = "CredentialAccess" AttackTacticDefenseEvasion AttackTactic = "DefenseEvasion" AttackTacticDiscovery AttackTactic = "Discovery" AttackTacticExecution AttackTactic = "Execution" AttackTacticExfiltration AttackTactic = "Exfiltration" AttackTacticImpact AttackTactic = "Impact" AttackTacticImpairProcessControl AttackTactic = "ImpairProcessControl" AttackTacticInhibitResponseFunction AttackTactic = "InhibitResponseFunction" AttackTacticInitialAccess AttackTactic = "InitialAccess" AttackTacticLateralMovement AttackTactic = "LateralMovement" AttackTacticPersistence AttackTactic = "Persistence" AttackTacticPreAttack AttackTactic = "PreAttack" AttackTacticPrivilegeEscalation AttackTactic = "PrivilegeEscalation" AttackTacticReconnaissance AttackTactic = "Reconnaissance" AttackTacticResourceDevelopment AttackTactic = "ResourceDevelopment" )
func (*AttackTactic) UnmarshalJSON ¶
func (s *AttackTactic) UnmarshalJSON(bytes []byte) error
type AzureResourceEntity ¶
type AzureResourceEntity struct { Properties *AzureResourceEntityProperties `json:"properties,omitempty"` Id *string `json:"id,omitempty"` Kind EntityKind `json:"kind"` Name *string `json:"name,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
func (AzureResourceEntity) Entity ¶
func (s AzureResourceEntity) Entity() BaseEntityImpl
func (AzureResourceEntity) MarshalJSON ¶
func (s AzureResourceEntity) MarshalJSON() ([]byte, error)
type BaseEntityImpl ¶
type BaseEntityImpl struct { Id *string `json:"id,omitempty"` Kind EntityKind `json:"kind"` Name *string `json:"name,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
func (BaseEntityImpl) Entity ¶
func (s BaseEntityImpl) Entity() BaseEntityImpl
type BookmarkClient ¶
type BookmarkClient struct {
Client *resourcemanager.Client
}
func NewBookmarkClientWithBaseURI ¶
func NewBookmarkClientWithBaseURI(sdkApi sdkEnv.Api) (*BookmarkClient, error)
func (BookmarkClient) Expand ¶
func (c BookmarkClient) Expand(ctx context.Context, id BookmarkId, input BookmarkExpandParameters) (result ExpandOperationResponse, err error)
Expand ...
type BookmarkExpandParameters ¶
type BookmarkExpandParameters struct { EndTime *string `json:"endTime,omitempty"` ExpansionId *string `json:"expansionId,omitempty"` StartTime *string `json:"startTime,omitempty"` }
func (*BookmarkExpandParameters) GetEndTimeAsTime ¶
func (o *BookmarkExpandParameters) GetEndTimeAsTime() (*time.Time, error)
func (*BookmarkExpandParameters) GetStartTimeAsTime ¶
func (o *BookmarkExpandParameters) GetStartTimeAsTime() (*time.Time, error)
func (*BookmarkExpandParameters) SetEndTimeAsTime ¶
func (o *BookmarkExpandParameters) SetEndTimeAsTime(input time.Time)
func (*BookmarkExpandParameters) SetStartTimeAsTime ¶
func (o *BookmarkExpandParameters) SetStartTimeAsTime(input time.Time)
type BookmarkExpandResponse ¶
type BookmarkExpandResponse struct { MetaData *ExpansionResultsMetadata `json:"metaData,omitempty"` Value *BookmarkExpandResponseValue `json:"value,omitempty"` }
type BookmarkExpandResponseValue ¶
type BookmarkExpandResponseValue struct { Edges *[]ConnectedEntity `json:"edges,omitempty"` Entities *[]Entity `json:"entities,omitempty"` }
func (*BookmarkExpandResponseValue) UnmarshalJSON ¶
func (s *BookmarkExpandResponseValue) UnmarshalJSON(bytes []byte) error
type BookmarkId ¶
type BookmarkId struct { SubscriptionId string ResourceGroupName string WorkspaceName string BookmarkId string }
BookmarkId is a struct representing the Resource ID for a Bookmark
func NewBookmarkID ¶
func NewBookmarkID(subscriptionId string, resourceGroupName string, workspaceName string, bookmarkId string) BookmarkId
NewBookmarkID returns a new BookmarkId struct
func ParseBookmarkID ¶
func ParseBookmarkID(input string) (*BookmarkId, error)
ParseBookmarkID parses 'input' into a BookmarkId
func ParseBookmarkIDInsensitively ¶
func ParseBookmarkIDInsensitively(input string) (*BookmarkId, error)
ParseBookmarkIDInsensitively parses 'input' case-insensitively into a BookmarkId note: this method should only be used for API response data and not user input
func (*BookmarkId) FromParseResult ¶
func (id *BookmarkId) FromParseResult(input resourceids.ParseResult) error
func (BookmarkId) Segments ¶
func (id BookmarkId) Segments() []resourceids.Segment
Segments returns a slice of Resource ID Segments which comprise this Bookmark ID
func (BookmarkId) String ¶
func (id BookmarkId) String() string
String returns a human-readable description of this Bookmark ID
type CloudApplicationEntity ¶
type CloudApplicationEntity struct { Properties *CloudApplicationEntityProperties `json:"properties,omitempty"` Id *string `json:"id,omitempty"` Kind EntityKind `json:"kind"` Name *string `json:"name,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
func (CloudApplicationEntity) Entity ¶
func (s CloudApplicationEntity) Entity() BaseEntityImpl
func (CloudApplicationEntity) MarshalJSON ¶
func (s CloudApplicationEntity) MarshalJSON() ([]byte, error)
type CloudApplicationEntityProperties ¶
type CloudApplicationEntityProperties struct { AdditionalData *map[string]interface{} `json:"additionalData,omitempty"` AppId *int64 `json:"appId,omitempty"` AppName *string `json:"appName,omitempty"` FriendlyName *string `json:"friendlyName,omitempty"` InstanceName *string `json:"instanceName,omitempty"` }
type ConfidenceLevel ¶
type ConfidenceLevel string
const ( ConfidenceLevelHigh ConfidenceLevel = "High" ConfidenceLevelLow ConfidenceLevel = "Low" ConfidenceLevelUnknown ConfidenceLevel = "Unknown" )
func (*ConfidenceLevel) UnmarshalJSON ¶
func (s *ConfidenceLevel) UnmarshalJSON(bytes []byte) error
type ConfidenceScoreStatus ¶
type ConfidenceScoreStatus string
const ( ConfidenceScoreStatusFinal ConfidenceScoreStatus = "Final" ConfidenceScoreStatusInProcess ConfidenceScoreStatus = "InProcess" ConfidenceScoreStatusNotApplicable ConfidenceScoreStatus = "NotApplicable" ConfidenceScoreStatusNotFinal ConfidenceScoreStatus = "NotFinal" )
func (*ConfidenceScoreStatus) UnmarshalJSON ¶
func (s *ConfidenceScoreStatus) UnmarshalJSON(bytes []byte) error
type ConnectedEntity ¶
type ConnectedEntity struct { AdditionalData *interface{} `json:"additionalData,omitempty"` TargetEntityId *string `json:"targetEntityId,omitempty"` }
type DeliveryAction ¶
type DeliveryAction string
const ( DeliveryActionBlocked DeliveryAction = "Blocked" DeliveryActionDelivered DeliveryAction = "Delivered" DeliveryActionDeliveredAsSpam DeliveryAction = "DeliveredAsSpam" DeliveryActionReplaced DeliveryAction = "Replaced" DeliveryActionUnknown DeliveryAction = "Unknown" )
func (*DeliveryAction) UnmarshalJSON ¶
func (s *DeliveryAction) UnmarshalJSON(bytes []byte) error
type DeliveryLocation ¶
type DeliveryLocation string
const ( DeliveryLocationDeletedFolder DeliveryLocation = "DeletedFolder" DeliveryLocationDropped DeliveryLocation = "Dropped" DeliveryLocationExternal DeliveryLocation = "External" DeliveryLocationFailed DeliveryLocation = "Failed" DeliveryLocationForwarded DeliveryLocation = "Forwarded" DeliveryLocationInbox DeliveryLocation = "Inbox" DeliveryLocationJunkFolder DeliveryLocation = "JunkFolder" DeliveryLocationQuarantine DeliveryLocation = "Quarantine" DeliveryLocationUnknown DeliveryLocation = "Unknown" )
func (*DeliveryLocation) UnmarshalJSON ¶
func (s *DeliveryLocation) UnmarshalJSON(bytes []byte) error
type DeviceImportance ¶
type DeviceImportance string
const ( DeviceImportanceHigh DeviceImportance = "High" DeviceImportanceLow DeviceImportance = "Low" DeviceImportanceNormal DeviceImportance = "Normal" DeviceImportanceUnknown DeviceImportance = "Unknown" )
func (*DeviceImportance) UnmarshalJSON ¶
func (s *DeviceImportance) UnmarshalJSON(bytes []byte) error
type DnsEntity ¶
type DnsEntity struct { Properties *DnsEntityProperties `json:"properties,omitempty"` Id *string `json:"id,omitempty"` Kind EntityKind `json:"kind"` Name *string `json:"name,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
func (DnsEntity) Entity ¶
func (s DnsEntity) Entity() BaseEntityImpl
func (DnsEntity) MarshalJSON ¶
type DnsEntityProperties ¶
type DnsEntityProperties struct { AdditionalData *map[string]interface{} `json:"additionalData,omitempty"` DnsServerIPEntityId *string `json:"dnsServerIpEntityId,omitempty"` DomainName *string `json:"domainName,omitempty"` FriendlyName *string `json:"friendlyName,omitempty"` HostIPAddressEntityId *string `json:"hostIpAddressEntityId,omitempty"` IPAddressEntityIds *[]string `json:"ipAddressEntityIds,omitempty"` }
type ElevationToken ¶
type ElevationToken string
const ( ElevationTokenDefault ElevationToken = "Default" ElevationTokenFull ElevationToken = "Full" ElevationTokenLimited ElevationToken = "Limited" )
func (*ElevationToken) UnmarshalJSON ¶
func (s *ElevationToken) UnmarshalJSON(bytes []byte) error
type Entity ¶
type Entity interface {
Entity() BaseEntityImpl
}
type EntityKind ¶
type EntityKind string
const ( EntityKindAccount EntityKind = "Account" EntityKindAzureResource EntityKind = "AzureResource" EntityKindBookmark EntityKind = "Bookmark" EntityKindCloudApplication EntityKind = "CloudApplication" EntityKindDnsResolution EntityKind = "DnsResolution" EntityKindFile EntityKind = "File" EntityKindFileHash EntityKind = "FileHash" EntityKindHost EntityKind = "Host" EntityKindIP EntityKind = "Ip" EntityKindIoTDevice EntityKind = "IoTDevice" EntityKindMailCluster EntityKind = "MailCluster" EntityKindMailMessage EntityKind = "MailMessage" EntityKindMailbox EntityKind = "Mailbox" EntityKindMalware EntityKind = "Malware" EntityKindNic EntityKind = "Nic" EntityKindProcess EntityKind = "Process" EntityKindRegistryKey EntityKind = "RegistryKey" EntityKindRegistryValue EntityKind = "RegistryValue" EntityKindSecurityAlert EntityKind = "SecurityAlert" EntityKindSecurityGroup EntityKind = "SecurityGroup" EntityKindSubmissionMail EntityKind = "SubmissionMail" EntityKindURL EntityKind = "Url" )
func (*EntityKind) UnmarshalJSON ¶
func (s *EntityKind) UnmarshalJSON(bytes []byte) error
type ExpandOperationResponse ¶
type ExpandOperationResponse struct { HttpResponse *http.Response OData *odata.OData Model *BookmarkExpandResponse }
type ExpansionResultAggregation ¶
type ExpansionResultAggregation struct { AggregationType *string `json:"aggregationType,omitempty"` Count int64 `json:"count"` DisplayName *string `json:"displayName,omitempty"` EntityKind EntityKind `json:"entityKind"` }
type ExpansionResultsMetadata ¶
type ExpansionResultsMetadata struct {
Aggregations *[]ExpansionResultAggregation `json:"aggregations,omitempty"`
}
type FileEntity ¶
type FileEntity struct { Properties *FileEntityProperties `json:"properties,omitempty"` Id *string `json:"id,omitempty"` Kind EntityKind `json:"kind"` Name *string `json:"name,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
func (FileEntity) Entity ¶
func (s FileEntity) Entity() BaseEntityImpl
func (FileEntity) MarshalJSON ¶
func (s FileEntity) MarshalJSON() ([]byte, error)
type FileEntityProperties ¶
type FileEntityProperties struct { AdditionalData *map[string]interface{} `json:"additionalData,omitempty"` Directory *string `json:"directory,omitempty"` FileHashEntityIds *[]string `json:"fileHashEntityIds,omitempty"` FileName *string `json:"fileName,omitempty"` FriendlyName *string `json:"friendlyName,omitempty"` HostEntityId *string `json:"hostEntityId,omitempty"` }
type FileHashAlgorithm ¶
type FileHashAlgorithm string
const ( FileHashAlgorithmMDFive FileHashAlgorithm = "MD5" FileHashAlgorithmSHAOne FileHashAlgorithm = "SHA1" FileHashAlgorithmSHATwoFiveSix FileHashAlgorithm = "SHA256" FileHashAlgorithmSHATwoFiveSixAC FileHashAlgorithm = "SHA256AC" FileHashAlgorithmUnknown FileHashAlgorithm = "Unknown" )
func (*FileHashAlgorithm) UnmarshalJSON ¶
func (s *FileHashAlgorithm) UnmarshalJSON(bytes []byte) error
type FileHashEntity ¶
type FileHashEntity struct { Properties *FileHashEntityProperties `json:"properties,omitempty"` Id *string `json:"id,omitempty"` Kind EntityKind `json:"kind"` Name *string `json:"name,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
func (FileHashEntity) Entity ¶
func (s FileHashEntity) Entity() BaseEntityImpl
func (FileHashEntity) MarshalJSON ¶
func (s FileHashEntity) MarshalJSON() ([]byte, error)
type FileHashEntityProperties ¶
type FileHashEntityProperties struct { AdditionalData *map[string]interface{} `json:"additionalData,omitempty"` Algorithm *FileHashAlgorithm `json:"algorithm,omitempty"` FriendlyName *string `json:"friendlyName,omitempty"` HashValue *string `json:"hashValue,omitempty"` }
type GeoLocation ¶
type GeoLocation struct { Asn *int64 `json:"asn,omitempty"` City *string `json:"city,omitempty"` CountryCode *string `json:"countryCode,omitempty"` CountryName *string `json:"countryName,omitempty"` Latitude *float64 `json:"latitude,omitempty"` Longitude *float64 `json:"longitude,omitempty"` State *string `json:"state,omitempty"` }
type HostEntity ¶
type HostEntity struct { Properties *HostEntityProperties `json:"properties,omitempty"` Id *string `json:"id,omitempty"` Kind EntityKind `json:"kind"` Name *string `json:"name,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
func (HostEntity) Entity ¶
func (s HostEntity) Entity() BaseEntityImpl
func (HostEntity) MarshalJSON ¶
func (s HostEntity) MarshalJSON() ([]byte, error)
type HostEntityProperties ¶
type HostEntityProperties struct { AdditionalData *map[string]interface{} `json:"additionalData,omitempty"` AzureID *string `json:"azureID,omitempty"` DnsDomain *string `json:"dnsDomain,omitempty"` FriendlyName *string `json:"friendlyName,omitempty"` HostName *string `json:"hostName,omitempty"` IsDomainJoined *bool `json:"isDomainJoined,omitempty"` NetBiosName *string `json:"netBiosName,omitempty"` NtDomain *string `json:"ntDomain,omitempty"` OmsAgentID *string `json:"omsAgentID,omitempty"` OsFamily *OSFamily `json:"osFamily,omitempty"` OsVersion *string `json:"osVersion,omitempty"` }
type HuntingBookmark ¶
type HuntingBookmark struct { Properties *HuntingBookmarkProperties `json:"properties,omitempty"` Id *string `json:"id,omitempty"` Kind EntityKind `json:"kind"` Name *string `json:"name,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
func (HuntingBookmark) Entity ¶
func (s HuntingBookmark) Entity() BaseEntityImpl
func (HuntingBookmark) MarshalJSON ¶
func (s HuntingBookmark) MarshalJSON() ([]byte, error)
type HuntingBookmarkProperties ¶
type HuntingBookmarkProperties struct { AdditionalData *map[string]interface{} `json:"additionalData,omitempty"` Created *string `json:"created,omitempty"` CreatedBy *UserInfo `json:"createdBy,omitempty"` DisplayName string `json:"displayName"` EventTime *string `json:"eventTime,omitempty"` FriendlyName *string `json:"friendlyName,omitempty"` IncidentInfo *IncidentInfo `json:"incidentInfo,omitempty"` Labels *[]string `json:"labels,omitempty"` Notes *string `json:"notes,omitempty"` Query string `json:"query"` QueryResult *string `json:"queryResult,omitempty"` Updated *string `json:"updated,omitempty"` UpdatedBy *UserInfo `json:"updatedBy,omitempty"` }
func (*HuntingBookmarkProperties) GetCreatedAsTime ¶
func (o *HuntingBookmarkProperties) GetCreatedAsTime() (*time.Time, error)
func (*HuntingBookmarkProperties) GetEventTimeAsTime ¶
func (o *HuntingBookmarkProperties) GetEventTimeAsTime() (*time.Time, error)
func (*HuntingBookmarkProperties) GetUpdatedAsTime ¶
func (o *HuntingBookmarkProperties) GetUpdatedAsTime() (*time.Time, error)
func (*HuntingBookmarkProperties) SetCreatedAsTime ¶
func (o *HuntingBookmarkProperties) SetCreatedAsTime(input time.Time)
func (*HuntingBookmarkProperties) SetEventTimeAsTime ¶
func (o *HuntingBookmarkProperties) SetEventTimeAsTime(input time.Time)
func (*HuntingBookmarkProperties) SetUpdatedAsTime ¶
func (o *HuntingBookmarkProperties) SetUpdatedAsTime(input time.Time)
type IPEntity ¶
type IPEntity struct { Properties *IPEntityProperties `json:"properties,omitempty"` Id *string `json:"id,omitempty"` Kind EntityKind `json:"kind"` Name *string `json:"name,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
func (IPEntity) Entity ¶
func (s IPEntity) Entity() BaseEntityImpl
func (IPEntity) MarshalJSON ¶
type IPEntityProperties ¶
type IPEntityProperties struct { AdditionalData *map[string]interface{} `json:"additionalData,omitempty"` Address *string `json:"address,omitempty"` FriendlyName *string `json:"friendlyName,omitempty"` Location *GeoLocation `json:"location,omitempty"` ThreatIntelligence *[]ThreatIntelligence `json:"threatIntelligence,omitempty"` }
type IncidentInfo ¶
type IncidentInfo struct { IncidentId *string `json:"incidentId,omitempty"` RelationName *string `json:"relationName,omitempty"` Severity *IncidentSeverity `json:"severity,omitempty"` Title *string `json:"title,omitempty"` }
type IncidentSeverity ¶
type IncidentSeverity string
const ( IncidentSeverityHigh IncidentSeverity = "High" IncidentSeverityInformational IncidentSeverity = "Informational" IncidentSeverityLow IncidentSeverity = "Low" IncidentSeverityMedium IncidentSeverity = "Medium" )
func (*IncidentSeverity) UnmarshalJSON ¶
func (s *IncidentSeverity) UnmarshalJSON(bytes []byte) error
type IoTDeviceEntity ¶
type IoTDeviceEntity struct { Properties *IoTDeviceEntityProperties `json:"properties,omitempty"` Id *string `json:"id,omitempty"` Kind EntityKind `json:"kind"` Name *string `json:"name,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
func (IoTDeviceEntity) Entity ¶
func (s IoTDeviceEntity) Entity() BaseEntityImpl
func (IoTDeviceEntity) MarshalJSON ¶
func (s IoTDeviceEntity) MarshalJSON() ([]byte, error)
type IoTDeviceEntityProperties ¶
type IoTDeviceEntityProperties struct { AdditionalData *map[string]interface{} `json:"additionalData,omitempty"` DeviceId *string `json:"deviceId,omitempty"` DeviceName *string `json:"deviceName,omitempty"` DeviceSubType *string `json:"deviceSubType,omitempty"` DeviceType *string `json:"deviceType,omitempty"` EdgeId *string `json:"edgeId,omitempty"` FirmwareVersion *string `json:"firmwareVersion,omitempty"` FriendlyName *string `json:"friendlyName,omitempty"` HostEntityId *string `json:"hostEntityId,omitempty"` IPAddressEntityId *string `json:"ipAddressEntityId,omitempty"` Importance *DeviceImportance `json:"importance,omitempty"` IotHubEntityId *string `json:"iotHubEntityId,omitempty"` IotSecurityAgentId *string `json:"iotSecurityAgentId,omitempty"` IsAuthorized *bool `json:"isAuthorized,omitempty"` IsProgramming *bool `json:"isProgramming,omitempty"` IsScanner *bool `json:"isScanner,omitempty"` MacAddress *string `json:"macAddress,omitempty"` Model *string `json:"model,omitempty"` NicEntityIds *[]string `json:"nicEntityIds,omitempty"` OperatingSystem *string `json:"operatingSystem,omitempty"` Owners *[]string `json:"owners,omitempty"` Protocols *[]string `json:"protocols,omitempty"` PurdueLayer *string `json:"purdueLayer,omitempty"` Sensor *string `json:"sensor,omitempty"` SerialNumber *string `json:"serialNumber,omitempty"` Site *string `json:"site,omitempty"` Source *string `json:"source,omitempty"` ThreatIntelligence *[]ThreatIntelligence `json:"threatIntelligence,omitempty"` Vendor *string `json:"vendor,omitempty"` Zone *string `json:"zone,omitempty"` }
type KillChainIntent ¶
type KillChainIntent string
const ( KillChainIntentCollection KillChainIntent = "Collection" KillChainIntentCommandAndControl KillChainIntent = "CommandAndControl" KillChainIntentCredentialAccess KillChainIntent = "CredentialAccess" KillChainIntentDefenseEvasion KillChainIntent = "DefenseEvasion" KillChainIntentDiscovery KillChainIntent = "Discovery" KillChainIntentExecution KillChainIntent = "Execution" KillChainIntentExfiltration KillChainIntent = "Exfiltration" KillChainIntentExploitation KillChainIntent = "Exploitation" KillChainIntentImpact KillChainIntent = "Impact" KillChainIntentLateralMovement KillChainIntent = "LateralMovement" KillChainIntentPersistence KillChainIntent = "Persistence" KillChainIntentPrivilegeEscalation KillChainIntent = "PrivilegeEscalation" KillChainIntentProbing KillChainIntent = "Probing" KillChainIntentUnknown KillChainIntent = "Unknown" )
func (*KillChainIntent) UnmarshalJSON ¶
func (s *KillChainIntent) UnmarshalJSON(bytes []byte) error
type MailClusterEntity ¶
type MailClusterEntity struct { Properties *MailClusterEntityProperties `json:"properties,omitempty"` Id *string `json:"id,omitempty"` Kind EntityKind `json:"kind"` Name *string `json:"name,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
func (MailClusterEntity) Entity ¶
func (s MailClusterEntity) Entity() BaseEntityImpl
func (MailClusterEntity) MarshalJSON ¶
func (s MailClusterEntity) MarshalJSON() ([]byte, error)
type MailClusterEntityProperties ¶
type MailClusterEntityProperties struct { AdditionalData *map[string]interface{} `json:"additionalData,omitempty"` ClusterGroup *string `json:"clusterGroup,omitempty"` ClusterQueryEndTime *string `json:"clusterQueryEndTime,omitempty"` ClusterQueryStartTime *string `json:"clusterQueryStartTime,omitempty"` ClusterSourceIdentifier *string `json:"clusterSourceIdentifier,omitempty"` ClusterSourceType *string `json:"clusterSourceType,omitempty"` CountByDeliveryStatus *interface{} `json:"countByDeliveryStatus,omitempty"` CountByProtectionStatus *interface{} `json:"countByProtectionStatus,omitempty"` CountByThreatType *interface{} `json:"countByThreatType,omitempty"` FriendlyName *string `json:"friendlyName,omitempty"` IsVolumeAnomaly *bool `json:"isVolumeAnomaly,omitempty"` MailCount *int64 `json:"mailCount,omitempty"` NetworkMessageIds *[]string `json:"networkMessageIds,omitempty"` Query *string `json:"query,omitempty"` QueryTime *string `json:"queryTime,omitempty"` Source *string `json:"source,omitempty"` Threats *[]string `json:"threats,omitempty"` }
func (*MailClusterEntityProperties) GetClusterQueryEndTimeAsTime ¶
func (o *MailClusterEntityProperties) GetClusterQueryEndTimeAsTime() (*time.Time, error)
func (*MailClusterEntityProperties) GetClusterQueryStartTimeAsTime ¶
func (o *MailClusterEntityProperties) GetClusterQueryStartTimeAsTime() (*time.Time, error)
func (*MailClusterEntityProperties) GetQueryTimeAsTime ¶
func (o *MailClusterEntityProperties) GetQueryTimeAsTime() (*time.Time, error)
func (*MailClusterEntityProperties) SetClusterQueryEndTimeAsTime ¶
func (o *MailClusterEntityProperties) SetClusterQueryEndTimeAsTime(input time.Time)
func (*MailClusterEntityProperties) SetClusterQueryStartTimeAsTime ¶
func (o *MailClusterEntityProperties) SetClusterQueryStartTimeAsTime(input time.Time)
func (*MailClusterEntityProperties) SetQueryTimeAsTime ¶
func (o *MailClusterEntityProperties) SetQueryTimeAsTime(input time.Time)
type MailMessageEntity ¶
type MailMessageEntity struct { Properties *MailMessageEntityProperties `json:"properties,omitempty"` Id *string `json:"id,omitempty"` Kind EntityKind `json:"kind"` Name *string `json:"name,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
func (MailMessageEntity) Entity ¶
func (s MailMessageEntity) Entity() BaseEntityImpl
func (MailMessageEntity) MarshalJSON ¶
func (s MailMessageEntity) MarshalJSON() ([]byte, error)
type MailMessageEntityProperties ¶
type MailMessageEntityProperties struct { AdditionalData *map[string]interface{} `json:"additionalData,omitempty"` AntispamDirection *AntispamMailDirection `json:"antispamDirection,omitempty"` BodyFingerprintBin1 *int64 `json:"bodyFingerprintBin1,omitempty"` BodyFingerprintBin2 *int64 `json:"bodyFingerprintBin2,omitempty"` BodyFingerprintBin3 *int64 `json:"bodyFingerprintBin3,omitempty"` BodyFingerprintBin4 *int64 `json:"bodyFingerprintBin4,omitempty"` BodyFingerprintBin5 *int64 `json:"bodyFingerprintBin5,omitempty"` DeliveryAction *DeliveryAction `json:"deliveryAction,omitempty"` DeliveryLocation *DeliveryLocation `json:"deliveryLocation,omitempty"` FileEntityIds *[]string `json:"fileEntityIds,omitempty"` FriendlyName *string `json:"friendlyName,omitempty"` InternetMessageId *string `json:"internetMessageId,omitempty"` Language *string `json:"language,omitempty"` NetworkMessageId *string `json:"networkMessageId,omitempty"` P1Sender *string `json:"p1Sender,omitempty"` P1SenderDisplayName *string `json:"p1SenderDisplayName,omitempty"` P1SenderDomain *string `json:"p1SenderDomain,omitempty"` P2Sender *string `json:"p2Sender,omitempty"` P2SenderDisplayName *string `json:"p2SenderDisplayName,omitempty"` P2SenderDomain *string `json:"p2SenderDomain,omitempty"` ReceiveDate *string `json:"receiveDate,omitempty"` Recipient *string `json:"recipient,omitempty"` SenderIP *string `json:"senderIP,omitempty"` Subject *string `json:"subject,omitempty"` ThreatDetectionMethods *[]string `json:"threatDetectionMethods,omitempty"` Threats *[]string `json:"threats,omitempty"` Urls *[]string `json:"urls,omitempty"` }
func (*MailMessageEntityProperties) GetReceiveDateAsTime ¶
func (o *MailMessageEntityProperties) GetReceiveDateAsTime() (*time.Time, error)
func (*MailMessageEntityProperties) SetReceiveDateAsTime ¶
func (o *MailMessageEntityProperties) SetReceiveDateAsTime(input time.Time)
type MailboxEntity ¶
type MailboxEntity struct { Properties *MailboxEntityProperties `json:"properties,omitempty"` Id *string `json:"id,omitempty"` Kind EntityKind `json:"kind"` Name *string `json:"name,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
func (MailboxEntity) Entity ¶
func (s MailboxEntity) Entity() BaseEntityImpl
func (MailboxEntity) MarshalJSON ¶
func (s MailboxEntity) MarshalJSON() ([]byte, error)
type MailboxEntityProperties ¶
type MailboxEntityProperties struct { AdditionalData *map[string]interface{} `json:"additionalData,omitempty"` DisplayName *string `json:"displayName,omitempty"` ExternalDirectoryObjectId *string `json:"externalDirectoryObjectId,omitempty"` FriendlyName *string `json:"friendlyName,omitempty"` MailboxPrimaryAddress *string `json:"mailboxPrimaryAddress,omitempty"` Upn *string `json:"upn,omitempty"` }
type MalwareEntity ¶
type MalwareEntity struct { Properties *MalwareEntityProperties `json:"properties,omitempty"` Id *string `json:"id,omitempty"` Kind EntityKind `json:"kind"` Name *string `json:"name,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
func (MalwareEntity) Entity ¶
func (s MalwareEntity) Entity() BaseEntityImpl
func (MalwareEntity) MarshalJSON ¶
func (s MalwareEntity) MarshalJSON() ([]byte, error)
type MalwareEntityProperties ¶
type MalwareEntityProperties struct { AdditionalData *map[string]interface{} `json:"additionalData,omitempty"` Category *string `json:"category,omitempty"` FileEntityIds *[]string `json:"fileEntityIds,omitempty"` FriendlyName *string `json:"friendlyName,omitempty"` MalwareName *string `json:"malwareName,omitempty"` ProcessEntityIds *[]string `json:"processEntityIds,omitempty"` }
type NicEntity ¶
type NicEntity struct { Properties *NicEntityProperties `json:"properties,omitempty"` Id *string `json:"id,omitempty"` Kind EntityKind `json:"kind"` Name *string `json:"name,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
func (NicEntity) Entity ¶
func (s NicEntity) Entity() BaseEntityImpl
func (NicEntity) MarshalJSON ¶
type NicEntityProperties ¶
type NicEntityProperties struct { AdditionalData *map[string]interface{} `json:"additionalData,omitempty"` FriendlyName *string `json:"friendlyName,omitempty"` IPAddressEntityId *string `json:"ipAddressEntityId,omitempty"` MacAddress *string `json:"macAddress,omitempty"` Vlans *[]string `json:"vlans,omitempty"` }
type ProcessEntity ¶
type ProcessEntity struct { Properties *ProcessEntityProperties `json:"properties,omitempty"` Id *string `json:"id,omitempty"` Kind EntityKind `json:"kind"` Name *string `json:"name,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
func (ProcessEntity) Entity ¶
func (s ProcessEntity) Entity() BaseEntityImpl
func (ProcessEntity) MarshalJSON ¶
func (s ProcessEntity) MarshalJSON() ([]byte, error)
type ProcessEntityProperties ¶
type ProcessEntityProperties struct { AccountEntityId *string `json:"accountEntityId,omitempty"` AdditionalData *map[string]interface{} `json:"additionalData,omitempty"` CommandLine *string `json:"commandLine,omitempty"` CreationTimeUtc *string `json:"creationTimeUtc,omitempty"` ElevationToken *ElevationToken `json:"elevationToken,omitempty"` FriendlyName *string `json:"friendlyName,omitempty"` HostEntityId *string `json:"hostEntityId,omitempty"` HostLogonSessionEntityId *string `json:"hostLogonSessionEntityId,omitempty"` ImageFileEntityId *string `json:"imageFileEntityId,omitempty"` ParentProcessEntityId *string `json:"parentProcessEntityId,omitempty"` ProcessId *string `json:"processId,omitempty"` }
func (*ProcessEntityProperties) GetCreationTimeUtcAsTime ¶
func (o *ProcessEntityProperties) GetCreationTimeUtcAsTime() (*time.Time, error)
func (*ProcessEntityProperties) SetCreationTimeUtcAsTime ¶
func (o *ProcessEntityProperties) SetCreationTimeUtcAsTime(input time.Time)
type RawEntityImpl ¶
type RawEntityImpl struct { Type string Values map[string]interface{} // contains filtered or unexported fields }
RawEntityImpl is returned when the Discriminated Value doesn't match any of the defined types NOTE: this should only be used when a type isn't defined for this type of Object (as a workaround) and is used only for Deserialization (e.g. this cannot be used as a Request Payload).
func (RawEntityImpl) Entity ¶
func (s RawEntityImpl) Entity() BaseEntityImpl
type RegistryHive ¶
type RegistryHive string
const ( RegistryHiveHKEYA RegistryHive = "HKEY_A" RegistryHiveHKEYCLASSESROOT RegistryHive = "HKEY_CLASSES_ROOT" RegistryHiveHKEYCURRENTCONFIG RegistryHive = "HKEY_CURRENT_CONFIG" RegistryHiveHKEYCURRENTUSER RegistryHive = "HKEY_CURRENT_USER" RegistryHiveHKEYCURRENTUSERLOCALSETTINGS RegistryHive = "HKEY_CURRENT_USER_LOCAL_SETTINGS" RegistryHiveHKEYLOCALMACHINE RegistryHive = "HKEY_LOCAL_MACHINE" RegistryHiveHKEYPERFORMANCEDATA RegistryHive = "HKEY_PERFORMANCE_DATA" RegistryHiveHKEYPERFORMANCENLSTEXT RegistryHive = "HKEY_PERFORMANCE_NLSTEXT" RegistryHiveHKEYPERFORMANCETEXT RegistryHive = "HKEY_PERFORMANCE_TEXT" RegistryHiveHKEYUSERS RegistryHive = "HKEY_USERS" )
func (*RegistryHive) UnmarshalJSON ¶
func (s *RegistryHive) UnmarshalJSON(bytes []byte) error
type RegistryKeyEntity ¶
type RegistryKeyEntity struct { Properties *RegistryKeyEntityProperties `json:"properties,omitempty"` Id *string `json:"id,omitempty"` Kind EntityKind `json:"kind"` Name *string `json:"name,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
func (RegistryKeyEntity) Entity ¶
func (s RegistryKeyEntity) Entity() BaseEntityImpl
func (RegistryKeyEntity) MarshalJSON ¶
func (s RegistryKeyEntity) MarshalJSON() ([]byte, error)
type RegistryKeyEntityProperties ¶
type RegistryKeyEntityProperties struct { AdditionalData *map[string]interface{} `json:"additionalData,omitempty"` FriendlyName *string `json:"friendlyName,omitempty"` Hive *RegistryHive `json:"hive,omitempty"` Key *string `json:"key,omitempty"` }
type RegistryValueEntity ¶
type RegistryValueEntity struct { Properties *RegistryValueEntityProperties `json:"properties,omitempty"` Id *string `json:"id,omitempty"` Kind EntityKind `json:"kind"` Name *string `json:"name,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
func (RegistryValueEntity) Entity ¶
func (s RegistryValueEntity) Entity() BaseEntityImpl
func (RegistryValueEntity) MarshalJSON ¶
func (s RegistryValueEntity) MarshalJSON() ([]byte, error)
type RegistryValueEntityProperties ¶
type RegistryValueEntityProperties struct { AdditionalData *map[string]interface{} `json:"additionalData,omitempty"` FriendlyName *string `json:"friendlyName,omitempty"` KeyEntityId *string `json:"keyEntityId,omitempty"` ValueData *string `json:"valueData,omitempty"` ValueName *string `json:"valueName,omitempty"` ValueType *RegistryValueKind `json:"valueType,omitempty"` }
type RegistryValueKind ¶
type RegistryValueKind string
const ( RegistryValueKindBinary RegistryValueKind = "Binary" RegistryValueKindDWord RegistryValueKind = "DWord" RegistryValueKindExpandString RegistryValueKind = "ExpandString" RegistryValueKindMultiString RegistryValueKind = "MultiString" RegistryValueKindNone RegistryValueKind = "None" RegistryValueKindQWord RegistryValueKind = "QWord" RegistryValueKindString RegistryValueKind = "String" RegistryValueKindUnknown RegistryValueKind = "Unknown" )
func (*RegistryValueKind) UnmarshalJSON ¶
func (s *RegistryValueKind) UnmarshalJSON(bytes []byte) error
type SecurityAlert ¶
type SecurityAlert struct { Properties *SecurityAlertProperties `json:"properties,omitempty"` Id *string `json:"id,omitempty"` Kind EntityKind `json:"kind"` Name *string `json:"name,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
func (SecurityAlert) Entity ¶
func (s SecurityAlert) Entity() BaseEntityImpl
func (SecurityAlert) MarshalJSON ¶
func (s SecurityAlert) MarshalJSON() ([]byte, error)
type SecurityAlertProperties ¶
type SecurityAlertProperties struct { AdditionalData *map[string]interface{} `json:"additionalData,omitempty"` AlertDisplayName *string `json:"alertDisplayName,omitempty"` AlertLink *string `json:"alertLink,omitempty"` AlertType *string `json:"alertType,omitempty"` CompromisedEntity *string `json:"compromisedEntity,omitempty"` ConfidenceLevel *ConfidenceLevel `json:"confidenceLevel,omitempty"` ConfidenceReasons *[]SecurityAlertPropertiesConfidenceReasonsInlined `json:"confidenceReasons,omitempty"` ConfidenceScore *float64 `json:"confidenceScore,omitempty"` ConfidenceScoreStatus *ConfidenceScoreStatus `json:"confidenceScoreStatus,omitempty"` Description *string `json:"description,omitempty"` EndTimeUtc *string `json:"endTimeUtc,omitempty"` FriendlyName *string `json:"friendlyName,omitempty"` Intent *KillChainIntent `json:"intent,omitempty"` ProcessingEndTime *string `json:"processingEndTime,omitempty"` ProductComponentName *string `json:"productComponentName,omitempty"` ProductName *string `json:"productName,omitempty"` ProductVersion *string `json:"productVersion,omitempty"` ProviderAlertId *string `json:"providerAlertId,omitempty"` RemediationSteps *[]string `json:"remediationSteps,omitempty"` ResourceIdentifiers *[]interface{} `json:"resourceIdentifiers,omitempty"` Severity *AlertSeverity `json:"severity,omitempty"` StartTimeUtc *string `json:"startTimeUtc,omitempty"` Status *AlertStatus `json:"status,omitempty"` SystemAlertId *string `json:"systemAlertId,omitempty"` Tactics *[]AttackTactic `json:"tactics,omitempty"` TimeGenerated *string `json:"timeGenerated,omitempty"` VendorName *string `json:"vendorName,omitempty"` }
func (*SecurityAlertProperties) GetEndTimeUtcAsTime ¶
func (o *SecurityAlertProperties) GetEndTimeUtcAsTime() (*time.Time, error)
func (*SecurityAlertProperties) GetProcessingEndTimeAsTime ¶
func (o *SecurityAlertProperties) GetProcessingEndTimeAsTime() (*time.Time, error)
func (*SecurityAlertProperties) GetStartTimeUtcAsTime ¶
func (o *SecurityAlertProperties) GetStartTimeUtcAsTime() (*time.Time, error)
func (*SecurityAlertProperties) GetTimeGeneratedAsTime ¶
func (o *SecurityAlertProperties) GetTimeGeneratedAsTime() (*time.Time, error)
func (*SecurityAlertProperties) SetEndTimeUtcAsTime ¶
func (o *SecurityAlertProperties) SetEndTimeUtcAsTime(input time.Time)
func (*SecurityAlertProperties) SetProcessingEndTimeAsTime ¶
func (o *SecurityAlertProperties) SetProcessingEndTimeAsTime(input time.Time)
func (*SecurityAlertProperties) SetStartTimeUtcAsTime ¶
func (o *SecurityAlertProperties) SetStartTimeUtcAsTime(input time.Time)
func (*SecurityAlertProperties) SetTimeGeneratedAsTime ¶
func (o *SecurityAlertProperties) SetTimeGeneratedAsTime(input time.Time)
type SecurityGroupEntity ¶
type SecurityGroupEntity struct { Properties *SecurityGroupEntityProperties `json:"properties,omitempty"` Id *string `json:"id,omitempty"` Kind EntityKind `json:"kind"` Name *string `json:"name,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
func (SecurityGroupEntity) Entity ¶
func (s SecurityGroupEntity) Entity() BaseEntityImpl
func (SecurityGroupEntity) MarshalJSON ¶
func (s SecurityGroupEntity) MarshalJSON() ([]byte, error)
type SecurityGroupEntityProperties ¶
type SecurityGroupEntityProperties struct { AdditionalData *map[string]interface{} `json:"additionalData,omitempty"` DistinguishedName *string `json:"distinguishedName,omitempty"` FriendlyName *string `json:"friendlyName,omitempty"` ObjectGuid *string `json:"objectGuid,omitempty"` Sid *string `json:"sid,omitempty"` }
type SubmissionMailEntity ¶
type SubmissionMailEntity struct { Properties *SubmissionMailEntityProperties `json:"properties,omitempty"` Id *string `json:"id,omitempty"` Kind EntityKind `json:"kind"` Name *string `json:"name,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
func (SubmissionMailEntity) Entity ¶
func (s SubmissionMailEntity) Entity() BaseEntityImpl
func (SubmissionMailEntity) MarshalJSON ¶
func (s SubmissionMailEntity) MarshalJSON() ([]byte, error)
type SubmissionMailEntityProperties ¶
type SubmissionMailEntityProperties struct { AdditionalData *map[string]interface{} `json:"additionalData,omitempty"` FriendlyName *string `json:"friendlyName,omitempty"` NetworkMessageId *string `json:"networkMessageId,omitempty"` Recipient *string `json:"recipient,omitempty"` ReportType *string `json:"reportType,omitempty"` Sender *string `json:"sender,omitempty"` SenderIP *string `json:"senderIp,omitempty"` Subject *string `json:"subject,omitempty"` SubmissionDate *string `json:"submissionDate,omitempty"` SubmissionId *string `json:"submissionId,omitempty"` Submitter *string `json:"submitter,omitempty"` Timestamp *string `json:"timestamp,omitempty"` }
func (*SubmissionMailEntityProperties) GetSubmissionDateAsTime ¶
func (o *SubmissionMailEntityProperties) GetSubmissionDateAsTime() (*time.Time, error)
func (*SubmissionMailEntityProperties) GetTimestampAsTime ¶
func (o *SubmissionMailEntityProperties) GetTimestampAsTime() (*time.Time, error)
func (*SubmissionMailEntityProperties) SetSubmissionDateAsTime ¶
func (o *SubmissionMailEntityProperties) SetSubmissionDateAsTime(input time.Time)
func (*SubmissionMailEntityProperties) SetTimestampAsTime ¶
func (o *SubmissionMailEntityProperties) SetTimestampAsTime(input time.Time)
type ThreatIntelligence ¶
type ThreatIntelligence struct { Confidence *float64 `json:"confidence,omitempty"` ProviderName *string `json:"providerName,omitempty"` ReportLink *string `json:"reportLink,omitempty"` ThreatDescription *string `json:"threatDescription,omitempty"` ThreatName *string `json:"threatName,omitempty"` ThreatType *string `json:"threatType,omitempty"` }
type URLEntity ¶
type URLEntity struct { Properties *URLEntityProperties `json:"properties,omitempty"` Id *string `json:"id,omitempty"` Kind EntityKind `json:"kind"` Name *string `json:"name,omitempty"` SystemData *systemdata.SystemData `json:"systemData,omitempty"` Type *string `json:"type,omitempty"` }
func (URLEntity) Entity ¶
func (s URLEntity) Entity() BaseEntityImpl
func (URLEntity) MarshalJSON ¶
type URLEntityProperties ¶
Source Files ¶
- client.go
- constants.go
- id_bookmark.go
- method_expand.go
- model_accountentity.go
- model_accountentityproperties.go
- model_azureresourceentity.go
- model_azureresourceentityproperties.go
- model_bookmarkexpandparameters.go
- model_bookmarkexpandresponse.go
- model_bookmarkexpandresponsevalue.go
- model_cloudapplicationentity.go
- model_cloudapplicationentityproperties.go
- model_connectedentity.go
- model_dnsentity.go
- model_dnsentityproperties.go
- model_entity.go
- model_expansionresultaggregation.go
- model_expansionresultsmetadata.go
- model_fileentity.go
- model_fileentityproperties.go
- model_filehashentity.go
- model_filehashentityproperties.go
- model_geolocation.go
- model_hostentity.go
- model_hostentityproperties.go
- model_huntingbookmark.go
- model_huntingbookmarkproperties.go
- model_incidentinfo.go
- model_iotdeviceentity.go
- model_iotdeviceentityproperties.go
- model_ipentity.go
- model_ipentityproperties.go
- model_mailboxentity.go
- model_mailboxentityproperties.go
- model_mailclusterentity.go
- model_mailclusterentityproperties.go
- model_mailmessageentity.go
- model_mailmessageentityproperties.go
- model_malwareentity.go
- model_malwareentityproperties.go
- model_nicentity.go
- model_nicentityproperties.go
- model_processentity.go
- model_processentityproperties.go
- model_registrykeyentity.go
- model_registrykeyentityproperties.go
- model_registryvalueentity.go
- model_registryvalueentityproperties.go
- model_securityalert.go
- model_securityalertproperties.go
- model_securityalertpropertiesconfidencereasonsinlined.go
- model_securitygroupentity.go
- model_securitygroupentityproperties.go
- model_submissionmailentity.go
- model_submissionmailentityproperties.go
- model_threatintelligence.go
- model_urlentity.go
- model_urlentityproperties.go
- model_userinfo.go
- version.go