entities

package
v0.20241126.2320 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 26, 2024 License: MPL-2.0 Imports: 14 Imported by: 0

README

github.com/hashicorp/go-azure-sdk/resource-manager/securityinsights/2022-10-01-preview/entities Documentation

The entities SDK allows for interaction with Azure Resource Manager securityinsights (API Version 2022-10-01-preview).

This readme covers example usages, but further information on using this SDK can be found in the project root.

Import Path

import "github.com/hashicorp/go-azure-sdk/resource-manager/securityinsights/2022-10-01-preview/entities"

Client Initialization

client := entities.NewEntitiesClientWithBaseURI("https://management.azure.com")
client.Client.Authorizer = authorizer

Example Usage: EntitiesClient.Expand

ctx := context.TODO()
id := entities.NewEntityID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceName", "entityId")

payload := entities.EntityExpandParameters{
	// ...
}


read, err := client.Expand(ctx, id, payload)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: EntitiesClient.Get

ctx := context.TODO()
id := entities.NewEntityID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceName", "entityId")

read, err := client.Get(ctx, id)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: EntitiesClient.GetInsights

ctx := context.TODO()
id := entities.NewEntityID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceName", "entityId")

payload := entities.EntityGetInsightsParameters{
	// ...
}


read, err := client.GetInsights(ctx, id, payload)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: EntitiesClient.GetTimelinelist

ctx := context.TODO()
id := entities.NewEntityID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceName", "entityId")

payload := entities.EntityTimelineParameters{
	// ...
}


read, err := client.GetTimelinelist(ctx, id, payload)
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Example Usage: EntitiesClient.List

ctx := context.TODO()
id := entities.NewWorkspaceID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceName")

// alternatively `client.List(ctx, id)` can be used to do batched pagination
items, err := client.ListComplete(ctx, id)
if err != nil {
	// handle the error
}
for _, item := range items {
	// do something
}

Example Usage: EntitiesClient.Queries

ctx := context.TODO()
id := entities.NewEntityID("12345678-1234-9876-4563-123456789012", "example-resource-group", "workspaceName", "entityId")

read, err := client.Queries(ctx, id, entities.DefaultQueriesOperationOptions())
if err != nil {
	// handle the error
}
if model := read.Model; model != nil {
	// do something with the model/response object
}

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func PossibleValuesForAlertSeverity

func PossibleValuesForAlertSeverity() []string

func PossibleValuesForAlertStatus

func PossibleValuesForAlertStatus() []string

func PossibleValuesForAntispamMailDirection

func PossibleValuesForAntispamMailDirection() []string

func PossibleValuesForAttackTactic

func PossibleValuesForAttackTactic() []string

func PossibleValuesForConfidenceLevel

func PossibleValuesForConfidenceLevel() []string

func PossibleValuesForConfidenceScoreStatus

func PossibleValuesForConfidenceScoreStatus() []string

func PossibleValuesForDeliveryAction

func PossibleValuesForDeliveryAction() []string

func PossibleValuesForDeliveryLocation

func PossibleValuesForDeliveryLocation() []string

func PossibleValuesForDeviceImportance

func PossibleValuesForDeviceImportance() []string

func PossibleValuesForElevationToken

func PossibleValuesForElevationToken() []string

func PossibleValuesForEntityItemQueryKind

func PossibleValuesForEntityItemQueryKind() []string

func PossibleValuesForEntityKind

func PossibleValuesForEntityKind() []string

func PossibleValuesForEntityQueryKind

func PossibleValuesForEntityQueryKind() []string

func PossibleValuesForEntityTimelineKind

func PossibleValuesForEntityTimelineKind() []string

func PossibleValuesForEntityType

func PossibleValuesForEntityType() []string

func PossibleValuesForFileHashAlgorithm

func PossibleValuesForFileHashAlgorithm() []string

func PossibleValuesForGetInsightsError

func PossibleValuesForGetInsightsError() []string

func PossibleValuesForIncidentSeverity

func PossibleValuesForIncidentSeverity() []string

func PossibleValuesForKillChainIntent

func PossibleValuesForKillChainIntent() []string

func PossibleValuesForOSFamily

func PossibleValuesForOSFamily() []string

func PossibleValuesForOutputType

func PossibleValuesForOutputType() []string

func PossibleValuesForRegistryHive

func PossibleValuesForRegistryHive() []string

func PossibleValuesForRegistryValueKind

func PossibleValuesForRegistryValueKind() []string

func ValidateEntityID

func ValidateEntityID(input interface{}, key string) (warnings []string, errors []error)

ValidateEntityID checks that 'input' can be parsed as a Entity ID

func ValidateWorkspaceID

func ValidateWorkspaceID(input interface{}, key string) (warnings []string, errors []error)

ValidateWorkspaceID checks that 'input' can be parsed as a Workspace ID

Types

type AccountEntity

type AccountEntity struct {
	Properties *AccountEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (AccountEntity) Entity

func (s AccountEntity) Entity() BaseEntityImpl

func (AccountEntity) MarshalJSON

func (s AccountEntity) MarshalJSON() ([]byte, error)

type AccountEntityProperties

type AccountEntityProperties struct {
	AadTenantId    *string                 `json:"aadTenantId,omitempty"`
	AadUserId      *string                 `json:"aadUserId,omitempty"`
	AccountName    *string                 `json:"accountName,omitempty"`
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	DisplayName    *string                 `json:"displayName,omitempty"`
	DnsDomain      *string                 `json:"dnsDomain,omitempty"`
	FriendlyName   *string                 `json:"friendlyName,omitempty"`
	HostEntityId   *string                 `json:"hostEntityId,omitempty"`
	IsDomainJoined *bool                   `json:"isDomainJoined,omitempty"`
	NtDomain       *string                 `json:"ntDomain,omitempty"`
	ObjectGuid     *string                 `json:"objectGuid,omitempty"`
	Puid           *string                 `json:"puid,omitempty"`
	Sid            *string                 `json:"sid,omitempty"`
	UpnSuffix      *string                 `json:"upnSuffix,omitempty"`
}

type ActivityTimelineItem

type ActivityTimelineItem struct {
	BucketEndTimeUTC     string `json:"bucketEndTimeUTC"`
	BucketStartTimeUTC   string `json:"bucketStartTimeUTC"`
	Content              string `json:"content"`
	FirstActivityTimeUTC string `json:"firstActivityTimeUTC"`
	LastActivityTimeUTC  string `json:"lastActivityTimeUTC"`
	QueryId              string `json:"queryId"`
	Title                string `json:"title"`

	Kind EntityTimelineKind `json:"kind"`
}

func (ActivityTimelineItem) EntityTimelineItem

func (s ActivityTimelineItem) EntityTimelineItem() BaseEntityTimelineItemImpl

func (ActivityTimelineItem) MarshalJSON

func (s ActivityTimelineItem) MarshalJSON() ([]byte, error)

type AlertSeverity

type AlertSeverity string
const (
	AlertSeverityHigh          AlertSeverity = "High"
	AlertSeverityInformational AlertSeverity = "Informational"
	AlertSeverityLow           AlertSeverity = "Low"
	AlertSeverityMedium        AlertSeverity = "Medium"
)

func (*AlertSeverity) UnmarshalJSON

func (s *AlertSeverity) UnmarshalJSON(bytes []byte) error

type AlertStatus

type AlertStatus string
const (
	AlertStatusDismissed  AlertStatus = "Dismissed"
	AlertStatusInProgress AlertStatus = "InProgress"
	AlertStatusNew        AlertStatus = "New"
	AlertStatusResolved   AlertStatus = "Resolved"
	AlertStatusUnknown    AlertStatus = "Unknown"
)

func (*AlertStatus) UnmarshalJSON

func (s *AlertStatus) UnmarshalJSON(bytes []byte) error

type AnomalyTimelineItem

type AnomalyTimelineItem struct {
	AzureResourceId string    `json:"azureResourceId"`
	Description     *string   `json:"description,omitempty"`
	DisplayName     string    `json:"displayName"`
	EndTimeUtc      string    `json:"endTimeUtc"`
	Intent          *string   `json:"intent,omitempty"`
	ProductName     *string   `json:"productName,omitempty"`
	Reasons         *[]string `json:"reasons,omitempty"`
	StartTimeUtc    string    `json:"startTimeUtc"`
	Techniques      *[]string `json:"techniques,omitempty"`
	TimeGenerated   string    `json:"timeGenerated"`
	Vendor          *string   `json:"vendor,omitempty"`

	Kind EntityTimelineKind `json:"kind"`
}

func (AnomalyTimelineItem) EntityTimelineItem

func (s AnomalyTimelineItem) EntityTimelineItem() BaseEntityTimelineItemImpl

func (AnomalyTimelineItem) MarshalJSON

func (s AnomalyTimelineItem) MarshalJSON() ([]byte, error)

type AntispamMailDirection

type AntispamMailDirection string
const (
	AntispamMailDirectionInbound  AntispamMailDirection = "Inbound"
	AntispamMailDirectionIntraorg AntispamMailDirection = "Intraorg"
	AntispamMailDirectionOutbound AntispamMailDirection = "Outbound"
	AntispamMailDirectionUnknown  AntispamMailDirection = "Unknown"
)

func (*AntispamMailDirection) UnmarshalJSON

func (s *AntispamMailDirection) UnmarshalJSON(bytes []byte) error

type AttackTactic

type AttackTactic string
const (
	AttackTacticCollection              AttackTactic = "Collection"
	AttackTacticCommandAndControl       AttackTactic = "CommandAndControl"
	AttackTacticCredentialAccess        AttackTactic = "CredentialAccess"
	AttackTacticDefenseEvasion          AttackTactic = "DefenseEvasion"
	AttackTacticDiscovery               AttackTactic = "Discovery"
	AttackTacticExecution               AttackTactic = "Execution"
	AttackTacticExfiltration            AttackTactic = "Exfiltration"
	AttackTacticImpact                  AttackTactic = "Impact"
	AttackTacticImpairProcessControl    AttackTactic = "ImpairProcessControl"
	AttackTacticInhibitResponseFunction AttackTactic = "InhibitResponseFunction"
	AttackTacticInitialAccess           AttackTactic = "InitialAccess"
	AttackTacticLateralMovement         AttackTactic = "LateralMovement"
	AttackTacticPersistence             AttackTactic = "Persistence"
	AttackTacticPreAttack               AttackTactic = "PreAttack"
	AttackTacticPrivilegeEscalation     AttackTactic = "PrivilegeEscalation"
	AttackTacticReconnaissance          AttackTactic = "Reconnaissance"
	AttackTacticResourceDevelopment     AttackTactic = "ResourceDevelopment"
)

func (*AttackTactic) UnmarshalJSON

func (s *AttackTactic) UnmarshalJSON(bytes []byte) error

type AzureResourceEntity

type AzureResourceEntity struct {
	Properties *AzureResourceEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (AzureResourceEntity) Entity

func (AzureResourceEntity) MarshalJSON

func (s AzureResourceEntity) MarshalJSON() ([]byte, error)

type AzureResourceEntityProperties

type AzureResourceEntityProperties struct {
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	FriendlyName   *string                 `json:"friendlyName,omitempty"`
	ResourceId     *string                 `json:"resourceId,omitempty"`
	SubscriptionId *string                 `json:"subscriptionId,omitempty"`
}

type BaseEntityImpl

type BaseEntityImpl struct {
	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (BaseEntityImpl) Entity

func (s BaseEntityImpl) Entity() BaseEntityImpl

type BaseEntityQueryItemImpl

type BaseEntityQueryItemImpl struct {
	Id   *string         `json:"id,omitempty"`
	Kind EntityQueryKind `json:"kind"`
	Name *string         `json:"name,omitempty"`
	Type *string         `json:"type,omitempty"`
}

func (BaseEntityQueryItemImpl) EntityQueryItem

type BaseEntityTimelineItemImpl

type BaseEntityTimelineItemImpl struct {
	Kind EntityTimelineKind `json:"kind"`
}

func (BaseEntityTimelineItemImpl) EntityTimelineItem

type BookmarkTimelineItem

type BookmarkTimelineItem struct {
	AzureResourceId string    `json:"azureResourceId"`
	CreatedBy       *UserInfo `json:"createdBy,omitempty"`
	DisplayName     *string   `json:"displayName,omitempty"`
	EndTimeUtc      *string   `json:"endTimeUtc,omitempty"`
	EventTime       *string   `json:"eventTime,omitempty"`
	Labels          *[]string `json:"labels,omitempty"`
	Notes           *string   `json:"notes,omitempty"`
	StartTimeUtc    *string   `json:"startTimeUtc,omitempty"`

	Kind EntityTimelineKind `json:"kind"`
}

func (BookmarkTimelineItem) EntityTimelineItem

func (s BookmarkTimelineItem) EntityTimelineItem() BaseEntityTimelineItemImpl

func (BookmarkTimelineItem) MarshalJSON

func (s BookmarkTimelineItem) MarshalJSON() ([]byte, error)

type CloudApplicationEntity

type CloudApplicationEntity struct {
	Properties *CloudApplicationEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (CloudApplicationEntity) Entity

func (CloudApplicationEntity) MarshalJSON

func (s CloudApplicationEntity) MarshalJSON() ([]byte, error)

type CloudApplicationEntityProperties

type CloudApplicationEntityProperties struct {
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	AppId          *int64                  `json:"appId,omitempty"`
	AppName        *string                 `json:"appName,omitempty"`
	FriendlyName   *string                 `json:"friendlyName,omitempty"`
	InstanceName   *string                 `json:"instanceName,omitempty"`
}

type ConfidenceLevel

type ConfidenceLevel string
const (
	ConfidenceLevelHigh    ConfidenceLevel = "High"
	ConfidenceLevelLow     ConfidenceLevel = "Low"
	ConfidenceLevelUnknown ConfidenceLevel = "Unknown"
)

func (*ConfidenceLevel) UnmarshalJSON

func (s *ConfidenceLevel) UnmarshalJSON(bytes []byte) error

type ConfidenceScoreStatus

type ConfidenceScoreStatus string
const (
	ConfidenceScoreStatusFinal         ConfidenceScoreStatus = "Final"
	ConfidenceScoreStatusInProcess     ConfidenceScoreStatus = "InProcess"
	ConfidenceScoreStatusNotApplicable ConfidenceScoreStatus = "NotApplicable"
	ConfidenceScoreStatusNotFinal      ConfidenceScoreStatus = "NotFinal"
)

func (*ConfidenceScoreStatus) UnmarshalJSON

func (s *ConfidenceScoreStatus) UnmarshalJSON(bytes []byte) error

type DeliveryAction

type DeliveryAction string
const (
	DeliveryActionBlocked         DeliveryAction = "Blocked"
	DeliveryActionDelivered       DeliveryAction = "Delivered"
	DeliveryActionDeliveredAsSpam DeliveryAction = "DeliveredAsSpam"
	DeliveryActionReplaced        DeliveryAction = "Replaced"
	DeliveryActionUnknown         DeliveryAction = "Unknown"
)

func (*DeliveryAction) UnmarshalJSON

func (s *DeliveryAction) UnmarshalJSON(bytes []byte) error

type DeliveryLocation

type DeliveryLocation string
const (
	DeliveryLocationDeletedFolder DeliveryLocation = "DeletedFolder"
	DeliveryLocationDropped       DeliveryLocation = "Dropped"
	DeliveryLocationExternal      DeliveryLocation = "External"
	DeliveryLocationFailed        DeliveryLocation = "Failed"
	DeliveryLocationForwarded     DeliveryLocation = "Forwarded"
	DeliveryLocationInbox         DeliveryLocation = "Inbox"
	DeliveryLocationJunkFolder    DeliveryLocation = "JunkFolder"
	DeliveryLocationQuarantine    DeliveryLocation = "Quarantine"
	DeliveryLocationUnknown       DeliveryLocation = "Unknown"
)

func (*DeliveryLocation) UnmarshalJSON

func (s *DeliveryLocation) UnmarshalJSON(bytes []byte) error

type DeviceImportance

type DeviceImportance string
const (
	DeviceImportanceHigh    DeviceImportance = "High"
	DeviceImportanceLow     DeviceImportance = "Low"
	DeviceImportanceNormal  DeviceImportance = "Normal"
	DeviceImportanceUnknown DeviceImportance = "Unknown"
)

func (*DeviceImportance) UnmarshalJSON

func (s *DeviceImportance) UnmarshalJSON(bytes []byte) error

type DnsEntity

type DnsEntity struct {
	Properties *DnsEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (DnsEntity) Entity

func (s DnsEntity) Entity() BaseEntityImpl

func (DnsEntity) MarshalJSON

func (s DnsEntity) MarshalJSON() ([]byte, error)

type DnsEntityProperties

type DnsEntityProperties struct {
	AdditionalData        *map[string]interface{} `json:"additionalData,omitempty"`
	DnsServerIPEntityId   *string                 `json:"dnsServerIpEntityId,omitempty"`
	DomainName            *string                 `json:"domainName,omitempty"`
	FriendlyName          *string                 `json:"friendlyName,omitempty"`
	HostIPAddressEntityId *string                 `json:"hostIpAddressEntityId,omitempty"`
	IPAddressEntityIds    *[]string               `json:"ipAddressEntityIds,omitempty"`
}

type ElevationToken

type ElevationToken string
const (
	ElevationTokenDefault ElevationToken = "Default"
	ElevationTokenFull    ElevationToken = "Full"
	ElevationTokenLimited ElevationToken = "Limited"
)

func (*ElevationToken) UnmarshalJSON

func (s *ElevationToken) UnmarshalJSON(bytes []byte) error

type EntitiesClient

type EntitiesClient struct {
	Client *resourcemanager.Client
}

func NewEntitiesClientWithBaseURI

func NewEntitiesClientWithBaseURI(sdkApi sdkEnv.Api) (*EntitiesClient, error)

func (EntitiesClient) Expand

Expand ...

func (EntitiesClient) Get

func (c EntitiesClient) Get(ctx context.Context, id EntityId) (result GetOperationResponse, err error)

Get ...

func (EntitiesClient) GetInsights

GetInsights ...

func (EntitiesClient) GetTimelinelist

GetTimelinelist ...

func (EntitiesClient) List

func (c EntitiesClient) List(ctx context.Context, id WorkspaceId) (result ListOperationResponse, err error)

List ...

func (EntitiesClient) ListComplete

ListComplete retrieves all the results into a single object

func (EntitiesClient) ListCompleteMatchingPredicate

func (c EntitiesClient) ListCompleteMatchingPredicate(ctx context.Context, id WorkspaceId, predicate EntityOperationPredicate) (result ListCompleteResult, err error)

ListCompleteMatchingPredicate retrieves all the results and then applies the predicate

func (EntitiesClient) Queries

Queries ...

type Entity

type Entity interface {
	Entity() BaseEntityImpl
}

func UnmarshalEntityImplementation

func UnmarshalEntityImplementation(input []byte) (Entity, error)

type EntityEdges

type EntityEdges struct {
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	TargetEntityId *string                 `json:"targetEntityId,omitempty"`
}

type EntityExpandParameters

type EntityExpandParameters struct {
	EndTime     *string `json:"endTime,omitempty"`
	ExpansionId *string `json:"expansionId,omitempty"`
	StartTime   *string `json:"startTime,omitempty"`
}

func (*EntityExpandParameters) GetEndTimeAsTime

func (o *EntityExpandParameters) GetEndTimeAsTime() (*time.Time, error)

func (*EntityExpandParameters) GetStartTimeAsTime

func (o *EntityExpandParameters) GetStartTimeAsTime() (*time.Time, error)

func (*EntityExpandParameters) SetEndTimeAsTime

func (o *EntityExpandParameters) SetEndTimeAsTime(input time.Time)

func (*EntityExpandParameters) SetStartTimeAsTime

func (o *EntityExpandParameters) SetStartTimeAsTime(input time.Time)

type EntityExpandResponse

type EntityExpandResponse struct {
	MetaData *ExpansionResultsMetadata  `json:"metaData,omitempty"`
	Value    *EntityExpandResponseValue `json:"value,omitempty"`
}

type EntityExpandResponseValue

type EntityExpandResponseValue struct {
	Edges    *[]EntityEdges `json:"edges,omitempty"`
	Entities *[]Entity      `json:"entities,omitempty"`
}

func (*EntityExpandResponseValue) UnmarshalJSON

func (s *EntityExpandResponseValue) UnmarshalJSON(bytes []byte) error

type EntityGetInsightsParameters

type EntityGetInsightsParameters struct {
	AddDefaultExtendedTimeRange *bool     `json:"addDefaultExtendedTimeRange,omitempty"`
	EndTime                     string    `json:"endTime"`
	InsightQueryIds             *[]string `json:"insightQueryIds,omitempty"`
	StartTime                   string    `json:"startTime"`
}

func (*EntityGetInsightsParameters) GetEndTimeAsTime

func (o *EntityGetInsightsParameters) GetEndTimeAsTime() (*time.Time, error)

func (*EntityGetInsightsParameters) GetStartTimeAsTime

func (o *EntityGetInsightsParameters) GetStartTimeAsTime() (*time.Time, error)

func (*EntityGetInsightsParameters) SetEndTimeAsTime

func (o *EntityGetInsightsParameters) SetEndTimeAsTime(input time.Time)

func (*EntityGetInsightsParameters) SetStartTimeAsTime

func (o *EntityGetInsightsParameters) SetStartTimeAsTime(input time.Time)

type EntityGetInsightsResponse

type EntityGetInsightsResponse struct {
	MetaData *GetInsightsResultsMetadata `json:"metaData,omitempty"`
	Value    *[]EntityInsightItem        `json:"value,omitempty"`
}

type EntityId

type EntityId struct {
	SubscriptionId    string
	ResourceGroupName string
	WorkspaceName     string
	EntityId          string
}

EntityId is a struct representing the Resource ID for a Entity

func NewEntityID

func NewEntityID(subscriptionId string, resourceGroupName string, workspaceName string, entityId string) EntityId

NewEntityID returns a new EntityId struct

func ParseEntityID

func ParseEntityID(input string) (*EntityId, error)

ParseEntityID parses 'input' into a EntityId

func ParseEntityIDInsensitively

func ParseEntityIDInsensitively(input string) (*EntityId, error)

ParseEntityIDInsensitively parses 'input' case-insensitively into a EntityId note: this method should only be used for API response data and not user input

func (*EntityId) FromParseResult

func (id *EntityId) FromParseResult(input resourceids.ParseResult) error

func (EntityId) ID

func (id EntityId) ID() string

ID returns the formatted Entity ID

func (EntityId) Segments

func (id EntityId) Segments() []resourceids.Segment

Segments returns a slice of Resource ID Segments which comprise this Entity ID

func (EntityId) String

func (id EntityId) String() string

String returns a human-readable description of this Entity ID

type EntityInsightItem

type EntityInsightItem struct {
	ChartQueryResults *[]InsightsTableResult              `json:"chartQueryResults,omitempty"`
	QueryId           *string                             `json:"queryId,omitempty"`
	QueryTimeInterval *EntityInsightItemQueryTimeInterval `json:"queryTimeInterval,omitempty"`
	TableQueryResults *InsightsTableResult                `json:"tableQueryResults,omitempty"`
}

type EntityInsightItemQueryTimeInterval

type EntityInsightItemQueryTimeInterval struct {
	EndTime   *string `json:"endTime,omitempty"`
	StartTime *string `json:"startTime,omitempty"`
}

func (*EntityInsightItemQueryTimeInterval) GetEndTimeAsTime

func (o *EntityInsightItemQueryTimeInterval) GetEndTimeAsTime() (*time.Time, error)

func (*EntityInsightItemQueryTimeInterval) GetStartTimeAsTime

func (o *EntityInsightItemQueryTimeInterval) GetStartTimeAsTime() (*time.Time, error)

func (*EntityInsightItemQueryTimeInterval) SetEndTimeAsTime

func (o *EntityInsightItemQueryTimeInterval) SetEndTimeAsTime(input time.Time)

func (*EntityInsightItemQueryTimeInterval) SetStartTimeAsTime

func (o *EntityInsightItemQueryTimeInterval) SetStartTimeAsTime(input time.Time)

type EntityItemQueryKind

type EntityItemQueryKind string
const (
	EntityItemQueryKindInsight EntityItemQueryKind = "Insight"
)

func (*EntityItemQueryKind) UnmarshalJSON

func (s *EntityItemQueryKind) UnmarshalJSON(bytes []byte) error

type EntityKind

type EntityKind string
const (
	EntityKindAccount          EntityKind = "Account"
	EntityKindAzureResource    EntityKind = "AzureResource"
	EntityKindBookmark         EntityKind = "Bookmark"
	EntityKindCloudApplication EntityKind = "CloudApplication"
	EntityKindDnsResolution    EntityKind = "DnsResolution"
	EntityKindFile             EntityKind = "File"
	EntityKindFileHash         EntityKind = "FileHash"
	EntityKindHost             EntityKind = "Host"
	EntityKindIP               EntityKind = "Ip"
	EntityKindIoTDevice        EntityKind = "IoTDevice"
	EntityKindMailCluster      EntityKind = "MailCluster"
	EntityKindMailMessage      EntityKind = "MailMessage"
	EntityKindMailbox          EntityKind = "Mailbox"
	EntityKindMalware          EntityKind = "Malware"
	EntityKindNic              EntityKind = "Nic"
	EntityKindProcess          EntityKind = "Process"
	EntityKindRegistryKey      EntityKind = "RegistryKey"
	EntityKindRegistryValue    EntityKind = "RegistryValue"
	EntityKindSecurityAlert    EntityKind = "SecurityAlert"
	EntityKindSecurityGroup    EntityKind = "SecurityGroup"
	EntityKindSubmissionMail   EntityKind = "SubmissionMail"
	EntityKindURL              EntityKind = "Url"
)

func (*EntityKind) UnmarshalJSON

func (s *EntityKind) UnmarshalJSON(bytes []byte) error

type EntityOperationPredicate

type EntityOperationPredicate struct {
}

func (EntityOperationPredicate) Matches

func (p EntityOperationPredicate) Matches(input Entity) bool

type EntityQueryItem

type EntityQueryItem interface {
	EntityQueryItem() BaseEntityQueryItemImpl
}

func UnmarshalEntityQueryItemImplementation

func UnmarshalEntityQueryItemImplementation(input []byte) (EntityQueryItem, error)

type EntityQueryItemPropertiesDataTypesInlined

type EntityQueryItemPropertiesDataTypesInlined struct {
	DataType *string `json:"dataType,omitempty"`
}

type EntityQueryKind

type EntityQueryKind string
const (
	EntityQueryKindActivity  EntityQueryKind = "Activity"
	EntityQueryKindExpansion EntityQueryKind = "Expansion"
	EntityQueryKindInsight   EntityQueryKind = "Insight"
)

func (*EntityQueryKind) UnmarshalJSON

func (s *EntityQueryKind) UnmarshalJSON(bytes []byte) error

type EntityTimelineItem

type EntityTimelineItem interface {
	EntityTimelineItem() BaseEntityTimelineItemImpl
}

func UnmarshalEntityTimelineItemImplementation

func UnmarshalEntityTimelineItemImplementation(input []byte) (EntityTimelineItem, error)

type EntityTimelineKind

type EntityTimelineKind string
const (
	EntityTimelineKindActivity      EntityTimelineKind = "Activity"
	EntityTimelineKindAnomaly       EntityTimelineKind = "Anomaly"
	EntityTimelineKindBookmark      EntityTimelineKind = "Bookmark"
	EntityTimelineKindSecurityAlert EntityTimelineKind = "SecurityAlert"
)

func (*EntityTimelineKind) UnmarshalJSON

func (s *EntityTimelineKind) UnmarshalJSON(bytes []byte) error

type EntityTimelineParameters

type EntityTimelineParameters struct {
	EndTime        string                `json:"endTime"`
	Kinds          *[]EntityTimelineKind `json:"kinds,omitempty"`
	NumberOfBucket *int64                `json:"numberOfBucket,omitempty"`
	StartTime      string                `json:"startTime"`
}

func (*EntityTimelineParameters) GetEndTimeAsTime

func (o *EntityTimelineParameters) GetEndTimeAsTime() (*time.Time, error)

func (*EntityTimelineParameters) GetStartTimeAsTime

func (o *EntityTimelineParameters) GetStartTimeAsTime() (*time.Time, error)

func (*EntityTimelineParameters) SetEndTimeAsTime

func (o *EntityTimelineParameters) SetEndTimeAsTime(input time.Time)

func (*EntityTimelineParameters) SetStartTimeAsTime

func (o *EntityTimelineParameters) SetStartTimeAsTime(input time.Time)

type EntityTimelineResponse

type EntityTimelineResponse struct {
	MetaData *TimelineResultsMetadata `json:"metaData,omitempty"`
	Value    *[]EntityTimelineItem    `json:"value,omitempty"`
}

func (*EntityTimelineResponse) UnmarshalJSON

func (s *EntityTimelineResponse) UnmarshalJSON(bytes []byte) error

type EntityType

type EntityType string
const (
	EntityTypeAccount          EntityType = "Account"
	EntityTypeAzureResource    EntityType = "AzureResource"
	EntityTypeCloudApplication EntityType = "CloudApplication"
	EntityTypeDNS              EntityType = "DNS"
	EntityTypeFile             EntityType = "File"
	EntityTypeFileHash         EntityType = "FileHash"
	EntityTypeHost             EntityType = "Host"
	EntityTypeHuntingBookmark  EntityType = "HuntingBookmark"
	EntityTypeIP               EntityType = "IP"
	EntityTypeIoTDevice        EntityType = "IoTDevice"
	EntityTypeMailCluster      EntityType = "MailCluster"
	EntityTypeMailMessage      EntityType = "MailMessage"
	EntityTypeMailbox          EntityType = "Mailbox"
	EntityTypeMalware          EntityType = "Malware"
	EntityTypeNic              EntityType = "Nic"
	EntityTypeProcess          EntityType = "Process"
	EntityTypeRegistryKey      EntityType = "RegistryKey"
	EntityTypeRegistryValue    EntityType = "RegistryValue"
	EntityTypeSecurityAlert    EntityType = "SecurityAlert"
	EntityTypeSecurityGroup    EntityType = "SecurityGroup"
	EntityTypeSubmissionMail   EntityType = "SubmissionMail"
	EntityTypeURL              EntityType = "URL"
)

func (*EntityType) UnmarshalJSON

func (s *EntityType) UnmarshalJSON(bytes []byte) error

type ExpandOperationResponse

type ExpandOperationResponse struct {
	HttpResponse *http.Response
	OData        *odata.OData
	Model        *EntityExpandResponse
}

type ExpansionResultAggregation

type ExpansionResultAggregation struct {
	AggregationType *string    `json:"aggregationType,omitempty"`
	Count           int64      `json:"count"`
	DisplayName     *string    `json:"displayName,omitempty"`
	EntityKind      EntityKind `json:"entityKind"`
}

type ExpansionResultsMetadata

type ExpansionResultsMetadata struct {
	Aggregations *[]ExpansionResultAggregation `json:"aggregations,omitempty"`
}

type FileEntity

type FileEntity struct {
	Properties *FileEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (FileEntity) Entity

func (s FileEntity) Entity() BaseEntityImpl

func (FileEntity) MarshalJSON

func (s FileEntity) MarshalJSON() ([]byte, error)

type FileEntityProperties

type FileEntityProperties struct {
	AdditionalData    *map[string]interface{} `json:"additionalData,omitempty"`
	Directory         *string                 `json:"directory,omitempty"`
	FileHashEntityIds *[]string               `json:"fileHashEntityIds,omitempty"`
	FileName          *string                 `json:"fileName,omitempty"`
	FriendlyName      *string                 `json:"friendlyName,omitempty"`
	HostEntityId      *string                 `json:"hostEntityId,omitempty"`
}

type FileHashAlgorithm

type FileHashAlgorithm string
const (
	FileHashAlgorithmMDFive          FileHashAlgorithm = "MD5"
	FileHashAlgorithmSHAOne          FileHashAlgorithm = "SHA1"
	FileHashAlgorithmSHATwoFiveSix   FileHashAlgorithm = "SHA256"
	FileHashAlgorithmSHATwoFiveSixAC FileHashAlgorithm = "SHA256AC"
	FileHashAlgorithmUnknown         FileHashAlgorithm = "Unknown"
)

func (*FileHashAlgorithm) UnmarshalJSON

func (s *FileHashAlgorithm) UnmarshalJSON(bytes []byte) error

type FileHashEntity

type FileHashEntity struct {
	Properties *FileHashEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (FileHashEntity) Entity

func (s FileHashEntity) Entity() BaseEntityImpl

func (FileHashEntity) MarshalJSON

func (s FileHashEntity) MarshalJSON() ([]byte, error)

type FileHashEntityProperties

type FileHashEntityProperties struct {
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	Algorithm      *FileHashAlgorithm      `json:"algorithm,omitempty"`
	FriendlyName   *string                 `json:"friendlyName,omitempty"`
	HashValue      *string                 `json:"hashValue,omitempty"`
}

type GeoLocation

type GeoLocation struct {
	Asn         *int64   `json:"asn,omitempty"`
	City        *string  `json:"city,omitempty"`
	CountryCode *string  `json:"countryCode,omitempty"`
	CountryName *string  `json:"countryName,omitempty"`
	Latitude    *float64 `json:"latitude,omitempty"`
	Longitude   *float64 `json:"longitude,omitempty"`
	State       *string  `json:"state,omitempty"`
}

type GetInsightsError

type GetInsightsError string
const (
	GetInsightsErrorInsight GetInsightsError = "Insight"
)

func (*GetInsightsError) UnmarshalJSON

func (s *GetInsightsError) UnmarshalJSON(bytes []byte) error

type GetInsightsErrorKind

type GetInsightsErrorKind struct {
	ErrorMessage string           `json:"errorMessage"`
	Kind         GetInsightsError `json:"kind"`
	QueryId      *string          `json:"queryId,omitempty"`
}

type GetInsightsOperationResponse

type GetInsightsOperationResponse struct {
	HttpResponse *http.Response
	OData        *odata.OData
	Model        *EntityGetInsightsResponse
}

type GetInsightsResultsMetadata

type GetInsightsResultsMetadata struct {
	Errors     *[]GetInsightsErrorKind `json:"errors,omitempty"`
	TotalCount int64                   `json:"totalCount"`
}

type GetOperationResponse

type GetOperationResponse struct {
	HttpResponse *http.Response
	OData        *odata.OData
	Model        Entity
}

type GetQueriesResponse

type GetQueriesResponse struct {
	Value *[]EntityQueryItem `json:"value,omitempty"`
}

func (*GetQueriesResponse) UnmarshalJSON

func (s *GetQueriesResponse) UnmarshalJSON(bytes []byte) error

type GetTimelinelistOperationResponse

type GetTimelinelistOperationResponse struct {
	HttpResponse *http.Response
	OData        *odata.OData
	Model        *EntityTimelineResponse
}

type HostEntity

type HostEntity struct {
	Properties *HostEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (HostEntity) Entity

func (s HostEntity) Entity() BaseEntityImpl

func (HostEntity) MarshalJSON

func (s HostEntity) MarshalJSON() ([]byte, error)

type HostEntityProperties

type HostEntityProperties struct {
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	AzureID        *string                 `json:"azureID,omitempty"`
	DnsDomain      *string                 `json:"dnsDomain,omitempty"`
	FriendlyName   *string                 `json:"friendlyName,omitempty"`
	HostName       *string                 `json:"hostName,omitempty"`
	IsDomainJoined *bool                   `json:"isDomainJoined,omitempty"`
	NetBiosName    *string                 `json:"netBiosName,omitempty"`
	NtDomain       *string                 `json:"ntDomain,omitempty"`
	OmsAgentID     *string                 `json:"omsAgentID,omitempty"`
	OsFamily       *OSFamily               `json:"osFamily,omitempty"`
	OsVersion      *string                 `json:"osVersion,omitempty"`
}

type HuntingBookmark

type HuntingBookmark struct {
	Properties *HuntingBookmarkProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (HuntingBookmark) Entity

func (s HuntingBookmark) Entity() BaseEntityImpl

func (HuntingBookmark) MarshalJSON

func (s HuntingBookmark) MarshalJSON() ([]byte, error)

type HuntingBookmarkProperties

type HuntingBookmarkProperties struct {
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	Created        *string                 `json:"created,omitempty"`
	CreatedBy      *UserInfo               `json:"createdBy,omitempty"`
	DisplayName    string                  `json:"displayName"`
	EventTime      *string                 `json:"eventTime,omitempty"`
	FriendlyName   *string                 `json:"friendlyName,omitempty"`
	IncidentInfo   *IncidentInfo           `json:"incidentInfo,omitempty"`
	Labels         *[]string               `json:"labels,omitempty"`
	Notes          *string                 `json:"notes,omitempty"`
	Query          string                  `json:"query"`
	QueryResult    *string                 `json:"queryResult,omitempty"`
	Updated        *string                 `json:"updated,omitempty"`
	UpdatedBy      *UserInfo               `json:"updatedBy,omitempty"`
}

func (*HuntingBookmarkProperties) GetCreatedAsTime

func (o *HuntingBookmarkProperties) GetCreatedAsTime() (*time.Time, error)

func (*HuntingBookmarkProperties) GetEventTimeAsTime

func (o *HuntingBookmarkProperties) GetEventTimeAsTime() (*time.Time, error)

func (*HuntingBookmarkProperties) GetUpdatedAsTime

func (o *HuntingBookmarkProperties) GetUpdatedAsTime() (*time.Time, error)

func (*HuntingBookmarkProperties) SetCreatedAsTime

func (o *HuntingBookmarkProperties) SetCreatedAsTime(input time.Time)

func (*HuntingBookmarkProperties) SetEventTimeAsTime

func (o *HuntingBookmarkProperties) SetEventTimeAsTime(input time.Time)

func (*HuntingBookmarkProperties) SetUpdatedAsTime

func (o *HuntingBookmarkProperties) SetUpdatedAsTime(input time.Time)

type IPEntity

type IPEntity struct {
	Properties *IPEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (IPEntity) Entity

func (s IPEntity) Entity() BaseEntityImpl

func (IPEntity) MarshalJSON

func (s IPEntity) MarshalJSON() ([]byte, error)

type IPEntityProperties

type IPEntityProperties struct {
	AdditionalData     *map[string]interface{} `json:"additionalData,omitempty"`
	Address            *string                 `json:"address,omitempty"`
	FriendlyName       *string                 `json:"friendlyName,omitempty"`
	Location           *GeoLocation            `json:"location,omitempty"`
	ThreatIntelligence *[]ThreatIntelligence   `json:"threatIntelligence,omitempty"`
}

type IncidentInfo

type IncidentInfo struct {
	IncidentId   *string           `json:"incidentId,omitempty"`
	RelationName *string           `json:"relationName,omitempty"`
	Severity     *IncidentSeverity `json:"severity,omitempty"`
	Title        *string           `json:"title,omitempty"`
}

type IncidentSeverity

type IncidentSeverity string
const (
	IncidentSeverityHigh          IncidentSeverity = "High"
	IncidentSeverityInformational IncidentSeverity = "Informational"
	IncidentSeverityLow           IncidentSeverity = "Low"
	IncidentSeverityMedium        IncidentSeverity = "Medium"
)

func (*IncidentSeverity) UnmarshalJSON

func (s *IncidentSeverity) UnmarshalJSON(bytes []byte) error

type InsightQueryItem

type InsightQueryItem struct {
	Properties *InsightQueryItemProperties `json:"properties,omitempty"`

	Id   *string         `json:"id,omitempty"`
	Kind EntityQueryKind `json:"kind"`
	Name *string         `json:"name,omitempty"`
	Type *string         `json:"type,omitempty"`
}

func (InsightQueryItem) EntityQueryItem

func (s InsightQueryItem) EntityQueryItem() BaseEntityQueryItemImpl

func (InsightQueryItem) MarshalJSON

func (s InsightQueryItem) MarshalJSON() ([]byte, error)

type InsightQueryItemProperties

type InsightQueryItemProperties struct {
	AdditionalQuery         *InsightQueryItemPropertiesAdditionalQuery    `json:"additionalQuery,omitempty"`
	BaseQuery               *string                                       `json:"baseQuery,omitempty"`
	ChartQuery              *interface{}                                  `json:"chartQuery,omitempty"`
	DataTypes               *[]EntityQueryItemPropertiesDataTypesInlined  `json:"dataTypes,omitempty"`
	DefaultTimeRange        *InsightQueryItemPropertiesDefaultTimeRange   `json:"defaultTimeRange,omitempty"`
	Description             *string                                       `json:"description,omitempty"`
	DisplayName             *string                                       `json:"displayName,omitempty"`
	EntitiesFilter          *interface{}                                  `json:"entitiesFilter,omitempty"`
	InputEntityType         *EntityType                                   `json:"inputEntityType,omitempty"`
	ReferenceTimeRange      *InsightQueryItemPropertiesReferenceTimeRange `json:"referenceTimeRange,omitempty"`
	RequiredInputFieldsSets *[][]string                                   `json:"requiredInputFieldsSets,omitempty"`
	TableQuery              *InsightQueryItemPropertiesTableQuery         `json:"tableQuery,omitempty"`
}

type InsightQueryItemPropertiesAdditionalQuery

type InsightQueryItemPropertiesAdditionalQuery struct {
	Query *string `json:"query,omitempty"`
	Text  *string `json:"text,omitempty"`
}

type InsightQueryItemPropertiesDefaultTimeRange

type InsightQueryItemPropertiesDefaultTimeRange struct {
	AfterRange  *string `json:"afterRange,omitempty"`
	BeforeRange *string `json:"beforeRange,omitempty"`
}

type InsightQueryItemPropertiesReferenceTimeRange

type InsightQueryItemPropertiesReferenceTimeRange struct {
	BeforeRange *string `json:"beforeRange,omitempty"`
}

type InsightQueryItemPropertiesTableQuery

type InsightQueryItemPropertiesTableQuery struct {
	ColumnsDefinitions *[]InsightQueryItemPropertiesTableQueryColumnsDefinitionsInlined `json:"columnsDefinitions,omitempty"`
	QueriesDefinitions *[]InsightQueryItemPropertiesTableQueryQueriesDefinitionsInlined `json:"queriesDefinitions,omitempty"`
}

type InsightQueryItemPropertiesTableQueryColumnsDefinitionsInlined

type InsightQueryItemPropertiesTableQueryColumnsDefinitionsInlined struct {
	Header          *string     `json:"header,omitempty"`
	OutputType      *OutputType `json:"outputType,omitempty"`
	SupportDeepLink *bool       `json:"supportDeepLink,omitempty"`
}

type InsightQueryItemPropertiesTableQueryQueriesDefinitionsInlined

type InsightQueryItemPropertiesTableQueryQueriesDefinitionsInlined struct {
	Filter                 *string                                                                                       `json:"filter,omitempty"`
	LinkColumnsDefinitions *[]InsightQueryItemPropertiesTableQueryQueriesDefinitionsInlinedLinkColumnsDefinitionsInlined `json:"linkColumnsDefinitions,omitempty"`
	Project                *string                                                                                       `json:"project,omitempty"`
	Summarize              *string                                                                                       `json:"summarize,omitempty"`
}

type InsightQueryItemPropertiesTableQueryQueriesDefinitionsInlinedLinkColumnsDefinitionsInlined

type InsightQueryItemPropertiesTableQueryQueriesDefinitionsInlinedLinkColumnsDefinitionsInlined struct {
	ProjectedName *string `json:"projectedName,omitempty"`
	Query         *string `json:"Query,omitempty"`
}

type InsightsTableResult

type InsightsTableResult struct {
	Columns *[]InsightsTableResultColumnsInlined `json:"columns,omitempty"`
	Rows    *[][]string                          `json:"rows,omitempty"`
}

type InsightsTableResultColumnsInlined

type InsightsTableResultColumnsInlined struct {
	Name *string `json:"name,omitempty"`
	Type *string `json:"type,omitempty"`
}

type IoTDeviceEntity

type IoTDeviceEntity struct {
	Properties *IoTDeviceEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (IoTDeviceEntity) Entity

func (s IoTDeviceEntity) Entity() BaseEntityImpl

func (IoTDeviceEntity) MarshalJSON

func (s IoTDeviceEntity) MarshalJSON() ([]byte, error)

type IoTDeviceEntityProperties

type IoTDeviceEntityProperties struct {
	AdditionalData     *map[string]interface{} `json:"additionalData,omitempty"`
	DeviceId           *string                 `json:"deviceId,omitempty"`
	DeviceName         *string                 `json:"deviceName,omitempty"`
	DeviceSubType      *string                 `json:"deviceSubType,omitempty"`
	DeviceType         *string                 `json:"deviceType,omitempty"`
	EdgeId             *string                 `json:"edgeId,omitempty"`
	FirmwareVersion    *string                 `json:"firmwareVersion,omitempty"`
	FriendlyName       *string                 `json:"friendlyName,omitempty"`
	HostEntityId       *string                 `json:"hostEntityId,omitempty"`
	IPAddressEntityId  *string                 `json:"ipAddressEntityId,omitempty"`
	Importance         *DeviceImportance       `json:"importance,omitempty"`
	IotHubEntityId     *string                 `json:"iotHubEntityId,omitempty"`
	IotSecurityAgentId *string                 `json:"iotSecurityAgentId,omitempty"`
	IsAuthorized       *bool                   `json:"isAuthorized,omitempty"`
	IsProgramming      *bool                   `json:"isProgramming,omitempty"`
	IsScanner          *bool                   `json:"isScanner,omitempty"`
	MacAddress         *string                 `json:"macAddress,omitempty"`
	Model              *string                 `json:"model,omitempty"`
	NicEntityIds       *[]string               `json:"nicEntityIds,omitempty"`
	OperatingSystem    *string                 `json:"operatingSystem,omitempty"`
	Owners             *[]string               `json:"owners,omitempty"`
	Protocols          *[]string               `json:"protocols,omitempty"`
	PurdueLayer        *string                 `json:"purdueLayer,omitempty"`
	Sensor             *string                 `json:"sensor,omitempty"`
	SerialNumber       *string                 `json:"serialNumber,omitempty"`
	Site               *string                 `json:"site,omitempty"`
	Source             *string                 `json:"source,omitempty"`
	ThreatIntelligence *[]ThreatIntelligence   `json:"threatIntelligence,omitempty"`
	Vendor             *string                 `json:"vendor,omitempty"`
	Zone               *string                 `json:"zone,omitempty"`
}

type KillChainIntent

type KillChainIntent string
const (
	KillChainIntentCollection          KillChainIntent = "Collection"
	KillChainIntentCommandAndControl   KillChainIntent = "CommandAndControl"
	KillChainIntentCredentialAccess    KillChainIntent = "CredentialAccess"
	KillChainIntentDefenseEvasion      KillChainIntent = "DefenseEvasion"
	KillChainIntentDiscovery           KillChainIntent = "Discovery"
	KillChainIntentExecution           KillChainIntent = "Execution"
	KillChainIntentExfiltration        KillChainIntent = "Exfiltration"
	KillChainIntentExploitation        KillChainIntent = "Exploitation"
	KillChainIntentImpact              KillChainIntent = "Impact"
	KillChainIntentLateralMovement     KillChainIntent = "LateralMovement"
	KillChainIntentPersistence         KillChainIntent = "Persistence"
	KillChainIntentPrivilegeEscalation KillChainIntent = "PrivilegeEscalation"
	KillChainIntentProbing             KillChainIntent = "Probing"
	KillChainIntentUnknown             KillChainIntent = "Unknown"
)

func (*KillChainIntent) UnmarshalJSON

func (s *KillChainIntent) UnmarshalJSON(bytes []byte) error

type ListCompleteResult

type ListCompleteResult struct {
	LatestHttpResponse *http.Response
	Items              []Entity
}

type ListCustomPager

type ListCustomPager struct {
	NextLink *odata.Link `json:"nextLink"`
}
func (p *ListCustomPager) NextPageLink() *odata.Link

type ListOperationResponse

type ListOperationResponse struct {
	HttpResponse *http.Response
	OData        *odata.OData
	Model        *[]Entity
}

type MailClusterEntity

type MailClusterEntity struct {
	Properties *MailClusterEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (MailClusterEntity) Entity

func (s MailClusterEntity) Entity() BaseEntityImpl

func (MailClusterEntity) MarshalJSON

func (s MailClusterEntity) MarshalJSON() ([]byte, error)

type MailClusterEntityProperties

type MailClusterEntityProperties struct {
	AdditionalData          *map[string]interface{} `json:"additionalData,omitempty"`
	ClusterGroup            *string                 `json:"clusterGroup,omitempty"`
	ClusterQueryEndTime     *string                 `json:"clusterQueryEndTime,omitempty"`
	ClusterQueryStartTime   *string                 `json:"clusterQueryStartTime,omitempty"`
	ClusterSourceIdentifier *string                 `json:"clusterSourceIdentifier,omitempty"`
	ClusterSourceType       *string                 `json:"clusterSourceType,omitempty"`
	CountByDeliveryStatus   *interface{}            `json:"countByDeliveryStatus,omitempty"`
	CountByProtectionStatus *interface{}            `json:"countByProtectionStatus,omitempty"`
	CountByThreatType       *interface{}            `json:"countByThreatType,omitempty"`
	FriendlyName            *string                 `json:"friendlyName,omitempty"`
	IsVolumeAnomaly         *bool                   `json:"isVolumeAnomaly,omitempty"`
	MailCount               *int64                  `json:"mailCount,omitempty"`
	NetworkMessageIds       *[]string               `json:"networkMessageIds,omitempty"`
	Query                   *string                 `json:"query,omitempty"`
	QueryTime               *string                 `json:"queryTime,omitempty"`
	Source                  *string                 `json:"source,omitempty"`
	Threats                 *[]string               `json:"threats,omitempty"`
}

func (*MailClusterEntityProperties) GetClusterQueryEndTimeAsTime

func (o *MailClusterEntityProperties) GetClusterQueryEndTimeAsTime() (*time.Time, error)

func (*MailClusterEntityProperties) GetClusterQueryStartTimeAsTime

func (o *MailClusterEntityProperties) GetClusterQueryStartTimeAsTime() (*time.Time, error)

func (*MailClusterEntityProperties) GetQueryTimeAsTime

func (o *MailClusterEntityProperties) GetQueryTimeAsTime() (*time.Time, error)

func (*MailClusterEntityProperties) SetClusterQueryEndTimeAsTime

func (o *MailClusterEntityProperties) SetClusterQueryEndTimeAsTime(input time.Time)

func (*MailClusterEntityProperties) SetClusterQueryStartTimeAsTime

func (o *MailClusterEntityProperties) SetClusterQueryStartTimeAsTime(input time.Time)

func (*MailClusterEntityProperties) SetQueryTimeAsTime

func (o *MailClusterEntityProperties) SetQueryTimeAsTime(input time.Time)

type MailMessageEntity

type MailMessageEntity struct {
	Properties *MailMessageEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (MailMessageEntity) Entity

func (s MailMessageEntity) Entity() BaseEntityImpl

func (MailMessageEntity) MarshalJSON

func (s MailMessageEntity) MarshalJSON() ([]byte, error)

type MailMessageEntityProperties

type MailMessageEntityProperties struct {
	AdditionalData         *map[string]interface{} `json:"additionalData,omitempty"`
	AntispamDirection      *AntispamMailDirection  `json:"antispamDirection,omitempty"`
	BodyFingerprintBin1    *int64                  `json:"bodyFingerprintBin1,omitempty"`
	BodyFingerprintBin2    *int64                  `json:"bodyFingerprintBin2,omitempty"`
	BodyFingerprintBin3    *int64                  `json:"bodyFingerprintBin3,omitempty"`
	BodyFingerprintBin4    *int64                  `json:"bodyFingerprintBin4,omitempty"`
	BodyFingerprintBin5    *int64                  `json:"bodyFingerprintBin5,omitempty"`
	DeliveryAction         *DeliveryAction         `json:"deliveryAction,omitempty"`
	DeliveryLocation       *DeliveryLocation       `json:"deliveryLocation,omitempty"`
	FileEntityIds          *[]string               `json:"fileEntityIds,omitempty"`
	FriendlyName           *string                 `json:"friendlyName,omitempty"`
	InternetMessageId      *string                 `json:"internetMessageId,omitempty"`
	Language               *string                 `json:"language,omitempty"`
	NetworkMessageId       *string                 `json:"networkMessageId,omitempty"`
	P1Sender               *string                 `json:"p1Sender,omitempty"`
	P1SenderDisplayName    *string                 `json:"p1SenderDisplayName,omitempty"`
	P1SenderDomain         *string                 `json:"p1SenderDomain,omitempty"`
	P2Sender               *string                 `json:"p2Sender,omitempty"`
	P2SenderDisplayName    *string                 `json:"p2SenderDisplayName,omitempty"`
	P2SenderDomain         *string                 `json:"p2SenderDomain,omitempty"`
	ReceiveDate            *string                 `json:"receiveDate,omitempty"`
	Recipient              *string                 `json:"recipient,omitempty"`
	SenderIP               *string                 `json:"senderIP,omitempty"`
	Subject                *string                 `json:"subject,omitempty"`
	ThreatDetectionMethods *[]string               `json:"threatDetectionMethods,omitempty"`
	Threats                *[]string               `json:"threats,omitempty"`
	Urls                   *[]string               `json:"urls,omitempty"`
}

func (*MailMessageEntityProperties) GetReceiveDateAsTime

func (o *MailMessageEntityProperties) GetReceiveDateAsTime() (*time.Time, error)

func (*MailMessageEntityProperties) SetReceiveDateAsTime

func (o *MailMessageEntityProperties) SetReceiveDateAsTime(input time.Time)

type MailboxEntity

type MailboxEntity struct {
	Properties *MailboxEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (MailboxEntity) Entity

func (s MailboxEntity) Entity() BaseEntityImpl

func (MailboxEntity) MarshalJSON

func (s MailboxEntity) MarshalJSON() ([]byte, error)

type MailboxEntityProperties

type MailboxEntityProperties struct {
	AdditionalData            *map[string]interface{} `json:"additionalData,omitempty"`
	DisplayName               *string                 `json:"displayName,omitempty"`
	ExternalDirectoryObjectId *string                 `json:"externalDirectoryObjectId,omitempty"`
	FriendlyName              *string                 `json:"friendlyName,omitempty"`
	MailboxPrimaryAddress     *string                 `json:"mailboxPrimaryAddress,omitempty"`
	Upn                       *string                 `json:"upn,omitempty"`
}

type MalwareEntity

type MalwareEntity struct {
	Properties *MalwareEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (MalwareEntity) Entity

func (s MalwareEntity) Entity() BaseEntityImpl

func (MalwareEntity) MarshalJSON

func (s MalwareEntity) MarshalJSON() ([]byte, error)

type MalwareEntityProperties

type MalwareEntityProperties struct {
	AdditionalData   *map[string]interface{} `json:"additionalData,omitempty"`
	Category         *string                 `json:"category,omitempty"`
	FileEntityIds    *[]string               `json:"fileEntityIds,omitempty"`
	FriendlyName     *string                 `json:"friendlyName,omitempty"`
	MalwareName      *string                 `json:"malwareName,omitempty"`
	ProcessEntityIds *[]string               `json:"processEntityIds,omitempty"`
}

type NicEntity

type NicEntity struct {
	Properties *NicEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (NicEntity) Entity

func (s NicEntity) Entity() BaseEntityImpl

func (NicEntity) MarshalJSON

func (s NicEntity) MarshalJSON() ([]byte, error)

type NicEntityProperties

type NicEntityProperties struct {
	AdditionalData    *map[string]interface{} `json:"additionalData,omitempty"`
	FriendlyName      *string                 `json:"friendlyName,omitempty"`
	IPAddressEntityId *string                 `json:"ipAddressEntityId,omitempty"`
	MacAddress        *string                 `json:"macAddress,omitempty"`
	Vlans             *[]string               `json:"vlans,omitempty"`
}

type OSFamily

type OSFamily string
const (
	OSFamilyAndroid OSFamily = "Android"
	OSFamilyIOS     OSFamily = "IOS"
	OSFamilyLinux   OSFamily = "Linux"
	OSFamilyUnknown OSFamily = "Unknown"
	OSFamilyWindows OSFamily = "Windows"
)

func (*OSFamily) UnmarshalJSON

func (s *OSFamily) UnmarshalJSON(bytes []byte) error

type OutputType

type OutputType string
const (
	OutputTypeDate   OutputType = "Date"
	OutputTypeEntity OutputType = "Entity"
	OutputTypeNumber OutputType = "Number"
	OutputTypeString OutputType = "String"
)

func (*OutputType) UnmarshalJSON

func (s *OutputType) UnmarshalJSON(bytes []byte) error

type ProcessEntity

type ProcessEntity struct {
	Properties *ProcessEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (ProcessEntity) Entity

func (s ProcessEntity) Entity() BaseEntityImpl

func (ProcessEntity) MarshalJSON

func (s ProcessEntity) MarshalJSON() ([]byte, error)

type ProcessEntityProperties

type ProcessEntityProperties struct {
	AccountEntityId          *string                 `json:"accountEntityId,omitempty"`
	AdditionalData           *map[string]interface{} `json:"additionalData,omitempty"`
	CommandLine              *string                 `json:"commandLine,omitempty"`
	CreationTimeUtc          *string                 `json:"creationTimeUtc,omitempty"`
	ElevationToken           *ElevationToken         `json:"elevationToken,omitempty"`
	FriendlyName             *string                 `json:"friendlyName,omitempty"`
	HostEntityId             *string                 `json:"hostEntityId,omitempty"`
	HostLogonSessionEntityId *string                 `json:"hostLogonSessionEntityId,omitempty"`
	ImageFileEntityId        *string                 `json:"imageFileEntityId,omitempty"`
	ParentProcessEntityId    *string                 `json:"parentProcessEntityId,omitempty"`
	ProcessId                *string                 `json:"processId,omitempty"`
}

func (*ProcessEntityProperties) GetCreationTimeUtcAsTime

func (o *ProcessEntityProperties) GetCreationTimeUtcAsTime() (*time.Time, error)

func (*ProcessEntityProperties) SetCreationTimeUtcAsTime

func (o *ProcessEntityProperties) SetCreationTimeUtcAsTime(input time.Time)

type QueriesOperationOptions

type QueriesOperationOptions struct {
	Kind *EntityItemQueryKind
}

func DefaultQueriesOperationOptions

func DefaultQueriesOperationOptions() QueriesOperationOptions

func (QueriesOperationOptions) ToHeaders

func (o QueriesOperationOptions) ToHeaders() *client.Headers

func (QueriesOperationOptions) ToOData

func (o QueriesOperationOptions) ToOData() *odata.Query

func (QueriesOperationOptions) ToQuery

type QueriesOperationResponse

type QueriesOperationResponse struct {
	HttpResponse *http.Response
	OData        *odata.OData
	Model        *GetQueriesResponse
}

type RawEntityImpl

type RawEntityImpl struct {
	Type   string
	Values map[string]interface{}
	// contains filtered or unexported fields
}

RawEntityImpl is returned when the Discriminated Value doesn't match any of the defined types NOTE: this should only be used when a type isn't defined for this type of Object (as a workaround) and is used only for Deserialization (e.g. this cannot be used as a Request Payload).

func (RawEntityImpl) Entity

func (s RawEntityImpl) Entity() BaseEntityImpl

type RawEntityQueryItemImpl

type RawEntityQueryItemImpl struct {
	Type   string
	Values map[string]interface{}
	// contains filtered or unexported fields
}

RawEntityQueryItemImpl is returned when the Discriminated Value doesn't match any of the defined types NOTE: this should only be used when a type isn't defined for this type of Object (as a workaround) and is used only for Deserialization (e.g. this cannot be used as a Request Payload).

func (RawEntityQueryItemImpl) EntityQueryItem

func (s RawEntityQueryItemImpl) EntityQueryItem() BaseEntityQueryItemImpl

type RawEntityTimelineItemImpl

type RawEntityTimelineItemImpl struct {
	Type   string
	Values map[string]interface{}
	// contains filtered or unexported fields
}

RawEntityTimelineItemImpl is returned when the Discriminated Value doesn't match any of the defined types NOTE: this should only be used when a type isn't defined for this type of Object (as a workaround) and is used only for Deserialization (e.g. this cannot be used as a Request Payload).

func (RawEntityTimelineItemImpl) EntityTimelineItem

type RegistryHive

type RegistryHive string
const (
	RegistryHiveHKEYA                        RegistryHive = "HKEY_A"
	RegistryHiveHKEYCLASSESROOT              RegistryHive = "HKEY_CLASSES_ROOT"
	RegistryHiveHKEYCURRENTCONFIG            RegistryHive = "HKEY_CURRENT_CONFIG"
	RegistryHiveHKEYCURRENTUSER              RegistryHive = "HKEY_CURRENT_USER"
	RegistryHiveHKEYCURRENTUSERLOCALSETTINGS RegistryHive = "HKEY_CURRENT_USER_LOCAL_SETTINGS"
	RegistryHiveHKEYLOCALMACHINE             RegistryHive = "HKEY_LOCAL_MACHINE"
	RegistryHiveHKEYPERFORMANCEDATA          RegistryHive = "HKEY_PERFORMANCE_DATA"
	RegistryHiveHKEYPERFORMANCENLSTEXT       RegistryHive = "HKEY_PERFORMANCE_NLSTEXT"
	RegistryHiveHKEYPERFORMANCETEXT          RegistryHive = "HKEY_PERFORMANCE_TEXT"
	RegistryHiveHKEYUSERS                    RegistryHive = "HKEY_USERS"
)

func (*RegistryHive) UnmarshalJSON

func (s *RegistryHive) UnmarshalJSON(bytes []byte) error

type RegistryKeyEntity

type RegistryKeyEntity struct {
	Properties *RegistryKeyEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (RegistryKeyEntity) Entity

func (s RegistryKeyEntity) Entity() BaseEntityImpl

func (RegistryKeyEntity) MarshalJSON

func (s RegistryKeyEntity) MarshalJSON() ([]byte, error)

type RegistryKeyEntityProperties

type RegistryKeyEntityProperties struct {
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	FriendlyName   *string                 `json:"friendlyName,omitempty"`
	Hive           *RegistryHive           `json:"hive,omitempty"`
	Key            *string                 `json:"key,omitempty"`
}

type RegistryValueEntity

type RegistryValueEntity struct {
	Properties *RegistryValueEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (RegistryValueEntity) Entity

func (RegistryValueEntity) MarshalJSON

func (s RegistryValueEntity) MarshalJSON() ([]byte, error)

type RegistryValueEntityProperties

type RegistryValueEntityProperties struct {
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	FriendlyName   *string                 `json:"friendlyName,omitempty"`
	KeyEntityId    *string                 `json:"keyEntityId,omitempty"`
	ValueData      *string                 `json:"valueData,omitempty"`
	ValueName      *string                 `json:"valueName,omitempty"`
	ValueType      *RegistryValueKind      `json:"valueType,omitempty"`
}

type RegistryValueKind

type RegistryValueKind string
const (
	RegistryValueKindBinary       RegistryValueKind = "Binary"
	RegistryValueKindDWord        RegistryValueKind = "DWord"
	RegistryValueKindExpandString RegistryValueKind = "ExpandString"
	RegistryValueKindMultiString  RegistryValueKind = "MultiString"
	RegistryValueKindNone         RegistryValueKind = "None"
	RegistryValueKindQWord        RegistryValueKind = "QWord"
	RegistryValueKindString       RegistryValueKind = "String"
	RegistryValueKindUnknown      RegistryValueKind = "Unknown"
)

func (*RegistryValueKind) UnmarshalJSON

func (s *RegistryValueKind) UnmarshalJSON(bytes []byte) error

type SecurityAlert

type SecurityAlert struct {
	Properties *SecurityAlertProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (SecurityAlert) Entity

func (s SecurityAlert) Entity() BaseEntityImpl

func (SecurityAlert) MarshalJSON

func (s SecurityAlert) MarshalJSON() ([]byte, error)

type SecurityAlertProperties

type SecurityAlertProperties struct {
	AdditionalData        *map[string]interface{}                            `json:"additionalData,omitempty"`
	AlertDisplayName      *string                                            `json:"alertDisplayName,omitempty"`
	AlertLink             *string                                            `json:"alertLink,omitempty"`
	AlertType             *string                                            `json:"alertType,omitempty"`
	CompromisedEntity     *string                                            `json:"compromisedEntity,omitempty"`
	ConfidenceLevel       *ConfidenceLevel                                   `json:"confidenceLevel,omitempty"`
	ConfidenceReasons     *[]SecurityAlertPropertiesConfidenceReasonsInlined `json:"confidenceReasons,omitempty"`
	ConfidenceScore       *float64                                           `json:"confidenceScore,omitempty"`
	ConfidenceScoreStatus *ConfidenceScoreStatus                             `json:"confidenceScoreStatus,omitempty"`
	Description           *string                                            `json:"description,omitempty"`
	EndTimeUtc            *string                                            `json:"endTimeUtc,omitempty"`
	FriendlyName          *string                                            `json:"friendlyName,omitempty"`
	Intent                *KillChainIntent                                   `json:"intent,omitempty"`
	ProcessingEndTime     *string                                            `json:"processingEndTime,omitempty"`
	ProductComponentName  *string                                            `json:"productComponentName,omitempty"`
	ProductName           *string                                            `json:"productName,omitempty"`
	ProductVersion        *string                                            `json:"productVersion,omitempty"`
	ProviderAlertId       *string                                            `json:"providerAlertId,omitempty"`
	RemediationSteps      *[]string                                          `json:"remediationSteps,omitempty"`
	ResourceIdentifiers   *[]interface{}                                     `json:"resourceIdentifiers,omitempty"`
	Severity              *AlertSeverity                                     `json:"severity,omitempty"`
	StartTimeUtc          *string                                            `json:"startTimeUtc,omitempty"`
	Status                *AlertStatus                                       `json:"status,omitempty"`
	SystemAlertId         *string                                            `json:"systemAlertId,omitempty"`
	Tactics               *[]AttackTactic                                    `json:"tactics,omitempty"`
	TimeGenerated         *string                                            `json:"timeGenerated,omitempty"`
	VendorName            *string                                            `json:"vendorName,omitempty"`
}

func (*SecurityAlertProperties) GetEndTimeUtcAsTime

func (o *SecurityAlertProperties) GetEndTimeUtcAsTime() (*time.Time, error)

func (*SecurityAlertProperties) GetProcessingEndTimeAsTime

func (o *SecurityAlertProperties) GetProcessingEndTimeAsTime() (*time.Time, error)

func (*SecurityAlertProperties) GetStartTimeUtcAsTime

func (o *SecurityAlertProperties) GetStartTimeUtcAsTime() (*time.Time, error)

func (*SecurityAlertProperties) GetTimeGeneratedAsTime

func (o *SecurityAlertProperties) GetTimeGeneratedAsTime() (*time.Time, error)

func (*SecurityAlertProperties) SetEndTimeUtcAsTime

func (o *SecurityAlertProperties) SetEndTimeUtcAsTime(input time.Time)

func (*SecurityAlertProperties) SetProcessingEndTimeAsTime

func (o *SecurityAlertProperties) SetProcessingEndTimeAsTime(input time.Time)

func (*SecurityAlertProperties) SetStartTimeUtcAsTime

func (o *SecurityAlertProperties) SetStartTimeUtcAsTime(input time.Time)

func (*SecurityAlertProperties) SetTimeGeneratedAsTime

func (o *SecurityAlertProperties) SetTimeGeneratedAsTime(input time.Time)

type SecurityAlertPropertiesConfidenceReasonsInlined

type SecurityAlertPropertiesConfidenceReasonsInlined struct {
	Reason     *string `json:"reason,omitempty"`
	ReasonType *string `json:"reasonType,omitempty"`
}

type SecurityAlertTimelineItem

type SecurityAlertTimelineItem struct {
	AlertType       string           `json:"alertType"`
	AzureResourceId string           `json:"azureResourceId"`
	Description     *string          `json:"description,omitempty"`
	DisplayName     string           `json:"displayName"`
	EndTimeUtc      string           `json:"endTimeUtc"`
	Intent          *KillChainIntent `json:"intent,omitempty"`
	ProductName     *string          `json:"productName,omitempty"`
	Severity        AlertSeverity    `json:"severity"`
	StartTimeUtc    string           `json:"startTimeUtc"`
	Techniques      *[]string        `json:"techniques,omitempty"`
	TimeGenerated   string           `json:"timeGenerated"`

	Kind EntityTimelineKind `json:"kind"`
}

func (SecurityAlertTimelineItem) EntityTimelineItem

func (SecurityAlertTimelineItem) MarshalJSON

func (s SecurityAlertTimelineItem) MarshalJSON() ([]byte, error)

type SecurityGroupEntity

type SecurityGroupEntity struct {
	Properties *SecurityGroupEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (SecurityGroupEntity) Entity

func (SecurityGroupEntity) MarshalJSON

func (s SecurityGroupEntity) MarshalJSON() ([]byte, error)

type SecurityGroupEntityProperties

type SecurityGroupEntityProperties struct {
	AdditionalData    *map[string]interface{} `json:"additionalData,omitempty"`
	DistinguishedName *string                 `json:"distinguishedName,omitempty"`
	FriendlyName      *string                 `json:"friendlyName,omitempty"`
	ObjectGuid        *string                 `json:"objectGuid,omitempty"`
	Sid               *string                 `json:"sid,omitempty"`
}

type SubmissionMailEntity

type SubmissionMailEntity struct {
	Properties *SubmissionMailEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (SubmissionMailEntity) Entity

func (SubmissionMailEntity) MarshalJSON

func (s SubmissionMailEntity) MarshalJSON() ([]byte, error)

type SubmissionMailEntityProperties

type SubmissionMailEntityProperties struct {
	AdditionalData   *map[string]interface{} `json:"additionalData,omitempty"`
	FriendlyName     *string                 `json:"friendlyName,omitempty"`
	NetworkMessageId *string                 `json:"networkMessageId,omitempty"`
	Recipient        *string                 `json:"recipient,omitempty"`
	ReportType       *string                 `json:"reportType,omitempty"`
	Sender           *string                 `json:"sender,omitempty"`
	SenderIP         *string                 `json:"senderIp,omitempty"`
	Subject          *string                 `json:"subject,omitempty"`
	SubmissionDate   *string                 `json:"submissionDate,omitempty"`
	SubmissionId     *string                 `json:"submissionId,omitempty"`
	Submitter        *string                 `json:"submitter,omitempty"`
	Timestamp        *string                 `json:"timestamp,omitempty"`
}

func (*SubmissionMailEntityProperties) GetSubmissionDateAsTime

func (o *SubmissionMailEntityProperties) GetSubmissionDateAsTime() (*time.Time, error)

func (*SubmissionMailEntityProperties) GetTimestampAsTime

func (o *SubmissionMailEntityProperties) GetTimestampAsTime() (*time.Time, error)

func (*SubmissionMailEntityProperties) SetSubmissionDateAsTime

func (o *SubmissionMailEntityProperties) SetSubmissionDateAsTime(input time.Time)

func (*SubmissionMailEntityProperties) SetTimestampAsTime

func (o *SubmissionMailEntityProperties) SetTimestampAsTime(input time.Time)

type ThreatIntelligence

type ThreatIntelligence struct {
	Confidence        *float64 `json:"confidence,omitempty"`
	ProviderName      *string  `json:"providerName,omitempty"`
	ReportLink        *string  `json:"reportLink,omitempty"`
	ThreatDescription *string  `json:"threatDescription,omitempty"`
	ThreatName        *string  `json:"threatName,omitempty"`
	ThreatType        *string  `json:"threatType,omitempty"`
}

type TimelineAggregation

type TimelineAggregation struct {
	Count int64              `json:"count"`
	Kind  EntityTimelineKind `json:"kind"`
}

type TimelineError

type TimelineError struct {
	ErrorMessage string             `json:"errorMessage"`
	Kind         EntityTimelineKind `json:"kind"`
	QueryId      *string            `json:"queryId,omitempty"`
}

type TimelineResultsMetadata

type TimelineResultsMetadata struct {
	Aggregations []TimelineAggregation `json:"aggregations"`
	Errors       *[]TimelineError      `json:"errors,omitempty"`
	TotalCount   int64                 `json:"totalCount"`
}

type URLEntity

type URLEntity struct {
	Properties *URLEntityProperties `json:"properties,omitempty"`

	Id         *string                `json:"id,omitempty"`
	Kind       EntityKind             `json:"kind"`
	Name       *string                `json:"name,omitempty"`
	SystemData *systemdata.SystemData `json:"systemData,omitempty"`
	Type       *string                `json:"type,omitempty"`
}

func (URLEntity) Entity

func (s URLEntity) Entity() BaseEntityImpl

func (URLEntity) MarshalJSON

func (s URLEntity) MarshalJSON() ([]byte, error)

type URLEntityProperties

type URLEntityProperties struct {
	AdditionalData *map[string]interface{} `json:"additionalData,omitempty"`
	FriendlyName   *string                 `json:"friendlyName,omitempty"`
	Url            *string                 `json:"url,omitempty"`
}

type UserInfo

type UserInfo struct {
	Email    *string `json:"email,omitempty"`
	Name     *string `json:"name,omitempty"`
	ObjectId *string `json:"objectId,omitempty"`
}

type WorkspaceId

type WorkspaceId struct {
	SubscriptionId    string
	ResourceGroupName string
	WorkspaceName     string
}

WorkspaceId is a struct representing the Resource ID for a Workspace

func NewWorkspaceID

func NewWorkspaceID(subscriptionId string, resourceGroupName string, workspaceName string) WorkspaceId

NewWorkspaceID returns a new WorkspaceId struct

func ParseWorkspaceID

func ParseWorkspaceID(input string) (*WorkspaceId, error)

ParseWorkspaceID parses 'input' into a WorkspaceId

func ParseWorkspaceIDInsensitively

func ParseWorkspaceIDInsensitively(input string) (*WorkspaceId, error)

ParseWorkspaceIDInsensitively parses 'input' case-insensitively into a WorkspaceId note: this method should only be used for API response data and not user input

func (*WorkspaceId) FromParseResult

func (id *WorkspaceId) FromParseResult(input resourceids.ParseResult) error

func (WorkspaceId) ID

func (id WorkspaceId) ID() string

ID returns the formatted Workspace ID

func (WorkspaceId) Segments

func (id WorkspaceId) Segments() []resourceids.Segment

Segments returns a slice of Resource ID Segments which comprise this Workspace ID

func (WorkspaceId) String

func (id WorkspaceId) String() string

String returns a human-readable description of this Workspace ID

Source Files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL