Why Go
- Case Studies
  
  Common problems companies solve with Go
- Use Cases
  
  Stories about how and why companies use Go
- Security Policy
  
  How Go can help keep you secure by default
Learn
Docs
- Effective Go
  
  Tips for writing clear, performant, and idiomatic Go code
- Go User Manual
  
  A complete introduction to building software with Go
- Standard library
  
  Reference documentation for Go's standard library
- Release Notes
  
  Learn what's new in each Go release
Packages
Community
- Recorded Talks
  
  Videos from prior events
- Meetups
  
  Meet other local Go developers
- Conferences
  
  Learn and network with Go developers from around the world
- Go blog
  
  The Go project's official blog.
- Go project
  
  Get help and stay informed from Go
- Get connected

incidentbookmarks

package

Go to main page

Versions in this module

v0

v0.20241126.2320

Nov 26, 2024

v0.20241126.1723

Nov 26, 2024

Changes in this version

+ func PossibleValuesForAlertSeverity() []string

+ func PossibleValuesForAlertStatus() []string

+ func PossibleValuesForAntispamMailDirection() []string

+ func PossibleValuesForAttackTactic() []string

+ func PossibleValuesForConfidenceLevel() []string

+ func PossibleValuesForConfidenceScoreStatus() []string

+ func PossibleValuesForDeliveryAction() []string

+ func PossibleValuesForDeliveryLocation() []string

+ func PossibleValuesForElevationToken() []string

+ func PossibleValuesForEntityKindEnum() []string

+ func PossibleValuesForFileHashAlgorithm() []string

+ func PossibleValuesForIncidentSeverity() []string

+ func PossibleValuesForKillChainIntent() []string

+ func PossibleValuesForOSFamily() []string

+ func PossibleValuesForRegistryHive() []string

+ func PossibleValuesForRegistryValueKind() []string

+ func ValidateIncidentID(input interface{}, key string) (warnings []string, errors []error)

+ type AccountEntity struct

+ Id *string

+ Kind EntityKindEnum

+ Name *string

+ Properties *AccountEntityProperties

+ SystemData *systemdata.SystemData

+ Type *string

+ func (s AccountEntity) Entity() BaseEntityImpl

+ func (s AccountEntity) MarshalJSON() ([]byte, error)

+ type AccountEntityProperties struct

+ AadTenantId *string

+ AadUserId *string

+ AccountName *string

+ AdditionalData *map[string]interface{}

+ DisplayName *string

+ DnsDomain *string

+ FriendlyName *string

+ HostEntityId *string

+ IsDomainJoined *bool

+ NtDomain *string

+ ObjectGuid *string

+ Puid *string

+ Sid *string

+ UpnSuffix *string

+ type AlertSeverity string

+ const AlertSeverityHigh

+ const AlertSeverityInformational

+ const AlertSeverityLow

+ const AlertSeverityMedium

+ func (s *AlertSeverity) UnmarshalJSON(bytes []byte) error

+ type AlertStatus string

+ const AlertStatusDismissed

+ const AlertStatusInProgress

+ const AlertStatusNew

+ const AlertStatusResolved

+ const AlertStatusUnknown

+ func (s *AlertStatus) UnmarshalJSON(bytes []byte) error

+ type AntispamMailDirection string

+ const AntispamMailDirectionInbound

+ const AntispamMailDirectionIntraorg

+ const AntispamMailDirectionOutbound

+ const AntispamMailDirectionUnknown

+ func (s *AntispamMailDirection) UnmarshalJSON(bytes []byte) error

+ type AttackTactic string

+ const AttackTacticCollection

+ const AttackTacticCommandAndControl

+ const AttackTacticCredentialAccess

+ const AttackTacticDefenseEvasion

+ const AttackTacticDiscovery

+ const AttackTacticExecution

+ const AttackTacticExfiltration

+ const AttackTacticImpact

+ const AttackTacticImpairProcessControl

+ const AttackTacticInhibitResponseFunction

+ const AttackTacticInitialAccess

+ const AttackTacticLateralMovement

+ const AttackTacticPersistence

+ const AttackTacticPreAttack

+ const AttackTacticPrivilegeEscalation

+ const AttackTacticReconnaissance

+ const AttackTacticResourceDevelopment

+ func (s *AttackTactic) UnmarshalJSON(bytes []byte) error

+ type AzureResourceEntity struct

+ Id *string

+ Kind EntityKindEnum

+ Name *string

+ Properties *AzureResourceEntityProperties

+ SystemData *systemdata.SystemData

+ Type *string

+ func (s AzureResourceEntity) Entity() BaseEntityImpl

+ func (s AzureResourceEntity) MarshalJSON() ([]byte, error)

+ type AzureResourceEntityProperties struct

+ AdditionalData *map[string]interface{}

+ FriendlyName *string

+ ResourceId *string

+ SubscriptionId *string

+ type BaseEntityImpl struct

+ Id *string

+ Kind EntityKindEnum

+ Name *string

+ SystemData *systemdata.SystemData

+ Type *string

+ func (s BaseEntityImpl) Entity() BaseEntityImpl

+ type CloudApplicationEntity struct

+ Id *string

+ Kind EntityKindEnum

+ Name *string

+ Properties *CloudApplicationEntityProperties

+ SystemData *systemdata.SystemData

+ Type *string

+ func (s CloudApplicationEntity) Entity() BaseEntityImpl

+ func (s CloudApplicationEntity) MarshalJSON() ([]byte, error)

+ type CloudApplicationEntityProperties struct

+ AdditionalData *map[string]interface{}

+ AppId *int64

+ AppName *string

+ FriendlyName *string

+ InstanceName *string

+ type ConfidenceLevel string

+ const ConfidenceLevelHigh

+ const ConfidenceLevelLow

+ const ConfidenceLevelUnknown

+ func (s *ConfidenceLevel) UnmarshalJSON(bytes []byte) error

+ type ConfidenceScoreStatus string

+ const ConfidenceScoreStatusFinal

+ const ConfidenceScoreStatusInProcess

+ const ConfidenceScoreStatusNotApplicable

+ const ConfidenceScoreStatusNotFinal

+ func (s *ConfidenceScoreStatus) UnmarshalJSON(bytes []byte) error

+ type DeliveryAction string

+ const DeliveryActionBlocked

+ const DeliveryActionDelivered

+ const DeliveryActionDeliveredAsSpam

+ const DeliveryActionReplaced

+ const DeliveryActionUnknown

+ func (s *DeliveryAction) UnmarshalJSON(bytes []byte) error

+ type DeliveryLocation string

+ const DeliveryLocationDeletedFolder

+ const DeliveryLocationDropped

+ const DeliveryLocationExternal

+ const DeliveryLocationFailed

+ const DeliveryLocationForwarded

+ const DeliveryLocationInbox

+ const DeliveryLocationJunkFolder

+ const DeliveryLocationQuarantine

+ const DeliveryLocationUnknown

+ func (s *DeliveryLocation) UnmarshalJSON(bytes []byte) error

+ type DnsEntity struct

+ Id *string

+ Kind EntityKindEnum

+ Name *string

+ Properties *DnsEntityProperties

+ SystemData *systemdata.SystemData

+ Type *string

+ func (s DnsEntity) Entity() BaseEntityImpl

+ func (s DnsEntity) MarshalJSON() ([]byte, error)

+ type DnsEntityProperties struct

+ AdditionalData *map[string]interface{}

+ DnsServerIPEntityId *string

+ DomainName *string

+ FriendlyName *string

+ HostIPAddressEntityId *string

+ IPAddressEntityIds *[]string

+ type ElevationToken string

+ const ElevationTokenDefault

+ const ElevationTokenFull

+ const ElevationTokenLimited

+ func (s *ElevationToken) UnmarshalJSON(bytes []byte) error

+ type Entity interface

+ Entity func() BaseEntityImpl

+ func UnmarshalEntityImplementation(input []byte) (Entity, error)

+ type EntityKindEnum string

+ const EntityKindEnumAccount

+ const EntityKindEnumAzureResource

+ const EntityKindEnumBookmark

+ const EntityKindEnumCloudApplication

+ const EntityKindEnumDnsResolution

+ const EntityKindEnumFile

+ const EntityKindEnumFileHash

+ const EntityKindEnumHost

+ const EntityKindEnumIP

+ const EntityKindEnumIoTDevice

+ const EntityKindEnumMailCluster

+ const EntityKindEnumMailMessage

+ const EntityKindEnumMailbox

+ const EntityKindEnumMalware

+ const EntityKindEnumProcess

+ const EntityKindEnumRegistryKey

+ const EntityKindEnumRegistryValue

+ const EntityKindEnumSecurityAlert

+ const EntityKindEnumSecurityGroup

+ const EntityKindEnumSubmissionMail

+ const EntityKindEnumURL

+ func (s *EntityKindEnum) UnmarshalJSON(bytes []byte) error

+ type FileEntity struct

+ Id *string

+ Kind EntityKindEnum

+ Name *string

+ Properties *FileEntityProperties

+ SystemData *systemdata.SystemData

+ Type *string

+ func (s FileEntity) Entity() BaseEntityImpl

+ func (s FileEntity) MarshalJSON() ([]byte, error)

+ type FileEntityProperties struct

+ AdditionalData *map[string]interface{}

+ Directory *string

+ FileHashEntityIds *[]string

+ FileName *string

+ FriendlyName *string

+ HostEntityId *string

+ type FileHashAlgorithm string

+ const FileHashAlgorithmMDFive

+ const FileHashAlgorithmSHAOne

+ const FileHashAlgorithmSHATwoFiveSix

+ const FileHashAlgorithmSHATwoFiveSixAC

+ const FileHashAlgorithmUnknown

+ func (s *FileHashAlgorithm) UnmarshalJSON(bytes []byte) error

+ type FileHashEntity struct

+ Id *string

+ Kind EntityKindEnum

+ Name *string

+ Properties *FileHashEntityProperties

+ SystemData *systemdata.SystemData

+ Type *string

+ func (s FileHashEntity) Entity() BaseEntityImpl

+ func (s FileHashEntity) MarshalJSON() ([]byte, error)

+ type FileHashEntityProperties struct

+ AdditionalData *map[string]interface{}

+ Algorithm *FileHashAlgorithm

+ FriendlyName *string

+ HashValue *string

+ type GeoLocation struct

+ Asn *int64

+ City *string

+ CountryCode *string

+ CountryName *string

+ Latitude *float64

+ Longitude *float64

+ State *string

+ type HostEntity struct

+ Id *string

+ Kind EntityKindEnum

+ Name *string

+ Properties *HostEntityProperties

+ SystemData *systemdata.SystemData

+ Type *string

+ func (s HostEntity) Entity() BaseEntityImpl

+ func (s HostEntity) MarshalJSON() ([]byte, error)

+ type HostEntityProperties struct

+ AdditionalData *map[string]interface{}

+ AzureID *string

+ DnsDomain *string

+ FriendlyName *string

+ HostName *string

+ IsDomainJoined *bool

+ NetBiosName *string

+ NtDomain *string

+ OmsAgentID *string

+ OsFamily *OSFamily

+ OsVersion *string

+ type HuntingBookmark struct

+ Id *string

+ Kind EntityKindEnum

+ Name *string

+ Properties *HuntingBookmarkProperties

+ SystemData *systemdata.SystemData

+ Type *string

+ func (s HuntingBookmark) Entity() BaseEntityImpl

+ func (s HuntingBookmark) MarshalJSON() ([]byte, error)

+ type HuntingBookmarkProperties struct

+ AdditionalData *map[string]interface{}

+ Created *string

+ CreatedBy *UserInfo

+ DisplayName string

+ EventTime *string

+ FriendlyName *string

+ IncidentInfo *IncidentInfo

+ Labels *[]string

+ Notes *string

+ Query string

+ QueryResult *string

+ Updated *string

+ UpdatedBy *UserInfo

+ func (o *HuntingBookmarkProperties) GetCreatedAsTime() (*time.Time, error)

+ func (o *HuntingBookmarkProperties) GetEventTimeAsTime() (*time.Time, error)

+ func (o *HuntingBookmarkProperties) GetUpdatedAsTime() (*time.Time, error)

+ func (o *HuntingBookmarkProperties) SetCreatedAsTime(input time.Time)

+ func (o *HuntingBookmarkProperties) SetEventTimeAsTime(input time.Time)

+ func (o *HuntingBookmarkProperties) SetUpdatedAsTime(input time.Time)

+ type IPEntity struct

+ Id *string

+ Kind EntityKindEnum

+ Name *string

+ Properties *IPEntityProperties

+ SystemData *systemdata.SystemData

+ Type *string

+ func (s IPEntity) Entity() BaseEntityImpl

+ func (s IPEntity) MarshalJSON() ([]byte, error)

+ type IPEntityProperties struct

+ AdditionalData *map[string]interface{}

+ Address *string

+ FriendlyName *string

+ Location *GeoLocation

+ ThreatIntelligence *[]ThreatIntelligence

+ type IncidentBookmarkList struct

+ Value []HuntingBookmark

+ type IncidentBookmarksClient struct

+ Client *resourcemanager.Client

+ func NewIncidentBookmarksClientWithBaseURI(sdkApi sdkEnv.Api) (*IncidentBookmarksClient, error)

+ func (c IncidentBookmarksClient) IncidentsListBookmarks(ctx context.Context, id IncidentId) (result IncidentsListBookmarksOperationResponse, err error)

+ type IncidentId struct

+ IncidentId string

+ ResourceGroupName string

+ SubscriptionId string

+ WorkspaceName string

+ func NewIncidentID(subscriptionId string, resourceGroupName string, workspaceName string, ...) IncidentId

+ func ParseIncidentID(input string) (*IncidentId, error)

+ func ParseIncidentIDInsensitively(input string) (*IncidentId, error)

+ func (id *IncidentId) FromParseResult(input resourceids.ParseResult) error

+ func (id IncidentId) ID() string

+ func (id IncidentId) Segments() []resourceids.Segment

+ func (id IncidentId) String() string

+ type IncidentInfo struct

+ IncidentId *string

+ RelationName *string

+ Severity *IncidentSeverity

+ Title *string

+ type IncidentSeverity string

+ const IncidentSeverityHigh

+ const IncidentSeverityInformational

+ const IncidentSeverityLow

+ const IncidentSeverityMedium

+ func (s *IncidentSeverity) UnmarshalJSON(bytes []byte) error

+ type IncidentsListBookmarksOperationResponse struct

+ HttpResponse *http.Response

+ Model *IncidentBookmarkList

+ OData *odata.OData

+ type IoTDeviceEntity struct

+ Id *string

+ Kind EntityKindEnum

+ Name *string

+ Properties *IoTDeviceEntityProperties

+ SystemData *systemdata.SystemData

+ Type *string

+ func (s IoTDeviceEntity) Entity() BaseEntityImpl

+ func (s IoTDeviceEntity) MarshalJSON() ([]byte, error)

+ type IoTDeviceEntityProperties struct

+ AdditionalData *map[string]interface{}

+ DeviceId *string

+ DeviceName *string

+ DeviceType *string

+ EdgeId *string

+ FirmwareVersion *string

+ FriendlyName *string

+ HostEntityId *string

+ IPAddressEntityId *string

+ IotHubEntityId *string

+ IotSecurityAgentId *string

+ MacAddress *string

+ Model *string

+ OperatingSystem *string

+ Protocols *[]string

+ SerialNumber *string

+ Source *string

+ ThreatIntelligence *[]ThreatIntelligence

+ Vendor *string

+ type KillChainIntent string

+ const KillChainIntentCollection

+ const KillChainIntentCommandAndControl

+ const KillChainIntentCredentialAccess

+ const KillChainIntentDefenseEvasion

+ const KillChainIntentDiscovery

+ const KillChainIntentExecution

+ const KillChainIntentExfiltration

+ const KillChainIntentExploitation

+ const KillChainIntentImpact

+ const KillChainIntentLateralMovement

+ const KillChainIntentPersistence

+ const KillChainIntentPrivilegeEscalation

+ const KillChainIntentProbing

+ const KillChainIntentUnknown

+ func (s *KillChainIntent) UnmarshalJSON(bytes []byte) error

+ type MailClusterEntity struct

+ Id *string

+ Kind EntityKindEnum

+ Name *string

+ Properties *MailClusterEntityProperties

+ SystemData *systemdata.SystemData

+ Type *string

+ func (s MailClusterEntity) Entity() BaseEntityImpl

+ func (s MailClusterEntity) MarshalJSON() ([]byte, error)

+ type MailClusterEntityProperties struct

+ AdditionalData *map[string]interface{}

+ ClusterGroup *string

+ ClusterQueryEndTime *string

+ ClusterQueryStartTime *string

+ ClusterSourceIdentifier *string

+ ClusterSourceType *string

+ CountByDeliveryStatus *interface{}

+ CountByProtectionStatus *interface{}

+ CountByThreatType *interface{}

+ FriendlyName *string

+ IsVolumeAnomaly *bool

+ MailCount *int64

+ NetworkMessageIds *[]string

+ Query *string

+ QueryTime *string

+ Source *string

+ Threats *[]string

+ func (o *MailClusterEntityProperties) GetClusterQueryEndTimeAsTime() (*time.Time, error)

+ func (o *MailClusterEntityProperties) GetClusterQueryStartTimeAsTime() (*time.Time, error)

+ func (o *MailClusterEntityProperties) GetQueryTimeAsTime() (*time.Time, error)

+ func (o *MailClusterEntityProperties) SetClusterQueryEndTimeAsTime(input time.Time)

+ func (o *MailClusterEntityProperties) SetClusterQueryStartTimeAsTime(input time.Time)

+ func (o *MailClusterEntityProperties) SetQueryTimeAsTime(input time.Time)

+ type MailMessageEntity struct

+ Id *string

+ Kind EntityKindEnum

+ Name *string

+ Properties *MailMessageEntityProperties

+ SystemData *systemdata.SystemData

+ Type *string

+ func (s MailMessageEntity) Entity() BaseEntityImpl

+ func (s MailMessageEntity) MarshalJSON() ([]byte, error)

+ type MailMessageEntityProperties struct

+ AdditionalData *map[string]interface{}

+ AntispamDirection *AntispamMailDirection

+ BodyFingerprintBin1 *int64

+ BodyFingerprintBin2 *int64

+ BodyFingerprintBin3 *int64

+ BodyFingerprintBin4 *int64

+ BodyFingerprintBin5 *int64

+ DeliveryAction *DeliveryAction

+ DeliveryLocation *DeliveryLocation

+ FileEntityIds *[]string

+ FriendlyName *string

+ InternetMessageId *string

+ Language *string

+ NetworkMessageId *string

+ P1Sender *string

+ P1SenderDisplayName *string

+ P1SenderDomain *string

+ P2Sender *string

+ P2SenderDisplayName *string

+ P2SenderDomain *string

+ ReceiveDate *string

+ Recipient *string

+ SenderIP *string

+ Subject *string

+ ThreatDetectionMethods *[]string

+ Threats *[]string

+ Urls *[]string

+ func (o *MailMessageEntityProperties) GetReceiveDateAsTime() (*time.Time, error)

+ func (o *MailMessageEntityProperties) SetReceiveDateAsTime(input time.Time)

+ type MailboxEntity struct

+ Id *string

+ Kind EntityKindEnum

+ Name *string

+ Properties *MailboxEntityProperties

+ SystemData *systemdata.SystemData

+ Type *string

+ func (s MailboxEntity) Entity() BaseEntityImpl

+ func (s MailboxEntity) MarshalJSON() ([]byte, error)

+ type MailboxEntityProperties struct

+ AdditionalData *map[string]interface{}

+ DisplayName *string

+ ExternalDirectoryObjectId *string

+ FriendlyName *string

+ MailboxPrimaryAddress *string

+ Upn *string

+ type MalwareEntity struct

+ Id *string

+ Kind EntityKindEnum

+ Name *string

+ Properties *MalwareEntityProperties

+ SystemData *systemdata.SystemData

+ Type *string

+ func (s MalwareEntity) Entity() BaseEntityImpl

+ func (s MalwareEntity) MarshalJSON() ([]byte, error)

+ type MalwareEntityProperties struct

+ AdditionalData *map[string]interface{}

+ Category *string

+ FileEntityIds *[]string

+ FriendlyName *string

+ MalwareName *string

+ ProcessEntityIds *[]string

+ type OSFamily string

+ const OSFamilyAndroid

+ const OSFamilyIOS

+ const OSFamilyLinux

+ const OSFamilyUnknown

+ const OSFamilyWindows

+ func (s *OSFamily) UnmarshalJSON(bytes []byte) error

+ type ProcessEntity struct

+ Id *string

+ Kind EntityKindEnum

+ Name *string

+ Properties *ProcessEntityProperties

+ SystemData *systemdata.SystemData

+ Type *string

+ func (s ProcessEntity) Entity() BaseEntityImpl

+ func (s ProcessEntity) MarshalJSON() ([]byte, error)

+ type ProcessEntityProperties struct

+ AccountEntityId *string

+ AdditionalData *map[string]interface{}

+ CommandLine *string

+ CreationTimeUtc *string

+ ElevationToken *ElevationToken

+ FriendlyName *string

+ HostEntityId *string

+ HostLogonSessionEntityId *string

+ ImageFileEntityId *string

+ ParentProcessEntityId *string

+ ProcessId *string

+ func (o *ProcessEntityProperties) GetCreationTimeUtcAsTime() (*time.Time, error)

+ func (o *ProcessEntityProperties) SetCreationTimeUtcAsTime(input time.Time)

+ type RawEntityImpl struct

+ Type string

+ Values map[string]interface{}

+ func (s RawEntityImpl) Entity() BaseEntityImpl

+ type RegistryHive string

+ const RegistryHiveHKEYA

+ const RegistryHiveHKEYCLASSESROOT

+ const RegistryHiveHKEYCURRENTCONFIG

+ const RegistryHiveHKEYCURRENTUSER

+ const RegistryHiveHKEYCURRENTUSERLOCALSETTINGS

+ const RegistryHiveHKEYLOCALMACHINE

+ const RegistryHiveHKEYPERFORMANCEDATA

+ const RegistryHiveHKEYPERFORMANCENLSTEXT

+ const RegistryHiveHKEYPERFORMANCETEXT

+ const RegistryHiveHKEYUSERS

+ func (s *RegistryHive) UnmarshalJSON(bytes []byte) error

+ type RegistryKeyEntity struct

+ Id *string

+ Kind EntityKindEnum

+ Name *string

+ Properties *RegistryKeyEntityProperties

+ SystemData *systemdata.SystemData

+ Type *string

+ func (s RegistryKeyEntity) Entity() BaseEntityImpl

+ func (s RegistryKeyEntity) MarshalJSON() ([]byte, error)

+ type RegistryKeyEntityProperties struct

+ AdditionalData *map[string]interface{}

+ FriendlyName *string

+ Hive *RegistryHive

+ Key *string

+ type RegistryValueEntity struct

+ Id *string

+ Kind EntityKindEnum

+ Name *string

+ Properties *RegistryValueEntityProperties

+ SystemData *systemdata.SystemData

+ Type *string

+ func (s RegistryValueEntity) Entity() BaseEntityImpl

+ func (s RegistryValueEntity) MarshalJSON() ([]byte, error)

+ type RegistryValueEntityProperties struct

+ AdditionalData *map[string]interface{}

+ FriendlyName *string

+ KeyEntityId *string

+ ValueData *string

+ ValueName *string

+ ValueType *RegistryValueKind

+ type RegistryValueKind string

+ const RegistryValueKindBinary

+ const RegistryValueKindDWord

+ const RegistryValueKindExpandString

+ const RegistryValueKindMultiString

+ const RegistryValueKindNone

+ const RegistryValueKindQWord

+ const RegistryValueKindString

+ const RegistryValueKindUnknown

+ func (s *RegistryValueKind) UnmarshalJSON(bytes []byte) error

+ type SecurityAlert struct

+ Id *string

+ Kind EntityKindEnum

+ Name *string

+ Properties *SecurityAlertProperties

+ SystemData *systemdata.SystemData

+ Type *string

+ func (s SecurityAlert) Entity() BaseEntityImpl

+ func (s SecurityAlert) MarshalJSON() ([]byte, error)

+ type SecurityAlertProperties struct

+ AdditionalData *map[string]interface{}

+ AlertDisplayName *string

+ AlertLink *string

+ AlertType *string

+ CompromisedEntity *string

+ ConfidenceLevel *ConfidenceLevel

+ ConfidenceReasons *[]SecurityAlertPropertiesConfidenceReasonsInlined

+ ConfidenceScore *float64

+ ConfidenceScoreStatus *ConfidenceScoreStatus

+ Description *string

+ EndTimeUtc *string

+ FriendlyName *string

+ Intent *KillChainIntent

+ ProcessingEndTime *string

+ ProductComponentName *string

+ ProductName *string

+ ProductVersion *string

+ ProviderAlertId *string

+ RemediationSteps *[]string

+ ResourceIdentifiers *[]interface{}

+ Severity *AlertSeverity

+ StartTimeUtc *string

+ Status *AlertStatus

+ SystemAlertId *string

+ Tactics *[]AttackTactic

+ TimeGenerated *string

+ VendorName *string

+ func (o *SecurityAlertProperties) GetEndTimeUtcAsTime() (*time.Time, error)

+ func (o *SecurityAlertProperties) GetProcessingEndTimeAsTime() (*time.Time, error)

+ func (o *SecurityAlertProperties) GetStartTimeUtcAsTime() (*time.Time, error)

+ func (o *SecurityAlertProperties) GetTimeGeneratedAsTime() (*time.Time, error)

+ func (o *SecurityAlertProperties) SetEndTimeUtcAsTime(input time.Time)

+ func (o *SecurityAlertProperties) SetProcessingEndTimeAsTime(input time.Time)

+ func (o *SecurityAlertProperties) SetStartTimeUtcAsTime(input time.Time)

+ func (o *SecurityAlertProperties) SetTimeGeneratedAsTime(input time.Time)

+ type SecurityAlertPropertiesConfidenceReasonsInlined struct

+ Reason *string

+ ReasonType *string

+ type SecurityGroupEntity struct

+ Id *string

+ Kind EntityKindEnum

+ Name *string

+ Properties *SecurityGroupEntityProperties

+ SystemData *systemdata.SystemData

+ Type *string

+ func (s SecurityGroupEntity) Entity() BaseEntityImpl

+ func (s SecurityGroupEntity) MarshalJSON() ([]byte, error)

+ type SecurityGroupEntityProperties struct

+ AdditionalData *map[string]interface{}

+ DistinguishedName *string

+ FriendlyName *string

+ ObjectGuid *string

+ Sid *string

+ type SubmissionMailEntity struct

+ Id *string

+ Kind EntityKindEnum

+ Name *string

+ Properties *SubmissionMailEntityProperties

+ SystemData *systemdata.SystemData

+ Type *string

+ func (s SubmissionMailEntity) Entity() BaseEntityImpl

+ func (s SubmissionMailEntity) MarshalJSON() ([]byte, error)

+ type SubmissionMailEntityProperties struct

+ AdditionalData *map[string]interface{}

+ FriendlyName *string

+ NetworkMessageId *string

+ Recipient *string

+ ReportType *string

+ Sender *string

+ SenderIP *string

+ Subject *string

+ SubmissionDate *string

+ SubmissionId *string

+ Submitter *string

+ Timestamp *string

+ func (o *SubmissionMailEntityProperties) GetSubmissionDateAsTime() (*time.Time, error)

+ func (o *SubmissionMailEntityProperties) GetTimestampAsTime() (*time.Time, error)

+ func (o *SubmissionMailEntityProperties) SetSubmissionDateAsTime(input time.Time)

+ func (o *SubmissionMailEntityProperties) SetTimestampAsTime(input time.Time)

+ type ThreatIntelligence struct

+ Confidence *float64

+ ProviderName *string

+ ReportLink *string

+ ThreatDescription *string

+ ThreatName *string

+ ThreatType *string

+ type URLEntity struct

+ Id *string

+ Kind EntityKindEnum

+ Name *string

+ Properties *URLEntityProperties

+ SystemData *systemdata.SystemData

+ Type *string

+ func (s URLEntity) Entity() BaseEntityImpl

+ func (s URLEntity) MarshalJSON() ([]byte, error)

+ type URLEntityProperties struct

+ AdditionalData *map[string]interface{}

+ FriendlyName *string

+ Url *string

+ type UserInfo struct

+ Email *string

+ Name *string

+ ObjectId *string