Documentation ¶
Overview ¶
Package securityinsight implements the Azure ARM Securityinsight service API version 2020-01-01.
API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
Index ¶
- Constants
- func UserAgent() string
- func Version() string
- type AADDataConnector
- func (adc AADDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
- func (adc AADDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
- func (adc AADDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
- func (adc AADDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
- func (adc AADDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
- func (adc AADDataConnector) AsDataConnector() (*DataConnector, bool)
- func (adc AADDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
- func (adc AADDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
- func (adc AADDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
- func (adc AADDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
- func (adc AADDataConnector) MarshalJSON() ([]byte, error)
- func (adc *AADDataConnector) UnmarshalJSON(body []byte) error
- type AADDataConnectorProperties
- type AATPDataConnector
- func (adc AATPDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
- func (adc AATPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
- func (adc AATPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
- func (adc AATPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
- func (adc AATPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
- func (adc AATPDataConnector) AsDataConnector() (*DataConnector, bool)
- func (adc AATPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
- func (adc AATPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
- func (adc AATPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
- func (adc AATPDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
- func (adc AATPDataConnector) MarshalJSON() ([]byte, error)
- func (adc *AATPDataConnector) UnmarshalJSON(body []byte) error
- type AATPDataConnectorProperties
- type ASCDataConnector
- func (adc ASCDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
- func (adc ASCDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
- func (adc ASCDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
- func (adc ASCDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
- func (adc ASCDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
- func (adc ASCDataConnector) AsDataConnector() (*DataConnector, bool)
- func (adc ASCDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
- func (adc ASCDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
- func (adc ASCDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
- func (adc ASCDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
- func (adc ASCDataConnector) MarshalJSON() ([]byte, error)
- func (adc *ASCDataConnector) UnmarshalJSON(body []byte) error
- type ASCDataConnectorProperties
- type ActionPropertiesBase
- type ActionRequest
- type ActionRequestProperties
- type ActionResponse
- type ActionResponseProperties
- type ActionsClient
- func (client ActionsClient) ListByAlertRule(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ActionsListPage, err error)
- func (client ActionsClient) ListByAlertRuleComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ActionsListIterator, err error)
- func (client ActionsClient) ListByAlertRulePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client ActionsClient) ListByAlertRuleResponder(resp *http.Response) (result ActionsList, err error)
- func (client ActionsClient) ListByAlertRuleSender(req *http.Request) (*http.Response, error)
- type ActionsList
- type ActionsListIterator
- type ActionsListPage
- type AlertRule
- func (ar AlertRule) AsAlertRule() (*AlertRule, bool)
- func (ar AlertRule) AsBasicAlertRule() (BasicAlertRule, bool)
- func (ar AlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)
- func (ar AlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)
- func (ar AlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)
- func (ar AlertRule) MarshalJSON() ([]byte, error)
- type AlertRuleKind
- type AlertRuleModel
- type AlertRuleTemplate
- func (art AlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)
- func (art AlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)
- func (art AlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)
- func (art AlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)
- func (art AlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)
- func (art AlertRuleTemplate) MarshalJSON() ([]byte, error)
- type AlertRuleTemplateDataSource
- type AlertRuleTemplateModel
- type AlertRuleTemplatesClient
- func (client AlertRuleTemplatesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result AlertRuleTemplateModel, err error)
- func (client AlertRuleTemplatesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client AlertRuleTemplatesClient) GetResponder(resp *http.Response) (result AlertRuleTemplateModel, err error)
- func (client AlertRuleTemplatesClient) GetSender(req *http.Request) (*http.Response, error)
- func (client AlertRuleTemplatesClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRuleTemplatesListPage, err error)
- func (client AlertRuleTemplatesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRuleTemplatesListIterator, err error)
- func (client AlertRuleTemplatesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
- func (client AlertRuleTemplatesClient) ListResponder(resp *http.Response) (result AlertRuleTemplatesList, err error)
- func (client AlertRuleTemplatesClient) ListSender(req *http.Request) (*http.Response, error)
- type AlertRuleTemplatesList
- type AlertRuleTemplatesListIterator
- func (iter *AlertRuleTemplatesListIterator) Next() error
- func (iter *AlertRuleTemplatesListIterator) NextWithContext(ctx context.Context) (err error)
- func (iter AlertRuleTemplatesListIterator) NotDone() bool
- func (iter AlertRuleTemplatesListIterator) Response() AlertRuleTemplatesList
- func (iter AlertRuleTemplatesListIterator) Value() BasicAlertRuleTemplate
- type AlertRuleTemplatesListPage
- func (page *AlertRuleTemplatesListPage) Next() error
- func (page *AlertRuleTemplatesListPage) NextWithContext(ctx context.Context) (err error)
- func (page AlertRuleTemplatesListPage) NotDone() bool
- func (page AlertRuleTemplatesListPage) Response() AlertRuleTemplatesList
- func (page AlertRuleTemplatesListPage) Values() []BasicAlertRuleTemplate
- type AlertRulesClient
- func (client AlertRulesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result AlertRuleModel, err error)
- func (client AlertRulesClient) CreateOrUpdateAction(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ActionResponse, err error)
- func (client AlertRulesClient) CreateOrUpdateActionPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client AlertRulesClient) CreateOrUpdateActionResponder(resp *http.Response) (result ActionResponse, err error)
- func (client AlertRulesClient) CreateOrUpdateActionSender(req *http.Request) (*http.Response, error)
- func (client AlertRulesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client AlertRulesClient) CreateOrUpdateResponder(resp *http.Response) (result AlertRuleModel, err error)
- func (client AlertRulesClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)
- func (client AlertRulesClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)
- func (client AlertRulesClient) DeleteAction(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)
- func (client AlertRulesClient) DeleteActionPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client AlertRulesClient) DeleteActionResponder(resp *http.Response) (result autorest.Response, err error)
- func (client AlertRulesClient) DeleteActionSender(req *http.Request) (*http.Response, error)
- func (client AlertRulesClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client AlertRulesClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
- func (client AlertRulesClient) DeleteSender(req *http.Request) (*http.Response, error)
- func (client AlertRulesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result AlertRuleModel, err error)
- func (client AlertRulesClient) GetAction(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result ActionResponse, err error)
- func (client AlertRulesClient) GetActionPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client AlertRulesClient) GetActionResponder(resp *http.Response) (result ActionResponse, err error)
- func (client AlertRulesClient) GetActionSender(req *http.Request) (*http.Response, error)
- func (client AlertRulesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client AlertRulesClient) GetResponder(resp *http.Response) (result AlertRuleModel, err error)
- func (client AlertRulesClient) GetSender(req *http.Request) (*http.Response, error)
- func (client AlertRulesClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRulesListPage, err error)
- func (client AlertRulesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRulesListIterator, err error)
- func (client AlertRulesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
- func (client AlertRulesClient) ListResponder(resp *http.Response) (result AlertRulesList, err error)
- func (client AlertRulesClient) ListSender(req *http.Request) (*http.Response, error)
- type AlertRulesList
- type AlertRulesListIterator
- func (iter *AlertRulesListIterator) Next() error
- func (iter *AlertRulesListIterator) NextWithContext(ctx context.Context) (err error)
- func (iter AlertRulesListIterator) NotDone() bool
- func (iter AlertRulesListIterator) Response() AlertRulesList
- func (iter AlertRulesListIterator) Value() BasicAlertRule
- type AlertRulesListPage
- type AlertSeverity
- type AlertsDataTypeOfDataConnector
- type AttackTactic
- type AwsCloudTrailDataConnector
- func (actdc AwsCloudTrailDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
- func (actdc AwsCloudTrailDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
- func (actdc AwsCloudTrailDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
- func (actdc AwsCloudTrailDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
- func (actdc AwsCloudTrailDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
- func (actdc AwsCloudTrailDataConnector) AsDataConnector() (*DataConnector, bool)
- func (actdc AwsCloudTrailDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
- func (actdc AwsCloudTrailDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
- func (actdc AwsCloudTrailDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
- func (actdc AwsCloudTrailDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
- func (actdc AwsCloudTrailDataConnector) MarshalJSON() ([]byte, error)
- func (actdc *AwsCloudTrailDataConnector) UnmarshalJSON(body []byte) error
- type AwsCloudTrailDataConnectorDataTypes
- type AwsCloudTrailDataConnectorDataTypesLogs
- type AwsCloudTrailDataConnectorProperties
- type BaseClient
- type BasicAlertRule
- type BasicAlertRuleTemplate
- type BasicDataConnector
- type BasicSettings
- type Bookmark
- type BookmarkList
- type BookmarkListIterator
- type BookmarkListPage
- type BookmarkProperties
- type BookmarksClient
- func (client BookmarksClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Bookmark, err error)
- func (client BookmarksClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client BookmarksClient) CreateOrUpdateResponder(resp *http.Response) (result Bookmark, err error)
- func (client BookmarksClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)
- func (client BookmarksClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)
- func (client BookmarksClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client BookmarksClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
- func (client BookmarksClient) DeleteSender(req *http.Request) (*http.Response, error)
- func (client BookmarksClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Bookmark, err error)
- func (client BookmarksClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client BookmarksClient) GetResponder(resp *http.Response) (result Bookmark, err error)
- func (client BookmarksClient) GetSender(req *http.Request) (*http.Response, error)
- func (client BookmarksClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result BookmarkListPage, err error)
- func (client BookmarksClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result BookmarkListIterator, err error)
- func (client BookmarksClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
- func (client BookmarksClient) ListResponder(resp *http.Response) (result BookmarkList, err error)
- func (client BookmarksClient) ListSender(req *http.Request) (*http.Response, error)
- type CaseSeverity
- type ClientInfo
- type CloudError
- type DataConnector
- func (dc DataConnector) AsAADDataConnector() (*AADDataConnector, bool)
- func (dc DataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
- func (dc DataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
- func (dc DataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
- func (dc DataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
- func (dc DataConnector) AsDataConnector() (*DataConnector, bool)
- func (dc DataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
- func (dc DataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
- func (dc DataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
- func (dc DataConnector) AsTIDataConnector() (*TIDataConnector, bool)
- func (dc DataConnector) MarshalJSON() ([]byte, error)
- type DataConnectorDataTypeCommon
- type DataConnectorKind
- type DataConnectorList
- type DataConnectorListIterator
- func (iter *DataConnectorListIterator) Next() error
- func (iter *DataConnectorListIterator) NextWithContext(ctx context.Context) (err error)
- func (iter DataConnectorListIterator) NotDone() bool
- func (iter DataConnectorListIterator) Response() DataConnectorList
- func (iter DataConnectorListIterator) Value() BasicDataConnector
- type DataConnectorListPage
- func (page *DataConnectorListPage) Next() error
- func (page *DataConnectorListPage) NextWithContext(ctx context.Context) (err error)
- func (page DataConnectorListPage) NotDone() bool
- func (page DataConnectorListPage) Response() DataConnectorList
- func (page DataConnectorListPage) Values() []BasicDataConnector
- type DataConnectorModel
- type DataConnectorTenantID
- type DataConnectorWithAlertsProperties
- type DataConnectorsClient
- func (client DataConnectorsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result DataConnectorModel, err error)
- func (client DataConnectorsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client DataConnectorsClient) CreateOrUpdateResponder(resp *http.Response) (result DataConnectorModel, err error)
- func (client DataConnectorsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)
- func (client DataConnectorsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)
- func (client DataConnectorsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client DataConnectorsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
- func (client DataConnectorsClient) DeleteSender(req *http.Request) (*http.Response, error)
- func (client DataConnectorsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result DataConnectorModel, err error)
- func (client DataConnectorsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client DataConnectorsClient) GetResponder(resp *http.Response) (result DataConnectorModel, err error)
- func (client DataConnectorsClient) GetSender(req *http.Request) (*http.Response, error)
- func (client DataConnectorsClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result DataConnectorListPage, err error)
- func (client DataConnectorsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result DataConnectorListIterator, err error)
- func (client DataConnectorsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
- func (client DataConnectorsClient) ListResponder(resp *http.Response) (result DataConnectorList, err error)
- func (client DataConnectorsClient) ListSender(req *http.Request) (*http.Response, error)
- type DataTypeState
- type ErrorAdditionalInfo
- type ErrorResponse
- type FusionAlertRule
- func (far FusionAlertRule) AsAlertRule() (*AlertRule, bool)
- func (far FusionAlertRule) AsBasicAlertRule() (BasicAlertRule, bool)
- func (far FusionAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)
- func (far FusionAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)
- func (far FusionAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)
- func (far FusionAlertRule) MarshalJSON() ([]byte, error)
- func (far *FusionAlertRule) UnmarshalJSON(body []byte) error
- type FusionAlertRuleProperties
- type FusionAlertRuleTemplate
- func (fart FusionAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)
- func (fart FusionAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)
- func (fart FusionAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)
- func (fart FusionAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)
- func (fart FusionAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)
- func (fart FusionAlertRuleTemplate) MarshalJSON() ([]byte, error)
- func (fart *FusionAlertRuleTemplate) UnmarshalJSON(body []byte) error
- type FusionAlertRuleTemplateProperties
- type Incident
- type IncidentAdditionalData
- type IncidentClassification
- type IncidentClassificationReason
- type IncidentComment
- type IncidentCommentList
- type IncidentCommentListIterator
- func (iter *IncidentCommentListIterator) Next() error
- func (iter *IncidentCommentListIterator) NextWithContext(ctx context.Context) (err error)
- func (iter IncidentCommentListIterator) NotDone() bool
- func (iter IncidentCommentListIterator) Response() IncidentCommentList
- func (iter IncidentCommentListIterator) Value() IncidentComment
- type IncidentCommentListPage
- func (page *IncidentCommentListPage) Next() error
- func (page *IncidentCommentListPage) NextWithContext(ctx context.Context) (err error)
- func (page IncidentCommentListPage) NotDone() bool
- func (page IncidentCommentListPage) Response() IncidentCommentList
- func (page IncidentCommentListPage) Values() []IncidentComment
- type IncidentCommentProperties
- type IncidentCommentsClient
- func (client IncidentCommentsClient) CreateComment(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentComment, err error)
- func (client IncidentCommentsClient) CreateCommentPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client IncidentCommentsClient) CreateCommentResponder(resp *http.Response) (result IncidentComment, err error)
- func (client IncidentCommentsClient) CreateCommentSender(req *http.Request) (*http.Response, error)
- func (client IncidentCommentsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentComment, err error)
- func (client IncidentCommentsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client IncidentCommentsClient) GetResponder(resp *http.Response) (result IncidentComment, err error)
- func (client IncidentCommentsClient) GetSender(req *http.Request) (*http.Response, error)
- func (client IncidentCommentsClient) ListByIncident(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentCommentListPage, err error)
- func (client IncidentCommentsClient) ListByIncidentComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentCommentListIterator, err error)
- func (client IncidentCommentsClient) ListByIncidentPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client IncidentCommentsClient) ListByIncidentResponder(resp *http.Response) (result IncidentCommentList, err error)
- func (client IncidentCommentsClient) ListByIncidentSender(req *http.Request) (*http.Response, error)
- type IncidentInfo
- type IncidentLabel
- type IncidentLabelType
- type IncidentList
- type IncidentListIterator
- type IncidentListPage
- type IncidentOwnerInfo
- type IncidentProperties
- type IncidentSeverity
- type IncidentStatus
- type IncidentsClient
- func (client IncidentsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Incident, err error)
- func (client IncidentsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client IncidentsClient) CreateOrUpdateResponder(resp *http.Response) (result Incident, err error)
- func (client IncidentsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)
- func (client IncidentsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result autorest.Response, err error)
- func (client IncidentsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client IncidentsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
- func (client IncidentsClient) DeleteSender(req *http.Request) (*http.Response, error)
- func (client IncidentsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result Incident, err error)
- func (client IncidentsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client IncidentsClient) GetResponder(resp *http.Response) (result Incident, err error)
- func (client IncidentsClient) GetSender(req *http.Request) (*http.Response, error)
- func (client IncidentsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentListPage, err error)
- func (client IncidentsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result IncidentListIterator, err error)
- func (client IncidentsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)
- func (client IncidentsClient) ListResponder(resp *http.Response) (result IncidentList, err error)
- func (client IncidentsClient) ListSender(req *http.Request) (*http.Response, error)
- type Kind
- type KindBasicAlertRuleTemplate
- type KindBasicDataConnector
- type KindBasicSettings
- type LicenseStatus
- type MCASDataConnector
- func (mdc MCASDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
- func (mdc MCASDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
- func (mdc MCASDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
- func (mdc MCASDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
- func (mdc MCASDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
- func (mdc MCASDataConnector) AsDataConnector() (*DataConnector, bool)
- func (mdc MCASDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
- func (mdc MCASDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
- func (mdc MCASDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
- func (mdc MCASDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
- func (mdc MCASDataConnector) MarshalJSON() ([]byte, error)
- func (mdc *MCASDataConnector) UnmarshalJSON(body []byte) error
- type MCASDataConnectorDataTypes
- type MCASDataConnectorProperties
- type MDATPDataConnector
- func (mdc MDATPDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
- func (mdc MDATPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
- func (mdc MDATPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
- func (mdc MDATPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
- func (mdc MDATPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
- func (mdc MDATPDataConnector) AsDataConnector() (*DataConnector, bool)
- func (mdc MDATPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
- func (mdc MDATPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
- func (mdc MDATPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
- func (mdc MDATPDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
- func (mdc MDATPDataConnector) MarshalJSON() ([]byte, error)
- func (mdc *MDATPDataConnector) UnmarshalJSON(body []byte) error
- type MDATPDataConnectorProperties
- type MicrosoftSecurityIncidentCreationAlertRule
- func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsAlertRule() (*AlertRule, bool)
- func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsBasicAlertRule() (BasicAlertRule, bool)
- func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)
- func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)
- func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)
- func (msicar MicrosoftSecurityIncidentCreationAlertRule) MarshalJSON() ([]byte, error)
- func (msicar *MicrosoftSecurityIncidentCreationAlertRule) UnmarshalJSON(body []byte) error
- type MicrosoftSecurityIncidentCreationAlertRuleCommonProperties
- type MicrosoftSecurityIncidentCreationAlertRuleProperties
- type MicrosoftSecurityIncidentCreationAlertRuleTemplate
- func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)
- func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)
- func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)
- func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)
- func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)
- func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) MarshalJSON() ([]byte, error)
- func (msicart *MicrosoftSecurityIncidentCreationAlertRuleTemplate) UnmarshalJSON(body []byte) error
- type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties
- type MicrosoftSecurityProductName
- type OfficeConsent
- type OfficeConsentList
- type OfficeConsentProperties
- type OfficeDataConnector
- func (odc OfficeDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
- func (odc OfficeDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
- func (odc OfficeDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
- func (odc OfficeDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
- func (odc OfficeDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
- func (odc OfficeDataConnector) AsDataConnector() (*DataConnector, bool)
- func (odc OfficeDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
- func (odc OfficeDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
- func (odc OfficeDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
- func (odc OfficeDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
- func (odc OfficeDataConnector) MarshalJSON() ([]byte, error)
- func (odc *OfficeDataConnector) UnmarshalJSON(body []byte) error
- type OfficeDataConnectorDataTypes
- type OfficeDataConnectorDataTypesExchange
- type OfficeDataConnectorDataTypesSharePoint
- type OfficeDataConnectorProperties
- type Operation
- type OperationDisplay
- type OperationsClient
- func (client OperationsClient) List(ctx context.Context) (result OperationsListPage, err error)
- func (client OperationsClient) ListComplete(ctx context.Context) (result OperationsListIterator, err error)
- func (client OperationsClient) ListPreparer(ctx context.Context) (*http.Request, error)
- func (client OperationsClient) ListResponder(resp *http.Response) (result OperationsList, err error)
- func (client OperationsClient) ListSender(req *http.Request) (*http.Response, error)
- type OperationsList
- type OperationsListIterator
- type OperationsListPage
- type Resource
- type ResourceWithEtag
- type ScheduledAlertRule
- func (sar ScheduledAlertRule) AsAlertRule() (*AlertRule, bool)
- func (sar ScheduledAlertRule) AsBasicAlertRule() (BasicAlertRule, bool)
- func (sar ScheduledAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)
- func (sar ScheduledAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)
- func (sar ScheduledAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)
- func (sar ScheduledAlertRule) MarshalJSON() ([]byte, error)
- func (sar *ScheduledAlertRule) UnmarshalJSON(body []byte) error
- type ScheduledAlertRuleCommonProperties
- type ScheduledAlertRuleProperties
- type ScheduledAlertRuleTemplate
- func (sart ScheduledAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)
- func (sart ScheduledAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)
- func (sart ScheduledAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)
- func (sart ScheduledAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)
- func (sart ScheduledAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)
- func (sart ScheduledAlertRuleTemplate) MarshalJSON() ([]byte, error)
- func (sart *ScheduledAlertRuleTemplate) UnmarshalJSON(body []byte) error
- type ScheduledAlertRuleTemplateProperties
- type SettingKind
- type Settings
- type StatusInMcas
- type TIDataConnector
- func (tdc TIDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
- func (tdc TIDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
- func (tdc TIDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
- func (tdc TIDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
- func (tdc TIDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
- func (tdc TIDataConnector) AsDataConnector() (*DataConnector, bool)
- func (tdc TIDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
- func (tdc TIDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
- func (tdc TIDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
- func (tdc TIDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
- func (tdc TIDataConnector) MarshalJSON() ([]byte, error)
- func (tdc *TIDataConnector) UnmarshalJSON(body []byte) error
- type TIDataConnectorDataTypes
- type TIDataConnectorDataTypesIndicators
- type TIDataConnectorProperties
- type TemplateStatus
- type ThreatIntelligence
- type ToggleSettings
- func (ts ToggleSettings) AsBasicSettings() (BasicSettings, bool)
- func (ts ToggleSettings) AsSettings() (*Settings, bool)
- func (ts ToggleSettings) AsToggleSettings() (*ToggleSettings, bool)
- func (ts ToggleSettings) AsUebaSettings() (*UebaSettings, bool)
- func (ts ToggleSettings) MarshalJSON() ([]byte, error)
- func (ts *ToggleSettings) UnmarshalJSON(body []byte) error
- type ToggleSettingsProperties
- type TriggerOperator
- type UebaSettings
- func (us UebaSettings) AsBasicSettings() (BasicSettings, bool)
- func (us UebaSettings) AsSettings() (*Settings, bool)
- func (us UebaSettings) AsToggleSettings() (*ToggleSettings, bool)
- func (us UebaSettings) AsUebaSettings() (*UebaSettings, bool)
- func (us UebaSettings) MarshalJSON() ([]byte, error)
- func (us *UebaSettings) UnmarshalJSON(body []byte) error
- type UebaSettingsProperties
- type UserInfo
Constants ¶
const (
// DefaultBaseURI is the default URI used for the service Securityinsight
DefaultBaseURI = "https://management.azure.com"
)
Variables ¶
This section is empty.
Functions ¶
func UserAgent ¶
func UserAgent() string
UserAgent returns the UserAgent string to use when sending http.Requests.
func Version ¶
func Version() string
Version returns the semantic version (see http://semver.org) of the client.
Types ¶
type AADDataConnector ¶
type AADDataConnector struct { // AADDataConnectorProperties - AAD (Azure Active Directory) data connector properties. *AADDataConnectorProperties `json:"properties,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // Kind - Possible values include: 'KindDataConnector', 'KindAzureActiveDirectory', 'KindAzureAdvancedThreatProtection', 'KindAzureSecurityCenter', 'KindAmazonWebServicesCloudTrail', 'KindMicrosoftCloudAppSecurity', 'KindMicrosoftDefenderAdvancedThreatProtection', 'KindOffice365', 'KindThreatIntelligence' Kind KindBasicDataConnector `json:"kind,omitempty"` }
AADDataConnector represents AAD (Azure Active Directory) data connector.
func (AADDataConnector) AsAADDataConnector ¶
func (adc AADDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
AsAADDataConnector is the BasicDataConnector implementation for AADDataConnector.
func (AADDataConnector) AsAATPDataConnector ¶
func (adc AADDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
AsAATPDataConnector is the BasicDataConnector implementation for AADDataConnector.
func (AADDataConnector) AsASCDataConnector ¶
func (adc AADDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
AsASCDataConnector is the BasicDataConnector implementation for AADDataConnector.
func (AADDataConnector) AsAwsCloudTrailDataConnector ¶
func (adc AADDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for AADDataConnector.
func (AADDataConnector) AsBasicDataConnector ¶
func (adc AADDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
AsBasicDataConnector is the BasicDataConnector implementation for AADDataConnector.
func (AADDataConnector) AsDataConnector ¶
func (adc AADDataConnector) AsDataConnector() (*DataConnector, bool)
AsDataConnector is the BasicDataConnector implementation for AADDataConnector.
func (AADDataConnector) AsMCASDataConnector ¶
func (adc AADDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
AsMCASDataConnector is the BasicDataConnector implementation for AADDataConnector.
func (AADDataConnector) AsMDATPDataConnector ¶
func (adc AADDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
AsMDATPDataConnector is the BasicDataConnector implementation for AADDataConnector.
func (AADDataConnector) AsOfficeDataConnector ¶
func (adc AADDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
AsOfficeDataConnector is the BasicDataConnector implementation for AADDataConnector.
func (AADDataConnector) AsTIDataConnector ¶
func (adc AADDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
AsTIDataConnector is the BasicDataConnector implementation for AADDataConnector.
func (AADDataConnector) MarshalJSON ¶
func (adc AADDataConnector) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AADDataConnector.
func (*AADDataConnector) UnmarshalJSON ¶
func (adc *AADDataConnector) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for AADDataConnector struct.
type AADDataConnectorProperties ¶
type AADDataConnectorProperties struct { // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` // DataTypes - The available data types for the connector. DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"` }
AADDataConnectorProperties AAD (Azure Active Directory) data connector properties.
type AATPDataConnector ¶
type AATPDataConnector struct { // AATPDataConnectorProperties - AATP (Azure Advanced Threat Protection) data connector properties. *AATPDataConnectorProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindDataConnector', 'KindAzureActiveDirectory', 'KindAzureAdvancedThreatProtection', 'KindAzureSecurityCenter', 'KindAmazonWebServicesCloudTrail', 'KindMicrosoftCloudAppSecurity', 'KindMicrosoftDefenderAdvancedThreatProtection', 'KindOffice365', 'KindThreatIntelligence' Kind KindBasicDataConnector `json:"kind,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` }
AATPDataConnector represents AATP (Azure Advanced Threat Protection) data connector.
func (AATPDataConnector) AsAADDataConnector ¶
func (adc AATPDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
AsAADDataConnector is the BasicDataConnector implementation for AATPDataConnector.
func (AATPDataConnector) AsAATPDataConnector ¶
func (adc AATPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
AsAATPDataConnector is the BasicDataConnector implementation for AATPDataConnector.
func (AATPDataConnector) AsASCDataConnector ¶
func (adc AATPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
AsASCDataConnector is the BasicDataConnector implementation for AATPDataConnector.
func (AATPDataConnector) AsAwsCloudTrailDataConnector ¶
func (adc AATPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for AATPDataConnector.
func (AATPDataConnector) AsBasicDataConnector ¶
func (adc AATPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
AsBasicDataConnector is the BasicDataConnector implementation for AATPDataConnector.
func (AATPDataConnector) AsDataConnector ¶
func (adc AATPDataConnector) AsDataConnector() (*DataConnector, bool)
AsDataConnector is the BasicDataConnector implementation for AATPDataConnector.
func (AATPDataConnector) AsMCASDataConnector ¶
func (adc AATPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
AsMCASDataConnector is the BasicDataConnector implementation for AATPDataConnector.
func (AATPDataConnector) AsMDATPDataConnector ¶
func (adc AATPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
AsMDATPDataConnector is the BasicDataConnector implementation for AATPDataConnector.
func (AATPDataConnector) AsOfficeDataConnector ¶
func (adc AATPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
AsOfficeDataConnector is the BasicDataConnector implementation for AATPDataConnector.
func (AATPDataConnector) AsTIDataConnector ¶
func (adc AATPDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
AsTIDataConnector is the BasicDataConnector implementation for AATPDataConnector.
func (AATPDataConnector) MarshalJSON ¶
func (adc AATPDataConnector) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AATPDataConnector.
func (*AATPDataConnector) UnmarshalJSON ¶
func (adc *AATPDataConnector) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for AATPDataConnector struct.
type AATPDataConnectorProperties ¶
type AATPDataConnectorProperties struct { // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` // DataTypes - The available data types for the connector. DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"` }
AATPDataConnectorProperties AATP (Azure Advanced Threat Protection) data connector properties.
type ASCDataConnector ¶
type ASCDataConnector struct { // ASCDataConnectorProperties - ASC (Azure Security Center) data connector properties. *ASCDataConnectorProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindDataConnector', 'KindAzureActiveDirectory', 'KindAzureAdvancedThreatProtection', 'KindAzureSecurityCenter', 'KindAmazonWebServicesCloudTrail', 'KindMicrosoftCloudAppSecurity', 'KindMicrosoftDefenderAdvancedThreatProtection', 'KindOffice365', 'KindThreatIntelligence' Kind KindBasicDataConnector `json:"kind,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` }
ASCDataConnector represents ASC (Azure Security Center) data connector.
func (ASCDataConnector) AsAADDataConnector ¶
func (adc ASCDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
AsAADDataConnector is the BasicDataConnector implementation for ASCDataConnector.
func (ASCDataConnector) AsAATPDataConnector ¶
func (adc ASCDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
AsAATPDataConnector is the BasicDataConnector implementation for ASCDataConnector.
func (ASCDataConnector) AsASCDataConnector ¶
func (adc ASCDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
AsASCDataConnector is the BasicDataConnector implementation for ASCDataConnector.
func (ASCDataConnector) AsAwsCloudTrailDataConnector ¶
func (adc ASCDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for ASCDataConnector.
func (ASCDataConnector) AsBasicDataConnector ¶
func (adc ASCDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
AsBasicDataConnector is the BasicDataConnector implementation for ASCDataConnector.
func (ASCDataConnector) AsDataConnector ¶
func (adc ASCDataConnector) AsDataConnector() (*DataConnector, bool)
AsDataConnector is the BasicDataConnector implementation for ASCDataConnector.
func (ASCDataConnector) AsMCASDataConnector ¶
func (adc ASCDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
AsMCASDataConnector is the BasicDataConnector implementation for ASCDataConnector.
func (ASCDataConnector) AsMDATPDataConnector ¶
func (adc ASCDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
AsMDATPDataConnector is the BasicDataConnector implementation for ASCDataConnector.
func (ASCDataConnector) AsOfficeDataConnector ¶
func (adc ASCDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
AsOfficeDataConnector is the BasicDataConnector implementation for ASCDataConnector.
func (ASCDataConnector) AsTIDataConnector ¶
func (adc ASCDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
AsTIDataConnector is the BasicDataConnector implementation for ASCDataConnector.
func (ASCDataConnector) MarshalJSON ¶
func (adc ASCDataConnector) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ASCDataConnector.
func (*ASCDataConnector) UnmarshalJSON ¶
func (adc *ASCDataConnector) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for ASCDataConnector struct.
type ASCDataConnectorProperties ¶
type ASCDataConnectorProperties struct { // SubscriptionID - The subscription id to connect to, and get the data from. SubscriptionID *string `json:"subscriptionId,omitempty"` // DataTypes - The available data types for the connector. DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"` }
ASCDataConnectorProperties ASC (Azure Security Center) data connector properties.
type ActionPropertiesBase ¶
type ActionPropertiesBase struct { // LogicAppResourceID - Logic App Resource Id, /subscriptions/{my-subscription}/resourceGroups/{my-resource-group}/providers/Microsoft.Logic/workflows/{my-workflow-id}. LogicAppResourceID *string `json:"logicAppResourceId,omitempty"` }
ActionPropertiesBase action property bag base.
type ActionRequest ¶
type ActionRequest struct { // ActionRequestProperties - Action properties for put request *ActionRequestProperties `json:"properties,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` }
ActionRequest action for alert rule.
func (ActionRequest) MarshalJSON ¶
func (ar ActionRequest) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ActionRequest.
func (*ActionRequest) UnmarshalJSON ¶
func (ar *ActionRequest) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for ActionRequest struct.
type ActionRequestProperties ¶
type ActionRequestProperties struct { // TriggerURI - Logic App Callback URL for this specific workflow. TriggerURI *string `json:"triggerUri,omitempty"` // LogicAppResourceID - Logic App Resource Id, /subscriptions/{my-subscription}/resourceGroups/{my-resource-group}/providers/Microsoft.Logic/workflows/{my-workflow-id}. LogicAppResourceID *string `json:"logicAppResourceId,omitempty"` }
ActionRequestProperties action property bag.
type ActionResponse ¶
type ActionResponse struct { autorest.Response `json:"-"` // Etag - Etag of the action. Etag *string `json:"etag,omitempty"` // ActionResponseProperties - Action properties for get request *ActionResponseProperties `json:"properties,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` }
ActionResponse action for alert rule.
func (ActionResponse) MarshalJSON ¶
func (ar ActionResponse) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ActionResponse.
func (*ActionResponse) UnmarshalJSON ¶
func (ar *ActionResponse) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for ActionResponse struct.
type ActionResponseProperties ¶
type ActionResponseProperties struct { // WorkflowID - The name of the logic app's workflow. WorkflowID *string `json:"workflowId,omitempty"` // LogicAppResourceID - Logic App Resource Id, /subscriptions/{my-subscription}/resourceGroups/{my-resource-group}/providers/Microsoft.Logic/workflows/{my-workflow-id}. LogicAppResourceID *string `json:"logicAppResourceId,omitempty"` }
ActionResponseProperties action property bag.
type ActionsClient ¶
type ActionsClient struct {
BaseClient
}
ActionsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewActionsClient ¶
func NewActionsClient(subscriptionID string) ActionsClient
NewActionsClient creates an instance of the ActionsClient client.
func NewActionsClientWithBaseURI ¶
func NewActionsClientWithBaseURI(baseURI string, subscriptionID string) ActionsClient
NewActionsClientWithBaseURI creates an instance of the ActionsClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (ActionsClient) ListByAlertRule ¶
func (client ActionsClient) ListByAlertRule(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (result ActionsListPage, err error)
ListByAlertRule gets all actions of alert rule. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. workspaceName - the name of the workspace. ruleID - alert rule ID
func (ActionsClient) ListByAlertRuleComplete ¶
func (client ActionsClient) ListByAlertRuleComplete(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (result ActionsListIterator, err error)
ListByAlertRuleComplete enumerates all values, automatically crossing page boundaries as required.
func (ActionsClient) ListByAlertRulePreparer ¶
func (client ActionsClient) ListByAlertRulePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (*http.Request, error)
ListByAlertRulePreparer prepares the ListByAlertRule request.
func (ActionsClient) ListByAlertRuleResponder ¶
func (client ActionsClient) ListByAlertRuleResponder(resp *http.Response) (result ActionsList, err error)
ListByAlertRuleResponder handles the response to the ListByAlertRule request. The method always closes the http.Response Body.
func (ActionsClient) ListByAlertRuleSender ¶
ListByAlertRuleSender sends the ListByAlertRule request. The method will close the http.Response Body if it receives an error.
type ActionsList ¶
type ActionsList struct { autorest.Response `json:"-"` // NextLink - READ-ONLY; URL to fetch the next set of actions. NextLink *string `json:"nextLink,omitempty"` // Value - Array of actions. Value *[]ActionResponse `json:"value,omitempty"` }
ActionsList list all the actions.
func (ActionsList) IsEmpty ¶
func (al ActionsList) IsEmpty() bool
IsEmpty returns true if the ListResult contains no values.
func (ActionsList) MarshalJSON ¶
func (al ActionsList) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ActionsList.
type ActionsListIterator ¶
type ActionsListIterator struct {
// contains filtered or unexported fields
}
ActionsListIterator provides access to a complete listing of ActionResponse values.
func NewActionsListIterator ¶
func NewActionsListIterator(page ActionsListPage) ActionsListIterator
Creates a new instance of the ActionsListIterator type.
func (*ActionsListIterator) Next ¶
func (iter *ActionsListIterator) Next() error
Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*ActionsListIterator) NextWithContext ¶
func (iter *ActionsListIterator) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.
func (ActionsListIterator) NotDone ¶
func (iter ActionsListIterator) NotDone() bool
NotDone returns true if the enumeration should be started or is not yet complete.
func (ActionsListIterator) Response ¶
func (iter ActionsListIterator) Response() ActionsList
Response returns the raw server response from the last page request.
func (ActionsListIterator) Value ¶
func (iter ActionsListIterator) Value() ActionResponse
Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.
type ActionsListPage ¶
type ActionsListPage struct {
// contains filtered or unexported fields
}
ActionsListPage contains a page of ActionResponse values.
func NewActionsListPage ¶
func NewActionsListPage(getNextPage func(context.Context, ActionsList) (ActionsList, error)) ActionsListPage
Creates a new instance of the ActionsListPage type.
func (*ActionsListPage) Next ¶
func (page *ActionsListPage) Next() error
Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*ActionsListPage) NextWithContext ¶
func (page *ActionsListPage) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.
func (ActionsListPage) NotDone ¶
func (page ActionsListPage) NotDone() bool
NotDone returns true if the page enumeration should be started or is not yet complete.
func (ActionsListPage) Response ¶
func (page ActionsListPage) Response() ActionsList
Response returns the raw server response from the last page request.
func (ActionsListPage) Values ¶
func (page ActionsListPage) Values() []ActionResponse
Values returns the slice of values for the current page or nil if there are no values.
type AlertRule ¶
type AlertRule struct { autorest.Response `json:"-"` // Kind - Possible values include: 'KindAlertRule', 'KindFusion', 'KindMicrosoftSecurityIncidentCreation', 'KindScheduled' Kind Kind `json:"kind,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` }
AlertRule alert rule.
func (AlertRule) AsAlertRule ¶
AsAlertRule is the BasicAlertRule implementation for AlertRule.
func (AlertRule) AsBasicAlertRule ¶
func (ar AlertRule) AsBasicAlertRule() (BasicAlertRule, bool)
AsBasicAlertRule is the BasicAlertRule implementation for AlertRule.
func (AlertRule) AsFusionAlertRule ¶
func (ar AlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)
AsFusionAlertRule is the BasicAlertRule implementation for AlertRule.
func (AlertRule) AsMicrosoftSecurityIncidentCreationAlertRule ¶
func (ar AlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)
AsMicrosoftSecurityIncidentCreationAlertRule is the BasicAlertRule implementation for AlertRule.
func (AlertRule) AsScheduledAlertRule ¶
func (ar AlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)
AsScheduledAlertRule is the BasicAlertRule implementation for AlertRule.
func (AlertRule) MarshalJSON ¶
MarshalJSON is the custom marshaler for AlertRule.
type AlertRuleKind ¶
type AlertRuleKind string
AlertRuleKind enumerates the values for alert rule kind.
const ( // Fusion ... Fusion AlertRuleKind = "Fusion" // MicrosoftSecurityIncidentCreation ... MicrosoftSecurityIncidentCreation AlertRuleKind = "MicrosoftSecurityIncidentCreation" // Scheduled ... Scheduled AlertRuleKind = "Scheduled" )
func PossibleAlertRuleKindValues ¶
func PossibleAlertRuleKindValues() []AlertRuleKind
PossibleAlertRuleKindValues returns an array of possible values for the AlertRuleKind const type.
type AlertRuleModel ¶
type AlertRuleModel struct { autorest.Response `json:"-"` Value BasicAlertRule `json:"value,omitempty"` }
AlertRuleModel ...
func (*AlertRuleModel) UnmarshalJSON ¶
func (arm *AlertRuleModel) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for AlertRuleModel struct.
type AlertRuleTemplate ¶
type AlertRuleTemplate struct { autorest.Response `json:"-"` // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled' Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` }
AlertRuleTemplate alert rule template.
func (AlertRuleTemplate) AsAlertRuleTemplate ¶
func (art AlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)
AsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for AlertRuleTemplate.
func (AlertRuleTemplate) AsBasicAlertRuleTemplate ¶
func (art AlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)
AsBasicAlertRuleTemplate is the BasicAlertRuleTemplate implementation for AlertRuleTemplate.
func (AlertRuleTemplate) AsFusionAlertRuleTemplate ¶
func (art AlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)
AsFusionAlertRuleTemplate is the BasicAlertRuleTemplate implementation for AlertRuleTemplate.
func (AlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate ¶
func (art AlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)
AsMicrosoftSecurityIncidentCreationAlertRuleTemplate is the BasicAlertRuleTemplate implementation for AlertRuleTemplate.
func (AlertRuleTemplate) AsScheduledAlertRuleTemplate ¶
func (art AlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)
AsScheduledAlertRuleTemplate is the BasicAlertRuleTemplate implementation for AlertRuleTemplate.
func (AlertRuleTemplate) MarshalJSON ¶
func (art AlertRuleTemplate) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AlertRuleTemplate.
type AlertRuleTemplateDataSource ¶
type AlertRuleTemplateDataSource struct { // ConnectorID - The connector id that provides the following data types ConnectorID *string `json:"connectorId,omitempty"` // DataTypes - The data types used by the alert rule template DataTypes *[]string `json:"dataTypes,omitempty"` }
AlertRuleTemplateDataSource alert rule template data sources
type AlertRuleTemplateModel ¶
type AlertRuleTemplateModel struct { autorest.Response `json:"-"` Value BasicAlertRuleTemplate `json:"value,omitempty"` }
AlertRuleTemplateModel ...
func (*AlertRuleTemplateModel) UnmarshalJSON ¶
func (artm *AlertRuleTemplateModel) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for AlertRuleTemplateModel struct.
type AlertRuleTemplatesClient ¶
type AlertRuleTemplatesClient struct {
BaseClient
}
AlertRuleTemplatesClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewAlertRuleTemplatesClient ¶
func NewAlertRuleTemplatesClient(subscriptionID string) AlertRuleTemplatesClient
NewAlertRuleTemplatesClient creates an instance of the AlertRuleTemplatesClient client.
func NewAlertRuleTemplatesClientWithBaseURI ¶
func NewAlertRuleTemplatesClientWithBaseURI(baseURI string, subscriptionID string) AlertRuleTemplatesClient
NewAlertRuleTemplatesClientWithBaseURI creates an instance of the AlertRuleTemplatesClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (AlertRuleTemplatesClient) Get ¶
func (client AlertRuleTemplatesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, alertRuleTemplateID string) (result AlertRuleTemplateModel, err error)
Get gets the alert rule template. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. workspaceName - the name of the workspace. alertRuleTemplateID - alert rule template ID
func (AlertRuleTemplatesClient) GetPreparer ¶
func (client AlertRuleTemplatesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, alertRuleTemplateID string) (*http.Request, error)
GetPreparer prepares the Get request.
func (AlertRuleTemplatesClient) GetResponder ¶
func (client AlertRuleTemplatesClient) GetResponder(resp *http.Response) (result AlertRuleTemplateModel, err error)
GetResponder handles the response to the Get request. The method always closes the http.Response Body.
func (AlertRuleTemplatesClient) GetSender ¶
GetSender sends the Get request. The method will close the http.Response Body if it receives an error.
func (AlertRuleTemplatesClient) List ¶
func (client AlertRuleTemplatesClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRuleTemplatesListPage, err error)
List gets all alert rule templates. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. workspaceName - the name of the workspace.
func (AlertRuleTemplatesClient) ListComplete ¶
func (client AlertRuleTemplatesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRuleTemplatesListIterator, err error)
ListComplete enumerates all values, automatically crossing page boundaries as required.
func (AlertRuleTemplatesClient) ListPreparer ¶
func (client AlertRuleTemplatesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
ListPreparer prepares the List request.
func (AlertRuleTemplatesClient) ListResponder ¶
func (client AlertRuleTemplatesClient) ListResponder(resp *http.Response) (result AlertRuleTemplatesList, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (AlertRuleTemplatesClient) ListSender ¶
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
type AlertRuleTemplatesList ¶
type AlertRuleTemplatesList struct { autorest.Response `json:"-"` // NextLink - READ-ONLY; URL to fetch the next set of alert rule templates. NextLink *string `json:"nextLink,omitempty"` // Value - Array of alert rule templates. Value *[]BasicAlertRuleTemplate `json:"value,omitempty"` }
AlertRuleTemplatesList list all the alert rule templates.
func (AlertRuleTemplatesList) IsEmpty ¶
func (artl AlertRuleTemplatesList) IsEmpty() bool
IsEmpty returns true if the ListResult contains no values.
func (AlertRuleTemplatesList) MarshalJSON ¶
func (artl AlertRuleTemplatesList) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AlertRuleTemplatesList.
func (*AlertRuleTemplatesList) UnmarshalJSON ¶
func (artl *AlertRuleTemplatesList) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for AlertRuleTemplatesList struct.
type AlertRuleTemplatesListIterator ¶
type AlertRuleTemplatesListIterator struct {
// contains filtered or unexported fields
}
AlertRuleTemplatesListIterator provides access to a complete listing of AlertRuleTemplate values.
func NewAlertRuleTemplatesListIterator ¶
func NewAlertRuleTemplatesListIterator(page AlertRuleTemplatesListPage) AlertRuleTemplatesListIterator
Creates a new instance of the AlertRuleTemplatesListIterator type.
func (*AlertRuleTemplatesListIterator) Next ¶
func (iter *AlertRuleTemplatesListIterator) Next() error
Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*AlertRuleTemplatesListIterator) NextWithContext ¶
func (iter *AlertRuleTemplatesListIterator) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.
func (AlertRuleTemplatesListIterator) NotDone ¶
func (iter AlertRuleTemplatesListIterator) NotDone() bool
NotDone returns true if the enumeration should be started or is not yet complete.
func (AlertRuleTemplatesListIterator) Response ¶
func (iter AlertRuleTemplatesListIterator) Response() AlertRuleTemplatesList
Response returns the raw server response from the last page request.
func (AlertRuleTemplatesListIterator) Value ¶
func (iter AlertRuleTemplatesListIterator) Value() BasicAlertRuleTemplate
Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.
type AlertRuleTemplatesListPage ¶
type AlertRuleTemplatesListPage struct {
// contains filtered or unexported fields
}
AlertRuleTemplatesListPage contains a page of BasicAlertRuleTemplate values.
func NewAlertRuleTemplatesListPage ¶
func NewAlertRuleTemplatesListPage(getNextPage func(context.Context, AlertRuleTemplatesList) (AlertRuleTemplatesList, error)) AlertRuleTemplatesListPage
Creates a new instance of the AlertRuleTemplatesListPage type.
func (*AlertRuleTemplatesListPage) Next ¶
func (page *AlertRuleTemplatesListPage) Next() error
Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*AlertRuleTemplatesListPage) NextWithContext ¶
func (page *AlertRuleTemplatesListPage) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.
func (AlertRuleTemplatesListPage) NotDone ¶
func (page AlertRuleTemplatesListPage) NotDone() bool
NotDone returns true if the page enumeration should be started or is not yet complete.
func (AlertRuleTemplatesListPage) Response ¶
func (page AlertRuleTemplatesListPage) Response() AlertRuleTemplatesList
Response returns the raw server response from the last page request.
func (AlertRuleTemplatesListPage) Values ¶
func (page AlertRuleTemplatesListPage) Values() []BasicAlertRuleTemplate
Values returns the slice of values for the current page or nil if there are no values.
type AlertRulesClient ¶
type AlertRulesClient struct {
BaseClient
}
AlertRulesClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewAlertRulesClient ¶
func NewAlertRulesClient(subscriptionID string) AlertRulesClient
NewAlertRulesClient creates an instance of the AlertRulesClient client.
func NewAlertRulesClientWithBaseURI ¶
func NewAlertRulesClientWithBaseURI(baseURI string, subscriptionID string) AlertRulesClient
NewAlertRulesClientWithBaseURI creates an instance of the AlertRulesClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (AlertRulesClient) CreateOrUpdate ¶
func (client AlertRulesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, alertRule BasicAlertRule) (result AlertRuleModel, err error)
CreateOrUpdate creates or updates the alert rule. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. workspaceName - the name of the workspace. ruleID - alert rule ID alertRule - the alert rule
func (AlertRulesClient) CreateOrUpdateAction ¶
func (client AlertRulesClient) CreateOrUpdateAction(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string, action ActionRequest) (result ActionResponse, err error)
CreateOrUpdateAction creates or updates the action of alert rule. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. workspaceName - the name of the workspace. ruleID - alert rule ID actionID - action ID action - the action
func (AlertRulesClient) CreateOrUpdateActionPreparer ¶
func (client AlertRulesClient) CreateOrUpdateActionPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string, action ActionRequest) (*http.Request, error)
CreateOrUpdateActionPreparer prepares the CreateOrUpdateAction request.
func (AlertRulesClient) CreateOrUpdateActionResponder ¶
func (client AlertRulesClient) CreateOrUpdateActionResponder(resp *http.Response) (result ActionResponse, err error)
CreateOrUpdateActionResponder handles the response to the CreateOrUpdateAction request. The method always closes the http.Response Body.
func (AlertRulesClient) CreateOrUpdateActionSender ¶
func (client AlertRulesClient) CreateOrUpdateActionSender(req *http.Request) (*http.Response, error)
CreateOrUpdateActionSender sends the CreateOrUpdateAction request. The method will close the http.Response Body if it receives an error.
func (AlertRulesClient) CreateOrUpdatePreparer ¶
func (client AlertRulesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, alertRule BasicAlertRule) (*http.Request, error)
CreateOrUpdatePreparer prepares the CreateOrUpdate request.
func (AlertRulesClient) CreateOrUpdateResponder ¶
func (client AlertRulesClient) CreateOrUpdateResponder(resp *http.Response) (result AlertRuleModel, err error)
CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always closes the http.Response Body.
func (AlertRulesClient) CreateOrUpdateSender ¶
CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the http.Response Body if it receives an error.
func (AlertRulesClient) Delete ¶
func (client AlertRulesClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (result autorest.Response, err error)
Delete delete the alert rule. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. workspaceName - the name of the workspace. ruleID - alert rule ID
func (AlertRulesClient) DeleteAction ¶
func (client AlertRulesClient) DeleteAction(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string) (result autorest.Response, err error)
DeleteAction delete the action of alert rule. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. workspaceName - the name of the workspace. ruleID - alert rule ID actionID - action ID
func (AlertRulesClient) DeleteActionPreparer ¶
func (client AlertRulesClient) DeleteActionPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string) (*http.Request, error)
DeleteActionPreparer prepares the DeleteAction request.
func (AlertRulesClient) DeleteActionResponder ¶
func (client AlertRulesClient) DeleteActionResponder(resp *http.Response) (result autorest.Response, err error)
DeleteActionResponder handles the response to the DeleteAction request. The method always closes the http.Response Body.
func (AlertRulesClient) DeleteActionSender ¶
DeleteActionSender sends the DeleteAction request. The method will close the http.Response Body if it receives an error.
func (AlertRulesClient) DeletePreparer ¶
func (client AlertRulesClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (*http.Request, error)
DeletePreparer prepares the Delete request.
func (AlertRulesClient) DeleteResponder ¶
func (client AlertRulesClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
DeleteResponder handles the response to the Delete request. The method always closes the http.Response Body.
func (AlertRulesClient) DeleteSender ¶
DeleteSender sends the Delete request. The method will close the http.Response Body if it receives an error.
func (AlertRulesClient) Get ¶
func (client AlertRulesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (result AlertRuleModel, err error)
Get gets the alert rule. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. workspaceName - the name of the workspace. ruleID - alert rule ID
func (AlertRulesClient) GetAction ¶
func (client AlertRulesClient) GetAction(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string) (result ActionResponse, err error)
GetAction gets the action of alert rule. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. workspaceName - the name of the workspace. ruleID - alert rule ID actionID - action ID
func (AlertRulesClient) GetActionPreparer ¶
func (client AlertRulesClient) GetActionPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string) (*http.Request, error)
GetActionPreparer prepares the GetAction request.
func (AlertRulesClient) GetActionResponder ¶
func (client AlertRulesClient) GetActionResponder(resp *http.Response) (result ActionResponse, err error)
GetActionResponder handles the response to the GetAction request. The method always closes the http.Response Body.
func (AlertRulesClient) GetActionSender ¶
GetActionSender sends the GetAction request. The method will close the http.Response Body if it receives an error.
func (AlertRulesClient) GetPreparer ¶
func (client AlertRulesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (*http.Request, error)
GetPreparer prepares the Get request.
func (AlertRulesClient) GetResponder ¶
func (client AlertRulesClient) GetResponder(resp *http.Response) (result AlertRuleModel, err error)
GetResponder handles the response to the Get request. The method always closes the http.Response Body.
func (AlertRulesClient) GetSender ¶
GetSender sends the Get request. The method will close the http.Response Body if it receives an error.
func (AlertRulesClient) List ¶
func (client AlertRulesClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRulesListPage, err error)
List gets all alert rules. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. workspaceName - the name of the workspace.
func (AlertRulesClient) ListComplete ¶
func (client AlertRulesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRulesListIterator, err error)
ListComplete enumerates all values, automatically crossing page boundaries as required.
func (AlertRulesClient) ListPreparer ¶
func (client AlertRulesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
ListPreparer prepares the List request.
func (AlertRulesClient) ListResponder ¶
func (client AlertRulesClient) ListResponder(resp *http.Response) (result AlertRulesList, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (AlertRulesClient) ListSender ¶
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
type AlertRulesList ¶
type AlertRulesList struct { autorest.Response `json:"-"` // NextLink - READ-ONLY; URL to fetch the next set of alert rules. NextLink *string `json:"nextLink,omitempty"` // Value - Array of alert rules. Value *[]BasicAlertRule `json:"value,omitempty"` }
AlertRulesList list all the alert rules.
func (AlertRulesList) IsEmpty ¶
func (arl AlertRulesList) IsEmpty() bool
IsEmpty returns true if the ListResult contains no values.
func (AlertRulesList) MarshalJSON ¶
func (arl AlertRulesList) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AlertRulesList.
func (*AlertRulesList) UnmarshalJSON ¶
func (arl *AlertRulesList) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for AlertRulesList struct.
type AlertRulesListIterator ¶
type AlertRulesListIterator struct {
// contains filtered or unexported fields
}
AlertRulesListIterator provides access to a complete listing of AlertRule values.
func NewAlertRulesListIterator ¶
func NewAlertRulesListIterator(page AlertRulesListPage) AlertRulesListIterator
Creates a new instance of the AlertRulesListIterator type.
func (*AlertRulesListIterator) Next ¶
func (iter *AlertRulesListIterator) Next() error
Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*AlertRulesListIterator) NextWithContext ¶
func (iter *AlertRulesListIterator) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.
func (AlertRulesListIterator) NotDone ¶
func (iter AlertRulesListIterator) NotDone() bool
NotDone returns true if the enumeration should be started or is not yet complete.
func (AlertRulesListIterator) Response ¶
func (iter AlertRulesListIterator) Response() AlertRulesList
Response returns the raw server response from the last page request.
func (AlertRulesListIterator) Value ¶
func (iter AlertRulesListIterator) Value() BasicAlertRule
Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.
type AlertRulesListPage ¶
type AlertRulesListPage struct {
// contains filtered or unexported fields
}
AlertRulesListPage contains a page of BasicAlertRule values.
func NewAlertRulesListPage ¶
func NewAlertRulesListPage(getNextPage func(context.Context, AlertRulesList) (AlertRulesList, error)) AlertRulesListPage
Creates a new instance of the AlertRulesListPage type.
func (*AlertRulesListPage) Next ¶
func (page *AlertRulesListPage) Next() error
Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*AlertRulesListPage) NextWithContext ¶
func (page *AlertRulesListPage) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.
func (AlertRulesListPage) NotDone ¶
func (page AlertRulesListPage) NotDone() bool
NotDone returns true if the page enumeration should be started or is not yet complete.
func (AlertRulesListPage) Response ¶
func (page AlertRulesListPage) Response() AlertRulesList
Response returns the raw server response from the last page request.
func (AlertRulesListPage) Values ¶
func (page AlertRulesListPage) Values() []BasicAlertRule
Values returns the slice of values for the current page or nil if there are no values.
type AlertSeverity ¶
type AlertSeverity string
AlertSeverity enumerates the values for alert severity.
const ( // High High severity High AlertSeverity = "High" // Informational Informational severity Informational AlertSeverity = "Informational" // Low Low severity Low AlertSeverity = "Low" // Medium Medium severity Medium AlertSeverity = "Medium" )
func PossibleAlertSeverityValues ¶
func PossibleAlertSeverityValues() []AlertSeverity
PossibleAlertSeverityValues returns an array of possible values for the AlertSeverity const type.
type AlertsDataTypeOfDataConnector ¶
type AlertsDataTypeOfDataConnector struct { // Alerts - Alerts data type connection. Alerts *DataConnectorDataTypeCommon `json:"alerts,omitempty"` }
AlertsDataTypeOfDataConnector alerts data type for data connectors.
type AttackTactic ¶
type AttackTactic string
AttackTactic enumerates the values for attack tactic.
const ( // Collection ... Collection AttackTactic = "Collection" // CommandAndControl ... CommandAndControl AttackTactic = "CommandAndControl" // CredentialAccess ... CredentialAccess AttackTactic = "CredentialAccess" // DefenseEvasion ... DefenseEvasion AttackTactic = "DefenseEvasion" // Discovery ... Discovery AttackTactic = "Discovery" // Execution ... Execution AttackTactic = "Execution" // Exfiltration ... Exfiltration AttackTactic = "Exfiltration" // Impact ... Impact AttackTactic = "Impact" // InitialAccess ... InitialAccess AttackTactic = "InitialAccess" // LateralMovement ... LateralMovement AttackTactic = "LateralMovement" // Persistence ... Persistence AttackTactic = "Persistence" // PrivilegeEscalation ... PrivilegeEscalation AttackTactic = "PrivilegeEscalation" )
func PossibleAttackTacticValues ¶
func PossibleAttackTacticValues() []AttackTactic
PossibleAttackTacticValues returns an array of possible values for the AttackTactic const type.
type AwsCloudTrailDataConnector ¶
type AwsCloudTrailDataConnector struct { // AwsCloudTrailDataConnectorProperties - Amazon Web Services CloudTrail data connector properties. *AwsCloudTrailDataConnectorProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindDataConnector', 'KindAzureActiveDirectory', 'KindAzureAdvancedThreatProtection', 'KindAzureSecurityCenter', 'KindAmazonWebServicesCloudTrail', 'KindMicrosoftCloudAppSecurity', 'KindMicrosoftDefenderAdvancedThreatProtection', 'KindOffice365', 'KindThreatIntelligence' Kind KindBasicDataConnector `json:"kind,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` }
AwsCloudTrailDataConnector represents Amazon Web Services CloudTrail data connector.
func (AwsCloudTrailDataConnector) AsAADDataConnector ¶
func (actdc AwsCloudTrailDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
AsAADDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.
func (AwsCloudTrailDataConnector) AsAATPDataConnector ¶
func (actdc AwsCloudTrailDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
AsAATPDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.
func (AwsCloudTrailDataConnector) AsASCDataConnector ¶
func (actdc AwsCloudTrailDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
AsASCDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.
func (AwsCloudTrailDataConnector) AsAwsCloudTrailDataConnector ¶
func (actdc AwsCloudTrailDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.
func (AwsCloudTrailDataConnector) AsBasicDataConnector ¶
func (actdc AwsCloudTrailDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
AsBasicDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.
func (AwsCloudTrailDataConnector) AsDataConnector ¶
func (actdc AwsCloudTrailDataConnector) AsDataConnector() (*DataConnector, bool)
AsDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.
func (AwsCloudTrailDataConnector) AsMCASDataConnector ¶
func (actdc AwsCloudTrailDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
AsMCASDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.
func (AwsCloudTrailDataConnector) AsMDATPDataConnector ¶
func (actdc AwsCloudTrailDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
AsMDATPDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.
func (AwsCloudTrailDataConnector) AsOfficeDataConnector ¶
func (actdc AwsCloudTrailDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
AsOfficeDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.
func (AwsCloudTrailDataConnector) AsTIDataConnector ¶
func (actdc AwsCloudTrailDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
AsTIDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector.
func (AwsCloudTrailDataConnector) MarshalJSON ¶
func (actdc AwsCloudTrailDataConnector) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for AwsCloudTrailDataConnector.
func (*AwsCloudTrailDataConnector) UnmarshalJSON ¶
func (actdc *AwsCloudTrailDataConnector) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for AwsCloudTrailDataConnector struct.
type AwsCloudTrailDataConnectorDataTypes ¶
type AwsCloudTrailDataConnectorDataTypes struct { // Logs - Logs data type. Logs *AwsCloudTrailDataConnectorDataTypesLogs `json:"logs,omitempty"` }
AwsCloudTrailDataConnectorDataTypes the available data types for Amazon Web Services CloudTrail data connector.
type AwsCloudTrailDataConnectorDataTypesLogs ¶
type AwsCloudTrailDataConnectorDataTypesLogs struct { // State - Describe whether this data type connection is enabled or not. Possible values include: 'Enabled', 'Disabled' State DataTypeState `json:"state,omitempty"` }
AwsCloudTrailDataConnectorDataTypesLogs logs data type.
type AwsCloudTrailDataConnectorProperties ¶
type AwsCloudTrailDataConnectorProperties struct { // AwsRoleArn - The Aws Role Arn (with CloudTrailReadOnly policy) that is used to access the Aws account. AwsRoleArn *string `json:"awsRoleArn,omitempty"` // DataTypes - The available data types for the connector. DataTypes *AwsCloudTrailDataConnectorDataTypes `json:"dataTypes,omitempty"` }
AwsCloudTrailDataConnectorProperties amazon Web Services CloudTrail data connector properties.
type BaseClient ¶
BaseClient is the base client for Securityinsight.
func New ¶
func New(subscriptionID string) BaseClient
New creates an instance of the BaseClient client.
func NewWithBaseURI ¶
func NewWithBaseURI(baseURI string, subscriptionID string) BaseClient
NewWithBaseURI creates an instance of the BaseClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
type BasicAlertRule ¶
type BasicAlertRule interface { AsFusionAlertRule() (*FusionAlertRule, bool) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool) AsScheduledAlertRule() (*ScheduledAlertRule, bool) AsAlertRule() (*AlertRule, bool) }
BasicAlertRule alert rule.
type BasicAlertRuleTemplate ¶
type BasicAlertRuleTemplate interface { AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool) AsAlertRuleTemplate() (*AlertRuleTemplate, bool) }
BasicAlertRuleTemplate alert rule template.
type BasicDataConnector ¶
type BasicDataConnector interface { AsAADDataConnector() (*AADDataConnector, bool) AsAATPDataConnector() (*AATPDataConnector, bool) AsASCDataConnector() (*ASCDataConnector, bool) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) AsMCASDataConnector() (*MCASDataConnector, bool) AsMDATPDataConnector() (*MDATPDataConnector, bool) AsOfficeDataConnector() (*OfficeDataConnector, bool) AsTIDataConnector() (*TIDataConnector, bool) AsDataConnector() (*DataConnector, bool) }
BasicDataConnector data connector.
type BasicSettings ¶
type BasicSettings interface { AsToggleSettings() (*ToggleSettings, bool) AsUebaSettings() (*UebaSettings, bool) AsSettings() (*Settings, bool) }
BasicSettings the Settings.
type Bookmark ¶
type Bookmark struct { autorest.Response `json:"-"` // BookmarkProperties - Bookmark properties *BookmarkProperties `json:"properties,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` }
Bookmark represents a bookmark in Azure Security Insights.
func (Bookmark) MarshalJSON ¶
MarshalJSON is the custom marshaler for Bookmark.
func (*Bookmark) UnmarshalJSON ¶
UnmarshalJSON is the custom unmarshaler for Bookmark struct.
type BookmarkList ¶
type BookmarkList struct { autorest.Response `json:"-"` // NextLink - READ-ONLY; URL to fetch the next set of cases. NextLink *string `json:"nextLink,omitempty"` // Value - Array of bookmarks. Value *[]Bookmark `json:"value,omitempty"` }
BookmarkList list all the bookmarks.
func (BookmarkList) IsEmpty ¶
func (bl BookmarkList) IsEmpty() bool
IsEmpty returns true if the ListResult contains no values.
func (BookmarkList) MarshalJSON ¶
func (bl BookmarkList) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for BookmarkList.
type BookmarkListIterator ¶
type BookmarkListIterator struct {
// contains filtered or unexported fields
}
BookmarkListIterator provides access to a complete listing of Bookmark values.
func NewBookmarkListIterator ¶
func NewBookmarkListIterator(page BookmarkListPage) BookmarkListIterator
Creates a new instance of the BookmarkListIterator type.
func (*BookmarkListIterator) Next ¶
func (iter *BookmarkListIterator) Next() error
Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*BookmarkListIterator) NextWithContext ¶
func (iter *BookmarkListIterator) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.
func (BookmarkListIterator) NotDone ¶
func (iter BookmarkListIterator) NotDone() bool
NotDone returns true if the enumeration should be started or is not yet complete.
func (BookmarkListIterator) Response ¶
func (iter BookmarkListIterator) Response() BookmarkList
Response returns the raw server response from the last page request.
func (BookmarkListIterator) Value ¶
func (iter BookmarkListIterator) Value() Bookmark
Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.
type BookmarkListPage ¶
type BookmarkListPage struct {
// contains filtered or unexported fields
}
BookmarkListPage contains a page of Bookmark values.
func NewBookmarkListPage ¶
func NewBookmarkListPage(getNextPage func(context.Context, BookmarkList) (BookmarkList, error)) BookmarkListPage
Creates a new instance of the BookmarkListPage type.
func (*BookmarkListPage) Next ¶
func (page *BookmarkListPage) Next() error
Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*BookmarkListPage) NextWithContext ¶
func (page *BookmarkListPage) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.
func (BookmarkListPage) NotDone ¶
func (page BookmarkListPage) NotDone() bool
NotDone returns true if the page enumeration should be started or is not yet complete.
func (BookmarkListPage) Response ¶
func (page BookmarkListPage) Response() BookmarkList
Response returns the raw server response from the last page request.
func (BookmarkListPage) Values ¶
func (page BookmarkListPage) Values() []Bookmark
Values returns the slice of values for the current page or nil if there are no values.
type BookmarkProperties ¶
type BookmarkProperties struct { // Created - The time the bookmark was created Created *date.Time `json:"created,omitempty"` // CreatedBy - Describes a user that created the bookmark CreatedBy *UserInfo `json:"createdBy,omitempty"` // DisplayName - The display name of the bookmark DisplayName *string `json:"displayName,omitempty"` // Labels - List of labels relevant to this bookmark Labels *[]string `json:"labels,omitempty"` // Notes - The notes of the bookmark Notes *string `json:"notes,omitempty"` // Query - The query of the bookmark. Query *string `json:"query,omitempty"` // QueryResult - The query result of the bookmark. QueryResult *string `json:"queryResult,omitempty"` // Updated - The last time the bookmark was updated Updated *date.Time `json:"updated,omitempty"` // UpdatedBy - Describes a user that updated the bookmark UpdatedBy *UserInfo `json:"updatedBy,omitempty"` // IncidentInfo - Describes an incident that relates to bookmark IncidentInfo *IncidentInfo `json:"incidentInfo,omitempty"` }
BookmarkProperties describes bookmark properties
type BookmarksClient ¶
type BookmarksClient struct {
BaseClient
}
BookmarksClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewBookmarksClient ¶
func NewBookmarksClient(subscriptionID string) BookmarksClient
NewBookmarksClient creates an instance of the BookmarksClient client.
func NewBookmarksClientWithBaseURI ¶
func NewBookmarksClientWithBaseURI(baseURI string, subscriptionID string) BookmarksClient
NewBookmarksClientWithBaseURI creates an instance of the BookmarksClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (BookmarksClient) CreateOrUpdate ¶
func (client BookmarksClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, bookmark Bookmark) (result Bookmark, err error)
CreateOrUpdate creates or updates the bookmark. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. workspaceName - the name of the workspace. bookmarkID - bookmark ID bookmark - the bookmark
func (BookmarksClient) CreateOrUpdatePreparer ¶
func (client BookmarksClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, bookmark Bookmark) (*http.Request, error)
CreateOrUpdatePreparer prepares the CreateOrUpdate request.
func (BookmarksClient) CreateOrUpdateResponder ¶
func (client BookmarksClient) CreateOrUpdateResponder(resp *http.Response) (result Bookmark, err error)
CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always closes the http.Response Body.
func (BookmarksClient) CreateOrUpdateSender ¶
CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the http.Response Body if it receives an error.
func (BookmarksClient) Delete ¶
func (client BookmarksClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string) (result autorest.Response, err error)
Delete delete the bookmark. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. workspaceName - the name of the workspace. bookmarkID - bookmark ID
func (BookmarksClient) DeletePreparer ¶
func (client BookmarksClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string) (*http.Request, error)
DeletePreparer prepares the Delete request.
func (BookmarksClient) DeleteResponder ¶
func (client BookmarksClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
DeleteResponder handles the response to the Delete request. The method always closes the http.Response Body.
func (BookmarksClient) DeleteSender ¶
DeleteSender sends the Delete request. The method will close the http.Response Body if it receives an error.
func (BookmarksClient) Get ¶
func (client BookmarksClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string) (result Bookmark, err error)
Get gets a bookmark. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. workspaceName - the name of the workspace. bookmarkID - bookmark ID
func (BookmarksClient) GetPreparer ¶
func (client BookmarksClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string) (*http.Request, error)
GetPreparer prepares the Get request.
func (BookmarksClient) GetResponder ¶
func (client BookmarksClient) GetResponder(resp *http.Response) (result Bookmark, err error)
GetResponder handles the response to the Get request. The method always closes the http.Response Body.
func (BookmarksClient) GetSender ¶
GetSender sends the Get request. The method will close the http.Response Body if it receives an error.
func (BookmarksClient) List ¶
func (client BookmarksClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result BookmarkListPage, err error)
List gets all bookmarks. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. workspaceName - the name of the workspace.
func (BookmarksClient) ListComplete ¶
func (client BookmarksClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result BookmarkListIterator, err error)
ListComplete enumerates all values, automatically crossing page boundaries as required.
func (BookmarksClient) ListPreparer ¶
func (client BookmarksClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
ListPreparer prepares the List request.
func (BookmarksClient) ListResponder ¶
func (client BookmarksClient) ListResponder(resp *http.Response) (result BookmarkList, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (BookmarksClient) ListSender ¶
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
type CaseSeverity ¶
type CaseSeverity string
CaseSeverity enumerates the values for case severity.
const ( // CaseSeverityCritical Critical severity CaseSeverityCritical CaseSeverity = "Critical" // CaseSeverityHigh High severity CaseSeverityHigh CaseSeverity = "High" // CaseSeverityInformational Informational severity CaseSeverityInformational CaseSeverity = "Informational" // CaseSeverityLow Low severity CaseSeverityLow CaseSeverity = "Low" // CaseSeverityMedium Medium severity CaseSeverityMedium CaseSeverity = "Medium" )
func PossibleCaseSeverityValues ¶
func PossibleCaseSeverityValues() []CaseSeverity
PossibleCaseSeverityValues returns an array of possible values for the CaseSeverity const type.
type ClientInfo ¶
type ClientInfo struct { // Email - The email of the client. Email *string `json:"email,omitempty"` // Name - The name of the client. Name *string `json:"name,omitempty"` // ObjectID - The object id of the client. ObjectID *uuid.UUID `json:"objectId,omitempty"` // UserPrincipalName - The user principal name of the client. UserPrincipalName *string `json:"userPrincipalName,omitempty"` }
ClientInfo information on the client (user or application) that made some action
type CloudError ¶
type CloudError struct { // Error - The error object of the CloudError response Error *ErrorResponse `json:"error,omitempty"` }
CloudError an error response for a resource management request.
type DataConnector ¶
type DataConnector struct { autorest.Response `json:"-"` // Kind - Possible values include: 'KindDataConnector', 'KindAzureActiveDirectory', 'KindAzureAdvancedThreatProtection', 'KindAzureSecurityCenter', 'KindAmazonWebServicesCloudTrail', 'KindMicrosoftCloudAppSecurity', 'KindMicrosoftDefenderAdvancedThreatProtection', 'KindOffice365', 'KindThreatIntelligence' Kind KindBasicDataConnector `json:"kind,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` }
DataConnector data connector.
func (DataConnector) AsAADDataConnector ¶
func (dc DataConnector) AsAADDataConnector() (*AADDataConnector, bool)
AsAADDataConnector is the BasicDataConnector implementation for DataConnector.
func (DataConnector) AsAATPDataConnector ¶
func (dc DataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
AsAATPDataConnector is the BasicDataConnector implementation for DataConnector.
func (DataConnector) AsASCDataConnector ¶
func (dc DataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
AsASCDataConnector is the BasicDataConnector implementation for DataConnector.
func (DataConnector) AsAwsCloudTrailDataConnector ¶
func (dc DataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for DataConnector.
func (DataConnector) AsBasicDataConnector ¶
func (dc DataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
AsBasicDataConnector is the BasicDataConnector implementation for DataConnector.
func (DataConnector) AsDataConnector ¶
func (dc DataConnector) AsDataConnector() (*DataConnector, bool)
AsDataConnector is the BasicDataConnector implementation for DataConnector.
func (DataConnector) AsMCASDataConnector ¶
func (dc DataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
AsMCASDataConnector is the BasicDataConnector implementation for DataConnector.
func (DataConnector) AsMDATPDataConnector ¶
func (dc DataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
AsMDATPDataConnector is the BasicDataConnector implementation for DataConnector.
func (DataConnector) AsOfficeDataConnector ¶
func (dc DataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
AsOfficeDataConnector is the BasicDataConnector implementation for DataConnector.
func (DataConnector) AsTIDataConnector ¶
func (dc DataConnector) AsTIDataConnector() (*TIDataConnector, bool)
AsTIDataConnector is the BasicDataConnector implementation for DataConnector.
func (DataConnector) MarshalJSON ¶
func (dc DataConnector) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for DataConnector.
type DataConnectorDataTypeCommon ¶
type DataConnectorDataTypeCommon struct { // State - Describe whether this data type connection is enabled or not. Possible values include: 'Enabled', 'Disabled' State DataTypeState `json:"state,omitempty"` }
DataConnectorDataTypeCommon common field for data type in data connectors.
type DataConnectorKind ¶
type DataConnectorKind string
DataConnectorKind enumerates the values for data connector kind.
const ( // DataConnectorKindAmazonWebServicesCloudTrail ... DataConnectorKindAmazonWebServicesCloudTrail DataConnectorKind = "AmazonWebServicesCloudTrail" // DataConnectorKindAzureActiveDirectory ... DataConnectorKindAzureActiveDirectory DataConnectorKind = "AzureActiveDirectory" // DataConnectorKindAzureAdvancedThreatProtection ... DataConnectorKindAzureAdvancedThreatProtection DataConnectorKind = "AzureAdvancedThreatProtection" // DataConnectorKindAzureSecurityCenter ... DataConnectorKindAzureSecurityCenter DataConnectorKind = "AzureSecurityCenter" // DataConnectorKindMicrosoftCloudAppSecurity ... DataConnectorKindMicrosoftCloudAppSecurity DataConnectorKind = "MicrosoftCloudAppSecurity" // DataConnectorKindMicrosoftDefenderAdvancedThreatProtection ... DataConnectorKindMicrosoftDefenderAdvancedThreatProtection DataConnectorKind = "MicrosoftDefenderAdvancedThreatProtection" // DataConnectorKindOffice365 ... DataConnectorKindOffice365 DataConnectorKind = "Office365" // DataConnectorKindThreatIntelligence ... DataConnectorKindThreatIntelligence DataConnectorKind = "ThreatIntelligence" )
func PossibleDataConnectorKindValues ¶
func PossibleDataConnectorKindValues() []DataConnectorKind
PossibleDataConnectorKindValues returns an array of possible values for the DataConnectorKind const type.
type DataConnectorList ¶
type DataConnectorList struct { autorest.Response `json:"-"` // NextLink - READ-ONLY; URL to fetch the next set of data connectors. NextLink *string `json:"nextLink,omitempty"` // Value - Array of data connectors. Value *[]BasicDataConnector `json:"value,omitempty"` }
DataConnectorList list all the data connectors.
func (DataConnectorList) IsEmpty ¶
func (dcl DataConnectorList) IsEmpty() bool
IsEmpty returns true if the ListResult contains no values.
func (DataConnectorList) MarshalJSON ¶
func (dcl DataConnectorList) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for DataConnectorList.
func (*DataConnectorList) UnmarshalJSON ¶
func (dcl *DataConnectorList) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for DataConnectorList struct.
type DataConnectorListIterator ¶
type DataConnectorListIterator struct {
// contains filtered or unexported fields
}
DataConnectorListIterator provides access to a complete listing of DataConnector values.
func NewDataConnectorListIterator ¶
func NewDataConnectorListIterator(page DataConnectorListPage) DataConnectorListIterator
Creates a new instance of the DataConnectorListIterator type.
func (*DataConnectorListIterator) Next ¶
func (iter *DataConnectorListIterator) Next() error
Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*DataConnectorListIterator) NextWithContext ¶
func (iter *DataConnectorListIterator) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.
func (DataConnectorListIterator) NotDone ¶
func (iter DataConnectorListIterator) NotDone() bool
NotDone returns true if the enumeration should be started or is not yet complete.
func (DataConnectorListIterator) Response ¶
func (iter DataConnectorListIterator) Response() DataConnectorList
Response returns the raw server response from the last page request.
func (DataConnectorListIterator) Value ¶
func (iter DataConnectorListIterator) Value() BasicDataConnector
Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.
type DataConnectorListPage ¶
type DataConnectorListPage struct {
// contains filtered or unexported fields
}
DataConnectorListPage contains a page of BasicDataConnector values.
func NewDataConnectorListPage ¶
func NewDataConnectorListPage(getNextPage func(context.Context, DataConnectorList) (DataConnectorList, error)) DataConnectorListPage
Creates a new instance of the DataConnectorListPage type.
func (*DataConnectorListPage) Next ¶
func (page *DataConnectorListPage) Next() error
Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*DataConnectorListPage) NextWithContext ¶
func (page *DataConnectorListPage) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.
func (DataConnectorListPage) NotDone ¶
func (page DataConnectorListPage) NotDone() bool
NotDone returns true if the page enumeration should be started or is not yet complete.
func (DataConnectorListPage) Response ¶
func (page DataConnectorListPage) Response() DataConnectorList
Response returns the raw server response from the last page request.
func (DataConnectorListPage) Values ¶
func (page DataConnectorListPage) Values() []BasicDataConnector
Values returns the slice of values for the current page or nil if there are no values.
type DataConnectorModel ¶
type DataConnectorModel struct { autorest.Response `json:"-"` Value BasicDataConnector `json:"value,omitempty"` }
DataConnectorModel ...
func (*DataConnectorModel) UnmarshalJSON ¶
func (dcm *DataConnectorModel) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for DataConnectorModel struct.
type DataConnectorTenantID ¶
type DataConnectorTenantID struct { // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` }
DataConnectorTenantID properties data connector on tenant level.
type DataConnectorWithAlertsProperties ¶
type DataConnectorWithAlertsProperties struct { // DataTypes - The available data types for the connector. DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"` }
DataConnectorWithAlertsProperties data connector properties.
type DataConnectorsClient ¶
type DataConnectorsClient struct {
BaseClient
}
DataConnectorsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewDataConnectorsClient ¶
func NewDataConnectorsClient(subscriptionID string) DataConnectorsClient
NewDataConnectorsClient creates an instance of the DataConnectorsClient client.
func NewDataConnectorsClientWithBaseURI ¶
func NewDataConnectorsClientWithBaseURI(baseURI string, subscriptionID string) DataConnectorsClient
NewDataConnectorsClientWithBaseURI creates an instance of the DataConnectorsClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (DataConnectorsClient) CreateOrUpdate ¶
func (client DataConnectorsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, dataConnector BasicDataConnector) (result DataConnectorModel, err error)
CreateOrUpdate creates or updates the data connector. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. workspaceName - the name of the workspace. dataConnectorID - connector ID dataConnector - the data connector
func (DataConnectorsClient) CreateOrUpdatePreparer ¶
func (client DataConnectorsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, dataConnector BasicDataConnector) (*http.Request, error)
CreateOrUpdatePreparer prepares the CreateOrUpdate request.
func (DataConnectorsClient) CreateOrUpdateResponder ¶
func (client DataConnectorsClient) CreateOrUpdateResponder(resp *http.Response) (result DataConnectorModel, err error)
CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always closes the http.Response Body.
func (DataConnectorsClient) CreateOrUpdateSender ¶
CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the http.Response Body if it receives an error.
func (DataConnectorsClient) Delete ¶
func (client DataConnectorsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string) (result autorest.Response, err error)
Delete delete the data connector. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. workspaceName - the name of the workspace. dataConnectorID - connector ID
func (DataConnectorsClient) DeletePreparer ¶
func (client DataConnectorsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string) (*http.Request, error)
DeletePreparer prepares the Delete request.
func (DataConnectorsClient) DeleteResponder ¶
func (client DataConnectorsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
DeleteResponder handles the response to the Delete request. The method always closes the http.Response Body.
func (DataConnectorsClient) DeleteSender ¶
DeleteSender sends the Delete request. The method will close the http.Response Body if it receives an error.
func (DataConnectorsClient) Get ¶
func (client DataConnectorsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string) (result DataConnectorModel, err error)
Get gets a data connector. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. workspaceName - the name of the workspace. dataConnectorID - connector ID
func (DataConnectorsClient) GetPreparer ¶
func (client DataConnectorsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string) (*http.Request, error)
GetPreparer prepares the Get request.
func (DataConnectorsClient) GetResponder ¶
func (client DataConnectorsClient) GetResponder(resp *http.Response) (result DataConnectorModel, err error)
GetResponder handles the response to the Get request. The method always closes the http.Response Body.
func (DataConnectorsClient) GetSender ¶
GetSender sends the Get request. The method will close the http.Response Body if it receives an error.
func (DataConnectorsClient) List ¶
func (client DataConnectorsClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result DataConnectorListPage, err error)
List gets all data connectors. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. workspaceName - the name of the workspace.
func (DataConnectorsClient) ListComplete ¶
func (client DataConnectorsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result DataConnectorListIterator, err error)
ListComplete enumerates all values, automatically crossing page boundaries as required.
func (DataConnectorsClient) ListPreparer ¶
func (client DataConnectorsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error)
ListPreparer prepares the List request.
func (DataConnectorsClient) ListResponder ¶
func (client DataConnectorsClient) ListResponder(resp *http.Response) (result DataConnectorList, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (DataConnectorsClient) ListSender ¶
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
type DataTypeState ¶
type DataTypeState string
DataTypeState enumerates the values for data type state.
const ( // Disabled ... Disabled DataTypeState = "Disabled" // Enabled ... Enabled DataTypeState = "Enabled" )
func PossibleDataTypeStateValues ¶
func PossibleDataTypeStateValues() []DataTypeState
PossibleDataTypeStateValues returns an array of possible values for the DataTypeState const type.
type ErrorAdditionalInfo ¶
type ErrorAdditionalInfo struct { // Type - READ-ONLY; The additional info type. Type *string `json:"type,omitempty"` // Info - READ-ONLY; The additional info. Info interface{} `json:"info,omitempty"` }
ErrorAdditionalInfo the resource management error additional info.
type ErrorResponse ¶
type ErrorResponse struct { // Code - READ-ONLY; The error code. Code *string `json:"code,omitempty"` // Message - READ-ONLY; The error message. Message *string `json:"message,omitempty"` // Target - READ-ONLY; The error target. Target *string `json:"target,omitempty"` // Details - READ-ONLY; The error details. Details *[]ErrorResponse `json:"details,omitempty"` // AdditionalInfo - READ-ONLY; The error additional info. AdditionalInfo *[]ErrorAdditionalInfo `json:"additionalInfo,omitempty"` }
ErrorResponse the resource management error response.
type FusionAlertRule ¶
type FusionAlertRule struct { // FusionAlertRuleProperties - Fusion alert rule properties *FusionAlertRuleProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindAlertRule', 'KindFusion', 'KindMicrosoftSecurityIncidentCreation', 'KindScheduled' Kind Kind `json:"kind,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` }
FusionAlertRule represents Fusion alert rule.
func (FusionAlertRule) AsAlertRule ¶
func (far FusionAlertRule) AsAlertRule() (*AlertRule, bool)
AsAlertRule is the BasicAlertRule implementation for FusionAlertRule.
func (FusionAlertRule) AsBasicAlertRule ¶
func (far FusionAlertRule) AsBasicAlertRule() (BasicAlertRule, bool)
AsBasicAlertRule is the BasicAlertRule implementation for FusionAlertRule.
func (FusionAlertRule) AsFusionAlertRule ¶
func (far FusionAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)
AsFusionAlertRule is the BasicAlertRule implementation for FusionAlertRule.
func (FusionAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule ¶
func (far FusionAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)
AsMicrosoftSecurityIncidentCreationAlertRule is the BasicAlertRule implementation for FusionAlertRule.
func (FusionAlertRule) AsScheduledAlertRule ¶
func (far FusionAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)
AsScheduledAlertRule is the BasicAlertRule implementation for FusionAlertRule.
func (FusionAlertRule) MarshalJSON ¶
func (far FusionAlertRule) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for FusionAlertRule.
func (*FusionAlertRule) UnmarshalJSON ¶
func (far *FusionAlertRule) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for FusionAlertRule struct.
type FusionAlertRuleProperties ¶
type FusionAlertRuleProperties struct { // AlertRuleTemplateName - The Name of the alert rule template used to create this rule. AlertRuleTemplateName *string `json:"alertRuleTemplateName,omitempty"` // Description - READ-ONLY; The description of the alert rule. Description *string `json:"description,omitempty"` // DisplayName - READ-ONLY; The display name for alerts created by this alert rule. DisplayName *string `json:"displayName,omitempty"` // Enabled - Determines whether this alert rule is enabled or disabled. Enabled *bool `json:"enabled,omitempty"` // LastModifiedUtc - READ-ONLY; The last time that this alert has been modified. LastModifiedUtc *date.Time `json:"lastModifiedUtc,omitempty"` // Severity - READ-ONLY; The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium', 'Low', 'Informational' Severity AlertSeverity `json:"severity,omitempty"` // Tactics - READ-ONLY; The tactics of the alert rule Tactics *[]AttackTactic `json:"tactics,omitempty"` }
FusionAlertRuleProperties fusion alert rule base property bag.
func (FusionAlertRuleProperties) MarshalJSON ¶
func (farp FusionAlertRuleProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for FusionAlertRuleProperties.
type FusionAlertRuleTemplate ¶
type FusionAlertRuleTemplate struct { // FusionAlertRuleTemplateProperties - Fusion alert rule template properties *FusionAlertRuleTemplateProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled' Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` }
FusionAlertRuleTemplate represents Fusion alert rule template.
func (FusionAlertRuleTemplate) AsAlertRuleTemplate ¶
func (fart FusionAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)
AsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for FusionAlertRuleTemplate.
func (FusionAlertRuleTemplate) AsBasicAlertRuleTemplate ¶
func (fart FusionAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)
AsBasicAlertRuleTemplate is the BasicAlertRuleTemplate implementation for FusionAlertRuleTemplate.
func (FusionAlertRuleTemplate) AsFusionAlertRuleTemplate ¶
func (fart FusionAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)
AsFusionAlertRuleTemplate is the BasicAlertRuleTemplate implementation for FusionAlertRuleTemplate.
func (FusionAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate ¶
func (fart FusionAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)
AsMicrosoftSecurityIncidentCreationAlertRuleTemplate is the BasicAlertRuleTemplate implementation for FusionAlertRuleTemplate.
func (FusionAlertRuleTemplate) AsScheduledAlertRuleTemplate ¶
func (fart FusionAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)
AsScheduledAlertRuleTemplate is the BasicAlertRuleTemplate implementation for FusionAlertRuleTemplate.
func (FusionAlertRuleTemplate) MarshalJSON ¶
func (fart FusionAlertRuleTemplate) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for FusionAlertRuleTemplate.
func (*FusionAlertRuleTemplate) UnmarshalJSON ¶
func (fart *FusionAlertRuleTemplate) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for FusionAlertRuleTemplate struct.
type FusionAlertRuleTemplateProperties ¶
type FusionAlertRuleTemplateProperties struct { // AlertRulesCreatedByTemplateCount - the number of alert rules that were created by this template AlertRulesCreatedByTemplateCount *int32 `json:"alertRulesCreatedByTemplateCount,omitempty"` // CreatedDateUTC - READ-ONLY; The time that this alert rule template has been added. CreatedDateUTC *date.Time `json:"createdDateUTC,omitempty"` // Description - The description of the alert rule template. Description *string `json:"description,omitempty"` // DisplayName - The display name for alert rule template. DisplayName *string `json:"displayName,omitempty"` // RequiredDataConnectors - The required data connectors for this template RequiredDataConnectors *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"` // Status - The alert rule template status. Possible values include: 'Installed', 'Available', 'NotAvailable' Status TemplateStatus `json:"status,omitempty"` // Severity - The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium', 'Low', 'Informational' Severity AlertSeverity `json:"severity,omitempty"` // Tactics - The tactics of the alert rule template Tactics *[]AttackTactic `json:"tactics,omitempty"` }
FusionAlertRuleTemplateProperties represents Fusion alert rule template properties
func (FusionAlertRuleTemplateProperties) MarshalJSON ¶
func (fartp FusionAlertRuleTemplateProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for FusionAlertRuleTemplateProperties.
type Incident ¶
type Incident struct { autorest.Response `json:"-"` // IncidentProperties - Incident properties *IncidentProperties `json:"properties,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` }
Incident represents an incident in Azure Security Insights.
func (Incident) MarshalJSON ¶
MarshalJSON is the custom marshaler for Incident.
func (*Incident) UnmarshalJSON ¶
UnmarshalJSON is the custom unmarshaler for Incident struct.
type IncidentAdditionalData ¶
type IncidentAdditionalData struct { // AlertsCount - READ-ONLY; The number of alerts in the incident AlertsCount *int32 `json:"alertsCount,omitempty"` // BookmarksCount - READ-ONLY; The number of bookmarks in the incident BookmarksCount *int32 `json:"bookmarksCount,omitempty"` // CommentsCount - READ-ONLY; The number of comments in the incident CommentsCount *int32 `json:"commentsCount,omitempty"` // AlertProductNames - READ-ONLY; List of product names of alerts in the incident AlertProductNames *[]string `json:"alertProductNames,omitempty"` // Tactics - READ-ONLY; The tactics associated with incident Tactics *[]AttackTactic `json:"tactics,omitempty"` }
IncidentAdditionalData incident additional data property bag.
type IncidentClassification ¶
type IncidentClassification string
IncidentClassification enumerates the values for incident classification.
const ( // BenignPositive Incident was benign positive BenignPositive IncidentClassification = "BenignPositive" // FalsePositive Incident was false positive FalsePositive IncidentClassification = "FalsePositive" // TruePositive Incident was true positive TruePositive IncidentClassification = "TruePositive" // Undetermined Incident classification was undetermined Undetermined IncidentClassification = "Undetermined" )
func PossibleIncidentClassificationValues ¶
func PossibleIncidentClassificationValues() []IncidentClassification
PossibleIncidentClassificationValues returns an array of possible values for the IncidentClassification const type.
type IncidentClassificationReason ¶
type IncidentClassificationReason string
IncidentClassificationReason enumerates the values for incident classification reason.
const ( // InaccurateData Classification reason was inaccurate data InaccurateData IncidentClassificationReason = "InaccurateData" // IncorrectAlertLogic Classification reason was incorrect alert logic IncorrectAlertLogic IncidentClassificationReason = "IncorrectAlertLogic" // SuspiciousActivity Classification reason was suspicious activity SuspiciousActivity IncidentClassificationReason = "SuspiciousActivity" // SuspiciousButExpected Classification reason was suspicious but expected SuspiciousButExpected IncidentClassificationReason = "SuspiciousButExpected" )
func PossibleIncidentClassificationReasonValues ¶
func PossibleIncidentClassificationReasonValues() []IncidentClassificationReason
PossibleIncidentClassificationReasonValues returns an array of possible values for the IncidentClassificationReason const type.
type IncidentComment ¶
type IncidentComment struct { autorest.Response `json:"-"` // IncidentCommentProperties - Incident comment properties *IncidentCommentProperties `json:"properties,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` }
IncidentComment represents an incident comment
func (IncidentComment) MarshalJSON ¶
func (ic IncidentComment) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for IncidentComment.
func (*IncidentComment) UnmarshalJSON ¶
func (ic *IncidentComment) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for IncidentComment struct.
type IncidentCommentList ¶
type IncidentCommentList struct { autorest.Response `json:"-"` // NextLink - READ-ONLY; URL to fetch the next set of comments. NextLink *string `json:"nextLink,omitempty"` // Value - Array of comments. Value *[]IncidentComment `json:"value,omitempty"` }
IncidentCommentList list of incident comments.
func (IncidentCommentList) IsEmpty ¶
func (icl IncidentCommentList) IsEmpty() bool
IsEmpty returns true if the ListResult contains no values.
func (IncidentCommentList) MarshalJSON ¶
func (icl IncidentCommentList) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for IncidentCommentList.
type IncidentCommentListIterator ¶
type IncidentCommentListIterator struct {
// contains filtered or unexported fields
}
IncidentCommentListIterator provides access to a complete listing of IncidentComment values.
func NewIncidentCommentListIterator ¶
func NewIncidentCommentListIterator(page IncidentCommentListPage) IncidentCommentListIterator
Creates a new instance of the IncidentCommentListIterator type.
func (*IncidentCommentListIterator) Next ¶
func (iter *IncidentCommentListIterator) Next() error
Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*IncidentCommentListIterator) NextWithContext ¶
func (iter *IncidentCommentListIterator) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.
func (IncidentCommentListIterator) NotDone ¶
func (iter IncidentCommentListIterator) NotDone() bool
NotDone returns true if the enumeration should be started or is not yet complete.
func (IncidentCommentListIterator) Response ¶
func (iter IncidentCommentListIterator) Response() IncidentCommentList
Response returns the raw server response from the last page request.
func (IncidentCommentListIterator) Value ¶
func (iter IncidentCommentListIterator) Value() IncidentComment
Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.
type IncidentCommentListPage ¶
type IncidentCommentListPage struct {
// contains filtered or unexported fields
}
IncidentCommentListPage contains a page of IncidentComment values.
func NewIncidentCommentListPage ¶
func NewIncidentCommentListPage(getNextPage func(context.Context, IncidentCommentList) (IncidentCommentList, error)) IncidentCommentListPage
Creates a new instance of the IncidentCommentListPage type.
func (*IncidentCommentListPage) Next ¶
func (page *IncidentCommentListPage) Next() error
Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*IncidentCommentListPage) NextWithContext ¶
func (page *IncidentCommentListPage) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.
func (IncidentCommentListPage) NotDone ¶
func (page IncidentCommentListPage) NotDone() bool
NotDone returns true if the page enumeration should be started or is not yet complete.
func (IncidentCommentListPage) Response ¶
func (page IncidentCommentListPage) Response() IncidentCommentList
Response returns the raw server response from the last page request.
func (IncidentCommentListPage) Values ¶
func (page IncidentCommentListPage) Values() []IncidentComment
Values returns the slice of values for the current page or nil if there are no values.
type IncidentCommentProperties ¶
type IncidentCommentProperties struct { // CreatedTimeUtc - READ-ONLY; The time the comment was created CreatedTimeUtc *date.Time `json:"createdTimeUtc,omitempty"` // Message - The comment message Message *string `json:"message,omitempty"` // Author - READ-ONLY; Describes the client that created the comment Author *ClientInfo `json:"author,omitempty"` }
IncidentCommentProperties incident comment property bag.
func (IncidentCommentProperties) MarshalJSON ¶
func (icp IncidentCommentProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for IncidentCommentProperties.
type IncidentCommentsClient ¶
type IncidentCommentsClient struct {
BaseClient
}
IncidentCommentsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewIncidentCommentsClient ¶
func NewIncidentCommentsClient(subscriptionID string) IncidentCommentsClient
NewIncidentCommentsClient creates an instance of the IncidentCommentsClient client.
func NewIncidentCommentsClientWithBaseURI ¶
func NewIncidentCommentsClientWithBaseURI(baseURI string, subscriptionID string) IncidentCommentsClient
NewIncidentCommentsClientWithBaseURI creates an instance of the IncidentCommentsClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (IncidentCommentsClient) CreateComment ¶
func (client IncidentCommentsClient) CreateComment(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentCommentID string, incidentComment IncidentComment) (result IncidentComment, err error)
CreateComment creates the incident comment. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. workspaceName - the name of the workspace. incidentID - incident ID incidentCommentID - incident comment ID incidentComment - the incident comment
func (IncidentCommentsClient) CreateCommentPreparer ¶
func (client IncidentCommentsClient) CreateCommentPreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentCommentID string, incidentComment IncidentComment) (*http.Request, error)
CreateCommentPreparer prepares the CreateComment request.
func (IncidentCommentsClient) CreateCommentResponder ¶
func (client IncidentCommentsClient) CreateCommentResponder(resp *http.Response) (result IncidentComment, err error)
CreateCommentResponder handles the response to the CreateComment request. The method always closes the http.Response Body.
func (IncidentCommentsClient) CreateCommentSender ¶
CreateCommentSender sends the CreateComment request. The method will close the http.Response Body if it receives an error.
func (IncidentCommentsClient) Get ¶
func (client IncidentCommentsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentCommentID string) (result IncidentComment, err error)
Get gets an incident comment. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. workspaceName - the name of the workspace. incidentID - incident ID incidentCommentID - incident comment ID
func (IncidentCommentsClient) GetPreparer ¶
func (client IncidentCommentsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentCommentID string) (*http.Request, error)
GetPreparer prepares the Get request.
func (IncidentCommentsClient) GetResponder ¶
func (client IncidentCommentsClient) GetResponder(resp *http.Response) (result IncidentComment, err error)
GetResponder handles the response to the Get request. The method always closes the http.Response Body.
func (IncidentCommentsClient) GetSender ¶
GetSender sends the Get request. The method will close the http.Response Body if it receives an error.
func (IncidentCommentsClient) ListByIncident ¶
func (client IncidentCommentsClient) ListByIncident(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (result IncidentCommentListPage, err error)
ListByIncident gets all incident comments. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. workspaceName - the name of the workspace. incidentID - incident ID filter - filters the results, based on a Boolean condition. Optional. orderby - sorts the results. Optional. top - returns only the first n results. Optional. skipToken - skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional.
func (IncidentCommentsClient) ListByIncidentComplete ¶
func (client IncidentCommentsClient) ListByIncidentComplete(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (result IncidentCommentListIterator, err error)
ListByIncidentComplete enumerates all values, automatically crossing page boundaries as required.
func (IncidentCommentsClient) ListByIncidentPreparer ¶
func (client IncidentCommentsClient) ListByIncidentPreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error)
ListByIncidentPreparer prepares the ListByIncident request.
func (IncidentCommentsClient) ListByIncidentResponder ¶
func (client IncidentCommentsClient) ListByIncidentResponder(resp *http.Response) (result IncidentCommentList, err error)
ListByIncidentResponder handles the response to the ListByIncident request. The method always closes the http.Response Body.
func (IncidentCommentsClient) ListByIncidentSender ¶
func (client IncidentCommentsClient) ListByIncidentSender(req *http.Request) (*http.Response, error)
ListByIncidentSender sends the ListByIncident request. The method will close the http.Response Body if it receives an error.
type IncidentInfo ¶
type IncidentInfo struct { // IncidentID - Incident Id IncidentID *string `json:"incidentId,omitempty"` // Severity - The severity of the incident. Possible values include: 'CaseSeverityCritical', 'CaseSeverityHigh', 'CaseSeverityMedium', 'CaseSeverityLow', 'CaseSeverityInformational' Severity CaseSeverity `json:"severity,omitempty"` // Title - The title of the incident Title *string `json:"title,omitempty"` // RelationName - Relation Name RelationName *string `json:"relationName,omitempty"` }
IncidentInfo describes related incident information for the bookmark
type IncidentLabel ¶
type IncidentLabel struct { // LabelName - The name of the label LabelName *string `json:"labelName,omitempty"` // LabelType - READ-ONLY; The type of the label. Possible values include: 'User', 'System' LabelType IncidentLabelType `json:"labelType,omitempty"` }
IncidentLabel represents an incident label
func (IncidentLabel) MarshalJSON ¶
func (il IncidentLabel) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for IncidentLabel.
type IncidentLabelType ¶
type IncidentLabelType string
IncidentLabelType enumerates the values for incident label type.
const ( // System Label automatically created by the system System IncidentLabelType = "System" // User Label manually created by a user User IncidentLabelType = "User" )
func PossibleIncidentLabelTypeValues ¶
func PossibleIncidentLabelTypeValues() []IncidentLabelType
PossibleIncidentLabelTypeValues returns an array of possible values for the IncidentLabelType const type.
type IncidentList ¶
type IncidentList struct { autorest.Response `json:"-"` // NextLink - READ-ONLY; URL to fetch the next set of incidents. NextLink *string `json:"nextLink,omitempty"` // Value - Array of incidents. Value *[]Incident `json:"value,omitempty"` }
IncidentList list all the incidents.
func (IncidentList) IsEmpty ¶
func (il IncidentList) IsEmpty() bool
IsEmpty returns true if the ListResult contains no values.
func (IncidentList) MarshalJSON ¶
func (il IncidentList) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for IncidentList.
type IncidentListIterator ¶
type IncidentListIterator struct {
// contains filtered or unexported fields
}
IncidentListIterator provides access to a complete listing of Incident values.
func NewIncidentListIterator ¶
func NewIncidentListIterator(page IncidentListPage) IncidentListIterator
Creates a new instance of the IncidentListIterator type.
func (*IncidentListIterator) Next ¶
func (iter *IncidentListIterator) Next() error
Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*IncidentListIterator) NextWithContext ¶
func (iter *IncidentListIterator) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.
func (IncidentListIterator) NotDone ¶
func (iter IncidentListIterator) NotDone() bool
NotDone returns true if the enumeration should be started or is not yet complete.
func (IncidentListIterator) Response ¶
func (iter IncidentListIterator) Response() IncidentList
Response returns the raw server response from the last page request.
func (IncidentListIterator) Value ¶
func (iter IncidentListIterator) Value() Incident
Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.
type IncidentListPage ¶
type IncidentListPage struct {
// contains filtered or unexported fields
}
IncidentListPage contains a page of Incident values.
func NewIncidentListPage ¶
func NewIncidentListPage(getNextPage func(context.Context, IncidentList) (IncidentList, error)) IncidentListPage
Creates a new instance of the IncidentListPage type.
func (*IncidentListPage) Next ¶
func (page *IncidentListPage) Next() error
Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*IncidentListPage) NextWithContext ¶
func (page *IncidentListPage) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.
func (IncidentListPage) NotDone ¶
func (page IncidentListPage) NotDone() bool
NotDone returns true if the page enumeration should be started or is not yet complete.
func (IncidentListPage) Response ¶
func (page IncidentListPage) Response() IncidentList
Response returns the raw server response from the last page request.
func (IncidentListPage) Values ¶
func (page IncidentListPage) Values() []Incident
Values returns the slice of values for the current page or nil if there are no values.
type IncidentOwnerInfo ¶
type IncidentOwnerInfo struct { // Email - The email of the user the incident is assigned to. Email *string `json:"email,omitempty"` // AssignedTo - The name of the user the incident is assigned to. AssignedTo *string `json:"assignedTo,omitempty"` // ObjectID - The object id of the user the incident is assigned to. ObjectID *uuid.UUID `json:"objectId,omitempty"` // UserPrincipalName - The user principal name of the user the incident is assigned to. UserPrincipalName *string `json:"userPrincipalName,omitempty"` }
IncidentOwnerInfo information on the user an incident is assigned to
type IncidentProperties ¶
type IncidentProperties struct { // AdditionalData - READ-ONLY; Additional data on the incident AdditionalData *IncidentAdditionalData `json:"additionalData,omitempty"` // Classification - The reason the incident was closed. Possible values include: 'Undetermined', 'TruePositive', 'BenignPositive', 'FalsePositive' Classification IncidentClassification `json:"classification,omitempty"` // ClassificationComment - Describes the reason the incident was closed ClassificationComment *string `json:"classificationComment,omitempty"` // ClassificationReason - The classification reason the incident was closed with. Possible values include: 'SuspiciousActivity', 'SuspiciousButExpected', 'IncorrectAlertLogic', 'InaccurateData' ClassificationReason IncidentClassificationReason `json:"classificationReason,omitempty"` // CreatedTimeUtc - READ-ONLY; The time the incident was created CreatedTimeUtc *date.Time `json:"createdTimeUtc,omitempty"` // Description - The description of the incident Description *string `json:"description,omitempty"` // FirstActivityTimeUtc - The time of the first activity in the incident FirstActivityTimeUtc *date.Time `json:"firstActivityTimeUtc,omitempty"` // IncidentURL - READ-ONLY; The deep-link url to the incident in Azure portal IncidentURL *string `json:"incidentUrl,omitempty"` // IncidentNumber - READ-ONLY; A sequential number IncidentNumber *int32 `json:"incidentNumber,omitempty"` // Labels - List of labels relevant to this incident Labels *[]IncidentLabel `json:"labels,omitempty"` // LastActivityTimeUtc - The time of the last activity in the incident LastActivityTimeUtc *date.Time `json:"lastActivityTimeUtc,omitempty"` // LastModifiedTimeUtc - READ-ONLY; The last time the incident was updated LastModifiedTimeUtc *date.Time `json:"lastModifiedTimeUtc,omitempty"` // Owner - Describes a user that the incident is assigned to Owner *IncidentOwnerInfo `json:"owner,omitempty"` // RelatedAnalyticRuleIds - READ-ONLY; List of resource ids of Analytic rules related to the incident RelatedAnalyticRuleIds *[]string `json:"relatedAnalyticRuleIds,omitempty"` // Severity - The severity of the incident. Possible values include: 'IncidentSeverityHigh', 'IncidentSeverityMedium', 'IncidentSeverityLow', 'IncidentSeverityInformational' Severity IncidentSeverity `json:"severity,omitempty"` // Status - The status of the incident. Possible values include: 'IncidentStatusNew', 'IncidentStatusActive', 'IncidentStatusClosed' Status IncidentStatus `json:"status,omitempty"` // Title - The title of the incident Title *string `json:"title,omitempty"` }
IncidentProperties describes incident properties
func (IncidentProperties) MarshalJSON ¶
func (IP IncidentProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for IncidentProperties.
type IncidentSeverity ¶
type IncidentSeverity string
IncidentSeverity enumerates the values for incident severity.
const ( // IncidentSeverityHigh High severity IncidentSeverityHigh IncidentSeverity = "High" // IncidentSeverityInformational Informational severity IncidentSeverityInformational IncidentSeverity = "Informational" // IncidentSeverityLow Low severity IncidentSeverityLow IncidentSeverity = "Low" // IncidentSeverityMedium Medium severity IncidentSeverityMedium IncidentSeverity = "Medium" )
func PossibleIncidentSeverityValues ¶
func PossibleIncidentSeverityValues() []IncidentSeverity
PossibleIncidentSeverityValues returns an array of possible values for the IncidentSeverity const type.
type IncidentStatus ¶
type IncidentStatus string
IncidentStatus enumerates the values for incident status.
const ( // IncidentStatusActive An active incident which is being handled IncidentStatusActive IncidentStatus = "Active" // IncidentStatusClosed A non-active incident IncidentStatusClosed IncidentStatus = "Closed" // IncidentStatusNew An active incident which isn't being handled currently IncidentStatusNew IncidentStatus = "New" )
func PossibleIncidentStatusValues ¶
func PossibleIncidentStatusValues() []IncidentStatus
PossibleIncidentStatusValues returns an array of possible values for the IncidentStatus const type.
type IncidentsClient ¶
type IncidentsClient struct {
BaseClient
}
IncidentsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewIncidentsClient ¶
func NewIncidentsClient(subscriptionID string) IncidentsClient
NewIncidentsClient creates an instance of the IncidentsClient client.
func NewIncidentsClientWithBaseURI ¶
func NewIncidentsClientWithBaseURI(baseURI string, subscriptionID string) IncidentsClient
NewIncidentsClientWithBaseURI creates an instance of the IncidentsClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (IncidentsClient) CreateOrUpdate ¶
func (client IncidentsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incident Incident) (result Incident, err error)
CreateOrUpdate creates or updates the incident. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. workspaceName - the name of the workspace. incidentID - incident ID incident - the incident
func (IncidentsClient) CreateOrUpdatePreparer ¶
func (client IncidentsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incident Incident) (*http.Request, error)
CreateOrUpdatePreparer prepares the CreateOrUpdate request.
func (IncidentsClient) CreateOrUpdateResponder ¶
func (client IncidentsClient) CreateOrUpdateResponder(resp *http.Response) (result Incident, err error)
CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always closes the http.Response Body.
func (IncidentsClient) CreateOrUpdateSender ¶
CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the http.Response Body if it receives an error.
func (IncidentsClient) Delete ¶
func (client IncidentsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string) (result autorest.Response, err error)
Delete delete the incident. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. workspaceName - the name of the workspace. incidentID - incident ID
func (IncidentsClient) DeletePreparer ¶
func (client IncidentsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string) (*http.Request, error)
DeletePreparer prepares the Delete request.
func (IncidentsClient) DeleteResponder ¶
func (client IncidentsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)
DeleteResponder handles the response to the Delete request. The method always closes the http.Response Body.
func (IncidentsClient) DeleteSender ¶
DeleteSender sends the Delete request. The method will close the http.Response Body if it receives an error.
func (IncidentsClient) Get ¶
func (client IncidentsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string) (result Incident, err error)
Get gets an incident. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. workspaceName - the name of the workspace. incidentID - incident ID
func (IncidentsClient) GetPreparer ¶
func (client IncidentsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string) (*http.Request, error)
GetPreparer prepares the Get request.
func (IncidentsClient) GetResponder ¶
func (client IncidentsClient) GetResponder(resp *http.Response) (result Incident, err error)
GetResponder handles the response to the Get request. The method always closes the http.Response Body.
func (IncidentsClient) GetSender ¶
GetSender sends the Get request. The method will close the http.Response Body if it receives an error.
func (IncidentsClient) List ¶
func (client IncidentsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (result IncidentListPage, err error)
List gets all incidents. Parameters: resourceGroupName - the name of the resource group within the user's subscription. The name is case insensitive. workspaceName - the name of the workspace. filter - filters the results, based on a Boolean condition. Optional. orderby - sorts the results. Optional. top - returns only the first n results. Optional. skipToken - skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional.
func (IncidentsClient) ListComplete ¶
func (client IncidentsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (result IncidentListIterator, err error)
ListComplete enumerates all values, automatically crossing page boundaries as required.
func (IncidentsClient) ListPreparer ¶
func (client IncidentsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error)
ListPreparer prepares the List request.
func (IncidentsClient) ListResponder ¶
func (client IncidentsClient) ListResponder(resp *http.Response) (result IncidentList, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (IncidentsClient) ListSender ¶
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
type Kind ¶
type Kind string
Kind enumerates the values for kind.
func PossibleKindValues ¶
func PossibleKindValues() []Kind
PossibleKindValues returns an array of possible values for the Kind const type.
type KindBasicAlertRuleTemplate ¶
type KindBasicAlertRuleTemplate string
KindBasicAlertRuleTemplate enumerates the values for kind basic alert rule template.
const ( // KindBasicAlertRuleTemplateKindAlertRuleTemplate ... KindBasicAlertRuleTemplateKindAlertRuleTemplate KindBasicAlertRuleTemplate = "AlertRuleTemplate" // KindBasicAlertRuleTemplateKindFusion ... KindBasicAlertRuleTemplateKindFusion KindBasicAlertRuleTemplate = "Fusion" // KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation ... KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation KindBasicAlertRuleTemplate = "MicrosoftSecurityIncidentCreation" // KindBasicAlertRuleTemplateKindScheduled ... KindBasicAlertRuleTemplateKindScheduled KindBasicAlertRuleTemplate = "Scheduled" )
func PossibleKindBasicAlertRuleTemplateValues ¶
func PossibleKindBasicAlertRuleTemplateValues() []KindBasicAlertRuleTemplate
PossibleKindBasicAlertRuleTemplateValues returns an array of possible values for the KindBasicAlertRuleTemplate const type.
type KindBasicDataConnector ¶
type KindBasicDataConnector string
KindBasicDataConnector enumerates the values for kind basic data connector.
const ( // KindAmazonWebServicesCloudTrail ... KindAmazonWebServicesCloudTrail KindBasicDataConnector = "AmazonWebServicesCloudTrail" // KindAzureActiveDirectory ... KindAzureActiveDirectory KindBasicDataConnector = "AzureActiveDirectory" // KindAzureAdvancedThreatProtection ... KindAzureAdvancedThreatProtection KindBasicDataConnector = "AzureAdvancedThreatProtection" // KindAzureSecurityCenter ... KindAzureSecurityCenter KindBasicDataConnector = "AzureSecurityCenter" // KindDataConnector ... KindDataConnector KindBasicDataConnector = "DataConnector" // KindMicrosoftCloudAppSecurity ... KindMicrosoftCloudAppSecurity KindBasicDataConnector = "MicrosoftCloudAppSecurity" // KindMicrosoftDefenderAdvancedThreatProtection ... KindMicrosoftDefenderAdvancedThreatProtection KindBasicDataConnector = "MicrosoftDefenderAdvancedThreatProtection" // KindOffice365 ... KindOffice365 KindBasicDataConnector = "Office365" // KindThreatIntelligence ... KindThreatIntelligence KindBasicDataConnector = "ThreatIntelligence" )
func PossibleKindBasicDataConnectorValues ¶
func PossibleKindBasicDataConnectorValues() []KindBasicDataConnector
PossibleKindBasicDataConnectorValues returns an array of possible values for the KindBasicDataConnector const type.
type KindBasicSettings ¶
type KindBasicSettings string
KindBasicSettings enumerates the values for kind basic settings.
const ( // KindSettings ... KindSettings KindBasicSettings = "Settings" // KindToggleSettings ... KindToggleSettings KindBasicSettings = "ToggleSettings" // KindUebaSettings ... KindUebaSettings KindBasicSettings = "UebaSettings" )
func PossibleKindBasicSettingsValues ¶
func PossibleKindBasicSettingsValues() []KindBasicSettings
PossibleKindBasicSettingsValues returns an array of possible values for the KindBasicSettings const type.
type LicenseStatus ¶
type LicenseStatus string
LicenseStatus enumerates the values for license status.
const ( // LicenseStatusDisabled ... LicenseStatusDisabled LicenseStatus = "Disabled" // LicenseStatusEnabled ... LicenseStatusEnabled LicenseStatus = "Enabled" )
func PossibleLicenseStatusValues ¶
func PossibleLicenseStatusValues() []LicenseStatus
PossibleLicenseStatusValues returns an array of possible values for the LicenseStatus const type.
type MCASDataConnector ¶
type MCASDataConnector struct { // MCASDataConnectorProperties - MCAS (Microsoft Cloud App Security) data connector properties. *MCASDataConnectorProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindDataConnector', 'KindAzureActiveDirectory', 'KindAzureAdvancedThreatProtection', 'KindAzureSecurityCenter', 'KindAmazonWebServicesCloudTrail', 'KindMicrosoftCloudAppSecurity', 'KindMicrosoftDefenderAdvancedThreatProtection', 'KindOffice365', 'KindThreatIntelligence' Kind KindBasicDataConnector `json:"kind,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` }
MCASDataConnector represents MCAS (Microsoft Cloud App Security) data connector.
func (MCASDataConnector) AsAADDataConnector ¶
func (mdc MCASDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
AsAADDataConnector is the BasicDataConnector implementation for MCASDataConnector.
func (MCASDataConnector) AsAATPDataConnector ¶
func (mdc MCASDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
AsAATPDataConnector is the BasicDataConnector implementation for MCASDataConnector.
func (MCASDataConnector) AsASCDataConnector ¶
func (mdc MCASDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
AsASCDataConnector is the BasicDataConnector implementation for MCASDataConnector.
func (MCASDataConnector) AsAwsCloudTrailDataConnector ¶
func (mdc MCASDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for MCASDataConnector.
func (MCASDataConnector) AsBasicDataConnector ¶
func (mdc MCASDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
AsBasicDataConnector is the BasicDataConnector implementation for MCASDataConnector.
func (MCASDataConnector) AsDataConnector ¶
func (mdc MCASDataConnector) AsDataConnector() (*DataConnector, bool)
AsDataConnector is the BasicDataConnector implementation for MCASDataConnector.
func (MCASDataConnector) AsMCASDataConnector ¶
func (mdc MCASDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
AsMCASDataConnector is the BasicDataConnector implementation for MCASDataConnector.
func (MCASDataConnector) AsMDATPDataConnector ¶
func (mdc MCASDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
AsMDATPDataConnector is the BasicDataConnector implementation for MCASDataConnector.
func (MCASDataConnector) AsOfficeDataConnector ¶
func (mdc MCASDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
AsOfficeDataConnector is the BasicDataConnector implementation for MCASDataConnector.
func (MCASDataConnector) AsTIDataConnector ¶
func (mdc MCASDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
AsTIDataConnector is the BasicDataConnector implementation for MCASDataConnector.
func (MCASDataConnector) MarshalJSON ¶
func (mdc MCASDataConnector) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MCASDataConnector.
func (*MCASDataConnector) UnmarshalJSON ¶
func (mdc *MCASDataConnector) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for MCASDataConnector struct.
type MCASDataConnectorDataTypes ¶
type MCASDataConnectorDataTypes struct { // DiscoveryLogs - Discovery log data type connection. DiscoveryLogs *DataConnectorDataTypeCommon `json:"discoveryLogs,omitempty"` // Alerts - Alerts data type connection. Alerts *DataConnectorDataTypeCommon `json:"alerts,omitempty"` }
MCASDataConnectorDataTypes the available data types for MCAS (Microsoft Cloud App Security) data connector.
type MCASDataConnectorProperties ¶
type MCASDataConnectorProperties struct { // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` // DataTypes - The available data types for the connector. DataTypes *MCASDataConnectorDataTypes `json:"dataTypes,omitempty"` }
MCASDataConnectorProperties MCAS (Microsoft Cloud App Security) data connector properties.
type MDATPDataConnector ¶
type MDATPDataConnector struct { // MDATPDataConnectorProperties - MDATP (Microsoft Defender Advanced Threat Protection) data connector properties. *MDATPDataConnectorProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindDataConnector', 'KindAzureActiveDirectory', 'KindAzureAdvancedThreatProtection', 'KindAzureSecurityCenter', 'KindAmazonWebServicesCloudTrail', 'KindMicrosoftCloudAppSecurity', 'KindMicrosoftDefenderAdvancedThreatProtection', 'KindOffice365', 'KindThreatIntelligence' Kind KindBasicDataConnector `json:"kind,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` }
MDATPDataConnector represents MDATP (Microsoft Defender Advanced Threat Protection) data connector.
func (MDATPDataConnector) AsAADDataConnector ¶
func (mdc MDATPDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
AsAADDataConnector is the BasicDataConnector implementation for MDATPDataConnector.
func (MDATPDataConnector) AsAATPDataConnector ¶
func (mdc MDATPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
AsAATPDataConnector is the BasicDataConnector implementation for MDATPDataConnector.
func (MDATPDataConnector) AsASCDataConnector ¶
func (mdc MDATPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
AsASCDataConnector is the BasicDataConnector implementation for MDATPDataConnector.
func (MDATPDataConnector) AsAwsCloudTrailDataConnector ¶
func (mdc MDATPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for MDATPDataConnector.
func (MDATPDataConnector) AsBasicDataConnector ¶
func (mdc MDATPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
AsBasicDataConnector is the BasicDataConnector implementation for MDATPDataConnector.
func (MDATPDataConnector) AsDataConnector ¶
func (mdc MDATPDataConnector) AsDataConnector() (*DataConnector, bool)
AsDataConnector is the BasicDataConnector implementation for MDATPDataConnector.
func (MDATPDataConnector) AsMCASDataConnector ¶
func (mdc MDATPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
AsMCASDataConnector is the BasicDataConnector implementation for MDATPDataConnector.
func (MDATPDataConnector) AsMDATPDataConnector ¶
func (mdc MDATPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
AsMDATPDataConnector is the BasicDataConnector implementation for MDATPDataConnector.
func (MDATPDataConnector) AsOfficeDataConnector ¶
func (mdc MDATPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
AsOfficeDataConnector is the BasicDataConnector implementation for MDATPDataConnector.
func (MDATPDataConnector) AsTIDataConnector ¶
func (mdc MDATPDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
AsTIDataConnector is the BasicDataConnector implementation for MDATPDataConnector.
func (MDATPDataConnector) MarshalJSON ¶
func (mdc MDATPDataConnector) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MDATPDataConnector.
func (*MDATPDataConnector) UnmarshalJSON ¶
func (mdc *MDATPDataConnector) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for MDATPDataConnector struct.
type MDATPDataConnectorProperties ¶
type MDATPDataConnectorProperties struct { // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` // DataTypes - The available data types for the connector. DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"` }
MDATPDataConnectorProperties MDATP (Microsoft Defender Advanced Threat Protection) data connector properties.
type MicrosoftSecurityIncidentCreationAlertRule ¶
type MicrosoftSecurityIncidentCreationAlertRule struct { // MicrosoftSecurityIncidentCreationAlertRuleProperties - MicrosoftSecurityIncidentCreation rule properties *MicrosoftSecurityIncidentCreationAlertRuleProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindAlertRule', 'KindFusion', 'KindMicrosoftSecurityIncidentCreation', 'KindScheduled' Kind Kind `json:"kind,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` }
MicrosoftSecurityIncidentCreationAlertRule represents MicrosoftSecurityIncidentCreation rule.
func (MicrosoftSecurityIncidentCreationAlertRule) AsAlertRule ¶
func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsAlertRule() (*AlertRule, bool)
AsAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule.
func (MicrosoftSecurityIncidentCreationAlertRule) AsBasicAlertRule ¶
func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsBasicAlertRule() (BasicAlertRule, bool)
AsBasicAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule.
func (MicrosoftSecurityIncidentCreationAlertRule) AsFusionAlertRule ¶
func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)
AsFusionAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule.
func (MicrosoftSecurityIncidentCreationAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule ¶
func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)
AsMicrosoftSecurityIncidentCreationAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule.
func (MicrosoftSecurityIncidentCreationAlertRule) AsScheduledAlertRule ¶
func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)
AsScheduledAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule.
func (MicrosoftSecurityIncidentCreationAlertRule) MarshalJSON ¶
func (msicar MicrosoftSecurityIncidentCreationAlertRule) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MicrosoftSecurityIncidentCreationAlertRule.
func (*MicrosoftSecurityIncidentCreationAlertRule) UnmarshalJSON ¶
func (msicar *MicrosoftSecurityIncidentCreationAlertRule) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for MicrosoftSecurityIncidentCreationAlertRule struct.
type MicrosoftSecurityIncidentCreationAlertRuleCommonProperties ¶
type MicrosoftSecurityIncidentCreationAlertRuleCommonProperties struct { // DisplayNamesFilter - the alerts' displayNames on which the cases will be generated DisplayNamesFilter *[]string `json:"displayNamesFilter,omitempty"` // DisplayNamesExcludeFilter - the alerts' displayNames on which the cases will not be generated DisplayNamesExcludeFilter *[]string `json:"displayNamesExcludeFilter,omitempty"` // ProductFilter - The alerts' productName on which the cases will be generated. Possible values include: 'MicrosoftCloudAppSecurity', 'AzureSecurityCenter', 'AzureAdvancedThreatProtection', 'AzureActiveDirectoryIdentityProtection', 'AzureSecurityCenterforIoT' ProductFilter MicrosoftSecurityProductName `json:"productFilter,omitempty"` // SeveritiesFilter - the alerts' severities on which the cases will be generated SeveritiesFilter *[]AlertSeverity `json:"severitiesFilter,omitempty"` }
MicrosoftSecurityIncidentCreationAlertRuleCommonProperties microsoftSecurityIncidentCreation rule common property bag.
type MicrosoftSecurityIncidentCreationAlertRuleProperties ¶
type MicrosoftSecurityIncidentCreationAlertRuleProperties struct { // AlertRuleTemplateName - The Name of the alert rule template used to create this rule. AlertRuleTemplateName *string `json:"alertRuleTemplateName,omitempty"` // Description - The description of the alert rule. Description *string `json:"description,omitempty"` // DisplayName - The display name for alerts created by this alert rule. DisplayName *string `json:"displayName,omitempty"` // Enabled - Determines whether this alert rule is enabled or disabled. Enabled *bool `json:"enabled,omitempty"` // LastModifiedUtc - READ-ONLY; The last time that this alert has been modified. LastModifiedUtc *date.Time `json:"lastModifiedUtc,omitempty"` // DisplayNamesFilter - the alerts' displayNames on which the cases will be generated DisplayNamesFilter *[]string `json:"displayNamesFilter,omitempty"` // DisplayNamesExcludeFilter - the alerts' displayNames on which the cases will not be generated DisplayNamesExcludeFilter *[]string `json:"displayNamesExcludeFilter,omitempty"` // ProductFilter - The alerts' productName on which the cases will be generated. Possible values include: 'MicrosoftCloudAppSecurity', 'AzureSecurityCenter', 'AzureAdvancedThreatProtection', 'AzureActiveDirectoryIdentityProtection', 'AzureSecurityCenterforIoT' ProductFilter MicrosoftSecurityProductName `json:"productFilter,omitempty"` // SeveritiesFilter - the alerts' severities on which the cases will be generated SeveritiesFilter *[]AlertSeverity `json:"severitiesFilter,omitempty"` }
MicrosoftSecurityIncidentCreationAlertRuleProperties microsoftSecurityIncidentCreation rule property bag.
func (MicrosoftSecurityIncidentCreationAlertRuleProperties) MarshalJSON ¶
func (msicarp MicrosoftSecurityIncidentCreationAlertRuleProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MicrosoftSecurityIncidentCreationAlertRuleProperties.
type MicrosoftSecurityIncidentCreationAlertRuleTemplate ¶
type MicrosoftSecurityIncidentCreationAlertRuleTemplate struct { // MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties - MicrosoftSecurityIncidentCreation rule template properties *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled' Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` }
MicrosoftSecurityIncidentCreationAlertRuleTemplate represents MicrosoftSecurityIncidentCreation rule template.
func (MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsAlertRuleTemplate ¶
func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)
AsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate.
func (MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsBasicAlertRuleTemplate ¶
func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)
AsBasicAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate.
func (MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsFusionAlertRuleTemplate ¶
func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)
AsFusionAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate.
func (MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate ¶
func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)
AsMicrosoftSecurityIncidentCreationAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate.
func (MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsScheduledAlertRuleTemplate ¶
func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)
AsScheduledAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate.
func (MicrosoftSecurityIncidentCreationAlertRuleTemplate) MarshalJSON ¶
func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MicrosoftSecurityIncidentCreationAlertRuleTemplate.
func (*MicrosoftSecurityIncidentCreationAlertRuleTemplate) UnmarshalJSON ¶
func (msicart *MicrosoftSecurityIncidentCreationAlertRuleTemplate) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for MicrosoftSecurityIncidentCreationAlertRuleTemplate struct.
type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties ¶
type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties struct { // AlertRulesCreatedByTemplateCount - the number of alert rules that were created by this template AlertRulesCreatedByTemplateCount *int32 `json:"alertRulesCreatedByTemplateCount,omitempty"` // CreatedDateUTC - READ-ONLY; The time that this alert rule template has been added. CreatedDateUTC *date.Time `json:"createdDateUTC,omitempty"` // Description - The description of the alert rule template. Description *string `json:"description,omitempty"` // DisplayName - The display name for alert rule template. DisplayName *string `json:"displayName,omitempty"` // RequiredDataConnectors - The required data connectors for this template RequiredDataConnectors *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"` // Status - The alert rule template status. Possible values include: 'Installed', 'Available', 'NotAvailable' Status TemplateStatus `json:"status,omitempty"` // DisplayNamesFilter - the alerts' displayNames on which the cases will be generated DisplayNamesFilter *[]string `json:"displayNamesFilter,omitempty"` // DisplayNamesExcludeFilter - the alerts' displayNames on which the cases will not be generated DisplayNamesExcludeFilter *[]string `json:"displayNamesExcludeFilter,omitempty"` // ProductFilter - The alerts' productName on which the cases will be generated. Possible values include: 'MicrosoftCloudAppSecurity', 'AzureSecurityCenter', 'AzureAdvancedThreatProtection', 'AzureActiveDirectoryIdentityProtection', 'AzureSecurityCenterforIoT' ProductFilter MicrosoftSecurityProductName `json:"productFilter,omitempty"` // SeveritiesFilter - the alerts' severities on which the cases will be generated SeveritiesFilter *[]AlertSeverity `json:"severitiesFilter,omitempty"` }
MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties microsoftSecurityIncidentCreation rule template properties
func (MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) MarshalJSON ¶
func (msicartp MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties.
type MicrosoftSecurityProductName ¶
type MicrosoftSecurityProductName string
MicrosoftSecurityProductName enumerates the values for microsoft security product name.
const ( // AzureActiveDirectoryIdentityProtection ... AzureActiveDirectoryIdentityProtection MicrosoftSecurityProductName = "Azure Active Directory Identity Protection" // AzureAdvancedThreatProtection ... AzureAdvancedThreatProtection MicrosoftSecurityProductName = "Azure Advanced Threat Protection" // AzureSecurityCenter ... AzureSecurityCenter MicrosoftSecurityProductName = "Azure Security Center" // AzureSecurityCenterforIoT ... AzureSecurityCenterforIoT MicrosoftSecurityProductName = "Azure Security Center for IoT" // MicrosoftCloudAppSecurity ... MicrosoftCloudAppSecurity MicrosoftSecurityProductName = "Microsoft Cloud App Security" )
func PossibleMicrosoftSecurityProductNameValues ¶
func PossibleMicrosoftSecurityProductNameValues() []MicrosoftSecurityProductName
PossibleMicrosoftSecurityProductNameValues returns an array of possible values for the MicrosoftSecurityProductName const type.
type OfficeConsent ¶
type OfficeConsent struct { // OfficeConsentProperties - Office consent properties *OfficeConsentProperties `json:"properties,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` }
OfficeConsent consent for Office365 tenant that already made.
func (OfficeConsent) MarshalJSON ¶
func (oc OfficeConsent) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for OfficeConsent.
func (*OfficeConsent) UnmarshalJSON ¶
func (oc *OfficeConsent) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for OfficeConsent struct.
type OfficeConsentList ¶
type OfficeConsentList struct { // NextLink - READ-ONLY; URL to fetch the next set of office consents. NextLink *string `json:"nextLink,omitempty"` // Value - Array of the consents. Value *[]OfficeConsent `json:"value,omitempty"` }
OfficeConsentList list of all the office365 consents.
func (OfficeConsentList) MarshalJSON ¶
func (ocl OfficeConsentList) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for OfficeConsentList.
type OfficeConsentProperties ¶
type OfficeConsentProperties struct { // TenantID - The tenantId of the Office365 with the consent. TenantID *string `json:"tenantId,omitempty"` // TenantName - READ-ONLY; The tenant name of the Office365 with the consent. TenantName *string `json:"tenantName,omitempty"` }
OfficeConsentProperties consent property bag.
func (OfficeConsentProperties) MarshalJSON ¶
func (ocp OfficeConsentProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for OfficeConsentProperties.
type OfficeDataConnector ¶
type OfficeDataConnector struct { // OfficeDataConnectorProperties - Office data connector properties. *OfficeDataConnectorProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindDataConnector', 'KindAzureActiveDirectory', 'KindAzureAdvancedThreatProtection', 'KindAzureSecurityCenter', 'KindAmazonWebServicesCloudTrail', 'KindMicrosoftCloudAppSecurity', 'KindMicrosoftDefenderAdvancedThreatProtection', 'KindOffice365', 'KindThreatIntelligence' Kind KindBasicDataConnector `json:"kind,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` }
OfficeDataConnector represents office data connector.
func (OfficeDataConnector) AsAADDataConnector ¶
func (odc OfficeDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
AsAADDataConnector is the BasicDataConnector implementation for OfficeDataConnector.
func (OfficeDataConnector) AsAATPDataConnector ¶
func (odc OfficeDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
AsAATPDataConnector is the BasicDataConnector implementation for OfficeDataConnector.
func (OfficeDataConnector) AsASCDataConnector ¶
func (odc OfficeDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
AsASCDataConnector is the BasicDataConnector implementation for OfficeDataConnector.
func (OfficeDataConnector) AsAwsCloudTrailDataConnector ¶
func (odc OfficeDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for OfficeDataConnector.
func (OfficeDataConnector) AsBasicDataConnector ¶
func (odc OfficeDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
AsBasicDataConnector is the BasicDataConnector implementation for OfficeDataConnector.
func (OfficeDataConnector) AsDataConnector ¶
func (odc OfficeDataConnector) AsDataConnector() (*DataConnector, bool)
AsDataConnector is the BasicDataConnector implementation for OfficeDataConnector.
func (OfficeDataConnector) AsMCASDataConnector ¶
func (odc OfficeDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
AsMCASDataConnector is the BasicDataConnector implementation for OfficeDataConnector.
func (OfficeDataConnector) AsMDATPDataConnector ¶
func (odc OfficeDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
AsMDATPDataConnector is the BasicDataConnector implementation for OfficeDataConnector.
func (OfficeDataConnector) AsOfficeDataConnector ¶
func (odc OfficeDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
AsOfficeDataConnector is the BasicDataConnector implementation for OfficeDataConnector.
func (OfficeDataConnector) AsTIDataConnector ¶
func (odc OfficeDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
AsTIDataConnector is the BasicDataConnector implementation for OfficeDataConnector.
func (OfficeDataConnector) MarshalJSON ¶
func (odc OfficeDataConnector) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for OfficeDataConnector.
func (*OfficeDataConnector) UnmarshalJSON ¶
func (odc *OfficeDataConnector) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for OfficeDataConnector struct.
type OfficeDataConnectorDataTypes ¶
type OfficeDataConnectorDataTypes struct { // Exchange - Exchange data type connection. Exchange *OfficeDataConnectorDataTypesExchange `json:"exchange,omitempty"` SharePoint *OfficeDataConnectorDataTypesSharePoint `json:"sharePoint,omitempty"` }
OfficeDataConnectorDataTypes the available data types for office data connector.
type OfficeDataConnectorDataTypesExchange ¶
type OfficeDataConnectorDataTypesExchange struct { // State - Describe whether this data type connection is enabled or not. Possible values include: 'Enabled', 'Disabled' State DataTypeState `json:"state,omitempty"` }
OfficeDataConnectorDataTypesExchange exchange data type connection.
type OfficeDataConnectorDataTypesSharePoint ¶
type OfficeDataConnectorDataTypesSharePoint struct { DataTypeState `json:"state,omitempty"` }State
OfficeDataConnectorDataTypesSharePoint sharePoint data type connection.
type OfficeDataConnectorProperties ¶
type OfficeDataConnectorProperties struct { // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` // DataTypes - The available data types for the connector. DataTypes *OfficeDataConnectorDataTypes `json:"dataTypes,omitempty"` }
OfficeDataConnectorProperties office data connector properties.
type Operation ¶
type Operation struct { // Display - Properties of the operation Display *OperationDisplay `json:"display,omitempty"` // Name - Name of the operation Name *string `json:"name,omitempty"` }
Operation operation provided by provider
type OperationDisplay ¶
type OperationDisplay struct { // Description - Description of the operation Description *string `json:"description,omitempty"` // Operation - Operation name Operation *string `json:"operation,omitempty"` // Provider - Provider name Provider *string `json:"provider,omitempty"` // Resource - Resource name Resource *string `json:"resource,omitempty"` }
OperationDisplay properties of the operation
type OperationsClient ¶
type OperationsClient struct {
BaseClient
}
OperationsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider
func NewOperationsClient ¶
func NewOperationsClient(subscriptionID string) OperationsClient
NewOperationsClient creates an instance of the OperationsClient client.
func NewOperationsClientWithBaseURI ¶
func NewOperationsClientWithBaseURI(baseURI string, subscriptionID string) OperationsClient
NewOperationsClientWithBaseURI creates an instance of the OperationsClient client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func (OperationsClient) List ¶
func (client OperationsClient) List(ctx context.Context) (result OperationsListPage, err error)
List lists all operations available Azure Security Insights Resource Provider.
func (OperationsClient) ListComplete ¶
func (client OperationsClient) ListComplete(ctx context.Context) (result OperationsListIterator, err error)
ListComplete enumerates all values, automatically crossing page boundaries as required.
func (OperationsClient) ListPreparer ¶
ListPreparer prepares the List request.
func (OperationsClient) ListResponder ¶
func (client OperationsClient) ListResponder(resp *http.Response) (result OperationsList, err error)
ListResponder handles the response to the List request. The method always closes the http.Response Body.
func (OperationsClient) ListSender ¶
ListSender sends the List request. The method will close the http.Response Body if it receives an error.
type OperationsList ¶
type OperationsList struct { autorest.Response `json:"-"` // NextLink - URL to fetch the next set of operations. NextLink *string `json:"nextLink,omitempty"` // Value - Array of operations Value *[]Operation `json:"value,omitempty"` }
OperationsList lists the operations available in the SecurityInsights RP.
func (OperationsList) IsEmpty ¶
func (ol OperationsList) IsEmpty() bool
IsEmpty returns true if the ListResult contains no values.
type OperationsListIterator ¶
type OperationsListIterator struct {
// contains filtered or unexported fields
}
OperationsListIterator provides access to a complete listing of Operation values.
func NewOperationsListIterator ¶
func NewOperationsListIterator(page OperationsListPage) OperationsListIterator
Creates a new instance of the OperationsListIterator type.
func (*OperationsListIterator) Next ¶
func (iter *OperationsListIterator) Next() error
Next advances to the next value. If there was an error making the request the iterator does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*OperationsListIterator) NextWithContext ¶
func (iter *OperationsListIterator) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next value. If there was an error making the request the iterator does not advance and the error is returned.
func (OperationsListIterator) NotDone ¶
func (iter OperationsListIterator) NotDone() bool
NotDone returns true if the enumeration should be started or is not yet complete.
func (OperationsListIterator) Response ¶
func (iter OperationsListIterator) Response() OperationsList
Response returns the raw server response from the last page request.
func (OperationsListIterator) Value ¶
func (iter OperationsListIterator) Value() Operation
Value returns the current value or a zero-initialized value if the iterator has advanced beyond the end of the collection.
type OperationsListPage ¶
type OperationsListPage struct {
// contains filtered or unexported fields
}
OperationsListPage contains a page of Operation values.
func NewOperationsListPage ¶
func NewOperationsListPage(getNextPage func(context.Context, OperationsList) (OperationsList, error)) OperationsListPage
Creates a new instance of the OperationsListPage type.
func (*OperationsListPage) Next ¶
func (page *OperationsListPage) Next() error
Next advances to the next page of values. If there was an error making the request the page does not advance and the error is returned. Deprecated: Use NextWithContext() instead.
func (*OperationsListPage) NextWithContext ¶
func (page *OperationsListPage) NextWithContext(ctx context.Context) (err error)
NextWithContext advances to the next page of values. If there was an error making the request the page does not advance and the error is returned.
func (OperationsListPage) NotDone ¶
func (page OperationsListPage) NotDone() bool
NotDone returns true if the page enumeration should be started or is not yet complete.
func (OperationsListPage) Response ¶
func (page OperationsListPage) Response() OperationsList
Response returns the raw server response from the last page request.
func (OperationsListPage) Values ¶
func (page OperationsListPage) Values() []Operation
Values returns the slice of values for the current page or nil if there are no values.
type Resource ¶
type Resource struct { // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` }
Resource an azure resource object
type ResourceWithEtag ¶
type ResourceWithEtag struct { // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` }
ResourceWithEtag an azure resource object with an Etag property
func (ResourceWithEtag) MarshalJSON ¶
func (rwe ResourceWithEtag) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ResourceWithEtag.
type ScheduledAlertRule ¶
type ScheduledAlertRule struct { // ScheduledAlertRuleProperties - Scheduled alert rule properties *ScheduledAlertRuleProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindAlertRule', 'KindFusion', 'KindMicrosoftSecurityIncidentCreation', 'KindScheduled' Kind Kind `json:"kind,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` }
ScheduledAlertRule represents scheduled alert rule.
func (ScheduledAlertRule) AsAlertRule ¶
func (sar ScheduledAlertRule) AsAlertRule() (*AlertRule, bool)
AsAlertRule is the BasicAlertRule implementation for ScheduledAlertRule.
func (ScheduledAlertRule) AsBasicAlertRule ¶
func (sar ScheduledAlertRule) AsBasicAlertRule() (BasicAlertRule, bool)
AsBasicAlertRule is the BasicAlertRule implementation for ScheduledAlertRule.
func (ScheduledAlertRule) AsFusionAlertRule ¶
func (sar ScheduledAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)
AsFusionAlertRule is the BasicAlertRule implementation for ScheduledAlertRule.
func (ScheduledAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule ¶
func (sar ScheduledAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)
AsMicrosoftSecurityIncidentCreationAlertRule is the BasicAlertRule implementation for ScheduledAlertRule.
func (ScheduledAlertRule) AsScheduledAlertRule ¶
func (sar ScheduledAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)
AsScheduledAlertRule is the BasicAlertRule implementation for ScheduledAlertRule.
func (ScheduledAlertRule) MarshalJSON ¶
func (sar ScheduledAlertRule) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ScheduledAlertRule.
func (*ScheduledAlertRule) UnmarshalJSON ¶
func (sar *ScheduledAlertRule) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for ScheduledAlertRule struct.
type ScheduledAlertRuleCommonProperties ¶
type ScheduledAlertRuleCommonProperties struct { // Query - The query that creates alerts for this rule. Query *string `json:"query,omitempty"` // QueryFrequency - The frequency (in ISO 8601 duration format) for this alert rule to run. QueryFrequency *string `json:"queryFrequency,omitempty"` // QueryPeriod - The period (in ISO 8601 duration format) that this alert rule looks at. QueryPeriod *string `json:"queryPeriod,omitempty"` // Severity - The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium', 'Low', 'Informational' Severity AlertSeverity `json:"severity,omitempty"` // TriggerOperator - The operation against the threshold that triggers alert rule. Possible values include: 'GreaterThan', 'LessThan', 'Equal', 'NotEqual' TriggerOperator TriggerOperator `json:"triggerOperator,omitempty"` // TriggerThreshold - The threshold triggers this alert rule. TriggerThreshold *int32 `json:"triggerThreshold,omitempty"` }
ScheduledAlertRuleCommonProperties schedule alert rule template property bag.
type ScheduledAlertRuleProperties ¶
type ScheduledAlertRuleProperties struct { // AlertRuleTemplateName - The Name of the alert rule template used to create this rule. AlertRuleTemplateName *string `json:"alertRuleTemplateName,omitempty"` // Description - The description of the alert rule. Description *string `json:"description,omitempty"` // DisplayName - The display name for alerts created by this alert rule. DisplayName *string `json:"displayName,omitempty"` // Enabled - Determines whether this alert rule is enabled or disabled. Enabled *bool `json:"enabled,omitempty"` // LastModifiedUtc - READ-ONLY; The last time that this alert rule has been modified. LastModifiedUtc *date.Time `json:"lastModifiedUtc,omitempty"` // SuppressionDuration - The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered. SuppressionDuration *string `json:"suppressionDuration,omitempty"` // SuppressionEnabled - Determines whether the suppression for this alert rule is enabled or disabled. SuppressionEnabled *bool `json:"suppressionEnabled,omitempty"` // Tactics - The tactics of the alert rule Tactics *[]AttackTactic `json:"tactics,omitempty"` // Query - The query that creates alerts for this rule. Query *string `json:"query,omitempty"` // QueryFrequency - The frequency (in ISO 8601 duration format) for this alert rule to run. QueryFrequency *string `json:"queryFrequency,omitempty"` // QueryPeriod - The period (in ISO 8601 duration format) that this alert rule looks at. QueryPeriod *string `json:"queryPeriod,omitempty"` // Severity - The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium', 'Low', 'Informational' Severity AlertSeverity `json:"severity,omitempty"` // TriggerOperator - The operation against the threshold that triggers alert rule. Possible values include: 'GreaterThan', 'LessThan', 'Equal', 'NotEqual' TriggerOperator TriggerOperator `json:"triggerOperator,omitempty"` // TriggerThreshold - The threshold triggers this alert rule. TriggerThreshold *int32 `json:"triggerThreshold,omitempty"` }
ScheduledAlertRuleProperties scheduled alert rule base property bag.
func (ScheduledAlertRuleProperties) MarshalJSON ¶
func (sarp ScheduledAlertRuleProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ScheduledAlertRuleProperties.
type ScheduledAlertRuleTemplate ¶
type ScheduledAlertRuleTemplate struct { // ScheduledAlertRuleTemplateProperties - Scheduled alert rule template properties *ScheduledAlertRuleTemplateProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled' Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` }
ScheduledAlertRuleTemplate represents scheduled alert rule template.
func (ScheduledAlertRuleTemplate) AsAlertRuleTemplate ¶
func (sart ScheduledAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)
AsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate.
func (ScheduledAlertRuleTemplate) AsBasicAlertRuleTemplate ¶
func (sart ScheduledAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)
AsBasicAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate.
func (ScheduledAlertRuleTemplate) AsFusionAlertRuleTemplate ¶
func (sart ScheduledAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)
AsFusionAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate.
func (ScheduledAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate ¶
func (sart ScheduledAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)
AsMicrosoftSecurityIncidentCreationAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate.
func (ScheduledAlertRuleTemplate) AsScheduledAlertRuleTemplate ¶
func (sart ScheduledAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)
AsScheduledAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate.
func (ScheduledAlertRuleTemplate) MarshalJSON ¶
func (sart ScheduledAlertRuleTemplate) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ScheduledAlertRuleTemplate.
func (*ScheduledAlertRuleTemplate) UnmarshalJSON ¶
func (sart *ScheduledAlertRuleTemplate) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for ScheduledAlertRuleTemplate struct.
type ScheduledAlertRuleTemplateProperties ¶
type ScheduledAlertRuleTemplateProperties struct { // AlertRulesCreatedByTemplateCount - the number of alert rules that were created by this template AlertRulesCreatedByTemplateCount *int32 `json:"alertRulesCreatedByTemplateCount,omitempty"` // CreatedDateUTC - READ-ONLY; The time that this alert rule template has been added. CreatedDateUTC *date.Time `json:"createdDateUTC,omitempty"` // Description - The description of the alert rule template. Description *string `json:"description,omitempty"` // DisplayName - The display name for alert rule template. DisplayName *string `json:"displayName,omitempty"` // RequiredDataConnectors - The required data connectors for this template RequiredDataConnectors *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"` // Status - The alert rule template status. Possible values include: 'Installed', 'Available', 'NotAvailable' Status TemplateStatus `json:"status,omitempty"` // Query - The query that creates alerts for this rule. Query *string `json:"query,omitempty"` // QueryFrequency - The frequency (in ISO 8601 duration format) for this alert rule to run. QueryFrequency *string `json:"queryFrequency,omitempty"` // QueryPeriod - The period (in ISO 8601 duration format) that this alert rule looks at. QueryPeriod *string `json:"queryPeriod,omitempty"` // Severity - The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium', 'Low', 'Informational' Severity AlertSeverity `json:"severity,omitempty"` // TriggerOperator - The operation against the threshold that triggers alert rule. Possible values include: 'GreaterThan', 'LessThan', 'Equal', 'NotEqual' TriggerOperator TriggerOperator `json:"triggerOperator,omitempty"` // TriggerThreshold - The threshold triggers this alert rule. TriggerThreshold *int32 `json:"triggerThreshold,omitempty"` // Tactics - The tactics of the alert rule template Tactics *[]AttackTactic `json:"tactics,omitempty"` }
ScheduledAlertRuleTemplateProperties scheduled alert rule template properties
func (ScheduledAlertRuleTemplateProperties) MarshalJSON ¶
func (sartp ScheduledAlertRuleTemplateProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ScheduledAlertRuleTemplateProperties.
type SettingKind ¶
type SettingKind string
SettingKind enumerates the values for setting kind.
const ( // SettingKindToggleSettings ... SettingKindToggleSettings SettingKind = "ToggleSettings" // SettingKindUebaSettings ... SettingKindUebaSettings SettingKind = "UebaSettings" )
func PossibleSettingKindValues ¶
func PossibleSettingKindValues() []SettingKind
PossibleSettingKindValues returns an array of possible values for the SettingKind const type.
type Settings ¶
type Settings struct { // Kind - Possible values include: 'KindSettings', 'KindToggleSettings', 'KindUebaSettings' Kind KindBasicSettings `json:"kind,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` }
Settings the Settings.
func (Settings) AsBasicSettings ¶
func (s Settings) AsBasicSettings() (BasicSettings, bool)
AsBasicSettings is the BasicSettings implementation for Settings.
func (Settings) AsSettings ¶
AsSettings is the BasicSettings implementation for Settings.
func (Settings) AsToggleSettings ¶
func (s Settings) AsToggleSettings() (*ToggleSettings, bool)
AsToggleSettings is the BasicSettings implementation for Settings.
func (Settings) AsUebaSettings ¶
func (s Settings) AsUebaSettings() (*UebaSettings, bool)
AsUebaSettings is the BasicSettings implementation for Settings.
func (Settings) MarshalJSON ¶
MarshalJSON is the custom marshaler for Settings.
type StatusInMcas ¶
type StatusInMcas string
StatusInMcas enumerates the values for status in mcas.
const ( // StatusInMcasDisabled ... StatusInMcasDisabled StatusInMcas = "Disabled" // StatusInMcasEnabled ... StatusInMcasEnabled StatusInMcas = "Enabled" )
func PossibleStatusInMcasValues ¶
func PossibleStatusInMcasValues() []StatusInMcas
PossibleStatusInMcasValues returns an array of possible values for the StatusInMcas const type.
type TIDataConnector ¶
type TIDataConnector struct { // TIDataConnectorProperties - TI (Threat Intelligence) data connector properties. *TIDataConnectorProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindDataConnector', 'KindAzureActiveDirectory', 'KindAzureAdvancedThreatProtection', 'KindAzureSecurityCenter', 'KindAmazonWebServicesCloudTrail', 'KindMicrosoftCloudAppSecurity', 'KindMicrosoftDefenderAdvancedThreatProtection', 'KindOffice365', 'KindThreatIntelligence' Kind KindBasicDataConnector `json:"kind,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` }
TIDataConnector represents threat intelligence data connector.
func (TIDataConnector) AsAADDataConnector ¶
func (tdc TIDataConnector) AsAADDataConnector() (*AADDataConnector, bool)
AsAADDataConnector is the BasicDataConnector implementation for TIDataConnector.
func (TIDataConnector) AsAATPDataConnector ¶
func (tdc TIDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)
AsAATPDataConnector is the BasicDataConnector implementation for TIDataConnector.
func (TIDataConnector) AsASCDataConnector ¶
func (tdc TIDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)
AsASCDataConnector is the BasicDataConnector implementation for TIDataConnector.
func (TIDataConnector) AsAwsCloudTrailDataConnector ¶
func (tdc TIDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)
AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for TIDataConnector.
func (TIDataConnector) AsBasicDataConnector ¶
func (tdc TIDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)
AsBasicDataConnector is the BasicDataConnector implementation for TIDataConnector.
func (TIDataConnector) AsDataConnector ¶
func (tdc TIDataConnector) AsDataConnector() (*DataConnector, bool)
AsDataConnector is the BasicDataConnector implementation for TIDataConnector.
func (TIDataConnector) AsMCASDataConnector ¶
func (tdc TIDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)
AsMCASDataConnector is the BasicDataConnector implementation for TIDataConnector.
func (TIDataConnector) AsMDATPDataConnector ¶
func (tdc TIDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)
AsMDATPDataConnector is the BasicDataConnector implementation for TIDataConnector.
func (TIDataConnector) AsOfficeDataConnector ¶
func (tdc TIDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)
AsOfficeDataConnector is the BasicDataConnector implementation for TIDataConnector.
func (TIDataConnector) AsTIDataConnector ¶
func (tdc TIDataConnector) AsTIDataConnector() (*TIDataConnector, bool)
AsTIDataConnector is the BasicDataConnector implementation for TIDataConnector.
func (TIDataConnector) MarshalJSON ¶
func (tdc TIDataConnector) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for TIDataConnector.
func (*TIDataConnector) UnmarshalJSON ¶
func (tdc *TIDataConnector) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for TIDataConnector struct.
type TIDataConnectorDataTypes ¶
type TIDataConnectorDataTypes struct { // Indicators - Data type for indicators connection. Indicators *TIDataConnectorDataTypesIndicators `json:"indicators,omitempty"` }
TIDataConnectorDataTypes the available data types for TI (Threat Intelligence) data connector.
type TIDataConnectorDataTypesIndicators ¶
type TIDataConnectorDataTypesIndicators struct { // State - Describe whether this data type connection is enabled or not. Possible values include: 'Enabled', 'Disabled' State DataTypeState `json:"state,omitempty"` }
TIDataConnectorDataTypesIndicators data type for indicators connection.
type TIDataConnectorProperties ¶
type TIDataConnectorProperties struct { // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` // DataTypes - The available data types for the connector. DataTypes *TIDataConnectorDataTypes `json:"dataTypes,omitempty"` }
TIDataConnectorProperties TI (Threat Intelligence) data connector properties.
type TemplateStatus ¶
type TemplateStatus string
TemplateStatus enumerates the values for template status.
const ( // Available Alert rule template is available. Available TemplateStatus = "Available" // Installed Alert rule template installed. and can not use more then once Installed TemplateStatus = "Installed" // NotAvailable Alert rule template is not available NotAvailable TemplateStatus = "NotAvailable" )
func PossibleTemplateStatusValues ¶
func PossibleTemplateStatusValues() []TemplateStatus
PossibleTemplateStatusValues returns an array of possible values for the TemplateStatus const type.
type ThreatIntelligence ¶
type ThreatIntelligence struct { // Confidence - READ-ONLY; Confidence (must be between 0 and 1) Confidence *float64 `json:"confidence,omitempty"` // ProviderName - READ-ONLY; Name of the provider from whom this Threat Intelligence information was received ProviderName *string `json:"providerName,omitempty"` // ReportLink - READ-ONLY; Report link ReportLink *string `json:"reportLink,omitempty"` // ThreatDescription - READ-ONLY; Threat description (free text) ThreatDescription *string `json:"threatDescription,omitempty"` // ThreatName - READ-ONLY; Threat name (e.g. "Jedobot malware") ThreatName *string `json:"threatName,omitempty"` // ThreatType - READ-ONLY; Threat type (e.g. "Botnet") ThreatType *string `json:"threatType,omitempty"` }
ThreatIntelligence threatIntelligence property bag.
type ToggleSettings ¶
type ToggleSettings struct { // ToggleSettingsProperties - toggle properties *ToggleSettingsProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindSettings', 'KindToggleSettings', 'KindUebaSettings' Kind KindBasicSettings `json:"kind,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` }
ToggleSettings settings with single toggle.
func (ToggleSettings) AsBasicSettings ¶
func (ts ToggleSettings) AsBasicSettings() (BasicSettings, bool)
AsBasicSettings is the BasicSettings implementation for ToggleSettings.
func (ToggleSettings) AsSettings ¶
func (ts ToggleSettings) AsSettings() (*Settings, bool)
AsSettings is the BasicSettings implementation for ToggleSettings.
func (ToggleSettings) AsToggleSettings ¶
func (ts ToggleSettings) AsToggleSettings() (*ToggleSettings, bool)
AsToggleSettings is the BasicSettings implementation for ToggleSettings.
func (ToggleSettings) AsUebaSettings ¶
func (ts ToggleSettings) AsUebaSettings() (*UebaSettings, bool)
AsUebaSettings is the BasicSettings implementation for ToggleSettings.
func (ToggleSettings) MarshalJSON ¶
func (ts ToggleSettings) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for ToggleSettings.
func (*ToggleSettings) UnmarshalJSON ¶
func (ts *ToggleSettings) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for ToggleSettings struct.
type ToggleSettingsProperties ¶
type ToggleSettingsProperties struct { // IsEnabled - Determines whether the setting is enable or disabled. IsEnabled *bool `json:"isEnabled,omitempty"` }
ToggleSettingsProperties toggle property bag.
type TriggerOperator ¶
type TriggerOperator string
TriggerOperator enumerates the values for trigger operator.
const ( // Equal ... Equal TriggerOperator = "Equal" // GreaterThan ... GreaterThan TriggerOperator = "GreaterThan" // LessThan ... LessThan TriggerOperator = "LessThan" // NotEqual ... NotEqual TriggerOperator = "NotEqual" )
func PossibleTriggerOperatorValues ¶
func PossibleTriggerOperatorValues() []TriggerOperator
PossibleTriggerOperatorValues returns an array of possible values for the TriggerOperator const type.
type UebaSettings ¶
type UebaSettings struct { // UebaSettingsProperties - User and Entity Behavior Analytics settings properties *UebaSettingsProperties `json:"properties,omitempty"` // Kind - Possible values include: 'KindSettings', 'KindToggleSettings', 'KindUebaSettings' Kind KindBasicSettings `json:"kind,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` }
UebaSettings represents settings for User and Entity Behavior Analytics enablement.
func (UebaSettings) AsBasicSettings ¶
func (us UebaSettings) AsBasicSettings() (BasicSettings, bool)
AsBasicSettings is the BasicSettings implementation for UebaSettings.
func (UebaSettings) AsSettings ¶
func (us UebaSettings) AsSettings() (*Settings, bool)
AsSettings is the BasicSettings implementation for UebaSettings.
func (UebaSettings) AsToggleSettings ¶
func (us UebaSettings) AsToggleSettings() (*ToggleSettings, bool)
AsToggleSettings is the BasicSettings implementation for UebaSettings.
func (UebaSettings) AsUebaSettings ¶
func (us UebaSettings) AsUebaSettings() (*UebaSettings, bool)
AsUebaSettings is the BasicSettings implementation for UebaSettings.
func (UebaSettings) MarshalJSON ¶
func (us UebaSettings) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for UebaSettings.
func (*UebaSettings) UnmarshalJSON ¶
func (us *UebaSettings) UnmarshalJSON(body []byte) error
UnmarshalJSON is the custom unmarshaler for UebaSettings struct.
type UebaSettingsProperties ¶
type UebaSettingsProperties struct { // AtpLicenseStatus - READ-ONLY; Determines whether the tenant has ATP (Advanced Threat Protection) license. Possible values include: 'LicenseStatusEnabled', 'LicenseStatusDisabled' AtpLicenseStatus LicenseStatus `json:"atpLicenseStatus,omitempty"` // IsEnabled - Determines whether User and Entity Behavior Analytics is enabled for this workspace. IsEnabled *bool `json:"isEnabled,omitempty"` // StatusInMcas - READ-ONLY; Determines whether User and Entity Behavior Analytics is enabled from MCAS (Microsoft Cloud App Security). Possible values include: 'StatusInMcasEnabled', 'StatusInMcasDisabled' StatusInMcas StatusInMcas `json:"statusInMcas,omitempty"` }
UebaSettingsProperties user and Entity Behavior Analytics settings property bag.
func (UebaSettingsProperties) MarshalJSON ¶
func (usp UebaSettingsProperties) MarshalJSON() ([]byte, error)
MarshalJSON is the custom marshaler for UebaSettingsProperties.
type UserInfo ¶
type UserInfo struct { // Email - READ-ONLY; The email of the user. Email *string `json:"email,omitempty"` // Name - READ-ONLY; The name of the user. Name *string `json:"name,omitempty"` // ObjectID - The object id of the user. ObjectID *uuid.UUID `json:"objectId,omitempty"` }
UserInfo user information that made some action
func (UserInfo) MarshalJSON ¶
MarshalJSON is the custom marshaler for UserInfo.