Why Go
- Case Studies
  
  Common problems companies solve with Go
- Use Cases
  
  Stories about how and why companies use Go
- Security Policy
  
  How Go can help keep you secure by default
Learn
Docs
- Effective Go
  
  Tips for writing clear, performant, and idiomatic Go code
- Go User Manual
  
  A complete introduction to building software with Go
- Standard library
  
  Reference documentation for Go's standard library
- Release Notes
  
  Learn what's new in each Go release
Packages
Community
- Recorded Talks
  
  Videos from prior events
- Meetups
  
  Meet other local Go developers
- Conferences
  
  Learn and network with Go developers from around the world
- Go blog
  
  The Go project's official blog.
- Go project
  
  Get help and stay informed from Go
- Get connected

securityinsight

package

Go to main page

Versions in this module

v45

v45.1.2

Aug 18, 2020

v45.1.1

Aug 14, 2020

v45.1.0

Aug 7, 2020

v45.0.0

Aug 3, 2020

Changes in this version

+ const DefaultBaseURI

+ func UserAgent() string

+ func Version() string

+ type AADCheckRequirements struct

+ Kind KindBasicDataConnectorsCheckRequirements

+ func (acr *AADCheckRequirements) UnmarshalJSON(body []byte) error

+ func (acr AADCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)

+ func (acr AADCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)

+ func (acr AADCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)

+ func (acr AADCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)

+ func (acr AADCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)

+ func (acr AADCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)

+ func (acr AADCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)

+ func (acr AADCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)

+ func (acr AADCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)

+ func (acr AADCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)

+ func (acr AADCheckRequirements) MarshalJSON() ([]byte, error)

+ type AADCheckRequirementsProperties struct

+ TenantID *string

+ type AADDataConnector struct

+ Etag *string

+ ID *string

+ Kind KindBasicDataConnector

+ Name *string

+ Type *string

+ func (adc *AADDataConnector) UnmarshalJSON(body []byte) error

+ func (adc AADDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

+ func (adc AADDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

+ func (adc AADDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

+ func (adc AADDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

+ func (adc AADDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

+ func (adc AADDataConnector) AsDataConnector() (*DataConnector, bool)

+ func (adc AADDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

+ func (adc AADDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

+ func (adc AADDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

+ func (adc AADDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

+ func (adc AADDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)

+ func (adc AADDataConnector) MarshalJSON() ([]byte, error)

+ type AADDataConnectorProperties struct

+ DataTypes *AlertsDataTypeOfDataConnector

+ TenantID *string

+ type AATPCheckRequirements struct

+ Kind KindBasicDataConnectorsCheckRequirements

+ func (acr *AATPCheckRequirements) UnmarshalJSON(body []byte) error

+ func (acr AATPCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)

+ func (acr AATPCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)

+ func (acr AATPCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)

+ func (acr AATPCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)

+ func (acr AATPCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)

+ func (acr AATPCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)

+ func (acr AATPCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)

+ func (acr AATPCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)

+ func (acr AATPCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)

+ func (acr AATPCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)

+ func (acr AATPCheckRequirements) MarshalJSON() ([]byte, error)

+ type AATPCheckRequirementsProperties struct

+ TenantID *string

+ type AATPDataConnector struct

+ Etag *string

+ ID *string

+ Kind KindBasicDataConnector

+ Name *string

+ Type *string

+ func (adc *AATPDataConnector) UnmarshalJSON(body []byte) error

+ func (adc AATPDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

+ func (adc AATPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

+ func (adc AATPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

+ func (adc AATPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

+ func (adc AATPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

+ func (adc AATPDataConnector) AsDataConnector() (*DataConnector, bool)

+ func (adc AATPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

+ func (adc AATPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

+ func (adc AATPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

+ func (adc AATPDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

+ func (adc AATPDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)

+ func (adc AATPDataConnector) MarshalJSON() ([]byte, error)

+ type AATPDataConnectorProperties struct

+ DataTypes *AlertsDataTypeOfDataConnector

+ TenantID *string

+ type ASCCheckRequirements struct

+ Kind KindBasicDataConnectorsCheckRequirements

+ func (acr *ASCCheckRequirements) UnmarshalJSON(body []byte) error

+ func (acr ASCCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)

+ func (acr ASCCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)

+ func (acr ASCCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)

+ func (acr ASCCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)

+ func (acr ASCCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)

+ func (acr ASCCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)

+ func (acr ASCCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)

+ func (acr ASCCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)

+ func (acr ASCCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)

+ func (acr ASCCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)

+ func (acr ASCCheckRequirements) MarshalJSON() ([]byte, error)

+ type ASCCheckRequirementsProperties struct

+ SubscriptionID *string

+ type ASCDataConnector struct

+ Etag *string

+ ID *string

+ Kind KindBasicDataConnector

+ Name *string

+ Type *string

+ func (adc *ASCDataConnector) UnmarshalJSON(body []byte) error

+ func (adc ASCDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

+ func (adc ASCDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

+ func (adc ASCDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

+ func (adc ASCDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

+ func (adc ASCDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

+ func (adc ASCDataConnector) AsDataConnector() (*DataConnector, bool)

+ func (adc ASCDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

+ func (adc ASCDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

+ func (adc ASCDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

+ func (adc ASCDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

+ func (adc ASCDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)

+ func (adc ASCDataConnector) MarshalJSON() ([]byte, error)

+ type ASCDataConnectorProperties struct

+ DataTypes *AlertsDataTypeOfDataConnector

+ SubscriptionID *string

+ type AccountEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ Type *string

+ func (ae *AccountEntity) UnmarshalJSON(body []byte) error

+ func (ae AccountEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (ae AccountEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (ae AccountEntity) AsBasicEntity() (BasicEntity, bool)

+ func (ae AccountEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (ae AccountEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (ae AccountEntity) AsEntity() (*Entity, bool)

+ func (ae AccountEntity) AsFileEntity() (*FileEntity, bool)

+ func (ae AccountEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (ae AccountEntity) AsHostEntity() (*HostEntity, bool)

+ func (ae AccountEntity) AsIPEntity() (*IPEntity, bool)

+ func (ae AccountEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (ae AccountEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (ae AccountEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (ae AccountEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (ae AccountEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (ae AccountEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (ae AccountEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (ae AccountEntity) AsURLEntity() (*URLEntity, bool)

+ func (ae AccountEntity) MarshalJSON() ([]byte, error)

+ type AccountEntityProperties struct

+ AadTenantID *string

+ AadUserID *string

+ AccountName *string

+ AdditionalData map[string]interface{}

+ DNSDomain *string

+ DisplayName *string

+ FriendlyName *string

+ HostEntityID *string

+ IsDomainJoined *bool

+ NtDomain *string

+ ObjectGUID *uuid.UUID

+ Puid *string

+ Sid *string

+ UpnSuffix *string

+ func (aep AccountEntityProperties) MarshalJSON() ([]byte, error)

+ type ActionPropertiesBase struct

+ LogicAppResourceID *string

+ type ActionRequest struct

+ Etag *string

+ ID *string

+ Name *string

+ Type *string

+ func (ar *ActionRequest) UnmarshalJSON(body []byte) error

+ func (ar ActionRequest) MarshalJSON() ([]byte, error)

+ type ActionRequestProperties struct

+ LogicAppResourceID *string

+ TriggerURI *string

+ type ActionResponse struct

+ Etag *string

+ ID *string

+ Name *string

+ Type *string

+ func (ar *ActionResponse) UnmarshalJSON(body []byte) error

+ func (ar ActionResponse) MarshalJSON() ([]byte, error)

+ type ActionResponseProperties struct

+ LogicAppResourceID *string

+ WorkflowID *string

+ type ActionsClient struct

+ func NewActionsClient(subscriptionID string) ActionsClient

+ func NewActionsClientWithBaseURI(baseURI string, subscriptionID string) ActionsClient

+ func (client ActionsClient) ListByAlertRule(ctx context.Context, resourceGroupName string, ...) (result ActionsListPage, err error)

+ func (client ActionsClient) ListByAlertRuleComplete(ctx context.Context, resourceGroupName string, ...) (result ActionsListIterator, err error)

+ func (client ActionsClient) ListByAlertRulePreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client ActionsClient) ListByAlertRuleResponder(resp *http.Response) (result ActionsList, err error)

+ func (client ActionsClient) ListByAlertRuleSender(req *http.Request) (*http.Response, error)

+ type ActionsList struct

+ NextLink *string

+ Value *[]ActionResponse

+ func (al ActionsList) IsEmpty() bool

+ func (al ActionsList) MarshalJSON() ([]byte, error)

+ type ActionsListIterator struct

+ func NewActionsListIterator(page ActionsListPage) ActionsListIterator

+ func (iter *ActionsListIterator) Next() error

+ func (iter *ActionsListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter ActionsListIterator) NotDone() bool

+ func (iter ActionsListIterator) Response() ActionsList

+ func (iter ActionsListIterator) Value() ActionResponse

+ type ActionsListPage struct

+ func NewActionsListPage(getNextPage func(context.Context, ActionsList) (ActionsList, error)) ActionsListPage

+ func (page *ActionsListPage) Next() error

+ func (page *ActionsListPage) NextWithContext(ctx context.Context) (err error)

+ func (page ActionsListPage) NotDone() bool

+ func (page ActionsListPage) Response() ActionsList

+ func (page ActionsListPage) Values() []ActionResponse

+ type Aggregations struct

+ ID *string

+ Kind Kind

+ Name *string

+ Type *string

+ func (a Aggregations) AsAggregations() (*Aggregations, bool)

+ func (a Aggregations) AsBasicAggregations() (BasicAggregations, bool)

+ func (a Aggregations) AsCasesAggregation() (*CasesAggregation, bool)

+ func (a Aggregations) MarshalJSON() ([]byte, error)

+ type AggregationsKind struct

+ Kind *string

+ type AggregationsModel struct

+ Value BasicAggregations

+ func (am *AggregationsModel) UnmarshalJSON(body []byte) error

+ type AlertRule struct

+ Etag *string

+ ID *string

+ Kind KindBasicAlertRule

+ Name *string

+ Type *string

+ func (ar AlertRule) AsAlertRule() (*AlertRule, bool)

+ func (ar AlertRule) AsBasicAlertRule() (BasicAlertRule, bool)

+ func (ar AlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)

+ func (ar AlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)

+ func (ar AlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)

+ func (ar AlertRule) MarshalJSON() ([]byte, error)

+ type AlertRuleKind string

+ const Fusion

+ const MicrosoftSecurityIncidentCreation

+ const Scheduled

+ func PossibleAlertRuleKindValues() []AlertRuleKind

+ type AlertRuleKind1 struct

+ Kind AlertRuleKind

+ type AlertRuleModel struct

+ Value BasicAlertRule

+ func (arm *AlertRuleModel) UnmarshalJSON(body []byte) error

+ type AlertRuleTemplate struct

+ ID *string

+ Kind KindBasicAlertRuleTemplate

+ Name *string

+ Type *string

+ func (art AlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)

+ func (art AlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)

+ func (art AlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)

+ func (art AlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)

+ func (art AlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)

+ func (art AlertRuleTemplate) MarshalJSON() ([]byte, error)

+ type AlertRuleTemplateDataSource struct

+ ConnectorID *string

+ DataTypes *[]string

+ type AlertRuleTemplateModel struct

+ Value BasicAlertRuleTemplate

+ func (artm *AlertRuleTemplateModel) UnmarshalJSON(body []byte) error

+ type AlertRuleTemplatePropertiesBase struct

+ AlertRulesCreatedByTemplateCount *int32

+ CreatedDateUTC *date.Time

+ Description *string

+ DisplayName *string

+ RequiredDataConnectors *[]AlertRuleTemplateDataSource

+ Status TemplateStatus

+ func (artpb AlertRuleTemplatePropertiesBase) MarshalJSON() ([]byte, error)

+ type AlertRuleTemplatesClient struct

+ func NewAlertRuleTemplatesClient(subscriptionID string) AlertRuleTemplatesClient

+ func NewAlertRuleTemplatesClientWithBaseURI(baseURI string, subscriptionID string) AlertRuleTemplatesClient

+ func (client AlertRuleTemplatesClient) Get(ctx context.Context, resourceGroupName string, ...) (result AlertRuleTemplateModel, err error)

+ func (client AlertRuleTemplatesClient) GetPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client AlertRuleTemplatesClient) GetResponder(resp *http.Response) (result AlertRuleTemplateModel, err error)

+ func (client AlertRuleTemplatesClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client AlertRuleTemplatesClient) List(ctx context.Context, resourceGroupName string, ...) (result AlertRuleTemplatesListPage, err error)

+ func (client AlertRuleTemplatesClient) ListComplete(ctx context.Context, resourceGroupName string, ...) (result AlertRuleTemplatesListIterator, err error)

+ func (client AlertRuleTemplatesClient) ListPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client AlertRuleTemplatesClient) ListResponder(resp *http.Response) (result AlertRuleTemplatesList, err error)

+ func (client AlertRuleTemplatesClient) ListSender(req *http.Request) (*http.Response, error)

+ type AlertRuleTemplatesList struct

+ NextLink *string

+ Value *[]BasicAlertRuleTemplate

+ func (artl *AlertRuleTemplatesList) UnmarshalJSON(body []byte) error

+ func (artl AlertRuleTemplatesList) IsEmpty() bool

+ func (artl AlertRuleTemplatesList) MarshalJSON() ([]byte, error)

+ type AlertRuleTemplatesListIterator struct

+ func NewAlertRuleTemplatesListIterator(page AlertRuleTemplatesListPage) AlertRuleTemplatesListIterator

+ func (iter *AlertRuleTemplatesListIterator) Next() error

+ func (iter *AlertRuleTemplatesListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter AlertRuleTemplatesListIterator) NotDone() bool

+ func (iter AlertRuleTemplatesListIterator) Response() AlertRuleTemplatesList

+ func (iter AlertRuleTemplatesListIterator) Value() BasicAlertRuleTemplate

+ type AlertRuleTemplatesListPage struct

+ func NewAlertRuleTemplatesListPage(...) AlertRuleTemplatesListPage

+ func (page *AlertRuleTemplatesListPage) Next() error

+ func (page *AlertRuleTemplatesListPage) NextWithContext(ctx context.Context) (err error)

+ func (page AlertRuleTemplatesListPage) NotDone() bool

+ func (page AlertRuleTemplatesListPage) Response() AlertRuleTemplatesList

+ func (page AlertRuleTemplatesListPage) Values() []BasicAlertRuleTemplate

+ type AlertRulesClient struct

+ func NewAlertRulesClient(subscriptionID string) AlertRulesClient

+ func NewAlertRulesClientWithBaseURI(baseURI string, subscriptionID string) AlertRulesClient

+ func (client AlertRulesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, ...) (result AlertRuleModel, err error)

+ func (client AlertRulesClient) CreateOrUpdateAction(ctx context.Context, resourceGroupName string, ...) (result ActionResponse, err error)

+ func (client AlertRulesClient) CreateOrUpdateActionPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client AlertRulesClient) CreateOrUpdateActionResponder(resp *http.Response) (result ActionResponse, err error)

+ func (client AlertRulesClient) CreateOrUpdateActionSender(req *http.Request) (*http.Response, error)

+ func (client AlertRulesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client AlertRulesClient) CreateOrUpdateResponder(resp *http.Response) (result AlertRuleModel, err error)

+ func (client AlertRulesClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)

+ func (client AlertRulesClient) Delete(ctx context.Context, resourceGroupName string, ...) (result autorest.Response, err error)

+ func (client AlertRulesClient) DeleteAction(ctx context.Context, resourceGroupName string, ...) (result autorest.Response, err error)

+ func (client AlertRulesClient) DeleteActionPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client AlertRulesClient) DeleteActionResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client AlertRulesClient) DeleteActionSender(req *http.Request) (*http.Response, error)

+ func (client AlertRulesClient) DeletePreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client AlertRulesClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client AlertRulesClient) DeleteSender(req *http.Request) (*http.Response, error)

+ func (client AlertRulesClient) Get(ctx context.Context, resourceGroupName string, ...) (result AlertRuleModel, err error)

+ func (client AlertRulesClient) GetAction(ctx context.Context, resourceGroupName string, ...) (result ActionResponse, err error)

+ func (client AlertRulesClient) GetActionPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client AlertRulesClient) GetActionResponder(resp *http.Response) (result ActionResponse, err error)

+ func (client AlertRulesClient) GetActionSender(req *http.Request) (*http.Response, error)

+ func (client AlertRulesClient) GetPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client AlertRulesClient) GetResponder(resp *http.Response) (result AlertRuleModel, err error)

+ func (client AlertRulesClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client AlertRulesClient) List(ctx context.Context, resourceGroupName string, ...) (result AlertRulesListPage, err error)

+ func (client AlertRulesClient) ListComplete(ctx context.Context, resourceGroupName string, ...) (result AlertRulesListIterator, err error)

+ func (client AlertRulesClient) ListPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client AlertRulesClient) ListResponder(resp *http.Response) (result AlertRulesList, err error)

+ func (client AlertRulesClient) ListSender(req *http.Request) (*http.Response, error)

+ type AlertRulesList struct

+ NextLink *string

+ Value *[]BasicAlertRule

+ func (arl *AlertRulesList) UnmarshalJSON(body []byte) error

+ func (arl AlertRulesList) IsEmpty() bool

+ func (arl AlertRulesList) MarshalJSON() ([]byte, error)

+ type AlertRulesListIterator struct

+ func NewAlertRulesListIterator(page AlertRulesListPage) AlertRulesListIterator

+ func (iter *AlertRulesListIterator) Next() error

+ func (iter *AlertRulesListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter AlertRulesListIterator) NotDone() bool

+ func (iter AlertRulesListIterator) Response() AlertRulesList

+ func (iter AlertRulesListIterator) Value() BasicAlertRule

+ type AlertRulesListPage struct

+ func NewAlertRulesListPage(getNextPage func(context.Context, AlertRulesList) (AlertRulesList, error)) AlertRulesListPage

+ func (page *AlertRulesListPage) Next() error

+ func (page *AlertRulesListPage) NextWithContext(ctx context.Context) (err error)

+ func (page AlertRulesListPage) NotDone() bool

+ func (page AlertRulesListPage) Response() AlertRulesList

+ func (page AlertRulesListPage) Values() []BasicAlertRule

+ type AlertSeverity string

+ const High

+ const Informational

+ const Low

+ const Medium

+ func PossibleAlertSeverityValues() []AlertSeverity

+ type AlertStatus string

+ const AlertStatusDismissed

+ const AlertStatusInProgress

+ const AlertStatusNew

+ const AlertStatusResolved

+ const AlertStatusUnknown

+ func PossibleAlertStatusValues() []AlertStatus

+ type AlertsDataTypeOfDataConnector struct

+ Alerts *AlertsDataTypeOfDataConnectorAlerts

+ type AlertsDataTypeOfDataConnectorAlerts struct

+ State DataTypeState

+ type AttackTactic string

+ const Collection

+ const CommandAndControl

+ const CredentialAccess

+ const DefenseEvasion

+ const Discovery

+ const Execution

+ const Exfiltration

+ const Impact

+ const InitialAccess

+ const LateralMovement

+ const Persistence

+ const PrivilegeEscalation

+ func PossibleAttackTacticValues() []AttackTactic

+ type AwsCloudTrailCheckRequirements struct

+ Kind KindBasicDataConnectorsCheckRequirements

+ func (actcr AwsCloudTrailCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)

+ func (actcr AwsCloudTrailCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)

+ func (actcr AwsCloudTrailCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)

+ func (actcr AwsCloudTrailCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)

+ func (actcr AwsCloudTrailCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)

+ func (actcr AwsCloudTrailCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)

+ func (actcr AwsCloudTrailCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)

+ func (actcr AwsCloudTrailCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)

+ func (actcr AwsCloudTrailCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)

+ func (actcr AwsCloudTrailCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)

+ func (actcr AwsCloudTrailCheckRequirements) MarshalJSON() ([]byte, error)

+ type AwsCloudTrailDataConnector struct

+ Etag *string

+ ID *string

+ Kind KindBasicDataConnector

+ Name *string

+ Type *string

+ func (actdc *AwsCloudTrailDataConnector) UnmarshalJSON(body []byte) error

+ func (actdc AwsCloudTrailDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) AsDataConnector() (*DataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)

+ func (actdc AwsCloudTrailDataConnector) MarshalJSON() ([]byte, error)

+ type AwsCloudTrailDataConnectorDataTypes struct

+ Logs *AwsCloudTrailDataConnectorDataTypesLogs

+ type AwsCloudTrailDataConnectorDataTypesLogs struct

+ State DataTypeState

+ type AwsCloudTrailDataConnectorProperties struct

+ AwsRoleArn *string

+ DataTypes *AwsCloudTrailDataConnectorDataTypes

+ type AzureResourceEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ Type *string

+ func (are *AzureResourceEntity) UnmarshalJSON(body []byte) error

+ func (are AzureResourceEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (are AzureResourceEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (are AzureResourceEntity) AsBasicEntity() (BasicEntity, bool)

+ func (are AzureResourceEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (are AzureResourceEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (are AzureResourceEntity) AsEntity() (*Entity, bool)

+ func (are AzureResourceEntity) AsFileEntity() (*FileEntity, bool)

+ func (are AzureResourceEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (are AzureResourceEntity) AsHostEntity() (*HostEntity, bool)

+ func (are AzureResourceEntity) AsIPEntity() (*IPEntity, bool)

+ func (are AzureResourceEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (are AzureResourceEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (are AzureResourceEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (are AzureResourceEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (are AzureResourceEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (are AzureResourceEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (are AzureResourceEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (are AzureResourceEntity) AsURLEntity() (*URLEntity, bool)

+ func (are AzureResourceEntity) MarshalJSON() ([]byte, error)

+ type AzureResourceEntityProperties struct

+ AdditionalData map[string]interface{}

+ FriendlyName *string

+ ResourceID *string

+ SubscriptionID *string

+ func (arep AzureResourceEntityProperties) MarshalJSON() ([]byte, error)

+ type BaseClient struct

+ BaseURI string

+ SubscriptionID string

+ func New(subscriptionID string) BaseClient

+ func NewWithBaseURI(baseURI string, subscriptionID string) BaseClient

+ type BasicAggregations interface

+ AsAggregations func() (*Aggregations, bool)

+ AsCasesAggregation func() (*CasesAggregation, bool)

+ type BasicAlertRule interface

+ AsAlertRule func() (*AlertRule, bool)

+ AsFusionAlertRule func() (*FusionAlertRule, bool)

+ AsMicrosoftSecurityIncidentCreationAlertRule func() (*MicrosoftSecurityIncidentCreationAlertRule, bool)

+ AsScheduledAlertRule func() (*ScheduledAlertRule, bool)

+ type BasicAlertRuleTemplate interface

+ AsAlertRuleTemplate func() (*AlertRuleTemplate, bool)

+ AsFusionAlertRuleTemplate func() (*FusionAlertRuleTemplate, bool)

+ AsMicrosoftSecurityIncidentCreationAlertRuleTemplate func() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)

+ AsScheduledAlertRuleTemplate func() (*ScheduledAlertRuleTemplate, bool)

+ type BasicDataConnector interface

+ AsAADDataConnector func() (*AADDataConnector, bool)

+ AsAATPDataConnector func() (*AATPDataConnector, bool)

+ AsASCDataConnector func() (*ASCDataConnector, bool)

+ AsAwsCloudTrailDataConnector func() (*AwsCloudTrailDataConnector, bool)

+ AsDataConnector func() (*DataConnector, bool)

+ AsMCASDataConnector func() (*MCASDataConnector, bool)

+ AsMDATPDataConnector func() (*MDATPDataConnector, bool)

+ AsOfficeDataConnector func() (*OfficeDataConnector, bool)

+ AsTIDataConnector func() (*TIDataConnector, bool)

+ AsTiTaxiiDataConnector func() (*TiTaxiiDataConnector, bool)

+ type BasicDataConnectorsCheckRequirements interface

+ AsAADCheckRequirements func() (*AADCheckRequirements, bool)

+ AsAATPCheckRequirements func() (*AATPCheckRequirements, bool)

+ AsASCCheckRequirements func() (*ASCCheckRequirements, bool)

+ AsAwsCloudTrailCheckRequirements func() (*AwsCloudTrailCheckRequirements, bool)

+ AsDataConnectorsCheckRequirements func() (*DataConnectorsCheckRequirements, bool)

+ AsMCASCheckRequirements func() (*MCASCheckRequirements, bool)

+ AsMDATPCheckRequirements func() (*MDATPCheckRequirements, bool)

+ AsTICheckRequirements func() (*TICheckRequirements, bool)

+ AsTiTaxiiCheckRequirements func() (*TiTaxiiCheckRequirements, bool)

+ type BasicEntity interface

+ AsAccountEntity func() (*AccountEntity, bool)

+ AsAzureResourceEntity func() (*AzureResourceEntity, bool)

+ AsCloudApplicationEntity func() (*CloudApplicationEntity, bool)

+ AsDNSEntity func() (*DNSEntity, bool)

+ AsEntity func() (*Entity, bool)

+ AsFileEntity func() (*FileEntity, bool)

+ AsFileHashEntity func() (*FileHashEntity, bool)

+ AsHostEntity func() (*HostEntity, bool)

+ AsIPEntity func() (*IPEntity, bool)

+ AsIoTDeviceEntity func() (*IoTDeviceEntity, bool)

+ AsMalwareEntity func() (*MalwareEntity, bool)

+ AsProcessEntity func() (*ProcessEntity, bool)

+ AsRegistryKeyEntity func() (*RegistryKeyEntity, bool)

+ AsRegistryValueEntity func() (*RegistryValueEntity, bool)

+ AsSecurityAlert func() (*SecurityAlert, bool)

+ AsSecurityGroupEntity func() (*SecurityGroupEntity, bool)

+ AsURLEntity func() (*URLEntity, bool)

+ type BasicSettings interface

+ AsEyesOn func() (*EyesOn, bool)

+ AsSettings func() (*Settings, bool)

+ type Bookmark struct

+ Etag *string

+ ID *string

+ Name *string

+ Type *string

+ func (b *Bookmark) UnmarshalJSON(body []byte) error

+ func (b Bookmark) MarshalJSON() ([]byte, error)

+ type BookmarkClient struct

+ func NewBookmarkClient(subscriptionID string) BookmarkClient

+ func NewBookmarkClientWithBaseURI(baseURI string, subscriptionID string) BookmarkClient

+ func (client BookmarkClient) Expand(ctx context.Context, resourceGroupName string, ...) (result BookmarkExpandResponse, err error)

+ func (client BookmarkClient) ExpandPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client BookmarkClient) ExpandResponder(resp *http.Response) (result BookmarkExpandResponse, err error)

+ func (client BookmarkClient) ExpandSender(req *http.Request) (*http.Response, error)

+ type BookmarkExpandParameters struct

+ EndTime *date.Time

+ ExpansionID *uuid.UUID

+ StartTime *date.Time

+ type BookmarkExpandResponse struct

+ MetaData *ExpansionResultsMetadata

+ Value *BookmarkExpandResponseValue

+ type BookmarkExpandResponseValue struct

+ Entities *[]BasicEntity

+ func (ber *BookmarkExpandResponseValue) UnmarshalJSON(body []byte) error

+ type BookmarkList struct

+ NextLink *string

+ Value *[]Bookmark

+ func (bl BookmarkList) IsEmpty() bool

+ func (bl BookmarkList) MarshalJSON() ([]byte, error)

+ type BookmarkListIterator struct

+ func NewBookmarkListIterator(page BookmarkListPage) BookmarkListIterator

+ func (iter *BookmarkListIterator) Next() error

+ func (iter *BookmarkListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter BookmarkListIterator) NotDone() bool

+ func (iter BookmarkListIterator) Response() BookmarkList

+ func (iter BookmarkListIterator) Value() Bookmark

+ type BookmarkListPage struct

+ func NewBookmarkListPage(getNextPage func(context.Context, BookmarkList) (BookmarkList, error)) BookmarkListPage

+ func (page *BookmarkListPage) Next() error

+ func (page *BookmarkListPage) NextWithContext(ctx context.Context) (err error)

+ func (page BookmarkListPage) NotDone() bool

+ func (page BookmarkListPage) Response() BookmarkList

+ func (page BookmarkListPage) Values() []Bookmark

+ type BookmarkProperties struct

+ Created *date.Time

+ CreatedBy *UserInfo

+ DisplayName *string

+ IncidentInfo *IncidentInfo

+ Labels *[]string

+ Notes *string

+ Query *string

+ QueryResult *string

+ Updated *date.Time

+ UpdatedBy *UserInfo

+ type BookmarkRelationsClient struct

+ func NewBookmarkRelationsClient(subscriptionID string) BookmarkRelationsClient

+ func NewBookmarkRelationsClientWithBaseURI(baseURI string, subscriptionID string) BookmarkRelationsClient

+ func (client BookmarkRelationsClient) CreateOrUpdateRelation(ctx context.Context, resourceGroupName string, ...) (result Relation, err error)

+ func (client BookmarkRelationsClient) CreateOrUpdateRelationPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client BookmarkRelationsClient) CreateOrUpdateRelationResponder(resp *http.Response) (result Relation, err error)

+ func (client BookmarkRelationsClient) CreateOrUpdateRelationSender(req *http.Request) (*http.Response, error)

+ func (client BookmarkRelationsClient) DeleteRelation(ctx context.Context, resourceGroupName string, ...) (result autorest.Response, err error)

+ func (client BookmarkRelationsClient) DeleteRelationPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client BookmarkRelationsClient) DeleteRelationResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client BookmarkRelationsClient) DeleteRelationSender(req *http.Request) (*http.Response, error)

+ func (client BookmarkRelationsClient) GetRelation(ctx context.Context, resourceGroupName string, ...) (result Relation, err error)

+ func (client BookmarkRelationsClient) GetRelationPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client BookmarkRelationsClient) GetRelationResponder(resp *http.Response) (result Relation, err error)

+ func (client BookmarkRelationsClient) GetRelationSender(req *http.Request) (*http.Response, error)

+ func (client BookmarkRelationsClient) List(ctx context.Context, resourceGroupName string, ...) (result RelationListPage, err error)

+ func (client BookmarkRelationsClient) ListComplete(ctx context.Context, resourceGroupName string, ...) (result RelationListIterator, err error)

+ func (client BookmarkRelationsClient) ListPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client BookmarkRelationsClient) ListResponder(resp *http.Response) (result RelationList, err error)

+ func (client BookmarkRelationsClient) ListSender(req *http.Request) (*http.Response, error)

+ type BookmarksClient struct

+ func NewBookmarksClient(subscriptionID string) BookmarksClient

+ func NewBookmarksClientWithBaseURI(baseURI string, subscriptionID string) BookmarksClient

+ func (client BookmarksClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, ...) (result Bookmark, err error)

+ func (client BookmarksClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client BookmarksClient) CreateOrUpdateResponder(resp *http.Response) (result Bookmark, err error)

+ func (client BookmarksClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)

+ func (client BookmarksClient) Delete(ctx context.Context, resourceGroupName string, ...) (result autorest.Response, err error)

+ func (client BookmarksClient) DeletePreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client BookmarksClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client BookmarksClient) DeleteSender(req *http.Request) (*http.Response, error)

+ func (client BookmarksClient) Get(ctx context.Context, resourceGroupName string, ...) (result Bookmark, err error)

+ func (client BookmarksClient) GetPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client BookmarksClient) GetResponder(resp *http.Response) (result Bookmark, err error)

+ func (client BookmarksClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client BookmarksClient) List(ctx context.Context, resourceGroupName string, ...) (result BookmarkListPage, err error)

+ func (client BookmarksClient) ListComplete(ctx context.Context, resourceGroupName string, ...) (result BookmarkListIterator, err error)

+ func (client BookmarksClient) ListPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client BookmarksClient) ListResponder(resp *http.Response) (result BookmarkList, err error)

+ func (client BookmarksClient) ListSender(req *http.Request) (*http.Response, error)

+ type Case struct

+ Etag *string

+ ID *string

+ Name *string

+ Type *string

+ func (c *Case) UnmarshalJSON(body []byte) error

+ func (c Case) MarshalJSON() ([]byte, error)

+ type CaseComment struct

+ ID *string

+ Name *string

+ Type *string

+ func (cc *CaseComment) UnmarshalJSON(body []byte) error

+ func (cc CaseComment) MarshalJSON() ([]byte, error)

+ type CaseCommentList struct

+ NextLink *string

+ Value *[]CaseComment

+ func (ccl CaseCommentList) IsEmpty() bool

+ func (ccl CaseCommentList) MarshalJSON() ([]byte, error)

+ type CaseCommentListIterator struct

+ func NewCaseCommentListIterator(page CaseCommentListPage) CaseCommentListIterator

+ func (iter *CaseCommentListIterator) Next() error

+ func (iter *CaseCommentListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter CaseCommentListIterator) NotDone() bool

+ func (iter CaseCommentListIterator) Response() CaseCommentList

+ func (iter CaseCommentListIterator) Value() CaseComment

+ type CaseCommentListPage struct

+ func NewCaseCommentListPage(getNextPage func(context.Context, CaseCommentList) (CaseCommentList, error)) CaseCommentListPage

+ func (page *CaseCommentListPage) Next() error

+ func (page *CaseCommentListPage) NextWithContext(ctx context.Context) (err error)

+ func (page CaseCommentListPage) NotDone() bool

+ func (page CaseCommentListPage) Response() CaseCommentList

+ func (page CaseCommentListPage) Values() []CaseComment

+ type CaseCommentProperties struct

+ CreatedTimeUtc *date.Time

+ Message *string

+ UserInfo *UserInfo

+ func (ccp CaseCommentProperties) MarshalJSON() ([]byte, error)

+ type CaseCommentsClient struct

+ func NewCaseCommentsClient(subscriptionID string) CaseCommentsClient

+ func NewCaseCommentsClientWithBaseURI(baseURI string, subscriptionID string) CaseCommentsClient

+ func (client CaseCommentsClient) CreateComment(ctx context.Context, resourceGroupName string, ...) (result CaseComment, err error)

+ func (client CaseCommentsClient) CreateCommentPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client CaseCommentsClient) CreateCommentResponder(resp *http.Response) (result CaseComment, err error)

+ func (client CaseCommentsClient) CreateCommentSender(req *http.Request) (*http.Response, error)

+ type CaseList struct

+ NextLink *string

+ Value *[]Case

+ func (cl CaseList) IsEmpty() bool

+ func (cl CaseList) MarshalJSON() ([]byte, error)

+ type CaseListIterator struct

+ func NewCaseListIterator(page CaseListPage) CaseListIterator

+ func (iter *CaseListIterator) Next() error

+ func (iter *CaseListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter CaseListIterator) NotDone() bool

+ func (iter CaseListIterator) Response() CaseList

+ func (iter CaseListIterator) Value() Case

+ type CaseListPage struct

+ func NewCaseListPage(getNextPage func(context.Context, CaseList) (CaseList, error)) CaseListPage

+ func (page *CaseListPage) Next() error

+ func (page *CaseListPage) NextWithContext(ctx context.Context) (err error)

+ func (page CaseListPage) NotDone() bool

+ func (page CaseListPage) Response() CaseList

+ func (page CaseListPage) Values() []Case

+ type CaseProperties struct

+ CaseNumber *int32

+ CloseReason CloseReason

+ ClosedReasonText *string

+ CreatedTimeUtc *date.Time

+ Description *string

+ EndTimeUtc *date.Time

+ Labels *[]string

+ LastComment *string

+ LastUpdatedTimeUtc *date.Time

+ Owner *UserInfo

+ RelatedAlertIds *[]string

+ Severity CaseSeverity

+ StartTimeUtc *date.Time

+ Status CaseStatus

+ Tactics *[]AttackTactic

+ Title *string

+ TotalComments *int32

+ func (cp CaseProperties) MarshalJSON() ([]byte, error)

+ type CaseRelation struct

+ Etag *string

+ ID *string

+ Kind RelationTypes

+ Name *string

+ Type *string

+ func (cr *CaseRelation) UnmarshalJSON(body []byte) error

+ func (cr CaseRelation) MarshalJSON() ([]byte, error)

+ type CaseRelationList struct

+ NextLink *string

+ Value *[]CaseRelation

+ func (crl CaseRelationList) IsEmpty() bool

+ func (crl CaseRelationList) MarshalJSON() ([]byte, error)

+ type CaseRelationListIterator struct

+ func NewCaseRelationListIterator(page CaseRelationListPage) CaseRelationListIterator

+ func (iter *CaseRelationListIterator) Next() error

+ func (iter *CaseRelationListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter CaseRelationListIterator) NotDone() bool

+ func (iter CaseRelationListIterator) Response() CaseRelationList

+ func (iter CaseRelationListIterator) Value() CaseRelation

+ type CaseRelationListPage struct

+ func NewCaseRelationListPage(getNextPage func(context.Context, CaseRelationList) (CaseRelationList, error)) CaseRelationListPage

+ func (page *CaseRelationListPage) Next() error

+ func (page *CaseRelationListPage) NextWithContext(ctx context.Context) (err error)

+ func (page CaseRelationListPage) NotDone() bool

+ func (page CaseRelationListPage) Response() CaseRelationList

+ func (page CaseRelationListPage) Values() []CaseRelation

+ type CaseRelationProperties struct

+ BookmarkID *string

+ BookmarkName *string

+ CaseIdentifier *string

+ RelationName *string

+ type CaseRelationsClient struct

+ func NewCaseRelationsClient(subscriptionID string) CaseRelationsClient

+ func NewCaseRelationsClientWithBaseURI(baseURI string, subscriptionID string) CaseRelationsClient

+ func (client CaseRelationsClient) CreateOrUpdateRelation(ctx context.Context, resourceGroupName string, ...) (result CaseRelation, err error)

+ func (client CaseRelationsClient) CreateOrUpdateRelationPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client CaseRelationsClient) CreateOrUpdateRelationResponder(resp *http.Response) (result CaseRelation, err error)

+ func (client CaseRelationsClient) CreateOrUpdateRelationSender(req *http.Request) (*http.Response, error)

+ func (client CaseRelationsClient) DeleteRelation(ctx context.Context, resourceGroupName string, ...) (result autorest.Response, err error)

+ func (client CaseRelationsClient) DeleteRelationPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client CaseRelationsClient) DeleteRelationResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client CaseRelationsClient) DeleteRelationSender(req *http.Request) (*http.Response, error)

+ func (client CaseRelationsClient) GetRelation(ctx context.Context, resourceGroupName string, ...) (result CaseRelation, err error)

+ func (client CaseRelationsClient) GetRelationPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client CaseRelationsClient) GetRelationResponder(resp *http.Response) (result CaseRelation, err error)

+ func (client CaseRelationsClient) GetRelationSender(req *http.Request) (*http.Response, error)

+ func (client CaseRelationsClient) List(ctx context.Context, resourceGroupName string, ...) (result CaseRelationListPage, err error)

+ func (client CaseRelationsClient) ListComplete(ctx context.Context, resourceGroupName string, ...) (result CaseRelationListIterator, err error)

+ func (client CaseRelationsClient) ListPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client CaseRelationsClient) ListResponder(resp *http.Response) (result CaseRelationList, err error)

+ func (client CaseRelationsClient) ListSender(req *http.Request) (*http.Response, error)

+ type CaseSeverity string

+ const CaseSeverityCritical

+ const CaseSeverityHigh

+ const CaseSeverityInformational

+ const CaseSeverityLow

+ const CaseSeverityMedium

+ func PossibleCaseSeverityValues() []CaseSeverity

+ type CaseStatus string

+ const CaseStatusClosed

+ const CaseStatusDraft

+ const CaseStatusInProgress

+ const CaseStatusNew

+ func PossibleCaseStatusValues() []CaseStatus

+ type CasesAggregation struct

+ ID *string

+ Kind Kind

+ Name *string

+ Type *string

+ func (ca *CasesAggregation) UnmarshalJSON(body []byte) error

+ func (ca CasesAggregation) AsAggregations() (*Aggregations, bool)

+ func (ca CasesAggregation) AsBasicAggregations() (BasicAggregations, bool)

+ func (ca CasesAggregation) AsCasesAggregation() (*CasesAggregation, bool)

+ func (ca CasesAggregation) MarshalJSON() ([]byte, error)

+ type CasesAggregationBySeverityProperties struct

+ TotalCriticalSeverity *int32

+ TotalHighSeverity *int32

+ TotalInformationalSeverity *int32

+ TotalLowSeverity *int32

+ TotalMediumSeverity *int32

+ type CasesAggregationByStatusProperties struct

+ TotalDismissedStatus *int32

+ TotalInProgressStatus *int32

+ TotalNewStatus *int32

+ TotalResolvedStatus *int32

+ type CasesAggregationProperties struct

+ AggregationBySeverity *CasesAggregationBySeverityProperties

+ AggregationByStatus *CasesAggregationByStatusProperties

+ type CasesAggregationsClient struct

+ func NewCasesAggregationsClient(subscriptionID string) CasesAggregationsClient

+ func NewCasesAggregationsClientWithBaseURI(baseURI string, subscriptionID string) CasesAggregationsClient

+ func (client CasesAggregationsClient) Get(ctx context.Context, resourceGroupName string, ...) (result AggregationsModel, err error)

+ func (client CasesAggregationsClient) GetPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client CasesAggregationsClient) GetResponder(resp *http.Response) (result AggregationsModel, err error)

+ func (client CasesAggregationsClient) GetSender(req *http.Request) (*http.Response, error)

+ type CasesClient struct

+ func NewCasesClient(subscriptionID string) CasesClient

+ func NewCasesClientWithBaseURI(baseURI string, subscriptionID string) CasesClient

+ func (client CasesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, ...) (result Case, err error)

+ func (client CasesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client CasesClient) CreateOrUpdateResponder(resp *http.Response) (result Case, err error)

+ func (client CasesClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)

+ func (client CasesClient) Delete(ctx context.Context, resourceGroupName string, ...) (result autorest.Response, err error)

+ func (client CasesClient) DeletePreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client CasesClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client CasesClient) DeleteSender(req *http.Request) (*http.Response, error)

+ func (client CasesClient) Get(ctx context.Context, resourceGroupName string, ...) (result Case, err error)

+ func (client CasesClient) GetComment(ctx context.Context, resourceGroupName string, ...) (result CaseComment, err error)

+ func (client CasesClient) GetCommentPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client CasesClient) GetCommentResponder(resp *http.Response) (result CaseComment, err error)

+ func (client CasesClient) GetCommentSender(req *http.Request) (*http.Response, error)

+ func (client CasesClient) GetPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client CasesClient) GetResponder(resp *http.Response) (result Case, err error)

+ func (client CasesClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client CasesClient) List(ctx context.Context, resourceGroupName string, ...) (result CaseListPage, err error)

+ func (client CasesClient) ListComplete(ctx context.Context, resourceGroupName string, ...) (result CaseListIterator, err error)

+ func (client CasesClient) ListPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client CasesClient) ListResponder(resp *http.Response) (result CaseList, err error)

+ func (client CasesClient) ListSender(req *http.Request) (*http.Response, error)

+ type ClientInfo struct

+ Email *string

+ Name *string

+ ObjectID *uuid.UUID

+ UserPrincipalName *string

+ type CloseReason string

+ const Dismissed

+ const FalsePositive

+ const Other

+ const Resolved

+ const TruePositive

+ func PossibleCloseReasonValues() []CloseReason

+ type CloudApplicationEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ Type *string

+ func (cae *CloudApplicationEntity) UnmarshalJSON(body []byte) error

+ func (cae CloudApplicationEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (cae CloudApplicationEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (cae CloudApplicationEntity) AsBasicEntity() (BasicEntity, bool)

+ func (cae CloudApplicationEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (cae CloudApplicationEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (cae CloudApplicationEntity) AsEntity() (*Entity, bool)

+ func (cae CloudApplicationEntity) AsFileEntity() (*FileEntity, bool)

+ func (cae CloudApplicationEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (cae CloudApplicationEntity) AsHostEntity() (*HostEntity, bool)

+ func (cae CloudApplicationEntity) AsIPEntity() (*IPEntity, bool)

+ func (cae CloudApplicationEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (cae CloudApplicationEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (cae CloudApplicationEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (cae CloudApplicationEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (cae CloudApplicationEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (cae CloudApplicationEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (cae CloudApplicationEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (cae CloudApplicationEntity) AsURLEntity() (*URLEntity, bool)

+ func (cae CloudApplicationEntity) MarshalJSON() ([]byte, error)

+ type CloudApplicationEntityProperties struct

+ AdditionalData map[string]interface{}

+ AppID *int32

+ AppName *string

+ FriendlyName *string

+ InstanceName *string

+ func (caep CloudApplicationEntityProperties) MarshalJSON() ([]byte, error)

+ type CloudError struct

+ func (ce *CloudError) UnmarshalJSON(body []byte) error

+ func (ce CloudError) MarshalJSON() ([]byte, error)

+ type CloudErrorBody struct

+ Code *string

+ Message *string

+ type CommentsClient struct

+ func NewCommentsClient(subscriptionID string) CommentsClient

+ func NewCommentsClientWithBaseURI(baseURI string, subscriptionID string) CommentsClient

+ func (client CommentsClient) ListByCase(ctx context.Context, resourceGroupName string, ...) (result CaseCommentListPage, err error)

+ func (client CommentsClient) ListByCaseComplete(ctx context.Context, resourceGroupName string, ...) (result CaseCommentListIterator, err error)

+ func (client CommentsClient) ListByCasePreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client CommentsClient) ListByCaseResponder(resp *http.Response) (result CaseCommentList, err error)

+ func (client CommentsClient) ListByCaseSender(req *http.Request) (*http.Response, error)

+ type ConfidenceLevel string

+ const ConfidenceLevelHigh

+ const ConfidenceLevelLow

+ const ConfidenceLevelUnknown

+ func PossibleConfidenceLevelValues() []ConfidenceLevel

+ type ConfidenceScoreStatus string

+ const Final

+ const InProcess

+ const NotApplicable

+ const NotFinal

+ func PossibleConfidenceScoreStatusValues() []ConfidenceScoreStatus

+ type DNSEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ Type *string

+ func (de *DNSEntity) UnmarshalJSON(body []byte) error

+ func (de DNSEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (de DNSEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (de DNSEntity) AsBasicEntity() (BasicEntity, bool)

+ func (de DNSEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (de DNSEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (de DNSEntity) AsEntity() (*Entity, bool)

+ func (de DNSEntity) AsFileEntity() (*FileEntity, bool)

+ func (de DNSEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (de DNSEntity) AsHostEntity() (*HostEntity, bool)

+ func (de DNSEntity) AsIPEntity() (*IPEntity, bool)

+ func (de DNSEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (de DNSEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (de DNSEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (de DNSEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (de DNSEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (de DNSEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (de DNSEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (de DNSEntity) AsURLEntity() (*URLEntity, bool)

+ func (de DNSEntity) MarshalJSON() ([]byte, error)

+ type DNSEntityProperties struct

+ AdditionalData map[string]interface{}

+ DNSServerIPEntityID *string

+ DomainName *string

+ FriendlyName *string

+ HostIPAddressEntityID *string

+ IPAddressEntityIds *[]string

+ func (dep DNSEntityProperties) MarshalJSON() ([]byte, error)

+ type DataConnector struct

+ Etag *string

+ ID *string

+ Kind KindBasicDataConnector

+ Name *string

+ Type *string

+ func (dc DataConnector) AsAADDataConnector() (*AADDataConnector, bool)

+ func (dc DataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

+ func (dc DataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

+ func (dc DataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

+ func (dc DataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

+ func (dc DataConnector) AsDataConnector() (*DataConnector, bool)

+ func (dc DataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

+ func (dc DataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

+ func (dc DataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

+ func (dc DataConnector) AsTIDataConnector() (*TIDataConnector, bool)

+ func (dc DataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)

+ func (dc DataConnector) MarshalJSON() ([]byte, error)

+ type DataConnectorAuthorizationState string

+ const Invalid

+ const Valid

+ func PossibleDataConnectorAuthorizationStateValues() []DataConnectorAuthorizationState

+ type DataConnectorDataTypeCommon struct

+ State DataTypeState

+ type DataConnectorKind string

+ const DataConnectorKindAmazonWebServicesCloudTrail

+ const DataConnectorKindAzureActiveDirectory

+ const DataConnectorKindAzureAdvancedThreatProtection

+ const DataConnectorKindAzureSecurityCenter

+ const DataConnectorKindMicrosoftCloudAppSecurity

+ const DataConnectorKindMicrosoftDefenderAdvancedThreatProtection

+ const DataConnectorKindOffice365

+ const DataConnectorKindThreatIntelligence

+ const DataConnectorKindThreatIntelligenceTaxii

+ func PossibleDataConnectorKindValues() []DataConnectorKind

+ type DataConnectorKind1 struct

+ Kind DataConnectorKind

+ type DataConnectorLicenseState string

+ const DataConnectorLicenseStateInvalid

+ const DataConnectorLicenseStateUnknown

+ const DataConnectorLicenseStateValid

+ func PossibleDataConnectorLicenseStateValues() []DataConnectorLicenseState

+ type DataConnectorList struct

+ NextLink *string

+ Value *[]BasicDataConnector

+ func (dcl *DataConnectorList) UnmarshalJSON(body []byte) error

+ func (dcl DataConnectorList) IsEmpty() bool

+ func (dcl DataConnectorList) MarshalJSON() ([]byte, error)

+ type DataConnectorListIterator struct

+ func NewDataConnectorListIterator(page DataConnectorListPage) DataConnectorListIterator

+ func (iter *DataConnectorListIterator) Next() error

+ func (iter *DataConnectorListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter DataConnectorListIterator) NotDone() bool

+ func (iter DataConnectorListIterator) Response() DataConnectorList

+ func (iter DataConnectorListIterator) Value() BasicDataConnector

+ type DataConnectorListPage struct

+ func NewDataConnectorListPage(...) DataConnectorListPage

+ func (page *DataConnectorListPage) Next() error

+ func (page *DataConnectorListPage) NextWithContext(ctx context.Context) (err error)

+ func (page DataConnectorListPage) NotDone() bool

+ func (page DataConnectorListPage) Response() DataConnectorList

+ func (page DataConnectorListPage) Values() []BasicDataConnector

+ type DataConnectorModel struct

+ Value BasicDataConnector

+ func (dcm *DataConnectorModel) UnmarshalJSON(body []byte) error

+ type DataConnectorRequirementsState struct

+ AuthorizationState DataConnectorAuthorizationState

+ LicenseState DataConnectorLicenseState

+ type DataConnectorTenantID struct

+ TenantID *string

+ type DataConnectorWithAlertsProperties struct

+ DataTypes *AlertsDataTypeOfDataConnector

+ type DataConnectorsCheckRequirements struct

+ Kind KindBasicDataConnectorsCheckRequirements

+ func (dccr DataConnectorsCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)

+ func (dccr DataConnectorsCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)

+ func (dccr DataConnectorsCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)

+ func (dccr DataConnectorsCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)

+ func (dccr DataConnectorsCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)

+ func (dccr DataConnectorsCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)

+ func (dccr DataConnectorsCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)

+ func (dccr DataConnectorsCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)

+ func (dccr DataConnectorsCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)

+ func (dccr DataConnectorsCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)

+ func (dccr DataConnectorsCheckRequirements) MarshalJSON() ([]byte, error)

+ type DataConnectorsCheckRequirementsClient struct

+ func NewDataConnectorsCheckRequirementsClient(subscriptionID string) DataConnectorsCheckRequirementsClient

+ func NewDataConnectorsCheckRequirementsClientWithBaseURI(baseURI string, subscriptionID string) DataConnectorsCheckRequirementsClient

+ func (client DataConnectorsCheckRequirementsClient) Post(ctx context.Context, resourceGroupName string, workspaceName string, ...) (result DataConnectorRequirementsState, err error)

+ func (client DataConnectorsCheckRequirementsClient) PostPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ...) (*http.Request, error)

+ func (client DataConnectorsCheckRequirementsClient) PostResponder(resp *http.Response) (result DataConnectorRequirementsState, err error)

+ func (client DataConnectorsCheckRequirementsClient) PostSender(req *http.Request) (*http.Response, error)

+ type DataConnectorsClient struct

+ func NewDataConnectorsClient(subscriptionID string) DataConnectorsClient

+ func NewDataConnectorsClientWithBaseURI(baseURI string, subscriptionID string) DataConnectorsClient

+ func (client DataConnectorsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, ...) (result DataConnectorModel, err error)

+ func (client DataConnectorsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client DataConnectorsClient) CreateOrUpdateResponder(resp *http.Response) (result DataConnectorModel, err error)

+ func (client DataConnectorsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)

+ func (client DataConnectorsClient) Delete(ctx context.Context, resourceGroupName string, ...) (result autorest.Response, err error)

+ func (client DataConnectorsClient) DeletePreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client DataConnectorsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client DataConnectorsClient) DeleteSender(req *http.Request) (*http.Response, error)

+ func (client DataConnectorsClient) Get(ctx context.Context, resourceGroupName string, ...) (result DataConnectorModel, err error)

+ func (client DataConnectorsClient) GetPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client DataConnectorsClient) GetResponder(resp *http.Response) (result DataConnectorModel, err error)

+ func (client DataConnectorsClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client DataConnectorsClient) List(ctx context.Context, resourceGroupName string, ...) (result DataConnectorListPage, err error)

+ func (client DataConnectorsClient) ListComplete(ctx context.Context, resourceGroupName string, ...) (result DataConnectorListIterator, err error)

+ func (client DataConnectorsClient) ListPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client DataConnectorsClient) ListResponder(resp *http.Response) (result DataConnectorList, err error)

+ func (client DataConnectorsClient) ListSender(req *http.Request) (*http.Response, error)

+ type DataTypeState string

+ const Disabled

+ const Enabled

+ func PossibleDataTypeStateValues() []DataTypeState

+ type ElevationToken string

+ const Default

+ const Full

+ const Limited

+ func PossibleElevationTokenValues() []ElevationToken

+ type EntitiesClient struct

+ func NewEntitiesClient(subscriptionID string) EntitiesClient

+ func NewEntitiesClientWithBaseURI(baseURI string, subscriptionID string) EntitiesClient

+ func (client EntitiesClient) Expand(ctx context.Context, resourceGroupName string, ...) (result EntityExpandResponse, err error)

+ func (client EntitiesClient) ExpandPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client EntitiesClient) ExpandResponder(resp *http.Response) (result EntityExpandResponse, err error)

+ func (client EntitiesClient) ExpandSender(req *http.Request) (*http.Response, error)

+ func (client EntitiesClient) Get(ctx context.Context, resourceGroupName string, ...) (result EntityModel, err error)

+ func (client EntitiesClient) GetPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client EntitiesClient) GetResponder(resp *http.Response) (result EntityModel, err error)

+ func (client EntitiesClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client EntitiesClient) List(ctx context.Context, resourceGroupName string, ...) (result EntityListPage, err error)

+ func (client EntitiesClient) ListComplete(ctx context.Context, resourceGroupName string, ...) (result EntityListIterator, err error)

+ func (client EntitiesClient) ListPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client EntitiesClient) ListResponder(resp *http.Response) (result EntityList, err error)

+ func (client EntitiesClient) ListSender(req *http.Request) (*http.Response, error)

+ type EntitiesMatchingMethod string

+ const All

+ const Custom

+ const None

+ func PossibleEntitiesMatchingMethodValues() []EntitiesMatchingMethod

+ type EntitiesRelationsClient struct

+ func NewEntitiesRelationsClient(subscriptionID string) EntitiesRelationsClient

+ func NewEntitiesRelationsClientWithBaseURI(baseURI string, subscriptionID string) EntitiesRelationsClient

+ func (client EntitiesRelationsClient) List(ctx context.Context, resourceGroupName string, ...) (result RelationListPage, err error)

+ func (client EntitiesRelationsClient) ListComplete(ctx context.Context, resourceGroupName string, ...) (result RelationListIterator, err error)

+ func (client EntitiesRelationsClient) ListPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client EntitiesRelationsClient) ListResponder(resp *http.Response) (result RelationList, err error)

+ func (client EntitiesRelationsClient) ListSender(req *http.Request) (*http.Response, error)

+ type Entity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ Type *string

+ func (e Entity) AsAccountEntity() (*AccountEntity, bool)

+ func (e Entity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (e Entity) AsBasicEntity() (BasicEntity, bool)

+ func (e Entity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (e Entity) AsDNSEntity() (*DNSEntity, bool)

+ func (e Entity) AsEntity() (*Entity, bool)

+ func (e Entity) AsFileEntity() (*FileEntity, bool)

+ func (e Entity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (e Entity) AsHostEntity() (*HostEntity, bool)

+ func (e Entity) AsIPEntity() (*IPEntity, bool)

+ func (e Entity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (e Entity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (e Entity) AsProcessEntity() (*ProcessEntity, bool)

+ func (e Entity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (e Entity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (e Entity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (e Entity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (e Entity) AsURLEntity() (*URLEntity, bool)

+ func (e Entity) MarshalJSON() ([]byte, error)

+ type EntityCommonProperties struct

+ AdditionalData map[string]interface{}

+ FriendlyName *string

+ func (ecp EntityCommonProperties) MarshalJSON() ([]byte, error)

+ type EntityExpandParameters struct

+ EndTime *date.Time

+ ExpansionID *uuid.UUID

+ StartTime *date.Time

+ type EntityExpandResponse struct

+ MetaData *ExpansionResultsMetadata

+ Value *EntityExpandResponseValue

+ type EntityExpandResponseValue struct

+ Entities *[]BasicEntity

+ func (eer *EntityExpandResponseValue) UnmarshalJSON(body []byte) error

+ type EntityKind string

+ const EntityKindAccount

+ const EntityKindAzureResource

+ const EntityKindBookmark

+ const EntityKindCloudApplication

+ const EntityKindDNSResolution

+ const EntityKindFile

+ const EntityKindFileHash

+ const EntityKindHost

+ const EntityKindIP

+ const EntityKindIoTDevice

+ const EntityKindMalware

+ const EntityKindProcess

+ const EntityKindRegistryKey

+ const EntityKindRegistryValue

+ const EntityKindSecurityAlert

+ const EntityKindSecurityGroup

+ const EntityKindURL

+ func PossibleEntityKindValues() []EntityKind

+ type EntityKind1 struct

+ Kind EntityKind

+ type EntityList struct

+ NextLink *string

+ Value *[]BasicEntity

+ func (el *EntityList) UnmarshalJSON(body []byte) error

+ func (el EntityList) IsEmpty() bool

+ func (el EntityList) MarshalJSON() ([]byte, error)

+ type EntityListIterator struct

+ func NewEntityListIterator(page EntityListPage) EntityListIterator

+ func (iter *EntityListIterator) Next() error

+ func (iter *EntityListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter EntityListIterator) NotDone() bool

+ func (iter EntityListIterator) Response() EntityList

+ func (iter EntityListIterator) Value() BasicEntity

+ type EntityListPage struct

+ func NewEntityListPage(getNextPage func(context.Context, EntityList) (EntityList, error)) EntityListPage

+ func (page *EntityListPage) Next() error

+ func (page *EntityListPage) NextWithContext(ctx context.Context) (err error)

+ func (page EntityListPage) NotDone() bool

+ func (page EntityListPage) Response() EntityList

+ func (page EntityListPage) Values() []BasicEntity

+ type EntityModel struct

+ Value BasicEntity

+ func (em *EntityModel) UnmarshalJSON(body []byte) error

+ type EntityQueriesClient struct

+ func NewEntityQueriesClient(subscriptionID string) EntityQueriesClient

+ func NewEntityQueriesClientWithBaseURI(baseURI string, subscriptionID string) EntityQueriesClient

+ func (client EntityQueriesClient) Get(ctx context.Context, resourceGroupName string, ...) (result EntityQuery, err error)

+ func (client EntityQueriesClient) GetPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client EntityQueriesClient) GetResponder(resp *http.Response) (result EntityQuery, err error)

+ func (client EntityQueriesClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client EntityQueriesClient) List(ctx context.Context, resourceGroupName string, ...) (result EntityQueryListPage, err error)

+ func (client EntityQueriesClient) ListComplete(ctx context.Context, resourceGroupName string, ...) (result EntityQueryListIterator, err error)

+ func (client EntityQueriesClient) ListPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client EntityQueriesClient) ListResponder(resp *http.Response) (result EntityQueryList, err error)

+ func (client EntityQueriesClient) ListSender(req *http.Request) (*http.Response, error)

+ type EntityQuery struct

+ ID *string

+ Name *string

+ Type *string

+ func (eq *EntityQuery) UnmarshalJSON(body []byte) error

+ func (eq EntityQuery) MarshalJSON() ([]byte, error)

+ type EntityQueryList struct

+ NextLink *string

+ Value *[]EntityQuery

+ func (eql EntityQueryList) IsEmpty() bool

+ func (eql EntityQueryList) MarshalJSON() ([]byte, error)

+ type EntityQueryListIterator struct

+ func NewEntityQueryListIterator(page EntityQueryListPage) EntityQueryListIterator

+ func (iter *EntityQueryListIterator) Next() error

+ func (iter *EntityQueryListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter EntityQueryListIterator) NotDone() bool

+ func (iter EntityQueryListIterator) Response() EntityQueryList

+ func (iter EntityQueryListIterator) Value() EntityQuery

+ type EntityQueryListPage struct

+ func NewEntityQueryListPage(getNextPage func(context.Context, EntityQueryList) (EntityQueryList, error)) EntityQueryListPage

+ func (page *EntityQueryListPage) Next() error

+ func (page *EntityQueryListPage) NextWithContext(ctx context.Context) (err error)

+ func (page EntityQueryListPage) NotDone() bool

+ func (page EntityQueryListPage) Response() EntityQueryList

+ func (page EntityQueryListPage) Values() []EntityQuery

+ type EntityQueryProperties struct

+ DataSources *[]string

+ DisplayName *string

+ InputEntityType EntityType

+ InputFields *[]string

+ OutputEntityTypes *[]EntityType

+ QueryTemplate *string

+ type EntityRelationsClient struct

+ func NewEntityRelationsClient(subscriptionID string) EntityRelationsClient

+ func NewEntityRelationsClientWithBaseURI(baseURI string, subscriptionID string) EntityRelationsClient

+ func (client EntityRelationsClient) GetRelation(ctx context.Context, resourceGroupName string, ...) (result Relation, err error)

+ func (client EntityRelationsClient) GetRelationPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client EntityRelationsClient) GetRelationResponder(resp *http.Response) (result Relation, err error)

+ func (client EntityRelationsClient) GetRelationSender(req *http.Request) (*http.Response, error)

+ type EntityType string

+ const EntityTypeAccount

+ const EntityTypeAzureResource

+ const EntityTypeCloudApplication

+ const EntityTypeDNS

+ const EntityTypeFile

+ const EntityTypeFileHash

+ const EntityTypeHost

+ const EntityTypeHuntingBookmark

+ const EntityTypeIP

+ const EntityTypeIoTDevice

+ const EntityTypeMalware

+ const EntityTypeProcess

+ const EntityTypeRegistryKey

+ const EntityTypeRegistryValue

+ const EntityTypeSecurityAlert

+ const EntityTypeSecurityGroup

+ const EntityTypeURL

+ func PossibleEntityTypeValues() []EntityType

+ type ExpansionResultAggregation struct

+ AggregationType *string

+ Count *int32

+ DisplayName *string

+ EntityKind EntityKind

+ type ExpansionResultsMetadata struct

+ Aggregations *[]ExpansionResultAggregation

+ type EyesOn struct

+ Etag *string

+ ID *string

+ Kind KindBasicSettings

+ Name *string

+ Type *string

+ func (eo *EyesOn) UnmarshalJSON(body []byte) error

+ func (eo EyesOn) AsBasicSettings() (BasicSettings, bool)

+ func (eo EyesOn) AsEyesOn() (*EyesOn, bool)

+ func (eo EyesOn) AsSettings() (*Settings, bool)

+ func (eo EyesOn) MarshalJSON() ([]byte, error)

+ type EyesOnSettingsProperties struct

+ IsEnabled *bool

+ type FileEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ Type *string

+ func (fe *FileEntity) UnmarshalJSON(body []byte) error

+ func (fe FileEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (fe FileEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (fe FileEntity) AsBasicEntity() (BasicEntity, bool)

+ func (fe FileEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (fe FileEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (fe FileEntity) AsEntity() (*Entity, bool)

+ func (fe FileEntity) AsFileEntity() (*FileEntity, bool)

+ func (fe FileEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (fe FileEntity) AsHostEntity() (*HostEntity, bool)

+ func (fe FileEntity) AsIPEntity() (*IPEntity, bool)

+ func (fe FileEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (fe FileEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (fe FileEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (fe FileEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (fe FileEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (fe FileEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (fe FileEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (fe FileEntity) AsURLEntity() (*URLEntity, bool)

+ func (fe FileEntity) MarshalJSON() ([]byte, error)

+ type FileEntityProperties struct

+ AdditionalData map[string]interface{}

+ Directory *string

+ FileHashEntityIds *[]string

+ FileName *string

+ FriendlyName *string

+ HostEntityID *string

+ func (fep FileEntityProperties) MarshalJSON() ([]byte, error)

+ type FileHashAlgorithm string

+ const MD5

+ const SHA1

+ const SHA256

+ const SHA256AC

+ const Unknown

+ func PossibleFileHashAlgorithmValues() []FileHashAlgorithm

+ type FileHashEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ Type *string

+ func (fhe *FileHashEntity) UnmarshalJSON(body []byte) error

+ func (fhe FileHashEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (fhe FileHashEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (fhe FileHashEntity) AsBasicEntity() (BasicEntity, bool)

+ func (fhe FileHashEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (fhe FileHashEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (fhe FileHashEntity) AsEntity() (*Entity, bool)

+ func (fhe FileHashEntity) AsFileEntity() (*FileEntity, bool)

+ func (fhe FileHashEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (fhe FileHashEntity) AsHostEntity() (*HostEntity, bool)

+ func (fhe FileHashEntity) AsIPEntity() (*IPEntity, bool)

+ func (fhe FileHashEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (fhe FileHashEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (fhe FileHashEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (fhe FileHashEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (fhe FileHashEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (fhe FileHashEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (fhe FileHashEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (fhe FileHashEntity) AsURLEntity() (*URLEntity, bool)

+ func (fhe FileHashEntity) MarshalJSON() ([]byte, error)

+ type FileHashEntityProperties struct

+ AdditionalData map[string]interface{}

+ Algorithm FileHashAlgorithm

+ FriendlyName *string

+ HashValue *string

+ func (fhep FileHashEntityProperties) MarshalJSON() ([]byte, error)

+ type FusionAlertRule struct

+ Etag *string

+ ID *string

+ Kind KindBasicAlertRule

+ Name *string

+ Type *string

+ func (far *FusionAlertRule) UnmarshalJSON(body []byte) error

+ func (far FusionAlertRule) AsAlertRule() (*AlertRule, bool)

+ func (far FusionAlertRule) AsBasicAlertRule() (BasicAlertRule, bool)

+ func (far FusionAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)

+ func (far FusionAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)

+ func (far FusionAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)

+ func (far FusionAlertRule) MarshalJSON() ([]byte, error)

+ type FusionAlertRuleProperties struct

+ AlertRuleTemplateName *string

+ Description *string

+ DisplayName *string

+ Enabled *bool

+ LastModifiedUtc *date.Time

+ Severity AlertSeverity

+ Tactics *[]AttackTactic

+ func (farp FusionAlertRuleProperties) MarshalJSON() ([]byte, error)

+ type FusionAlertRuleTemplate struct

+ ID *string

+ Kind KindBasicAlertRuleTemplate

+ Name *string

+ Type *string

+ func (fart *FusionAlertRuleTemplate) UnmarshalJSON(body []byte) error

+ func (fart FusionAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)

+ func (fart FusionAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)

+ func (fart FusionAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)

+ func (fart FusionAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)

+ func (fart FusionAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)

+ func (fart FusionAlertRuleTemplate) MarshalJSON() ([]byte, error)

+ type FusionAlertRuleTemplateProperties struct

+ AlertRulesCreatedByTemplateCount *int32

+ CreatedDateUTC *date.Time

+ Description *string

+ DisplayName *string

+ RequiredDataConnectors *[]AlertRuleTemplateDataSource

+ Severity AlertSeverity

+ Status TemplateStatus

+ Tactics *[]AttackTactic

+ func (fart FusionAlertRuleTemplateProperties) MarshalJSON() ([]byte, error)

+ type GeoLocation struct

+ Asn *int32

+ City *string

+ CountryCode *string

+ CountryName *string

+ Latitude *float64

+ Longitude *float64

+ State *string

+ type GroupingConfiguration struct

+ Enabled *bool

+ EntitiesMatchingMethod EntitiesMatchingMethod

+ GroupByEntities *[]GroupingEntityType

+ LookbackDuration *string

+ ReopenClosedIncident *bool

+ type GroupingEntityType string

+ const Account

+ const Host

+ const IP

+ const URL

+ func PossibleGroupingEntityTypeValues() []GroupingEntityType

+ type HostEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ Type *string

+ func (he *HostEntity) UnmarshalJSON(body []byte) error

+ func (he HostEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (he HostEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (he HostEntity) AsBasicEntity() (BasicEntity, bool)

+ func (he HostEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (he HostEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (he HostEntity) AsEntity() (*Entity, bool)

+ func (he HostEntity) AsFileEntity() (*FileEntity, bool)

+ func (he HostEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (he HostEntity) AsHostEntity() (*HostEntity, bool)

+ func (he HostEntity) AsIPEntity() (*IPEntity, bool)

+ func (he HostEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (he HostEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (he HostEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (he HostEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (he HostEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (he HostEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (he HostEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (he HostEntity) AsURLEntity() (*URLEntity, bool)

+ func (he HostEntity) MarshalJSON() ([]byte, error)

+ type HostEntityProperties struct

+ AdditionalData map[string]interface{}

+ AzureID *string

+ DNSDomain *string

+ FriendlyName *string

+ HostName *string

+ IsDomainJoined *bool

+ NetBiosName *string

+ NtDomain *string

+ OmsAgentID *string

+ OsFamily OSFamily

+ OsVersion *string

+ func (hep HostEntityProperties) MarshalJSON() ([]byte, error)

+ type IPEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ Type *string

+ func (ie *IPEntity) UnmarshalJSON(body []byte) error

+ func (ie IPEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (ie IPEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (ie IPEntity) AsBasicEntity() (BasicEntity, bool)

+ func (ie IPEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (ie IPEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (ie IPEntity) AsEntity() (*Entity, bool)

+ func (ie IPEntity) AsFileEntity() (*FileEntity, bool)

+ func (ie IPEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (ie IPEntity) AsHostEntity() (*HostEntity, bool)

+ func (ie IPEntity) AsIPEntity() (*IPEntity, bool)

+ func (ie IPEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (ie IPEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (ie IPEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (ie IPEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (ie IPEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (ie IPEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (ie IPEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (ie IPEntity) AsURLEntity() (*URLEntity, bool)

+ func (ie IPEntity) MarshalJSON() ([]byte, error)

+ type IPEntityProperties struct

+ AdditionalData map[string]interface{}

+ Address *string

+ FriendlyName *string

+ Location *GeoLocation

+ ThreatIntelligence *[]ThreatIntelligence

+ func (iep IPEntityProperties) MarshalJSON() ([]byte, error)

+ type Incident struct

+ Etag *string

+ ID *string

+ Name *string

+ Type *string

+ func (i *Incident) UnmarshalJSON(body []byte) error

+ func (i Incident) MarshalJSON() ([]byte, error)

+ type IncidentAdditionalData struct

+ AlertProductNames *[]string

+ AlertsCount *int32

+ BookmarksCount *int32

+ CommentsCount *int32

+ Tactics *[]AttackTactic

+ type IncidentClassification string

+ const IncidentClassificationBenignPositive

+ const IncidentClassificationFalsePositive

+ const IncidentClassificationTruePositive

+ const IncidentClassificationUndetermined

+ func PossibleIncidentClassificationValues() []IncidentClassification

+ type IncidentClassificationReason string

+ const InaccurateData

+ const IncorrectAlertLogic

+ const SuspiciousActivity

+ const SuspiciousButExpected

+ func PossibleIncidentClassificationReasonValues() []IncidentClassificationReason

+ type IncidentComment struct

+ ID *string

+ Name *string

+ Type *string

+ func (ic *IncidentComment) UnmarshalJSON(body []byte) error

+ func (ic IncidentComment) MarshalJSON() ([]byte, error)

+ type IncidentCommentList struct

+ NextLink *string

+ Value *[]IncidentComment

+ func (icl IncidentCommentList) IsEmpty() bool

+ func (icl IncidentCommentList) MarshalJSON() ([]byte, error)

+ type IncidentCommentListIterator struct

+ func NewIncidentCommentListIterator(page IncidentCommentListPage) IncidentCommentListIterator

+ func (iter *IncidentCommentListIterator) Next() error

+ func (iter *IncidentCommentListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter IncidentCommentListIterator) NotDone() bool

+ func (iter IncidentCommentListIterator) Response() IncidentCommentList

+ func (iter IncidentCommentListIterator) Value() IncidentComment

+ type IncidentCommentListPage struct

+ func NewIncidentCommentListPage(...) IncidentCommentListPage

+ func (page *IncidentCommentListPage) Next() error

+ func (page *IncidentCommentListPage) NextWithContext(ctx context.Context) (err error)

+ func (page IncidentCommentListPage) NotDone() bool

+ func (page IncidentCommentListPage) Response() IncidentCommentList

+ func (page IncidentCommentListPage) Values() []IncidentComment

+ type IncidentCommentProperties struct

+ Author *ClientInfo

+ CreatedTimeUtc *date.Time

+ Message *string

+ func (icp IncidentCommentProperties) MarshalJSON() ([]byte, error)

+ type IncidentCommentsClient struct

+ func NewIncidentCommentsClient(subscriptionID string) IncidentCommentsClient

+ func NewIncidentCommentsClientWithBaseURI(baseURI string, subscriptionID string) IncidentCommentsClient

+ func (client IncidentCommentsClient) CreateComment(ctx context.Context, resourceGroupName string, ...) (result IncidentComment, err error)

+ func (client IncidentCommentsClient) CreateCommentPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client IncidentCommentsClient) CreateCommentResponder(resp *http.Response) (result IncidentComment, err error)

+ func (client IncidentCommentsClient) CreateCommentSender(req *http.Request) (*http.Response, error)

+ func (client IncidentCommentsClient) GetComment(ctx context.Context, resourceGroupName string, ...) (result IncidentComment, err error)

+ func (client IncidentCommentsClient) GetCommentPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client IncidentCommentsClient) GetCommentResponder(resp *http.Response) (result IncidentComment, err error)

+ func (client IncidentCommentsClient) GetCommentSender(req *http.Request) (*http.Response, error)

+ func (client IncidentCommentsClient) ListByIncident(ctx context.Context, resourceGroupName string, ...) (result IncidentCommentListPage, err error)

+ func (client IncidentCommentsClient) ListByIncidentComplete(ctx context.Context, resourceGroupName string, ...) (result IncidentCommentListIterator, err error)

+ func (client IncidentCommentsClient) ListByIncidentPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client IncidentCommentsClient) ListByIncidentResponder(resp *http.Response) (result IncidentCommentList, err error)

+ func (client IncidentCommentsClient) ListByIncidentSender(req *http.Request) (*http.Response, error)

+ type IncidentConfiguration struct

+ CreateIncident *bool

+ GroupingConfiguration *GroupingConfiguration

+ type IncidentInfo struct

+ IncidentID *string

+ RelationName *string

+ Severity CaseSeverity

+ Title *string

+ type IncidentLabel struct

+ LabelName *string

+ LabelType IncidentLabelType

+ func (il IncidentLabel) MarshalJSON() ([]byte, error)

+ type IncidentLabelType string

+ const System

+ const User

+ func PossibleIncidentLabelTypeValues() []IncidentLabelType

+ type IncidentList struct

+ NextLink *string

+ Value *[]Incident

+ func (il IncidentList) IsEmpty() bool

+ func (il IncidentList) MarshalJSON() ([]byte, error)

+ type IncidentListIterator struct

+ func NewIncidentListIterator(page IncidentListPage) IncidentListIterator

+ func (iter *IncidentListIterator) Next() error

+ func (iter *IncidentListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter IncidentListIterator) NotDone() bool

+ func (iter IncidentListIterator) Response() IncidentList

+ func (iter IncidentListIterator) Value() Incident

+ type IncidentListPage struct

+ func NewIncidentListPage(getNextPage func(context.Context, IncidentList) (IncidentList, error)) IncidentListPage

+ func (page *IncidentListPage) Next() error

+ func (page *IncidentListPage) NextWithContext(ctx context.Context) (err error)

+ func (page IncidentListPage) NotDone() bool

+ func (page IncidentListPage) Response() IncidentList

+ func (page IncidentListPage) Values() []Incident

+ type IncidentOwnerInfo struct

+ AssignedTo *string

+ Email *string

+ ObjectID *uuid.UUID

+ UserPrincipalName *string

+ type IncidentProperties struct

+ AdditionalData *IncidentAdditionalData

+ Classification IncidentClassification

+ ClassificationComment *string

+ ClassificationReason IncidentClassificationReason

+ CreatedTimeUtc *date.Time

+ Description *string

+ FirstActivityTimeUtc *date.Time

+ IncidentNumber *int32

+ IncidentURL *string

+ Labels *[]IncidentLabel

+ LastActivityTimeUtc *date.Time

+ LastModifiedTimeUtc *date.Time

+ Owner *IncidentOwnerInfo

+ RelatedAnalyticRuleIds *[]string

+ Severity IncidentSeverity

+ Status IncidentStatus

+ Title *string

+ func (IP IncidentProperties) MarshalJSON() ([]byte, error)

+ type IncidentRelationsClient struct

+ func NewIncidentRelationsClient(subscriptionID string) IncidentRelationsClient

+ func NewIncidentRelationsClientWithBaseURI(baseURI string, subscriptionID string) IncidentRelationsClient

+ func (client IncidentRelationsClient) CreateOrUpdateRelation(ctx context.Context, resourceGroupName string, ...) (result Relation, err error)

+ func (client IncidentRelationsClient) CreateOrUpdateRelationPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client IncidentRelationsClient) CreateOrUpdateRelationResponder(resp *http.Response) (result Relation, err error)

+ func (client IncidentRelationsClient) CreateOrUpdateRelationSender(req *http.Request) (*http.Response, error)

+ func (client IncidentRelationsClient) DeleteRelation(ctx context.Context, resourceGroupName string, ...) (result autorest.Response, err error)

+ func (client IncidentRelationsClient) DeleteRelationPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client IncidentRelationsClient) DeleteRelationResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client IncidentRelationsClient) DeleteRelationSender(req *http.Request) (*http.Response, error)

+ func (client IncidentRelationsClient) GetRelation(ctx context.Context, resourceGroupName string, ...) (result Relation, err error)

+ func (client IncidentRelationsClient) GetRelationPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client IncidentRelationsClient) GetRelationResponder(resp *http.Response) (result Relation, err error)

+ func (client IncidentRelationsClient) GetRelationSender(req *http.Request) (*http.Response, error)

+ func (client IncidentRelationsClient) List(ctx context.Context, resourceGroupName string, ...) (result RelationListPage, err error)

+ func (client IncidentRelationsClient) ListComplete(ctx context.Context, resourceGroupName string, ...) (result RelationListIterator, err error)

+ func (client IncidentRelationsClient) ListPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client IncidentRelationsClient) ListResponder(resp *http.Response) (result RelationList, err error)

+ func (client IncidentRelationsClient) ListSender(req *http.Request) (*http.Response, error)

+ type IncidentSeverity string

+ const IncidentSeverityHigh

+ const IncidentSeverityInformational

+ const IncidentSeverityLow

+ const IncidentSeverityMedium

+ func PossibleIncidentSeverityValues() []IncidentSeverity

+ type IncidentStatus string

+ const IncidentStatusActive

+ const IncidentStatusClosed

+ const IncidentStatusNew

+ func PossibleIncidentStatusValues() []IncidentStatus

+ type IncidentsClient struct

+ func NewIncidentsClient(subscriptionID string) IncidentsClient

+ func NewIncidentsClientWithBaseURI(baseURI string, subscriptionID string) IncidentsClient

+ func (client IncidentsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, ...) (result Incident, err error)

+ func (client IncidentsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client IncidentsClient) CreateOrUpdateResponder(resp *http.Response) (result Incident, err error)

+ func (client IncidentsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error)

+ func (client IncidentsClient) Delete(ctx context.Context, resourceGroupName string, ...) (result autorest.Response, err error)

+ func (client IncidentsClient) DeletePreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client IncidentsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client IncidentsClient) DeleteSender(req *http.Request) (*http.Response, error)

+ func (client IncidentsClient) Get(ctx context.Context, resourceGroupName string, ...) (result Incident, err error)

+ func (client IncidentsClient) GetPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client IncidentsClient) GetResponder(resp *http.Response) (result Incident, err error)

+ func (client IncidentsClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client IncidentsClient) List(ctx context.Context, resourceGroupName string, ...) (result IncidentListPage, err error)

+ func (client IncidentsClient) ListComplete(ctx context.Context, resourceGroupName string, ...) (result IncidentListIterator, err error)

+ func (client IncidentsClient) ListPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client IncidentsClient) ListResponder(resp *http.Response) (result IncidentList, err error)

+ func (client IncidentsClient) ListSender(req *http.Request) (*http.Response, error)

+ type IoTDeviceEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ Type *string

+ func (itde *IoTDeviceEntity) UnmarshalJSON(body []byte) error

+ func (itde IoTDeviceEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (itde IoTDeviceEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (itde IoTDeviceEntity) AsBasicEntity() (BasicEntity, bool)

+ func (itde IoTDeviceEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (itde IoTDeviceEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (itde IoTDeviceEntity) AsEntity() (*Entity, bool)

+ func (itde IoTDeviceEntity) AsFileEntity() (*FileEntity, bool)

+ func (itde IoTDeviceEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (itde IoTDeviceEntity) AsHostEntity() (*HostEntity, bool)

+ func (itde IoTDeviceEntity) AsIPEntity() (*IPEntity, bool)

+ func (itde IoTDeviceEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (itde IoTDeviceEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (itde IoTDeviceEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (itde IoTDeviceEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (itde IoTDeviceEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (itde IoTDeviceEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (itde IoTDeviceEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (itde IoTDeviceEntity) AsURLEntity() (*URLEntity, bool)

+ func (itde IoTDeviceEntity) MarshalJSON() ([]byte, error)

+ type IoTDeviceEntityProperties struct

+ AdditionalData map[string]interface{}

+ DeviceID *string

+ DeviceType *string

+ EdgeID *string

+ FriendlyName *string

+ HostEntityID *string

+ IotHubEntityID *string

+ IotSecurityAgentID *uuid.UUID

+ ThreatIntelligence *[]ThreatIntelligence

+ Vendor *string

+ func (itdep IoTDeviceEntityProperties) MarshalJSON() ([]byte, error)

+ type KillChainIntent string

+ const KillChainIntentCollection

+ const KillChainIntentCommandAndControl

+ const KillChainIntentCredentialAccess

+ const KillChainIntentDefenseEvasion

+ const KillChainIntentDiscovery

+ const KillChainIntentExecution

+ const KillChainIntentExfiltration

+ const KillChainIntentExploitation

+ const KillChainIntentImpact

+ const KillChainIntentLateralMovement

+ const KillChainIntentPersistence

+ const KillChainIntentPrivilegeEscalation

+ const KillChainIntentProbing

+ const KillChainIntentUnknown

+ func PossibleKillChainIntentValues() []KillChainIntent

+ type Kind string

+ const KindAggregations

+ const KindCasesAggregation

+ func PossibleKindValues() []Kind

+ type KindBasicAlertRule string

+ const KindAlertRule

+ const KindFusion

+ const KindMicrosoftSecurityIncidentCreation

+ const KindScheduled

+ func PossibleKindBasicAlertRuleValues() []KindBasicAlertRule

+ type KindBasicAlertRuleTemplate string

+ const KindBasicAlertRuleTemplateKindAlertRuleTemplate

+ const KindBasicAlertRuleTemplateKindFusion

+ const KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation

+ const KindBasicAlertRuleTemplateKindScheduled

+ func PossibleKindBasicAlertRuleTemplateValues() []KindBasicAlertRuleTemplate

+ type KindBasicDataConnector string

+ const KindAmazonWebServicesCloudTrail

+ const KindAzureActiveDirectory

+ const KindAzureAdvancedThreatProtection

+ const KindAzureSecurityCenter

+ const KindDataConnector

+ const KindMicrosoftCloudAppSecurity

+ const KindMicrosoftDefenderAdvancedThreatProtection

+ const KindOffice365

+ const KindThreatIntelligence

+ const KindThreatIntelligenceTaxii

+ func PossibleKindBasicDataConnectorValues() []KindBasicDataConnector

+ type KindBasicDataConnectorsCheckRequirements string

+ const KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail

+ const KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory

+ const KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection

+ const KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter

+ const KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements

+ const KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity

+ const KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection

+ const KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence

+ const KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii

+ func PossibleKindBasicDataConnectorsCheckRequirementsValues() []KindBasicDataConnectorsCheckRequirements

+ type KindBasicEntity string

+ const KindAccount

+ const KindAzureResource

+ const KindCloudApplication

+ const KindDNSResolution

+ const KindEntity

+ const KindFile

+ const KindFileHash

+ const KindHost

+ const KindIP

+ const KindIoTDevice

+ const KindMalware

+ const KindProcess

+ const KindRegistryKey

+ const KindRegistryValue

+ const KindSecurityAlert

+ const KindSecurityGroup

+ const KindURL

+ func PossibleKindBasicEntityValues() []KindBasicEntity

+ type KindBasicSettings string

+ const KindEyesOn

+ const KindSettings

+ func PossibleKindBasicSettingsValues() []KindBasicSettings

+ type MCASCheckRequirements struct

+ Kind KindBasicDataConnectorsCheckRequirements

+ func (mcr *MCASCheckRequirements) UnmarshalJSON(body []byte) error

+ func (mcr MCASCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)

+ func (mcr MCASCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)

+ func (mcr MCASCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)

+ func (mcr MCASCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)

+ func (mcr MCASCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)

+ func (mcr MCASCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)

+ func (mcr MCASCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)

+ func (mcr MCASCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)

+ func (mcr MCASCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)

+ func (mcr MCASCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)

+ func (mcr MCASCheckRequirements) MarshalJSON() ([]byte, error)

+ type MCASCheckRequirementsProperties struct

+ TenantID *string

+ type MCASDataConnector struct

+ Etag *string

+ ID *string

+ Kind KindBasicDataConnector

+ Name *string

+ Type *string

+ func (mdc *MCASDataConnector) UnmarshalJSON(body []byte) error

+ func (mdc MCASDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

+ func (mdc MCASDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

+ func (mdc MCASDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

+ func (mdc MCASDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

+ func (mdc MCASDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

+ func (mdc MCASDataConnector) AsDataConnector() (*DataConnector, bool)

+ func (mdc MCASDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

+ func (mdc MCASDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

+ func (mdc MCASDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

+ func (mdc MCASDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

+ func (mdc MCASDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)

+ func (mdc MCASDataConnector) MarshalJSON() ([]byte, error)

+ type MCASDataConnectorDataTypes struct

+ Alerts *AlertsDataTypeOfDataConnectorAlerts

+ DiscoveryLogs *MCASDataConnectorDataTypesDiscoveryLogs

+ type MCASDataConnectorDataTypesDiscoveryLogs struct

+ State DataTypeState

+ type MCASDataConnectorProperties struct

+ DataTypes *MCASDataConnectorDataTypes

+ TenantID *string

+ type MDATPCheckRequirements struct

+ Kind KindBasicDataConnectorsCheckRequirements

+ func (mcr *MDATPCheckRequirements) UnmarshalJSON(body []byte) error

+ func (mcr MDATPCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)

+ func (mcr MDATPCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)

+ func (mcr MDATPCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)

+ func (mcr MDATPCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)

+ func (mcr MDATPCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)

+ func (mcr MDATPCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)

+ func (mcr MDATPCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)

+ func (mcr MDATPCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)

+ func (mcr MDATPCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)

+ func (mcr MDATPCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)

+ func (mcr MDATPCheckRequirements) MarshalJSON() ([]byte, error)

+ type MDATPCheckRequirementsProperties struct

+ TenantID *string

+ type MDATPDataConnector struct

+ Etag *string

+ ID *string

+ Kind KindBasicDataConnector

+ Name *string

+ Type *string

+ func (mdc *MDATPDataConnector) UnmarshalJSON(body []byte) error

+ func (mdc MDATPDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

+ func (mdc MDATPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

+ func (mdc MDATPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

+ func (mdc MDATPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

+ func (mdc MDATPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

+ func (mdc MDATPDataConnector) AsDataConnector() (*DataConnector, bool)

+ func (mdc MDATPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

+ func (mdc MDATPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

+ func (mdc MDATPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

+ func (mdc MDATPDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

+ func (mdc MDATPDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)

+ func (mdc MDATPDataConnector) MarshalJSON() ([]byte, error)

+ type MDATPDataConnectorProperties struct

+ DataTypes *AlertsDataTypeOfDataConnector

+ TenantID *string

+ type MalwareEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ Type *string

+ func (me *MalwareEntity) UnmarshalJSON(body []byte) error

+ func (me MalwareEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (me MalwareEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (me MalwareEntity) AsBasicEntity() (BasicEntity, bool)

+ func (me MalwareEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (me MalwareEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (me MalwareEntity) AsEntity() (*Entity, bool)

+ func (me MalwareEntity) AsFileEntity() (*FileEntity, bool)

+ func (me MalwareEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (me MalwareEntity) AsHostEntity() (*HostEntity, bool)

+ func (me MalwareEntity) AsIPEntity() (*IPEntity, bool)

+ func (me MalwareEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (me MalwareEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (me MalwareEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (me MalwareEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (me MalwareEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (me MalwareEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (me MalwareEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (me MalwareEntity) AsURLEntity() (*URLEntity, bool)

+ func (me MalwareEntity) MarshalJSON() ([]byte, error)

+ type MalwareEntityProperties struct

+ AdditionalData map[string]interface{}

+ Category *string

+ FileEntityIds *[]string

+ FriendlyName *string

+ MalwareName *string

+ ProcessEntityIds *[]string

+ func (mep MalwareEntityProperties) MarshalJSON() ([]byte, error)

+ type MicrosoftSecurityIncidentCreationAlertRule struct

+ Etag *string

+ ID *string

+ Kind KindBasicAlertRule

+ Name *string

+ Type *string

+ func (msicar *MicrosoftSecurityIncidentCreationAlertRule) UnmarshalJSON(body []byte) error

+ func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsAlertRule() (*AlertRule, bool)

+ func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsBasicAlertRule() (BasicAlertRule, bool)

+ func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)

+ func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)

+ func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)

+ func (msicar MicrosoftSecurityIncidentCreationAlertRule) MarshalJSON() ([]byte, error)

+ type MicrosoftSecurityIncidentCreationAlertRuleCommonProperties struct

+ DisplayNamesExcludeFilter *[]string

+ DisplayNamesFilter *[]string

+ ProductFilter MicrosoftSecurityProductName

+ SeveritiesFilter *[]AlertSeverity

+ type MicrosoftSecurityIncidentCreationAlertRuleProperties struct

+ AlertRuleTemplateName *string

+ Description *string

+ DisplayName *string

+ DisplayNamesExcludeFilter *[]string

+ DisplayNamesFilter *[]string

+ Enabled *bool

+ LastModifiedUtc *date.Time

+ ProductFilter MicrosoftSecurityProductName

+ SeveritiesFilter *[]AlertSeverity

+ func (msicarp MicrosoftSecurityIncidentCreationAlertRuleProperties) MarshalJSON() ([]byte, error)

+ type MicrosoftSecurityIncidentCreationAlertRuleTemplate struct

+ ID *string

+ Kind KindBasicAlertRuleTemplate

+ Name *string

+ Type *string

+ func (msicart *MicrosoftSecurityIncidentCreationAlertRuleTemplate) UnmarshalJSON(body []byte) error

+ func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)

+ func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)

+ func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)

+ func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)

+ func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)

+ func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) MarshalJSON() ([]byte, error)

+ type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties struct

+ AlertRulesCreatedByTemplateCount *int32

+ CreatedDateUTC *date.Time

+ Description *string

+ DisplayName *string

+ DisplayNamesExcludeFilter *[]string

+ DisplayNamesFilter *[]string

+ ProductFilter MicrosoftSecurityProductName

+ RequiredDataConnectors *[]AlertRuleTemplateDataSource

+ SeveritiesFilter *[]AlertSeverity

+ Status TemplateStatus

+ func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) MarshalJSON() ([]byte, error)

+ type MicrosoftSecurityProductName string

+ const AzureActiveDirectoryIdentityProtection

+ const AzureAdvancedThreatProtection

+ const AzureSecurityCenter

+ const AzureSecurityCenterforIoT

+ const MicrosoftCloudAppSecurity

+ func PossibleMicrosoftSecurityProductNameValues() []MicrosoftSecurityProductName

+ type OSFamily string

+ const Android

+ const IOS

+ const Linux

+ const Windows

+ func PossibleOSFamilyValues() []OSFamily

+ type OfficeConsent struct

+ ID *string

+ Name *string

+ Type *string

+ func (oc *OfficeConsent) UnmarshalJSON(body []byte) error

+ func (oc OfficeConsent) MarshalJSON() ([]byte, error)

+ type OfficeConsentList struct

+ NextLink *string

+ Value *[]OfficeConsent

+ func (ocl OfficeConsentList) IsEmpty() bool

+ func (ocl OfficeConsentList) MarshalJSON() ([]byte, error)

+ type OfficeConsentListIterator struct

+ func NewOfficeConsentListIterator(page OfficeConsentListPage) OfficeConsentListIterator

+ func (iter *OfficeConsentListIterator) Next() error

+ func (iter *OfficeConsentListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter OfficeConsentListIterator) NotDone() bool

+ func (iter OfficeConsentListIterator) Response() OfficeConsentList

+ func (iter OfficeConsentListIterator) Value() OfficeConsent

+ type OfficeConsentListPage struct

+ func NewOfficeConsentListPage(...) OfficeConsentListPage

+ func (page *OfficeConsentListPage) Next() error

+ func (page *OfficeConsentListPage) NextWithContext(ctx context.Context) (err error)

+ func (page OfficeConsentListPage) NotDone() bool

+ func (page OfficeConsentListPage) Response() OfficeConsentList

+ func (page OfficeConsentListPage) Values() []OfficeConsent

+ type OfficeConsentProperties struct

+ TenantID *string

+ TenantName *string

+ func (ocp OfficeConsentProperties) MarshalJSON() ([]byte, error)

+ type OfficeConsentsClient struct

+ func NewOfficeConsentsClient(subscriptionID string) OfficeConsentsClient

+ func NewOfficeConsentsClientWithBaseURI(baseURI string, subscriptionID string) OfficeConsentsClient

+ func (client OfficeConsentsClient) Delete(ctx context.Context, resourceGroupName string, ...) (result autorest.Response, err error)

+ func (client OfficeConsentsClient) DeletePreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client OfficeConsentsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client OfficeConsentsClient) DeleteSender(req *http.Request) (*http.Response, error)

+ func (client OfficeConsentsClient) Get(ctx context.Context, resourceGroupName string, ...) (result OfficeConsent, err error)

+ func (client OfficeConsentsClient) GetPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client OfficeConsentsClient) GetResponder(resp *http.Response) (result OfficeConsent, err error)

+ func (client OfficeConsentsClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client OfficeConsentsClient) List(ctx context.Context, resourceGroupName string, ...) (result OfficeConsentListPage, err error)

+ func (client OfficeConsentsClient) ListComplete(ctx context.Context, resourceGroupName string, ...) (result OfficeConsentListIterator, err error)

+ func (client OfficeConsentsClient) ListPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client OfficeConsentsClient) ListResponder(resp *http.Response) (result OfficeConsentList, err error)

+ func (client OfficeConsentsClient) ListSender(req *http.Request) (*http.Response, error)

+ type OfficeDataConnector struct

+ Etag *string

+ ID *string

+ Kind KindBasicDataConnector

+ Name *string

+ Type *string

+ func (odc *OfficeDataConnector) UnmarshalJSON(body []byte) error

+ func (odc OfficeDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

+ func (odc OfficeDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

+ func (odc OfficeDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

+ func (odc OfficeDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

+ func (odc OfficeDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

+ func (odc OfficeDataConnector) AsDataConnector() (*DataConnector, bool)

+ func (odc OfficeDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

+ func (odc OfficeDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

+ func (odc OfficeDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

+ func (odc OfficeDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

+ func (odc OfficeDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)

+ func (odc OfficeDataConnector) MarshalJSON() ([]byte, error)

+ type OfficeDataConnectorDataTypes struct

+ Exchange *OfficeDataConnectorDataTypesExchange

+ SharePoint *OfficeDataConnectorDataTypesSharePoint

+ type OfficeDataConnectorDataTypesExchange struct

+ State DataTypeState

+ type OfficeDataConnectorDataTypesSharePoint struct

+ State DataTypeState

+ type OfficeDataConnectorProperties struct

+ DataTypes *OfficeDataConnectorDataTypes

+ TenantID *string

+ type Operation struct

+ Display *OperationDisplay

+ Name *string

+ type OperationDisplay struct

+ Description *string

+ Operation *string

+ Provider *string

+ Resource *string

+ type OperationsClient struct

+ func NewOperationsClient(subscriptionID string) OperationsClient

+ func NewOperationsClientWithBaseURI(baseURI string, subscriptionID string) OperationsClient

+ func (client OperationsClient) List(ctx context.Context) (result OperationsListPage, err error)

+ func (client OperationsClient) ListComplete(ctx context.Context) (result OperationsListIterator, err error)

+ func (client OperationsClient) ListPreparer(ctx context.Context) (*http.Request, error)

+ func (client OperationsClient) ListResponder(resp *http.Response) (result OperationsList, err error)

+ func (client OperationsClient) ListSender(req *http.Request) (*http.Response, error)

+ type OperationsList struct

+ NextLink *string

+ Value *[]Operation

+ func (ol OperationsList) IsEmpty() bool

+ type OperationsListIterator struct

+ func NewOperationsListIterator(page OperationsListPage) OperationsListIterator

+ func (iter *OperationsListIterator) Next() error

+ func (iter *OperationsListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter OperationsListIterator) NotDone() bool

+ func (iter OperationsListIterator) Response() OperationsList

+ func (iter OperationsListIterator) Value() Operation

+ type OperationsListPage struct

+ func NewOperationsListPage(getNextPage func(context.Context, OperationsList) (OperationsList, error)) OperationsListPage

+ func (page *OperationsListPage) Next() error

+ func (page *OperationsListPage) NextWithContext(ctx context.Context) (err error)

+ func (page OperationsListPage) NotDone() bool

+ func (page OperationsListPage) Response() OperationsList

+ func (page OperationsListPage) Values() []Operation

+ type ProcessEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ Type *string

+ func (peVar *ProcessEntity) UnmarshalJSON(body []byte) error

+ func (peVar ProcessEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (peVar ProcessEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (peVar ProcessEntity) AsBasicEntity() (BasicEntity, bool)

+ func (peVar ProcessEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (peVar ProcessEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (peVar ProcessEntity) AsEntity() (*Entity, bool)

+ func (peVar ProcessEntity) AsFileEntity() (*FileEntity, bool)

+ func (peVar ProcessEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (peVar ProcessEntity) AsHostEntity() (*HostEntity, bool)

+ func (peVar ProcessEntity) AsIPEntity() (*IPEntity, bool)

+ func (peVar ProcessEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (peVar ProcessEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (peVar ProcessEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (peVar ProcessEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (peVar ProcessEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (peVar ProcessEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (peVar ProcessEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (peVar ProcessEntity) AsURLEntity() (*URLEntity, bool)

+ func (peVar ProcessEntity) MarshalJSON() ([]byte, error)

+ type ProcessEntityProperties struct

+ AccountEntityID *string

+ AdditionalData map[string]interface{}

+ CommandLine *string

+ CreationTimeUtc *date.Time

+ ElevationToken ElevationToken

+ FriendlyName *string

+ HostEntityID *string

+ HostLogonSessionEntityID *string

+ ImageFileEntityID *string

+ ParentProcessEntityID *string

+ ProcessID *string

+ func (pep ProcessEntityProperties) MarshalJSON() ([]byte, error)

+ type ProductSettingsClient struct

+ func NewProductSettingsClient(subscriptionID string) ProductSettingsClient

+ func NewProductSettingsClientWithBaseURI(baseURI string, subscriptionID string) ProductSettingsClient

+ func (client ProductSettingsClient) Delete(ctx context.Context, resourceGroupName string, ...) (result autorest.Response, err error)

+ func (client ProductSettingsClient) DeletePreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client ProductSettingsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error)

+ func (client ProductSettingsClient) DeleteSender(req *http.Request) (*http.Response, error)

+ func (client ProductSettingsClient) Get(ctx context.Context, resourceGroupName string, ...) (result SettingsModel, err error)

+ func (client ProductSettingsClient) GetAll(ctx context.Context, resourceGroupName string, ...) (result SettingList, err error)

+ func (client ProductSettingsClient) GetAllPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client ProductSettingsClient) GetAllResponder(resp *http.Response) (result SettingList, err error)

+ func (client ProductSettingsClient) GetAllSender(req *http.Request) (*http.Response, error)

+ func (client ProductSettingsClient) GetPreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client ProductSettingsClient) GetResponder(resp *http.Response) (result SettingsModel, err error)

+ func (client ProductSettingsClient) GetSender(req *http.Request) (*http.Response, error)

+ func (client ProductSettingsClient) Update(ctx context.Context, resourceGroupName string, ...) (result SettingsModel, err error)

+ func (client ProductSettingsClient) UpdatePreparer(ctx context.Context, resourceGroupName string, ...) (*http.Request, error)

+ func (client ProductSettingsClient) UpdateResponder(resp *http.Response) (result SettingsModel, err error)

+ func (client ProductSettingsClient) UpdateSender(req *http.Request) (*http.Response, error)

+ type RegistryHive string

+ const HKEYA

+ const HKEYCLASSESROOT

+ const HKEYCURRENTCONFIG

+ const HKEYCURRENTUSER

+ const HKEYCURRENTUSERLOCALSETTINGS

+ const HKEYLOCALMACHINE

+ const HKEYPERFORMANCEDATA

+ const HKEYPERFORMANCENLSTEXT

+ const HKEYPERFORMANCETEXT

+ const HKEYUSERS

+ func PossibleRegistryHiveValues() []RegistryHive

+ type RegistryKeyEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ Type *string

+ func (rke *RegistryKeyEntity) UnmarshalJSON(body []byte) error

+ func (rke RegistryKeyEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (rke RegistryKeyEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (rke RegistryKeyEntity) AsBasicEntity() (BasicEntity, bool)

+ func (rke RegistryKeyEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (rke RegistryKeyEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (rke RegistryKeyEntity) AsEntity() (*Entity, bool)

+ func (rke RegistryKeyEntity) AsFileEntity() (*FileEntity, bool)

+ func (rke RegistryKeyEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (rke RegistryKeyEntity) AsHostEntity() (*HostEntity, bool)

+ func (rke RegistryKeyEntity) AsIPEntity() (*IPEntity, bool)

+ func (rke RegistryKeyEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (rke RegistryKeyEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (rke RegistryKeyEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (rke RegistryKeyEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (rke RegistryKeyEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (rke RegistryKeyEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (rke RegistryKeyEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (rke RegistryKeyEntity) AsURLEntity() (*URLEntity, bool)

+ func (rke RegistryKeyEntity) MarshalJSON() ([]byte, error)

+ type RegistryKeyEntityProperties struct

+ AdditionalData map[string]interface{}

+ FriendlyName *string

+ Hive RegistryHive

+ Key *string

+ func (rkep RegistryKeyEntityProperties) MarshalJSON() ([]byte, error)

+ type RegistryValueEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ Type *string

+ func (rve *RegistryValueEntity) UnmarshalJSON(body []byte) error

+ func (rve RegistryValueEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (rve RegistryValueEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (rve RegistryValueEntity) AsBasicEntity() (BasicEntity, bool)

+ func (rve RegistryValueEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (rve RegistryValueEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (rve RegistryValueEntity) AsEntity() (*Entity, bool)

+ func (rve RegistryValueEntity) AsFileEntity() (*FileEntity, bool)

+ func (rve RegistryValueEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (rve RegistryValueEntity) AsHostEntity() (*HostEntity, bool)

+ func (rve RegistryValueEntity) AsIPEntity() (*IPEntity, bool)

+ func (rve RegistryValueEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (rve RegistryValueEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (rve RegistryValueEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (rve RegistryValueEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (rve RegistryValueEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (rve RegistryValueEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (rve RegistryValueEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (rve RegistryValueEntity) AsURLEntity() (*URLEntity, bool)

+ func (rve RegistryValueEntity) MarshalJSON() ([]byte, error)

+ type RegistryValueEntityProperties struct

+ AdditionalData map[string]interface{}

+ FriendlyName *string

+ KeyEntityID *string

+ ValueData *string

+ ValueName *string

+ ValueType RegistryValueKind

+ func (rvep RegistryValueEntityProperties) MarshalJSON() ([]byte, error)

+ type RegistryValueKind string

+ const RegistryValueKindBinary

+ const RegistryValueKindDWord

+ const RegistryValueKindExpandString

+ const RegistryValueKindMultiString

+ const RegistryValueKindNone

+ const RegistryValueKindQWord

+ const RegistryValueKindString

+ const RegistryValueKindUnknown

+ func PossibleRegistryValueKindValues() []RegistryValueKind

+ type Relation struct

+ Etag *string

+ ID *string

+ Name *string

+ Type *string

+ func (r *Relation) UnmarshalJSON(body []byte) error

+ func (r Relation) MarshalJSON() ([]byte, error)

+ type RelationBase struct

+ Etag *string

+ ID *string

+ Kind RelationTypes

+ Name *string

+ Type *string

+ func (rb RelationBase) MarshalJSON() ([]byte, error)

+ type RelationList struct

+ NextLink *string

+ Value *[]Relation

+ func (rl RelationList) IsEmpty() bool

+ func (rl RelationList) MarshalJSON() ([]byte, error)

+ type RelationListIterator struct

+ func NewRelationListIterator(page RelationListPage) RelationListIterator

+ func (iter *RelationListIterator) Next() error

+ func (iter *RelationListIterator) NextWithContext(ctx context.Context) (err error)

+ func (iter RelationListIterator) NotDone() bool

+ func (iter RelationListIterator) Response() RelationList

+ func (iter RelationListIterator) Value() Relation

+ type RelationListPage struct

+ func NewRelationListPage(getNextPage func(context.Context, RelationList) (RelationList, error)) RelationListPage

+ func (page *RelationListPage) Next() error

+ func (page *RelationListPage) NextWithContext(ctx context.Context) (err error)

+ func (page RelationListPage) NotDone() bool

+ func (page RelationListPage) Response() RelationList

+ func (page RelationListPage) Values() []Relation

+ type RelationNode struct

+ Etag *string

+ RelationAdditionalProperties map[string]*string

+ RelationNodeID *string

+ RelationNodeKind RelationNodeKind

+ func (rn RelationNode) MarshalJSON() ([]byte, error)

+ type RelationNodeKind string

+ const RelationNodeKindBookmark

+ const RelationNodeKindCase

+ func PossibleRelationNodeKindValues() []RelationNodeKind

+ type RelationProperties struct

+ RelatedResourceID *string

+ RelatedResourceKind *string

+ RelatedResourceName *string

+ RelatedResourceType *string

+ func (rp RelationProperties) MarshalJSON() ([]byte, error)

+ type RelationTypes string

+ const CasesToBookmarks

+ func PossibleRelationTypesValues() []RelationTypes

+ type RelationsModelInput struct

+ Etag *string

+ ID *string

+ Kind RelationTypes

+ Name *string

+ Type *string

+ func (rmi *RelationsModelInput) UnmarshalJSON(body []byte) error

+ func (rmi RelationsModelInput) MarshalJSON() ([]byte, error)

+ type RelationsModelInputProperties struct

+ RelationName *string

+ SourceRelationNode *RelationNode

+ TargetRelationNode *RelationNode

+ type Resource struct

+ ID *string

+ Name *string

+ Type *string

+ type ResourceWithEtag struct

+ Etag *string

+ ID *string

+ Name *string

+ Type *string

+ func (rwe ResourceWithEtag) MarshalJSON() ([]byte, error)

+ type ScheduledAlertRule struct

+ Etag *string

+ ID *string

+ Kind KindBasicAlertRule

+ Name *string

+ Type *string

+ func (sar *ScheduledAlertRule) UnmarshalJSON(body []byte) error

+ func (sar ScheduledAlertRule) AsAlertRule() (*AlertRule, bool)

+ func (sar ScheduledAlertRule) AsBasicAlertRule() (BasicAlertRule, bool)

+ func (sar ScheduledAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool)

+ func (sar ScheduledAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool)

+ func (sar ScheduledAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool)

+ func (sar ScheduledAlertRule) MarshalJSON() ([]byte, error)

+ type ScheduledAlertRuleCommonProperties struct

+ Query *string

+ QueryFrequency *string

+ QueryPeriod *string

+ Severity AlertSeverity

+ TriggerOperator TriggerOperator

+ TriggerThreshold *int32

+ type ScheduledAlertRuleProperties struct

+ AlertRuleTemplateName *string

+ Description *string

+ DisplayName *string

+ Enabled *bool

+ IncidentConfiguration *IncidentConfiguration

+ LastModifiedUtc *date.Time

+ Query *string

+ QueryFrequency *string

+ QueryPeriod *string

+ Severity AlertSeverity

+ SuppressionDuration *string

+ SuppressionEnabled *bool

+ Tactics *[]AttackTactic

+ TriggerOperator TriggerOperator

+ TriggerThreshold *int32

+ func (sarp ScheduledAlertRuleProperties) MarshalJSON() ([]byte, error)

+ type ScheduledAlertRuleTemplate struct

+ ID *string

+ Kind KindBasicAlertRuleTemplate

+ Name *string

+ Type *string

+ func (sart *ScheduledAlertRuleTemplate) UnmarshalJSON(body []byte) error

+ func (sart ScheduledAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool)

+ func (sart ScheduledAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool)

+ func (sart ScheduledAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool)

+ func (sart ScheduledAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool)

+ func (sart ScheduledAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool)

+ func (sart ScheduledAlertRuleTemplate) MarshalJSON() ([]byte, error)

+ type ScheduledAlertRuleTemplateProperties struct

+ AlertRulesCreatedByTemplateCount *int32

+ CreatedDateUTC *date.Time

+ Description *string

+ DisplayName *string

+ Query *string

+ QueryFrequency *string

+ QueryPeriod *string

+ RequiredDataConnectors *[]AlertRuleTemplateDataSource

+ Severity AlertSeverity

+ Status TemplateStatus

+ Tactics *[]AttackTactic

+ TriggerOperator TriggerOperator

+ TriggerThreshold *int32

+ func (sart ScheduledAlertRuleTemplateProperties) MarshalJSON() ([]byte, error)

+ type SecurityAlert struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ Type *string

+ func (sa *SecurityAlert) UnmarshalJSON(body []byte) error

+ func (sa SecurityAlert) AsAccountEntity() (*AccountEntity, bool)

+ func (sa SecurityAlert) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (sa SecurityAlert) AsBasicEntity() (BasicEntity, bool)

+ func (sa SecurityAlert) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (sa SecurityAlert) AsDNSEntity() (*DNSEntity, bool)

+ func (sa SecurityAlert) AsEntity() (*Entity, bool)

+ func (sa SecurityAlert) AsFileEntity() (*FileEntity, bool)

+ func (sa SecurityAlert) AsFileHashEntity() (*FileHashEntity, bool)

+ func (sa SecurityAlert) AsHostEntity() (*HostEntity, bool)

+ func (sa SecurityAlert) AsIPEntity() (*IPEntity, bool)

+ func (sa SecurityAlert) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (sa SecurityAlert) AsMalwareEntity() (*MalwareEntity, bool)

+ func (sa SecurityAlert) AsProcessEntity() (*ProcessEntity, bool)

+ func (sa SecurityAlert) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (sa SecurityAlert) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (sa SecurityAlert) AsSecurityAlert() (*SecurityAlert, bool)

+ func (sa SecurityAlert) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (sa SecurityAlert) AsURLEntity() (*URLEntity, bool)

+ func (sa SecurityAlert) MarshalJSON() ([]byte, error)

+ type SecurityAlertProperties struct

+ AdditionalData map[string]interface{}

+ AlertDisplayName *string

+ AlertLink *string

+ AlertType *string

+ CompromisedEntity *string

+ ConfidenceLevel ConfidenceLevel

+ ConfidenceReasons *[]SecurityAlertPropertiesConfidenceReasonsItem

+ ConfidenceScore *float64

+ ConfidenceScoreStatus ConfidenceScoreStatus

+ Description *string

+ EndTimeUtc *date.Time

+ FriendlyName *string

+ Intent KillChainIntent

+ ProcessingEndTime *date.Time

+ ProductComponentName *string

+ ProductName *string

+ ProductVersion *string

+ ProviderAlertID *string

+ RemediationSteps *[]string

+ ResourceIdentifiers *[]interface{}

+ Severity AlertSeverity

+ StartTimeUtc *date.Time

+ Status AlertStatus

+ SystemAlertID *string

+ Tactics *[]AttackTactic

+ TimeGenerated *date.Time

+ VendorName *string

+ func (sap SecurityAlertProperties) MarshalJSON() ([]byte, error)

+ type SecurityAlertPropertiesConfidenceReasonsItem struct

+ Reason *string

+ ReasonType *string

+ type SecurityGroupEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ Type *string

+ func (sge *SecurityGroupEntity) UnmarshalJSON(body []byte) error

+ func (sge SecurityGroupEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (sge SecurityGroupEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (sge SecurityGroupEntity) AsBasicEntity() (BasicEntity, bool)

+ func (sge SecurityGroupEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (sge SecurityGroupEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (sge SecurityGroupEntity) AsEntity() (*Entity, bool)

+ func (sge SecurityGroupEntity) AsFileEntity() (*FileEntity, bool)

+ func (sge SecurityGroupEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (sge SecurityGroupEntity) AsHostEntity() (*HostEntity, bool)

+ func (sge SecurityGroupEntity) AsIPEntity() (*IPEntity, bool)

+ func (sge SecurityGroupEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (sge SecurityGroupEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (sge SecurityGroupEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (sge SecurityGroupEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (sge SecurityGroupEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (sge SecurityGroupEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (sge SecurityGroupEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (sge SecurityGroupEntity) AsURLEntity() (*URLEntity, bool)

+ func (sge SecurityGroupEntity) MarshalJSON() ([]byte, error)

+ type SecurityGroupEntityProperties struct

+ AdditionalData map[string]interface{}

+ DistinguishedName *string

+ FriendlyName *string

+ ObjectGUID *uuid.UUID

+ Sid *string

+ func (sgep SecurityGroupEntityProperties) MarshalJSON() ([]byte, error)

+ type SettingList struct

+ Value *[]BasicSettings

+ func (sl *SettingList) UnmarshalJSON(body []byte) error

+ type Settings struct

+ Etag *string

+ ID *string

+ Kind KindBasicSettings

+ Name *string

+ Type *string

+ func (s Settings) AsBasicSettings() (BasicSettings, bool)

+ func (s Settings) AsEyesOn() (*EyesOn, bool)

+ func (s Settings) AsSettings() (*Settings, bool)

+ func (s Settings) MarshalJSON() ([]byte, error)

+ type SettingsKind struct

+ Kind *string

+ type SettingsModel struct

+ Value BasicSettings

+ func (sm *SettingsModel) UnmarshalJSON(body []byte) error

+ type TICheckRequirements struct

+ Kind KindBasicDataConnectorsCheckRequirements

+ func (tcr *TICheckRequirements) UnmarshalJSON(body []byte) error

+ func (tcr TICheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)

+ func (tcr TICheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)

+ func (tcr TICheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)

+ func (tcr TICheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)

+ func (tcr TICheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)

+ func (tcr TICheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)

+ func (tcr TICheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)

+ func (tcr TICheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)

+ func (tcr TICheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)

+ func (tcr TICheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)

+ func (tcr TICheckRequirements) MarshalJSON() ([]byte, error)

+ type TICheckRequirementsProperties struct

+ TenantID *string

+ type TIDataConnector struct

+ Etag *string

+ ID *string

+ Kind KindBasicDataConnector

+ Name *string

+ Type *string

+ func (tdc *TIDataConnector) UnmarshalJSON(body []byte) error

+ func (tdc TIDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

+ func (tdc TIDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

+ func (tdc TIDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

+ func (tdc TIDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

+ func (tdc TIDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

+ func (tdc TIDataConnector) AsDataConnector() (*DataConnector, bool)

+ func (tdc TIDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

+ func (tdc TIDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

+ func (tdc TIDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

+ func (tdc TIDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

+ func (tdc TIDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)

+ func (tdc TIDataConnector) MarshalJSON() ([]byte, error)

+ type TIDataConnectorDataTypes struct

+ Indicators *TIDataConnectorDataTypesIndicators

+ type TIDataConnectorDataTypesIndicators struct

+ State DataTypeState

+ type TIDataConnectorProperties struct

+ DataTypes *TIDataConnectorDataTypes

+ TenantID *string

+ type TemplateStatus string

+ const Available

+ const Installed

+ const NotAvailable

+ func PossibleTemplateStatusValues() []TemplateStatus

+ type ThreatIntelligence struct

+ Confidence *float64

+ ProviderName *string

+ ReportLink *string

+ ThreatDescription *string

+ ThreatName *string

+ ThreatType *string

+ type TiTaxiiCheckRequirements struct

+ Kind KindBasicDataConnectorsCheckRequirements

+ func (ttcr *TiTaxiiCheckRequirements) UnmarshalJSON(body []byte) error

+ func (ttcr TiTaxiiCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool)

+ func (ttcr TiTaxiiCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool)

+ func (ttcr TiTaxiiCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool)

+ func (ttcr TiTaxiiCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool)

+ func (ttcr TiTaxiiCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool)

+ func (ttcr TiTaxiiCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool)

+ func (ttcr TiTaxiiCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool)

+ func (ttcr TiTaxiiCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool)

+ func (ttcr TiTaxiiCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool)

+ func (ttcr TiTaxiiCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool)

+ func (ttcr TiTaxiiCheckRequirements) MarshalJSON() ([]byte, error)

+ type TiTaxiiCheckRequirementsProperties struct

+ TenantID *string

+ type TiTaxiiDataConnector struct

+ Etag *string

+ ID *string

+ Kind KindBasicDataConnector

+ Name *string

+ Type *string

+ func (ttdc *TiTaxiiDataConnector) UnmarshalJSON(body []byte) error

+ func (ttdc TiTaxiiDataConnector) AsAADDataConnector() (*AADDataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) AsASCDataConnector() (*ASCDataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) AsBasicDataConnector() (BasicDataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) AsDataConnector() (*DataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) AsTIDataConnector() (*TIDataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool)

+ func (ttdc TiTaxiiDataConnector) MarshalJSON() ([]byte, error)

+ type TiTaxiiDataConnectorDataTypes struct

+ TaxiiClient *TiTaxiiDataConnectorDataTypesTaxiiClient

+ type TiTaxiiDataConnectorDataTypesTaxiiClient struct

+ State DataTypeState

+ type TiTaxiiDataConnectorProperties struct

+ CollectionID *string

+ DataTypes *TiTaxiiDataConnectorDataTypes

+ FriendlyName *string

+ Password *string

+ TaxiiServer *string

+ TenantID *string

+ UserName *string

+ WorkspaceID *string

+ type TriggerOperator string

+ const Equal

+ const GreaterThan

+ const LessThan

+ const NotEqual

+ func PossibleTriggerOperatorValues() []TriggerOperator

+ type URLEntity struct

+ ID *string

+ Kind KindBasicEntity

+ Name *string

+ Type *string

+ func (ue *URLEntity) UnmarshalJSON(body []byte) error

+ func (ue URLEntity) AsAccountEntity() (*AccountEntity, bool)

+ func (ue URLEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool)

+ func (ue URLEntity) AsBasicEntity() (BasicEntity, bool)

+ func (ue URLEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool)

+ func (ue URLEntity) AsDNSEntity() (*DNSEntity, bool)

+ func (ue URLEntity) AsEntity() (*Entity, bool)

+ func (ue URLEntity) AsFileEntity() (*FileEntity, bool)

+ func (ue URLEntity) AsFileHashEntity() (*FileHashEntity, bool)

+ func (ue URLEntity) AsHostEntity() (*HostEntity, bool)

+ func (ue URLEntity) AsIPEntity() (*IPEntity, bool)

+ func (ue URLEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool)

+ func (ue URLEntity) AsMalwareEntity() (*MalwareEntity, bool)

+ func (ue URLEntity) AsProcessEntity() (*ProcessEntity, bool)

+ func (ue URLEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool)

+ func (ue URLEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool)

+ func (ue URLEntity) AsSecurityAlert() (*SecurityAlert, bool)

+ func (ue URLEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool)

+ func (ue URLEntity) AsURLEntity() (*URLEntity, bool)

+ func (ue URLEntity) MarshalJSON() ([]byte, error)

+ type URLEntityProperties struct

+ AdditionalData map[string]interface{}

+ FriendlyName *string

+ URL *string

+ func (uep URLEntityProperties) MarshalJSON() ([]byte, error)

+ type UserInfo struct

+ Email *string

+ Name *string

+ ObjectID *uuid.UUID

+ func (UI UserInfo) MarshalJSON() ([]byte, error)

Other modules containing this package

gopkg.in/azure/azure-sdk-for-go.v42

gopkg.in/azure/azure-sdk-for-go.v43

gopkg.in/azure/azure-sdk-for-go.v44

gopkg.in/azure/azure-sdk-for-go.v46

gopkg.in/azure/azure-sdk-for-go.v47

gopkg.in/azure/azure-sdk-for-go.v48

gopkg.in/azure/azure-sdk-for-go.v49