@azure/arm-securityinsight package

Classes

SecurityInsights

Interfaces

AADCheckRequirements	Represents AAD (Azure Active Directory) requirements check request.
AADCheckRequirementsProperties	AAD (Azure Active Directory) requirements check properties.
AADDataConnector	Represents AAD (Azure Active Directory) data connector.
AADDataConnectorProperties	AAD (Azure Active Directory) data connector properties.
ASCCheckRequirements	Represents ASC (Azure Security Center) requirements check request.
ASCDataConnector	Represents ASC (Azure Security Center) data connector.
ASCDataConnectorProperties	ASC (Azure Security Center) data connector properties.
AatpCheckRequirements	Represents AATP (Azure Advanced Threat Protection) requirements check request.
AatpCheckRequirementsProperties	AATP (Azure Advanced Threat Protection) requirements check properties.
AatpDataConnector	Represents AATP (Azure Advanced Threat Protection) data connector.
AatpDataConnectorProperties	AATP (Azure Advanced Threat Protection) data connector properties.
AccountEntity	Represents an account entity.
AccountEntityProperties	Account entity property bag.
ActionPropertiesBase	Action property bag base.
ActionRequest	Action for alert rule.
ActionRequestProperties	Action property bag.
ActionResponse	Action for alert rule.
ActionResponseProperties	Action property bag.
Actions	Interface representing a Actions.
ActionsCreateOrUpdateOptionalParams	Optional parameters.
ActionsDeleteOptionalParams	Optional parameters.
ActionsGetOptionalParams	Optional parameters.
ActionsList	List all the actions.
ActionsListByAlertRuleNextOptionalParams	Optional parameters.
ActionsListByAlertRuleOptionalParams	Optional parameters.
ActivityCustomEntityQuery	Represents Activity entity query.
ActivityEntityQueriesPropertiesQueryDefinitions	The Activity query definitions
ActivityEntityQuery	Represents Activity entity query.
ActivityEntityQueryTemplate	Represents Activity entity query.
ActivityEntityQueryTemplatePropertiesQueryDefinitions	The Activity query definitions
ActivityTimelineItem	Represents Activity timeline item.
AlertDetailsOverride	Settings for how to dynamically override alert static details
AlertRule	Alert rule.
AlertRuleTemplate	Alert rule template.
AlertRuleTemplateDataSource	alert rule template data sources
AlertRuleTemplatePropertiesBase	Base alert rule template property bag.
AlertRuleTemplateWithMitreProperties	Alert rule template with MITRE property bag.
AlertRuleTemplates	Interface representing a AlertRuleTemplates.
AlertRuleTemplatesGetOptionalParams	Optional parameters.
AlertRuleTemplatesList	List all the alert rule templates.
AlertRuleTemplatesListNextOptionalParams	Optional parameters.
AlertRuleTemplatesListOptionalParams	Optional parameters.
AlertRules	Interface representing a AlertRules.
AlertRulesCreateOrUpdateOptionalParams	Optional parameters.
AlertRulesDeleteOptionalParams	Optional parameters.
AlertRulesGetOptionalParams	Optional parameters.
AlertRulesList	List all the alert rules.
AlertRulesListNextOptionalParams	Optional parameters.
AlertRulesListOptionalParams	Optional parameters.
AlertsDataTypeOfDataConnector	Alerts data type for data connectors.
Anomalies	Settings with single toggle.
AnomalySecurityMLAnalyticsSettings	Represents Anomaly Security ML Analytics Settings
AnomalyTimelineItem	Represents anomaly timeline item.
AutomationRule	An azure resource object with an Etag property
AutomationRuleAction	Describes an automation rule action.
AutomationRuleBooleanCondition
AutomationRuleCondition	Describes an automation rule condition.
AutomationRuleModifyPropertiesAction	Describes an automation rule action to modify an object's properties
AutomationRulePropertyArrayChangedValuesCondition
AutomationRulePropertyArrayValuesCondition
AutomationRulePropertyValuesChangedCondition
AutomationRulePropertyValuesCondition
AutomationRuleRunPlaybookAction	Describes an automation rule action to run a playbook
AutomationRuleTriggeringLogic	Describes automation rule triggering logic.
AutomationRules	Interface representing a AutomationRules.
AutomationRulesCreateOrUpdateOptionalParams	Optional parameters.
AutomationRulesDeleteOptionalParams	Optional parameters.
AutomationRulesGetOptionalParams	Optional parameters.
AutomationRulesList
AutomationRulesListNextOptionalParams	Optional parameters.
AutomationRulesListOptionalParams	Optional parameters.
Availability	Connector Availability Status
AwsCloudTrailCheckRequirements	Amazon Web Services CloudTrail requirements check request.
AwsCloudTrailDataConnector	Represents Amazon Web Services CloudTrail data connector.
AwsCloudTrailDataConnectorDataTypes	The available data types for Amazon Web Services CloudTrail data connector.
AwsCloudTrailDataConnectorDataTypesLogs	Logs data type.
AwsS3CheckRequirements	Amazon Web Services S3 requirements check request.
AwsS3DataConnector	Represents Amazon Web Services S3 data connector.
AwsS3DataConnectorDataTypes	The available data types for Amazon Web Services S3 data connector.
AwsS3DataConnectorDataTypesLogs	Logs data type.
AzureDevOpsResourceInfo	Resources created in Azure DevOps repository.
AzureResourceEntity	Represents an azure resource entity.
AzureResourceEntityProperties	AzureResource entity property bag.
Bookmark	Represents a bookmark in Azure Security Insights.
BookmarkEntityMappings	Describes the entity mappings of a single entity
BookmarkExpandOptionalParams	Optional parameters.
BookmarkExpandParameters	The parameters required to execute an expand operation on the given bookmark.
BookmarkExpandResponse	The entity expansion result operation response.
BookmarkExpandResponseValue	The expansion result values.
BookmarkList	List all the bookmarks.
BookmarkOperations	Interface representing a BookmarkOperations.
BookmarkRelations	Interface representing a BookmarkRelations.
BookmarkRelationsCreateOrUpdateOptionalParams	Optional parameters.
BookmarkRelationsDeleteOptionalParams	Optional parameters.
BookmarkRelationsGetOptionalParams	Optional parameters.
BookmarkRelationsListNextOptionalParams	Optional parameters.
BookmarkRelationsListOptionalParams	Optional parameters.
BookmarkTimelineItem	Represents bookmark timeline item.
Bookmarks	Interface representing a Bookmarks.
BookmarksCreateOrUpdateOptionalParams	Optional parameters.
BookmarksDeleteOptionalParams	Optional parameters.
BookmarksGetOptionalParams	Optional parameters.
BookmarksListNextOptionalParams	Optional parameters.
BookmarksListOptionalParams	Optional parameters.
BooleanConditionProperties	Describes an automation rule condition that applies a boolean operator (e.g AND, OR) to conditions
ClientInfo	Information on the client (user or application) that made some action
CloudApplicationEntity	Represents a cloud application entity.
CloudApplicationEntityProperties	CloudApplication entity property bag.
CloudError	Error response structure.
CloudErrorBody	Error details.
CodelessApiPollingDataConnector	Represents Codeless API Polling data connector.
CodelessConnectorPollingAuthProperties	Describe the authentication properties needed to successfully authenticate with the server
CodelessConnectorPollingConfigProperties	Config to describe the polling config for API poller connector
CodelessConnectorPollingPagingProperties	Describe the properties needed to make a pagination call
CodelessConnectorPollingRequestProperties	Describe the request properties needed to successfully pull from the server
CodelessConnectorPollingResponseProperties	Describes the response from the external server
CodelessUiConnectorConfigProperties	Config to describe the instructions blade
CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem	Setting for the connector check connectivity
CodelessUiConnectorConfigPropertiesDataTypesItem	Data type for last data received
CodelessUiConnectorConfigPropertiesGraphQueriesItem	The graph query to show the current data status
CodelessUiConnectorConfigPropertiesInstructionStepsItem	Instruction steps to enable the connector
CodelessUiConnectorConfigPropertiesSampleQueriesItem	The sample queries for the connector
CodelessUiDataConnector	Represents Codeless UI data connector.
ConnectedEntity	Expansion result connected entities
ConnectivityCriteria	Setting for the connector check connectivity
ConnectorInstructionModelBase	Instruction step details
ContentPathMap	The mapping of content type to a repo path.
CustomEntityQuery	Specific entity query that supports put requests.
Customs	Customs permissions required for the connector
CustomsPermission	Customs permissions required for the connector
DataConnector	Data connector
DataConnectorConnectBody	Represents Codeless API Polling data connector.
DataConnectorDataTypeCommon	Common field for data type in data connectors.
DataConnectorList	List all the data connectors.
DataConnectorRequirementsState	Data connector requirements status.
DataConnectorTenantId	Properties data connector on tenant level.
DataConnectorWithAlertsProperties	Data connector properties.
DataConnectors	Interface representing a DataConnectors.
DataConnectorsCheckRequirements	Data connector requirements properties.
DataConnectorsCheckRequirementsOperations	Interface representing a DataConnectorsCheckRequirementsOperations.
DataConnectorsCheckRequirementsPostOptionalParams	Optional parameters.
DataConnectorsConnectOptionalParams	Optional parameters.
DataConnectorsCreateOrUpdateOptionalParams	Optional parameters.
DataConnectorsDeleteOptionalParams	Optional parameters.
DataConnectorsDisconnectOptionalParams	Optional parameters.
DataConnectorsGetOptionalParams	Optional parameters.
DataConnectorsListNextOptionalParams	Optional parameters.
DataConnectorsListOptionalParams	Optional parameters.
DataTypeDefinitions	The data type definition
Deployment	Description about a deployment.
DeploymentInfo	Information regarding a deployment.
DnsEntity	Represents a dns entity.
DnsEntityProperties	Dns entity property bag.
DomainWhois	Interface representing a DomainWhois.
DomainWhoisGetOptionalParams	Optional parameters.
Dynamics365CheckRequirements	Represents Dynamics365 requirements check request.
Dynamics365CheckRequirementsProperties	Dynamics365 requirements check properties.
Dynamics365DataConnector	Represents Dynamics365 data connector.
Dynamics365DataConnectorDataTypes	The available data types for Dynamics365 data connector.
Dynamics365DataConnectorDataTypesDynamics365CdsActivities	Common Data Service data type connection.
Dynamics365DataConnectorProperties	Dynamics365 data connector properties.
EnrichmentDomainWhois	Whois information for a given domain and associated metadata
EnrichmentDomainWhoisContact	An individual contact associated with this domain
EnrichmentDomainWhoisContacts	The set of contacts associated with this domain
EnrichmentDomainWhoisDetails	The whois record for a given domain
EnrichmentDomainWhoisRegistrarDetails	The registrar associated with this domain
EnrichmentIpGeodata	Geodata information for a given IP address
Entities	Interface representing a Entities.
EntitiesExpandOptionalParams	Optional parameters.
EntitiesGetInsightsOptionalParams	Optional parameters.
EntitiesGetOptionalParams	Optional parameters.
EntitiesGetTimeline	Interface representing a EntitiesGetTimeline.
EntitiesGetTimelineListOptionalParams	Optional parameters.
EntitiesListNextOptionalParams	Optional parameters.
EntitiesListOptionalParams	Optional parameters.
EntitiesQueriesOptionalParams	Optional parameters.
EntitiesRelations	Interface representing a EntitiesRelations.
EntitiesRelationsListNextOptionalParams	Optional parameters.
EntitiesRelationsListOptionalParams	Optional parameters.
Entity	Specific entity.
EntityAnalytics	Settings with single toggle.
EntityCommonProperties	Entity common property bag.
EntityEdges	The edge that connects the entity to the other entity.
EntityExpandParameters	The parameters required to execute an expand operation on the given entity.
EntityExpandResponse	The entity expansion result operation response.
EntityExpandResponseValue	The expansion result values.
EntityFieldMapping	Map identifiers of a single entity
EntityGetInsightsParameters	The parameters required to execute insights operation on the given entity.
EntityGetInsightsResponse	The Get Insights result operation response.
EntityInsightItem	Entity insight Item.
EntityInsightItemQueryTimeInterval	The Time interval that the query actually executed on.
EntityList	List of all the entities.
EntityMapping	Single entity mapping for the alert rule
EntityQueries	Interface representing a EntityQueries.
EntityQueriesCreateOrUpdateOptionalParams	Optional parameters.
EntityQueriesDeleteOptionalParams	Optional parameters.
EntityQueriesGetOptionalParams	Optional parameters.
EntityQueriesListNextOptionalParams	Optional parameters.
EntityQueriesListOptionalParams	Optional parameters.
EntityQuery	Specific entity query.
EntityQueryItem	An abstract Query item for entity
EntityQueryItemProperties	An properties abstract Query item for entity
EntityQueryItemPropertiesDataTypesItem
EntityQueryList	List of all the entity queries.
EntityQueryTemplate	Specific entity query template.
EntityQueryTemplateList	List of all the entity query templates.
EntityQueryTemplates	Interface representing a EntityQueryTemplates.
EntityQueryTemplatesGetOptionalParams	Optional parameters.
EntityQueryTemplatesListNextOptionalParams	Optional parameters.
EntityQueryTemplatesListOptionalParams	Optional parameters.
EntityRelations	Interface representing a EntityRelations.
EntityRelationsGetRelationOptionalParams	Optional parameters.
EntityTimelineItem	Entity timeline Item.
EntityTimelineParameters	The parameters required to execute s timeline operation on the given entity.
EntityTimelineResponse	The entity timeline result operation response.
EventGroupingSettings	Event grouping settings property bag.
ExpansionEntityQuery	Represents Expansion entity query.
ExpansionResultAggregation	Information of a specific aggregation in the expansion result.
ExpansionResultsMetadata	Expansion result metadata.
EyesOn	Settings with single toggle.
FieldMapping	A single field mapping of the mapped entity
FileEntity	Represents a file entity.
FileEntityProperties	File entity property bag.
FileHashEntity	Represents a file hash entity.
FileHashEntityProperties	FileHash entity property bag.
FileImport	Represents a file import in Azure Security Insights.
FileImportList	List all the file imports.
FileImports	Interface representing a FileImports.
FileImportsCreateOptionalParams	Optional parameters.
FileImportsDeleteOptionalParams	Optional parameters.
FileImportsGetOptionalParams	Optional parameters.
FileImportsListNextOptionalParams	Optional parameters.
FileImportsListOptionalParams	Optional parameters.
FileMetadata	Represents a file.
FusionAlertRule	Represents Fusion alert rule.
FusionAlertRuleTemplate	Represents Fusion alert rule template.
FusionScenarioExclusionPattern	Represents a Fusion scenario exclusion patterns in Fusion detection.
FusionSourceSettings	Represents a supported source signal configuration in Fusion detection.
FusionSourceSubTypeSetting	Represents a supported source subtype configuration under a source signal in Fusion detection.
FusionSubTypeSeverityFilter	Represents severity configuration for a source subtype consumed in Fusion detection.
FusionSubTypeSeverityFiltersItem	Represents a Severity filter setting for a given source subtype consumed in Fusion detection.
FusionTemplateSourceSetting	Represents a source signal consumed in Fusion detection.
FusionTemplateSourceSubType	Represents a source subtype under a source signal consumed in Fusion detection.
FusionTemplateSubTypeSeverityFilter	Represents severity configurations available for a source subtype consumed in Fusion detection.
GeoLocation	The geo-location context attached to the ip entity
GetInsightsErrorKind	GetInsights Query Errors.
GetInsightsResultsMetadata	Get Insights result metadata.
GetQueriesResponse	Retrieve queries for entity result operation response.
GitHubResourceInfo	Resources created in GitHub repository.
GraphQueries	The graph query to show the current data status
GroupingConfiguration	Grouping configuration property bag.
HostEntity	Represents a host entity.
HostEntityProperties	Host entity property bag.
HuntingBookmark	Represents a Hunting bookmark entity.
HuntingBookmarkProperties	Describes bookmark properties
IPGeodata	Interface representing a IPGeodata.
IPGeodataGetOptionalParams	Optional parameters.
Incident	Represents an incident in Azure Security Insights.
IncidentAdditionalData	Incident additional data property bag.
IncidentAlertList	List of incident alerts.
IncidentBookmarkList	List of incident bookmarks.
IncidentComment	Represents an incident comment
IncidentCommentList	List of incident comments.
IncidentComments	Interface representing a IncidentComments.
IncidentCommentsCreateOrUpdateOptionalParams	Optional parameters.
IncidentCommentsDeleteOptionalParams	Optional parameters.
IncidentCommentsGetOptionalParams	Optional parameters.
IncidentCommentsListNextOptionalParams	Optional parameters.
IncidentCommentsListOptionalParams	Optional parameters.
IncidentConfiguration	Incident Configuration property bag.
IncidentEntitiesResponse	The incident related entities response.
IncidentEntitiesResultsMetadata	Information of a specific aggregation in the incident related entities result.
IncidentInfo	Describes related incident information for the bookmark
IncidentLabel	Represents an incident label
IncidentList	List all the incidents.
IncidentOwnerInfo	Information on the user an incident is assigned to
IncidentPropertiesAction
IncidentRelations	Interface representing a IncidentRelations.
IncidentRelationsCreateOrUpdateOptionalParams	Optional parameters.
IncidentRelationsDeleteOptionalParams	Optional parameters.
IncidentRelationsGetOptionalParams	Optional parameters.
IncidentRelationsListNextOptionalParams	Optional parameters.
IncidentRelationsListOptionalParams	Optional parameters.
Incidents	Interface representing a Incidents.
IncidentsCreateOrUpdateOptionalParams	Optional parameters.
IncidentsCreateTeamOptionalParams	Optional parameters.
IncidentsDeleteOptionalParams	Optional parameters.
IncidentsGetOptionalParams	Optional parameters.
IncidentsListAlertsOptionalParams	Optional parameters.
IncidentsListBookmarksOptionalParams	Optional parameters.
IncidentsListEntitiesOptionalParams	Optional parameters.
IncidentsListNextOptionalParams	Optional parameters.
IncidentsListOptionalParams	Optional parameters.
IncidentsRunPlaybookOptionalParams	Optional parameters.
InsightQueryItem	Represents Insight Query.
InsightQueryItemProperties	Represents Insight Query.
InsightQueryItemPropertiesAdditionalQuery	The activity query definitions.
InsightQueryItemPropertiesDefaultTimeRange	The insight chart query.
InsightQueryItemPropertiesReferenceTimeRange	The insight chart query.
InsightQueryItemPropertiesTableQuery	The insight table query.
InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem
InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem
InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem
InsightsTableResult	Query results for table insights query.
InsightsTableResultColumnsItem
InstructionSteps	Instruction steps to enable the connector
InstructionStepsInstructionsItem	Instruction step details
IoTCheckRequirements	Represents IoT requirements check request.
IoTDataConnector	Represents IoT data connector.
IoTDataConnectorProperties	IoT data connector properties.
IoTDeviceEntity	Represents an IoT device entity.
IoTDeviceEntityProperties	IoTDevice entity property bag.
IpEntity	Represents an ip entity.
IpEntityProperties	Ip entity property bag.
LastDataReceivedDataType	Data type for last data received
MLBehaviorAnalyticsAlertRule	Represents MLBehaviorAnalytics alert rule.
MLBehaviorAnalyticsAlertRuleTemplate	Represents MLBehaviorAnalytics alert rule template.
MLBehaviorAnalyticsAlertRuleTemplateProperties	MLBehaviorAnalytics alert rule template properties.
MTPCheckRequirementsProperties	MTP (Microsoft Threat Protection) requirements check properties.
MTPDataConnector	Represents MTP (Microsoft Threat Protection) data connector.
MTPDataConnectorDataTypes	The available data types for Microsoft Threat Protection Platforms data connector.
MTPDataConnectorDataTypesIncidents	Data type for Microsoft Threat Protection Platforms data connector.
MTPDataConnectorProperties	MTP (Microsoft Threat Protection) data connector properties.
MailClusterEntity	Represents a mail cluster entity.
MailClusterEntityProperties	Mail cluster entity property bag.
MailMessageEntity	Represents a mail message entity.
MailMessageEntityProperties	Mail message entity property bag.
MailboxEntity	Represents a mailbox entity.
MailboxEntityProperties	Mailbox entity property bag.
MalwareEntity	Represents a malware entity.
MalwareEntityProperties	Malware entity property bag.
ManualTriggerRequestBody
McasCheckRequirements	Represents MCAS (Microsoft Cloud App Security) requirements check request.
McasCheckRequirementsProperties	MCAS (Microsoft Cloud App Security) requirements check properties.
McasDataConnector	Represents MCAS (Microsoft Cloud App Security) data connector.
McasDataConnectorDataTypes	The available data types for MCAS (Microsoft Cloud App Security) data connector.
McasDataConnectorProperties	MCAS (Microsoft Cloud App Security) data connector properties.
MdatpCheckRequirements	Represents MDATP (Microsoft Defender Advanced Threat Protection) requirements check request.
MdatpCheckRequirementsProperties	MDATP (Microsoft Defender Advanced Threat Protection) requirements check properties.
MdatpDataConnector	Represents MDATP (Microsoft Defender Advanced Threat Protection) data connector.
MdatpDataConnectorProperties	MDATP (Microsoft Defender Advanced Threat Protection) data connector properties.
Metadata	Interface representing a Metadata.
MetadataAuthor	Publisher or creator of the content item.
MetadataCategories	ies for the solution content item
MetadataCreateOptionalParams	Optional parameters.
MetadataDeleteOptionalParams	Optional parameters.
MetadataDependencies	Dependencies for the content item, what other content items it requires to work. Can describe more complex dependencies using a recursive/nested structure. For a single dependency an id/kind/version can be supplied or operator/criteria for complex dependencies.
MetadataGetOptionalParams	Optional parameters.
MetadataList	List of all the metadata.
MetadataListNextOptionalParams	Optional parameters.
MetadataListOptionalParams	Optional parameters.
MetadataModel	Metadata resource definition.
MetadataPatch	Metadata patch request body.
MetadataSource	The original source of the content item, where it comes from.
MetadataSupport	Support information for the content item.
MetadataUpdateOptionalParams	Optional parameters.
MicrosoftSecurityIncidentCreationAlertRule	Represents MicrosoftSecurityIncidentCreation rule.
MicrosoftSecurityIncidentCreationAlertRuleCommonProperties	MicrosoftSecurityIncidentCreation rule common property bag.
MicrosoftSecurityIncidentCreationAlertRuleProperties	MicrosoftSecurityIncidentCreation rule property bag.
MicrosoftSecurityIncidentCreationAlertRuleTemplate	Represents MicrosoftSecurityIncidentCreation rule template.
MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties	MicrosoftSecurityIncidentCreation rule template properties
MstiCheckRequirements	Represents Microsoft Threat Intelligence requirements check request.
MstiCheckRequirementsProperties	Microsoft Threat Intelligence requirements check properties.
MstiDataConnector	Represents Microsoft Threat Intelligence data connector.
MstiDataConnectorDataTypes	The available data types for Microsoft Threat Intelligence Platforms data connector.
MstiDataConnectorDataTypesBingSafetyPhishingURL	Data type for Microsoft Threat Intelligence Platforms data connector.
MstiDataConnectorDataTypesMicrosoftEmergingThreatFeed	Data type for Microsoft Threat Intelligence Platforms data connector.
MstiDataConnectorProperties	Microsoft Threat Intelligence data connector properties.
MtpCheckRequirements	Represents MTP (Microsoft Threat Protection) requirements check request.
NicEntity	Represents an network interface entity.
NicEntityProperties	Nic entity property bag.
NrtAlertRule	Represents NRT alert rule.
NrtAlertRuleTemplate	Represents NRT alert rule template.
NrtAlertRuleTemplateProperties	NRT alert rule template properties
Office365ProjectCheckRequirements	Represents Office365 Project requirements check request.
Office365ProjectCheckRequirementsProperties	Office365 Project requirements check properties.
Office365ProjectConnectorDataTypes	The available data types for Office Microsoft Project data connector.
Office365ProjectConnectorDataTypesLogs	Logs data type.
Office365ProjectDataConnector	Represents Office Microsoft Project data connector.
Office365ProjectDataConnectorProperties	Office Microsoft Project data connector properties.
OfficeATPCheckRequirements	Represents OfficeATP (Office 365 Advanced Threat Protection) requirements check request.
OfficeATPCheckRequirementsProperties	OfficeATP (Office 365 Advanced Threat Protection) requirements check properties.
OfficeATPDataConnector	Represents OfficeATP (Office 365 Advanced Threat Protection) data connector.
OfficeATPDataConnectorProperties	OfficeATP (Office 365 Advanced Threat Protection) data connector properties.
OfficeConsent	Consent for Office365 tenant that already made.
OfficeConsentList	List of all the office365 consents.
OfficeConsents	Interface representing a OfficeConsents.
OfficeConsentsDeleteOptionalParams	Optional parameters.
OfficeConsentsGetOptionalParams	Optional parameters.
OfficeConsentsListNextOptionalParams	Optional parameters.
OfficeConsentsListOptionalParams	Optional parameters.
OfficeDataConnector	Represents office data connector.
OfficeDataConnectorDataTypes	The available data types for office data connector.
OfficeDataConnectorDataTypesExchange	Exchange data type connection.
OfficeDataConnectorDataTypesSharePoint	SharePoint data type connection.
OfficeDataConnectorDataTypesTeams	Teams data type connection.
OfficeDataConnectorProperties	Office data connector properties.
OfficeIRMCheckRequirements	Represents OfficeIRM (Microsoft Insider Risk Management) requirements check request.
OfficeIRMCheckRequirementsProperties	OfficeIRM (Microsoft Insider Risk Management) requirements check properties.
OfficeIRMDataConnector	Represents OfficeIRM (Microsoft Insider Risk Management) data connector.
OfficeIRMDataConnectorProperties	OfficeIRM (Microsoft Insider Risk Management) data connector properties.
OfficePowerBICheckRequirements	Represents Office PowerBI requirements check request.
OfficePowerBICheckRequirementsProperties	Office PowerBI requirements check properties.
OfficePowerBIConnectorDataTypes	The available data types for Office Microsoft PowerBI data connector.
OfficePowerBIConnectorDataTypesLogs	Logs data type.
OfficePowerBIDataConnector	Represents Office Microsoft PowerBI data connector.
OfficePowerBIDataConnectorProperties	Office Microsoft PowerBI data connector properties.
Operation	Operation provided by provider
OperationDisplay	Properties of the operation
Operations	Interface representing a Operations.
OperationsList	Lists the operations available in the SecurityInsights RP.
OperationsListNextOptionalParams	Optional parameters.
OperationsListOptionalParams	Optional parameters.
Permissions	Permissions required for the connector
PermissionsCustomsItem	Customs permissions required for the connector
PermissionsResourceProviderItem	Resource provider permissions required for the connector
PlaybookActionProperties
ProcessEntity	Represents a process entity.
ProcessEntityProperties	Process entity property bag.
ProductSettings	Interface representing a ProductSettings.
ProductSettingsDeleteOptionalParams	Optional parameters.
ProductSettingsGetOptionalParams	Optional parameters.
ProductSettingsListOptionalParams	Optional parameters.
ProductSettingsUpdateOptionalParams	Optional parameters.
PropertyArrayChangedConditionProperties	Describes an automation rule condition that evaluates an array property's value change
PropertyArrayConditionProperties	Describes an automation rule condition that evaluates an array property's value
PropertyChangedConditionProperties	Describes an automation rule condition that evaluates a property's value change
PropertyConditionProperties	Describes an automation rule condition that evaluates a property's value
QueryBasedAlertRuleTemplateProperties	Query based alert rule template base property bag.
RegistryKeyEntity	Represents a registry key entity.
RegistryKeyEntityProperties	RegistryKey entity property bag.
RegistryValueEntity	Represents a registry value entity.
RegistryValueEntityProperties	RegistryValue entity property bag.
Relation	Represents a relation between two resources
RelationList	List of relations.
Repo	Represents a repository.
RepoList	List all the source controls.
Repository	metadata of a repository.
RepositoryResourceInfo	Resources created in user's repository for the source-control.
RequiredPermissions	Required permissions for the connector
Resource	Common fields that are returned in the response for all Azure Resource Manager resources
ResourceProvider	Resource provider permissions required for the connector
ResourceWithEtag	An azure resource object with an Etag property
SampleQueries	The sample queries for the connector
ScheduledAlertRule	Represents scheduled alert rule.
ScheduledAlertRuleCommonProperties	Scheduled alert rule template property bag.
ScheduledAlertRuleProperties	Scheduled alert rule base property bag.
ScheduledAlertRuleTemplate	Represents scheduled alert rule template.
SecurityAlert	Represents a security alert entity.
SecurityAlertProperties	SecurityAlert entity property bag.
SecurityAlertPropertiesConfidenceReasonsItem	confidence reason item
SecurityAlertTimelineItem	Represents security alert timeline item.
SecurityGroupEntity	Represents a security group entity.
SecurityGroupEntityProperties	SecurityGroup entity property bag.
SecurityInsightsOptionalParams	Optional parameters.
SecurityMLAnalyticsSetting	Security ML Analytics Setting
SecurityMLAnalyticsSettings	Interface representing a SecurityMLAnalyticsSettings.
SecurityMLAnalyticsSettingsCreateOrUpdateOptionalParams	Optional parameters.
SecurityMLAnalyticsSettingsDataSource	security ml analytics settings data sources
SecurityMLAnalyticsSettingsDeleteOptionalParams	Optional parameters.
SecurityMLAnalyticsSettingsGetOptionalParams	Optional parameters.
SecurityMLAnalyticsSettingsList	List all the SecurityMLAnalyticsSettings
SecurityMLAnalyticsSettingsListNextOptionalParams	Optional parameters.
SecurityMLAnalyticsSettingsListOptionalParams	Optional parameters.
SentinelOnboardingState	Sentinel onboarding state
SentinelOnboardingStates	Interface representing a SentinelOnboardingStates.
SentinelOnboardingStatesCreateOptionalParams	Optional parameters.
SentinelOnboardingStatesDeleteOptionalParams	Optional parameters.
SentinelOnboardingStatesGetOptionalParams	Optional parameters.
SentinelOnboardingStatesList	List of the Sentinel onboarding states
SentinelOnboardingStatesListOptionalParams	Optional parameters.
SettingList	List of all the settings.
Settings	The Setting.
SourceControl	Represents a SourceControl in Azure Security Insights.
SourceControlList	List all the source controls.
SourceControlListRepositoriesNextOptionalParams	Optional parameters.
SourceControlListRepositoriesOptionalParams	Optional parameters.
SourceControlOperations	Interface representing a SourceControlOperations.
SourceControls	Interface representing a SourceControls.
SourceControlsCreateOptionalParams	Optional parameters.
SourceControlsDeleteOptionalParams	Optional parameters.
SourceControlsGetOptionalParams	Optional parameters.
SourceControlsListNextOptionalParams	Optional parameters.
SourceControlsListOptionalParams	Optional parameters.
SubmissionMailEntity	Represents a submission mail entity.
SubmissionMailEntityProperties	Submission mail entity property bag.
SystemData	Metadata pertaining to creation and last modification of the resource.
TICheckRequirements	Threat Intelligence Platforms data connector check requirements
TICheckRequirementsProperties	Threat Intelligence Platforms data connector required properties.
TIDataConnector	Represents threat intelligence data connector.
TIDataConnectorDataTypes	The available data types for TI (Threat Intelligence) data connector.
TIDataConnectorDataTypesIndicators	Data type for indicators connection.
TIDataConnectorProperties	TI (Threat Intelligence) data connector properties.
TeamInformation	Describes team information
TeamProperties	Describes team properties
ThreatIntelligence	ThreatIntelligence property bag.
ThreatIntelligenceAlertRule	Represents Threat Intelligence alert rule.
ThreatIntelligenceAlertRuleTemplate	Represents Threat Intelligence alert rule template.
ThreatIntelligenceAlertRuleTemplateProperties	Threat Intelligence alert rule template properties
ThreatIntelligenceAppendTags	Array of tags to be appended to the threat intelligence indicator.
ThreatIntelligenceExternalReference	Describes external reference
ThreatIntelligenceFilteringCriteria	Filtering criteria for querying threat intelligence indicators.
ThreatIntelligenceGranularMarkingModel	Describes threat granular marking model entity
ThreatIntelligenceIndicator	Interface representing a ThreatIntelligenceIndicator.
ThreatIntelligenceIndicatorAppendTagsOptionalParams	Optional parameters.
ThreatIntelligenceIndicatorCreateIndicatorOptionalParams	Optional parameters.
ThreatIntelligenceIndicatorCreateOptionalParams	Optional parameters.
ThreatIntelligenceIndicatorDeleteOptionalParams	Optional parameters.
ThreatIntelligenceIndicatorGetOptionalParams	Optional parameters.
ThreatIntelligenceIndicatorMetrics	Interface representing a ThreatIntelligenceIndicatorMetrics.
ThreatIntelligenceIndicatorMetricsListOptionalParams	Optional parameters.
ThreatIntelligenceIndicatorModel	Threat intelligence indicator entity.
ThreatIntelligenceIndicatorProperties	Describes threat intelligence entity properties
ThreatIntelligenceIndicatorQueryIndicatorsNextOptionalParams	Optional parameters.
ThreatIntelligenceIndicatorQueryIndicatorsOptionalParams	Optional parameters.
ThreatIntelligenceIndicatorReplaceTagsOptionalParams	Optional parameters.
ThreatIntelligenceIndicators	Interface representing a ThreatIntelligenceIndicators.
ThreatIntelligenceIndicatorsListNextOptionalParams	Optional parameters.
ThreatIntelligenceIndicatorsListOptionalParams	Optional parameters.
ThreatIntelligenceInformation	Threat intelligence information object.
ThreatIntelligenceInformationList	List of all the threat intelligence information objects.
ThreatIntelligenceKillChainPhase	Describes threat kill chain phase entity
ThreatIntelligenceMetric	Describes threat intelligence metric
ThreatIntelligenceMetricEntity	Describes threat intelligence metric entity
ThreatIntelligenceMetrics	Threat intelligence metrics.
ThreatIntelligenceMetricsList	List of all the threat intelligence metric fields (type/threat type/source).
ThreatIntelligenceParsedPattern	Describes parsed pattern entity
ThreatIntelligenceParsedPatternTypeValue	Describes threat kill chain phase entity
ThreatIntelligenceSortingCriteria	List of available columns for sorting
TiTaxiiCheckRequirements	Threat Intelligence TAXII data connector check requirements
TiTaxiiCheckRequirementsProperties	Threat Intelligence TAXII data connector required properties.
TiTaxiiDataConnector	Data connector to pull Threat intelligence data from TAXII 2.0/2.1 server
TiTaxiiDataConnectorDataTypes	The available data types for Threat Intelligence TAXII data connector.
TiTaxiiDataConnectorDataTypesTaxiiClient	Data type for TAXII connector.
TiTaxiiDataConnectorProperties	Threat Intelligence TAXII data connector properties.
TimelineAggregation	timeline aggregation information per kind
TimelineError	Timeline Query Errors.
TimelineResultsMetadata	Expansion result metadata.
Ueba	Settings with single toggle.
UrlEntity	Represents a url entity.
UrlEntityProperties	Url entity property bag.
UserInfo	User information that made some action
ValidationError	Describes an error encountered in the file during validation.
Watchlist	Represents a Watchlist in Azure Security Insights.
WatchlistItem	Represents a Watchlist item in Azure Security Insights.
WatchlistItemList	List all the watchlist items.
WatchlistItems	Interface representing a WatchlistItems.
WatchlistItemsCreateOrUpdateOptionalParams	Optional parameters.
WatchlistItemsDeleteOptionalParams	Optional parameters.
WatchlistItemsGetOptionalParams	Optional parameters.
WatchlistItemsListNextOptionalParams	Optional parameters.
WatchlistItemsListOptionalParams	Optional parameters.
WatchlistList	List all the watchlists.
Watchlists	Interface representing a Watchlists.
WatchlistsCreateOrUpdateHeaders	Defines headers for Watchlists_createOrUpdate operation.
WatchlistsCreateOrUpdateOptionalParams	Optional parameters.
WatchlistsDeleteHeaders	Defines headers for Watchlists_delete operation.
WatchlistsDeleteOptionalParams	Optional parameters.
WatchlistsGetOptionalParams	Optional parameters.
WatchlistsListNextOptionalParams	Optional parameters.
WatchlistsListOptionalParams	Optional parameters.
Webhook	Detail about the webhook object.

Type Aliases

ActionType	Defines values for ActionType. KnownActionType can be used interchangeably with ActionType, this enum contains the known values that the service supports. Known values supported by the service ModifyProperties: Modify an object's properties RunPlaybook: Run a playbook on an object
ActionsCreateOrUpdateResponse	Contains response data for the createOrUpdate operation.
ActionsGetResponse	Contains response data for the get operation.
ActionsListByAlertRuleNextResponse	Contains response data for the listByAlertRuleNext operation.
ActionsListByAlertRuleResponse	Contains response data for the listByAlertRule operation.
AlertDetail	Defines values for AlertDetail. KnownAlertDetail can be used interchangeably with AlertDetail, this enum contains the known values that the service supports. Known values supported by the service DisplayName: Alert display name Severity: Alert severity
AlertRuleKind	Defines values for AlertRuleKind. KnownAlertRuleKind can be used interchangeably with AlertRuleKind, this enum contains the known values that the service supports. Known values supported by the service Scheduled MicrosoftSecurityIncidentCreation Fusion MLBehaviorAnalytics ThreatIntelligence NRT
AlertRuleTemplateUnion
AlertRuleTemplatesGetResponse	Contains response data for the get operation.
AlertRuleTemplatesListNextResponse	Contains response data for the listNext operation.
AlertRuleTemplatesListResponse	Contains response data for the list operation.
AlertRuleUnion
AlertRulesCreateOrUpdateResponse	Contains response data for the createOrUpdate operation.
AlertRulesGetResponse	Contains response data for the get operation.
AlertRulesListNextResponse	Contains response data for the listNext operation.
AlertRulesListResponse	Contains response data for the list operation.
AlertSeverity	Defines values for AlertSeverity. KnownAlertSeverity can be used interchangeably with AlertSeverity, this enum contains the known values that the service supports. Known values supported by the service High: High severity Medium: Medium severity Low: Low severity Informational: Informational severity
AlertStatus	Defines values for AlertStatus. KnownAlertStatus can be used interchangeably with AlertStatus, this enum contains the known values that the service supports. Known values supported by the service Unknown: Unknown value New: New alert Resolved: Alert closed after handling Dismissed: Alert dismissed as false positive InProgress: Alert is being handled
AntispamMailDirection	Defines values for AntispamMailDirection. KnownAntispamMailDirection can be used interchangeably with AntispamMailDirection, this enum contains the known values that the service supports. Known values supported by the service Unknown: Unknown Inbound: Inbound Outbound: Outbound Intraorg: Intraorg
AttackTactic	Defines values for AttackTactic. KnownAttackTactic can be used interchangeably with AttackTactic, this enum contains the known values that the service supports. Known values supported by the service Reconnaissance ResourceDevelopment InitialAccess Execution Persistence PrivilegeEscalation DefenseEvasion CredentialAccess Discovery LateralMovement Collection Exfiltration CommandAndControl Impact PreAttack ImpairProcessControl InhibitResponseFunction
AutomationRuleActionUnion
AutomationRuleBooleanConditionSupportedOperator	Defines values for AutomationRuleBooleanConditionSupportedOperator. KnownAutomationRuleBooleanConditionSupportedOperator can be used interchangeably with AutomationRuleBooleanConditionSupportedOperator, this enum contains the known values that the service supports. Known values supported by the service And: Evaluates as true if all the item conditions are evaluated as true Or: Evaluates as true if at least one of the item conditions are evaluated as true
AutomationRuleConditionUnion
AutomationRulePropertyArrayChangedConditionSupportedArrayType	Defines values for AutomationRulePropertyArrayChangedConditionSupportedArrayType. KnownAutomationRulePropertyArrayChangedConditionSupportedArrayType can be used interchangeably with AutomationRulePropertyArrayChangedConditionSupportedArrayType, this enum contains the known values that the service supports. Known values supported by the service Alerts: Evaluate the condition on the alerts Labels: Evaluate the condition on the labels Tactics: Evaluate the condition on the tactics Comments: Evaluate the condition on the comments
AutomationRulePropertyArrayChangedConditionSupportedChangeType	Defines values for AutomationRulePropertyArrayChangedConditionSupportedChangeType. KnownAutomationRulePropertyArrayChangedConditionSupportedChangeType can be used interchangeably with AutomationRulePropertyArrayChangedConditionSupportedChangeType, this enum contains the known values that the service supports. Known values supported by the service Added: Evaluate the condition on items added to the array
AutomationRulePropertyArrayConditionSupportedArrayConditionType	Defines values for AutomationRulePropertyArrayConditionSupportedArrayConditionType. KnownAutomationRulePropertyArrayConditionSupportedArrayConditionType can be used interchangeably with AutomationRulePropertyArrayConditionSupportedArrayConditionType, this enum contains the known values that the service supports. Known values supported by the service AnyItem: Evaluate the condition as true if any item fulfills it
AutomationRulePropertyArrayConditionSupportedArrayType	Defines values for AutomationRulePropertyArrayConditionSupportedArrayType. KnownAutomationRulePropertyArrayConditionSupportedArrayType can be used interchangeably with AutomationRulePropertyArrayConditionSupportedArrayType, this enum contains the known values that the service supports. Known values supported by the service CustomDetails: Evaluate the condition on the custom detail keys CustomDetailValues: Evaluate the condition on a custom detail's values
AutomationRulePropertyChangedConditionSupportedChangedType	Defines values for AutomationRulePropertyChangedConditionSupportedChangedType. KnownAutomationRulePropertyChangedConditionSupportedChangedType can be used interchangeably with AutomationRulePropertyChangedConditionSupportedChangedType, this enum contains the known values that the service supports. Known values supported by the service ChangedFrom: Evaluate the condition on the previous value of the property ChangedTo: Evaluate the condition on the updated value of the property
AutomationRulePropertyChangedConditionSupportedPropertyType	Defines values for AutomationRulePropertyChangedConditionSupportedPropertyType. KnownAutomationRulePropertyChangedConditionSupportedPropertyType can be used interchangeably with AutomationRulePropertyChangedConditionSupportedPropertyType, this enum contains the known values that the service supports. Known values supported by the service IncidentSeverity: Evaluate the condition on the incident severity IncidentStatus: Evaluate the condition on the incident status IncidentOwner: Evaluate the condition on the incident owner
AutomationRulePropertyConditionSupportedOperator	Defines values for AutomationRulePropertyConditionSupportedOperator. KnownAutomationRulePropertyConditionSupportedOperator can be used interchangeably with AutomationRulePropertyConditionSupportedOperator, this enum contains the known values that the service supports. Known values supported by the service Equals: Evaluates if the property equals at least one of the condition values NotEquals: Evaluates if the property does not equal any of the condition values Contains: Evaluates if the property contains at least one of the condition values NotContains: Evaluates if the property does not contain any of the condition values StartsWith: Evaluates if the property starts with any of the condition values NotStartsWith: Evaluates if the property does not start with any of the condition values EndsWith: Evaluates if the property ends with any of the condition values NotEndsWith: Evaluates if the property does not end with any of the condition values
AutomationRulePropertyConditionSupportedProperty	Defines values for AutomationRulePropertyConditionSupportedProperty. KnownAutomationRulePropertyConditionSupportedProperty can be used interchangeably with AutomationRulePropertyConditionSupportedProperty, this enum contains the known values that the service supports. Known values supported by the service IncidentTitle: The title of the incident IncidentDescription: The description of the incident IncidentSeverity: The severity of the incident IncidentStatus: The status of the incident IncidentRelatedAnalyticRuleIds: The related Analytic rule ids of the incident IncidentTactics: The tactics of the incident IncidentLabel: The labels of the incident IncidentProviderName: The provider name of the incident IncidentUpdatedBySource: The update source of the incident IncidentCustomDetailsKey: The incident custom detail key IncidentCustomDetailsValue: The incident custom detail value AccountAadTenantId: The account Azure Active Directory tenant id AccountAadUserId: The account Azure Active Directory user id AccountName: The account name AccountNTDomain: The account NetBIOS domain name AccountPUID: The account Azure Active Directory Passport User ID AccountSid: The account security identifier AccountObjectGuid: The account unique identifier AccountUPNSuffix: The account user principal name suffix AlertProductNames: The name of the product of the alert AlertAnalyticRuleIds: The analytic rule ids of the alert AzureResourceResourceId: The Azure resource id AzureResourceSubscriptionId: The Azure resource subscription id CloudApplicationAppId: The cloud application identifier CloudApplicationAppName: The cloud application name DNSDomainName: The dns record domain name FileDirectory: The file directory full path FileName: The file name without path FileHashValue: The file hash value HostAzureID: The host Azure resource id HostName: The host name without domain HostNetBiosName: The host NetBIOS name HostNTDomain: The host NT domain HostOSVersion: The host operating system IoTDeviceId: "The IoT device id IoTDeviceName: The IoT device name IoTDeviceType: The IoT device type IoTDeviceVendor: The IoT device vendor IoTDeviceModel: The IoT device model IoTDeviceOperatingSystem: The IoT device operating system IPAddress: The IP address MailboxDisplayName: The mailbox display name MailboxPrimaryAddress: The mailbox primary address MailboxUPN: The mailbox user principal name MailMessageDeliveryAction: The mail message delivery action MailMessageDeliveryLocation: The mail message delivery location MailMessageRecipient: The mail message recipient MailMessageSenderIP: The mail message sender IP address MailMessageSubject: The mail message subject MailMessageP1Sender: The mail message P1 sender MailMessageP2Sender: The mail message P2 sender MalwareCategory: The malware category MalwareName: The malware name ProcessCommandLine: The process execution command line ProcessId: The process id RegistryKey: The registry key path RegistryValueData: The registry key value in string formatted representation Url: The url
AutomationRulesCreateOrUpdateResponse	Contains response data for the createOrUpdate operation.
AutomationRulesDeleteResponse	Contains response data for the delete operation.
AutomationRulesGetResponse	Contains response data for the get operation.
AutomationRulesListNextResponse	Contains response data for the listNext operation.
AutomationRulesListResponse	Contains response data for the list operation.
BookmarkExpandOperationResponse	Contains response data for the expand operation.
BookmarkRelationsCreateOrUpdateResponse	Contains response data for the createOrUpdate operation.
BookmarkRelationsGetResponse	Contains response data for the get operation.
BookmarkRelationsListNextResponse	Contains response data for the listNext operation.
BookmarkRelationsListResponse	Contains response data for the list operation.
BookmarksCreateOrUpdateResponse	Contains response data for the createOrUpdate operation.
BookmarksGetResponse	Contains response data for the get operation.
BookmarksListNextResponse	Contains response data for the listNext operation.
BookmarksListResponse	Contains response data for the list operation.
ConditionType	Defines values for ConditionType. KnownConditionType can be used interchangeably with ConditionType, this enum contains the known values that the service supports. Known values supported by the service Property: Evaluate an object property value PropertyArray: Evaluate an object array property value PropertyChanged: Evaluate an object property changed value PropertyArrayChanged: Evaluate an object array property changed value Boolean: Apply a boolean operator (e.g AND, OR) to conditions
ConfidenceLevel	Defines values for ConfidenceLevel. KnownConfidenceLevel can be used interchangeably with ConfidenceLevel, this enum contains the known values that the service supports. Known values supported by the service Unknown: Unknown confidence, the is the default value Low: Low confidence, meaning we have some doubts this is indeed malicious or part of an attack High: High confidence that the alert is true positive malicious
ConfidenceScoreStatus	Defines values for ConfidenceScoreStatus. KnownConfidenceScoreStatus can be used interchangeably with ConfidenceScoreStatus, this enum contains the known values that the service supports. Known values supported by the service NotApplicable: Score will not be calculated for this alert as it is not supported by virtual analyst InProcess: No score was set yet and calculation is in progress NotFinal: Score is calculated and shown as part of the alert, but may be updated again at a later time following the processing of additional data Final: Final score was calculated and available
ConnectAuthKind	Defines values for ConnectAuthKind. KnownConnectAuthKind can be used interchangeably with ConnectAuthKind, this enum contains the known values that the service supports. Known values supported by the service Basic OAuth2 APIKey
ConnectivityType	Defines values for ConnectivityType. KnownConnectivityType can be used interchangeably with ConnectivityType, this enum contains the known values that the service supports. Known values supported by the service IsConnectedQuery
ContentType	Defines values for ContentType. KnownContentType can be used interchangeably with ContentType, this enum contains the known values that the service supports. Known values supported by the service AnalyticRule Workbook
CreatedByType	Defines values for CreatedByType. KnownCreatedByType can be used interchangeably with CreatedByType, this enum contains the known values that the service supports. Known values supported by the service User Application ManagedIdentity Key
CustomEntityQueryKind	Defines values for CustomEntityQueryKind. KnownCustomEntityQueryKind can be used interchangeably with CustomEntityQueryKind, this enum contains the known values that the service supports. Known values supported by the service Activity
CustomEntityQueryUnion
DataConnectorAuthorizationState	Defines values for DataConnectorAuthorizationState. KnownDataConnectorAuthorizationState can be used interchangeably with DataConnectorAuthorizationState, this enum contains the known values that the service supports. Known values supported by the service Valid Invalid
DataConnectorKind	Defines values for DataConnectorKind. KnownDataConnectorKind can be used interchangeably with DataConnectorKind, this enum contains the known values that the service supports. Known values supported by the service AzureActiveDirectory AzureSecurityCenter MicrosoftCloudAppSecurity ThreatIntelligence ThreatIntelligenceTaxii Office365 OfficeATP OfficeIRM Office365Project OfficePowerBI AmazonWebServicesCloudTrail AmazonWebServicesS3 AzureAdvancedThreatProtection MicrosoftDefenderAdvancedThreatProtection Dynamics365 MicrosoftThreatProtection MicrosoftThreatIntelligence GenericUI APIPolling IOT
DataConnectorLicenseState	Defines values for DataConnectorLicenseState. KnownDataConnectorLicenseState can be used interchangeably with DataConnectorLicenseState, this enum contains the known values that the service supports. Known values supported by the service Valid Invalid Unknown
DataConnectorUnion
DataConnectorsCheckRequirementsPostResponse	Contains response data for the post operation.
DataConnectorsCheckRequirementsUnion
DataConnectorsCreateOrUpdateResponse	Contains response data for the createOrUpdate operation.
DataConnectorsGetResponse	Contains response data for the get operation.
DataConnectorsListNextResponse	Contains response data for the listNext operation.
DataConnectorsListResponse	Contains response data for the list operation.
DataTypeState	Defines values for DataTypeState. KnownDataTypeState can be used interchangeably with DataTypeState, this enum contains the known values that the service supports. Known values supported by the service Enabled Disabled
DeleteStatus	Defines values for DeleteStatus. KnownDeleteStatus can be used interchangeably with DeleteStatus, this enum contains the known values that the service supports. Known values supported by the service Deleted: The file was deleted. NotDeleted: The file was not deleted. Unspecified: Unspecified
DeliveryAction	Defines values for DeliveryAction.
DeliveryLocation	Defines values for DeliveryLocation.
DeploymentFetchStatus	Defines values for DeploymentFetchStatus. KnownDeploymentFetchStatus can be used interchangeably with DeploymentFetchStatus, this enum contains the known values that the service supports. Known values supported by the service Success Unauthorized NotFound
DeploymentResult	Defines values for DeploymentResult. KnownDeploymentResult can be used interchangeably with DeploymentResult, this enum contains the known values that the service supports. Known values supported by the service Success Canceled Failed
DeploymentState	Defines values for DeploymentState. KnownDeploymentState can be used interchangeably with DeploymentState, this enum contains the known values that the service supports. Known values supported by the service In_Progress Completed Queued Canceling
DeviceImportance	Defines values for DeviceImportance. KnownDeviceImportance can be used interchangeably with DeviceImportance, this enum contains the known values that the service supports. Known values supported by the service Unknown: Unknown - Default value Low: Low Normal: Normal High: High
DomainWhoisGetResponse	Contains response data for the get operation.
ElevationToken	Defines values for ElevationToken.
EntitiesExpandResponse	Contains response data for the expand operation.
EntitiesGetInsightsResponse	Contains response data for the getInsights operation.
EntitiesGetResponse	Contains response data for the get operation.
EntitiesGetTimelineListResponse	Contains response data for the list operation.
EntitiesListNextResponse	Contains response data for the listNext operation.
EntitiesListResponse	Contains response data for the list operation.
EntitiesQueriesResponse	Contains response data for the queries operation.
EntitiesRelationsListNextResponse	Contains response data for the listNext operation.
EntitiesRelationsListResponse	Contains response data for the list operation.
EntityItemQueryKind	Defines values for EntityItemQueryKind. KnownEntityItemQueryKind can be used interchangeably with EntityItemQueryKind, this enum contains the known values that the service supports. Known values supported by the service Insight: insight
EntityKind	Defines values for EntityKind. KnownEntityKind can be used interchangeably with EntityKind, this enum contains the known values that the service supports. Known values supported by the service Account: Entity represents account in the system. Host: Entity represents host in the system. File: Entity represents file in the system. AzureResource: Entity represents azure resource in the system. CloudApplication: Entity represents cloud application in the system. DnsResolution: Entity represents dns resolution in the system. FileHash: Entity represents file hash in the system. Ip: Entity represents ip in the system. Malware: Entity represents malware in the system. Process: Entity represents process in the system. RegistryKey: Entity represents registry key in the system. RegistryValue: Entity represents registry value in the system. SecurityGroup: Entity represents security group in the system. Url: Entity represents url in the system. IoTDevice: Entity represents IoT device in the system. SecurityAlert: Entity represents security alert in the system. Bookmark: Entity represents bookmark in the system. MailCluster: Entity represents mail cluster in the system. MailMessage: Entity represents mail message in the system. Mailbox: Entity represents mailbox in the system. SubmissionMail: Entity represents submission mail in the system. Nic: Entity represents network interface in the system.
EntityMappingType	Defines values for EntityMappingType. KnownEntityMappingType can be used interchangeably with EntityMappingType, this enum contains the known values that the service supports. Known values supported by the service Account: User account entity type Host: Host entity type IP: IP address entity type Malware: Malware entity type File: System file entity type Process: Process entity type CloudApplication: Cloud app entity type DNS: DNS entity type AzureResource: Azure resource entity type FileHash: File-hash entity type RegistryKey: Registry key entity type RegistryValue: Registry value entity type SecurityGroup: Security group entity type URL: URL entity type Mailbox: Mailbox entity type MailCluster: Mail cluster entity type MailMessage: Mail message entity type SubmissionMail: Submission mail entity type
EntityProviders	Defines values for EntityProviders. KnownEntityProviders can be used interchangeably with EntityProviders, this enum contains the known values that the service supports. Known values supported by the service ActiveDirectory AzureActiveDirectory
EntityQueriesCreateOrUpdateResponse	Contains response data for the createOrUpdate operation.
EntityQueriesGetResponse	Contains response data for the get operation.
EntityQueriesListNextResponse	Contains response data for the listNext operation.
EntityQueriesListResponse	Contains response data for the list operation.
EntityQueryItemUnion
EntityQueryKind	Defines values for EntityQueryKind. KnownEntityQueryKind can be used interchangeably with EntityQueryKind, this enum contains the known values that the service supports. Known values supported by the service Expansion Insight Activity
EntityQueryTemplateKind	Defines values for EntityQueryTemplateKind. KnownEntityQueryTemplateKind can be used interchangeably with EntityQueryTemplateKind, this enum contains the known values that the service supports. Known values supported by the service Activity
EntityQueryTemplateUnion
EntityQueryTemplatesGetResponse	Contains response data for the get operation.
EntityQueryTemplatesListNextResponse	Contains response data for the listNext operation.
EntityQueryTemplatesListResponse	Contains response data for the list operation.
EntityQueryUnion
EntityRelationsGetRelationResponse	Contains response data for the getRelation operation.
EntityTimelineItemUnion
EntityTimelineKind	Defines values for EntityTimelineKind. KnownEntityTimelineKind can be used interchangeably with EntityTimelineKind, this enum contains the known values that the service supports. Known values supported by the service Activity: activity Bookmark: bookmarks SecurityAlert: security alerts Anomaly: anomaly
EntityType	Defines values for EntityType. KnownEntityType can be used interchangeably with EntityType, this enum contains the known values that the service supports. Known values supported by the service Account: Entity represents account in the system. Host: Entity represents host in the system. File: Entity represents file in the system. AzureResource: Entity represents azure resource in the system. CloudApplication: Entity represents cloud application in the system. DNS: Entity represents dns in the system. FileHash: Entity represents file hash in the system. IP: Entity represents ip in the system. Malware: Entity represents malware in the system. Process: Entity represents process in the system. RegistryKey: Entity represents registry key in the system. RegistryValue: Entity represents registry value in the system. SecurityGroup: Entity represents security group in the system. URL: Entity represents url in the system. IoTDevice: Entity represents IoT device in the system. SecurityAlert: Entity represents security alert in the system. HuntingBookmark: Entity represents HuntingBookmark in the system. MailCluster: Entity represents mail cluster in the system. MailMessage: Entity represents mail message in the system. Mailbox: Entity represents mailbox in the system. SubmissionMail: Entity represents submission mail in the system. Nic: Entity represents network interface in the system.
EntityUnion
Enum13	Defines values for Enum13. KnownEnum13 can be used interchangeably with Enum13, this enum contains the known values that the service supports. Known values supported by the service Expansion Activity
EventGroupingAggregationKind	Defines values for EventGroupingAggregationKind. KnownEventGroupingAggregationKind can be used interchangeably with EventGroupingAggregationKind, this enum contains the known values that the service supports. Known values supported by the service SingleAlert AlertPerResult
FileFormat	Defines values for FileFormat. KnownFileFormat can be used interchangeably with FileFormat, this enum contains the known values that the service supports. Known values supported by the service CSV: A CSV file. JSON: A JSON file. Unspecified: A file of other format.
FileHashAlgorithm	Defines values for FileHashAlgorithm. KnownFileHashAlgorithm can be used interchangeably with FileHashAlgorithm, this enum contains the known values that the service supports. Known values supported by the service Unknown: Unknown hash algorithm MD5: MD5 hash type SHA1: SHA1 hash type SHA256: SHA256 hash type SHA256AC: SHA256 Authenticode hash type
FileImportContentType	Defines values for FileImportContentType. KnownFileImportContentType can be used interchangeably with FileImportContentType, this enum contains the known values that the service supports. Known values supported by the service BasicIndicator: File containing records with the core fields of an indicator, plus the observables to construct the STIX pattern. StixIndicator: File containing STIX indicators. Unspecified: File containing other records.
FileImportState	Defines values for FileImportState. KnownFileImportState can be used interchangeably with FileImportState, this enum contains the known values that the service supports. Known values supported by the service FatalError: A fatal error has occurred while ingesting the file. Ingested: The file has been ingested. IngestedWithErrors: The file has been ingested with errors. InProgress: The file ingestion is in progress. Invalid: The file is invalid. WaitingForUpload: Waiting for the file to be uploaded. Unspecified: Unspecified state.
FileImportsCreateResponse	Contains response data for the create operation.
FileImportsDeleteResponse	Contains response data for the delete operation.
FileImportsGetResponse	Contains response data for the get operation.
FileImportsListNextResponse	Contains response data for the listNext operation.
FileImportsListResponse	Contains response data for the list operation.
GetInsightsError	Defines values for GetInsightsError. KnownGetInsightsError can be used interchangeably with GetInsightsError, this enum contains the known values that the service supports. Known values supported by the service Insight
IPGeodataGetResponse	Contains response data for the get operation.
IncidentClassification	Defines values for IncidentClassification. KnownIncidentClassification can be used interchangeably with IncidentClassification, this enum contains the known values that the service supports. Known values supported by the service Undetermined: Incident classification was undetermined TruePositive: Incident was true positive BenignPositive: Incident was benign positive FalsePositive: Incident was false positive
IncidentClassificationReason	Defines values for IncidentClassificationReason. KnownIncidentClassificationReason can be used interchangeably with IncidentClassificationReason, this enum contains the known values that the service supports. Known values supported by the service SuspiciousActivity: Classification reason was suspicious activity SuspiciousButExpected: Classification reason was suspicious but expected IncorrectAlertLogic: Classification reason was incorrect alert logic InaccurateData: Classification reason was inaccurate data
IncidentCommentsCreateOrUpdateResponse	Contains response data for the createOrUpdate operation.
IncidentCommentsGetResponse	Contains response data for the get operation.
IncidentCommentsListNextResponse	Contains response data for the listNext operation.
IncidentCommentsListResponse	Contains response data for the list operation.
IncidentLabelType	Defines values for IncidentLabelType. KnownIncidentLabelType can be used interchangeably with IncidentLabelType, this enum contains the known values that the service supports. Known values supported by the service User: Label manually created by a user AutoAssigned: Label automatically created by the system
IncidentRelationsCreateOrUpdateResponse	Contains response data for the createOrUpdate operation.
IncidentRelationsGetResponse	Contains response data for the get operation.
IncidentRelationsListNextResponse	Contains response data for the listNext operation.
IncidentRelationsListResponse	Contains response data for the list operation.
IncidentSeverity	Defines values for IncidentSeverity. KnownIncidentSeverity can be used interchangeably with IncidentSeverity, this enum contains the known values that the service supports. Known values supported by the service High: High severity Medium: Medium severity Low: Low severity Informational: Informational severity
IncidentStatus	Defines values for IncidentStatus. KnownIncidentStatus can be used interchangeably with IncidentStatus, this enum contains the known values that the service supports. Known values supported by the service New: An active incident which isn't being handled currently Active: An active incident which is being handled Closed: A non-active incident
IncidentsCreateOrUpdateResponse	Contains response data for the createOrUpdate operation.
IncidentsCreateTeamResponse	Contains response data for the createTeam operation.
IncidentsGetResponse	Contains response data for the get operation.
IncidentsListAlertsResponse	Contains response data for the listAlerts operation.
IncidentsListBookmarksResponse	Contains response data for the listBookmarks operation.
IncidentsListEntitiesResponse	Contains response data for the listEntities operation.
IncidentsListNextResponse	Contains response data for the listNext operation.
IncidentsListResponse	Contains response data for the list operation.
IncidentsRunPlaybookResponse	Contains response data for the runPlaybook operation.
IngestionMode	Defines values for IngestionMode. KnownIngestionMode can be used interchangeably with IngestionMode, this enum contains the known values that the service supports. Known values supported by the service IngestOnlyIfAllAreValid: No records should be ingested when invalid records are detected. IngestAnyValidRecords: Valid records should still be ingested when invalid records are detected. Unspecified: Unspecified
KillChainIntent	Defines values for KillChainIntent. KnownKillChainIntent can be used interchangeably with KillChainIntent, this enum contains the known values that the service supports. Known values supported by the service Unknown: The default value. Probing: Probing could be an attempt to access a certain resource regardless of a malicious intent or a failed attempt to gain access to a target system to gather information prior to exploitation. This step is usually detected as an attempt originating from outside the network in attempt to scan the target system and find a way in. Exploitation: Exploitation is the stage where an attacker manage to get foothold on the attacked resource. This stage is applicable not only for compute hosts, but also for resources such as user accounts, certificates etc. Adversaries will often be able to control the resource after this stage. Persistence: Persistence is any access, action, or configuration change to a system that gives an adversary a persistent presence on that system. Adversaries will often need to maintain access to systems through interruptions such as system restarts, loss of credentials, or other failures that would require a remote access tool to restart or alternate backdoor for them to regain access. PrivilegeEscalation: Privilege escalation is the result of actions that allow an adversary to obtain a higher level of permissions on a system or network. Certain tools or actions require a higher level of privilege to work and are likely necessary at many points throughout an operation. User accounts with permissions to access specific systems or perform specific functions necessary for adversaries to achieve their objective may also be considered an escalation of privilege. DefenseEvasion: Defense evasion consists of techniques an adversary may use to evade detection or avoid other defenses. Sometimes these actions are the same as or variations of techniques in other categories that have the added benefit of subverting a particular defense or mitigation. CredentialAccess: Credential access represents techniques resulting in access to or control over system, domain, or service credentials that are used within an enterprise environment. Adversaries will likely attempt to obtain legitimate credentials from users or administrator accounts (local system administrator or domain users with administrator access) to use within the network. With sufficient access within a network, an adversary can create accounts for later use within the environment. Discovery: Discovery consists of techniques that allow the adversary to gain knowledge about the system and internal network. When adversaries gain access to a new system, they must orient themselves to what they now have control of and what benefits operating from that system give to their current objective or overall goals during the intrusion. The operating system provides many native tools that aid in this post-compromise information-gathering phase. LateralMovement: Lateral movement consists of techniques that enable an adversary to access and control remote systems on a network and could, but does not necessarily, include execution of tools on remote systems. The lateral movement techniques could allow an adversary to gather information from a system without needing additional tools, such as a remote access tool. An adversary can use lateral movement for many purposes, including remote Execution of tools, pivoting to additional systems, access to specific information or files, access to additional credentials, or to cause an effect. Execution: The execution tactic represents techniques that result in execution of adversary-controlled code on a local or remote system. This tactic is often used in conjunction with lateral movement to expand access to remote systems on a network. Collection: Collection consists of techniques used to identify and gather information, such as sensitive files, from a target network prior to exfiltration. This category also covers locations on a system or network where the adversary may look for information to exfiltrate. Exfiltration: Exfiltration refers to techniques and attributes that result or aid in the adversary removing files and information from a target network. This category also covers locations on a system or network where the adversary may look for information to exfiltrate. CommandAndControl: The command and control tactic represents how adversaries communicate with systems under their control within a target network. Impact: The impact intent primary objective is to directly reduce the availability or integrity of a system, service, or network; including manipulation of data to impact a business or operational process. This would often refer to techniques such as ransom-ware, defacement, data manipulation and others.
Kind	Defines values for Kind. KnownKind can be used interchangeably with Kind, this enum contains the known values that the service supports. Known values supported by the service DataConnector DataType Workbook WorkbookTemplate Playbook PlaybookTemplate AnalyticsRuleTemplate AnalyticsRule HuntingQuery InvestigationQuery Parser Watchlist WatchlistTemplate Solution AzureFunction LogicAppsCustomConnector AutomationRule
MatchingMethod	Defines values for MatchingMethod. KnownMatchingMethod can be used interchangeably with MatchingMethod, this enum contains the known values that the service supports. Known values supported by the service AllEntities: Grouping alerts into a single incident if all the entities match AnyAlert: Grouping any alerts triggered by this rule into a single incident Selected: Grouping alerts into a single incident if the selected entities, custom details and alert details match
MetadataCreateResponse	Contains response data for the create operation.
MetadataGetResponse	Contains response data for the get operation.
MetadataListNextResponse	Contains response data for the listNext operation.
MetadataListResponse	Contains response data for the list operation.
MetadataUpdateResponse	Contains response data for the update operation.
MicrosoftSecurityProductName	Defines values for MicrosoftSecurityProductName. KnownMicrosoftSecurityProductName can be used interchangeably with MicrosoftSecurityProductName, this enum contains the known values that the service supports. Known values supported by the service Microsoft Cloud App Security Azure Security Center Azure Advanced Threat Protection Azure Active Directory Identity Protection Azure Security Center for IoT Office 365 Advanced Threat Protection Microsoft Defender Advanced Threat Protection
OSFamily	Defines values for OSFamily.
OfficeConsentsGetResponse	Contains response data for the get operation.
OfficeConsentsListNextResponse	Contains response data for the listNext operation.
OfficeConsentsListResponse	Contains response data for the list operation.
OperationsListNextResponse	Contains response data for the listNext operation.
OperationsListResponse	Contains response data for the list operation.
Operator	Defines values for Operator. KnownOperator can be used interchangeably with Operator, this enum contains the known values that the service supports. Known values supported by the service AND OR
OutputType	Defines values for OutputType. KnownOutputType can be used interchangeably with OutputType, this enum contains the known values that the service supports. Known values supported by the service Number String Date Entity
OwnerType	Defines values for OwnerType. KnownOwnerType can be used interchangeably with OwnerType, this enum contains the known values that the service supports. Known values supported by the service Unknown: The incident owner type is unknown User: The incident owner type is an AAD user Group: The incident owner type is an AAD group
PermissionProviderScope	Defines values for PermissionProviderScope. KnownPermissionProviderScope can be used interchangeably with PermissionProviderScope, this enum contains the known values that the service supports. Known values supported by the service ResourceGroup Subscription Workspace
PollingFrequency	Defines values for PollingFrequency. KnownPollingFrequency can be used interchangeably with PollingFrequency, this enum contains the known values that the service supports. Known values supported by the service OnceAMinute: Once a minute OnceAnHour: Once an hour OnceADay: Once a day
ProductSettingsGetResponse	Contains response data for the get operation.
ProductSettingsListResponse	Contains response data for the list operation.
ProductSettingsUpdateResponse	Contains response data for the update operation.
ProviderName	Defines values for ProviderName. KnownProviderName can be used interchangeably with ProviderName, this enum contains the known values that the service supports. Known values supported by the service Microsoft.OperationalInsights/solutions Microsoft.OperationalInsights/workspaces Microsoft.OperationalInsights/workspaces/datasources microsoft.aadiam/diagnosticSettings Microsoft.OperationalInsights/workspaces/sharedKeys Microsoft.Authorization/policyAssignments
RegistryHive	Defines values for RegistryHive. KnownRegistryHive can be used interchangeably with RegistryHive, this enum contains the known values that the service supports. Known values supported by the service HKEY_LOCAL_MACHINE: HKEY_LOCAL_MACHINE HKEY_CLASSES_ROOT: HKEY_CLASSES_ROOT HKEY_CURRENT_CONFIG: HKEY_CURRENT_CONFIG HKEY_USERS: HKEY_USERS HKEY_CURRENT_USER_LOCAL_SETTINGS: HKEY_CURRENT_USER_LOCAL_SETTINGS HKEY_PERFORMANCE_DATA: HKEY_PERFORMANCE_DATA HKEY_PERFORMANCE_NLSTEXT: HKEY_PERFORMANCE_NLSTEXT HKEY_PERFORMANCE_TEXT: HKEY_PERFORMANCE_TEXT HKEY_A: HKEY_A HKEY_CURRENT_USER: HKEY_CURRENT_USER
RegistryValueKind	Defines values for RegistryValueKind. KnownRegistryValueKind can be used interchangeably with RegistryValueKind, this enum contains the known values that the service supports. Known values supported by the service None: None Unknown: Unknown value type String: String value type ExpandString: ExpandString value type Binary: Binary value type DWord: DWord value type MultiString: MultiString value type QWord: QWord value type
RepoType	Defines values for RepoType. KnownRepoType can be used interchangeably with RepoType, this enum contains the known values that the service supports. Known values supported by the service Github DevOps
SecurityMLAnalyticsSettingUnion
SecurityMLAnalyticsSettingsCreateOrUpdateResponse	Contains response data for the createOrUpdate operation.
SecurityMLAnalyticsSettingsGetResponse	Contains response data for the get operation.
SecurityMLAnalyticsSettingsKind	Defines values for SecurityMLAnalyticsSettingsKind. KnownSecurityMLAnalyticsSettingsKind can be used interchangeably with SecurityMLAnalyticsSettingsKind, this enum contains the known values that the service supports. Known values supported by the service Anomaly
SecurityMLAnalyticsSettingsListNextResponse	Contains response data for the listNext operation.
SecurityMLAnalyticsSettingsListResponse	Contains response data for the list operation.
SentinelOnboardingStatesCreateResponse	Contains response data for the create operation.
SentinelOnboardingStatesGetResponse	Contains response data for the get operation.
SentinelOnboardingStatesListResponse	Contains response data for the list operation.
SettingKind	Defines values for SettingKind. KnownSettingKind can be used interchangeably with SettingKind, this enum contains the known values that the service supports. Known values supported by the service Anomalies EyesOn EntityAnalytics Ueba
SettingType	Defines values for SettingType. KnownSettingType can be used interchangeably with SettingType, this enum contains the known values that the service supports. Known values supported by the service CopyableLabel InstructionStepsGroup InfoMessage
SettingsStatus	Defines values for SettingsStatus. KnownSettingsStatus can be used interchangeably with SettingsStatus, this enum contains the known values that the service supports. Known values supported by the service Production: Anomaly settings status in Production mode Flighting: Anomaly settings status in Flighting mode
SettingsUnion
SourceControlListRepositoriesNextResponse	Contains response data for the listRepositoriesNext operation.
SourceControlListRepositoriesResponse	Contains response data for the listRepositories operation.
SourceControlsCreateResponse	Contains response data for the create operation.
SourceControlsGetResponse	Contains response data for the get operation.
SourceControlsListNextResponse	Contains response data for the listNext operation.
SourceControlsListResponse	Contains response data for the list operation.
SourceKind	Defines values for SourceKind. KnownSourceKind can be used interchangeably with SourceKind, this enum contains the known values that the service supports. Known values supported by the service LocalWorkspace Community Solution SourceRepository
SourceType	Defines values for SourceType. KnownSourceType can be used interchangeably with SourceType, this enum contains the known values that the service supports. Known values supported by the service Local file Remote storage
SupportTier	Defines values for SupportTier. KnownSupportTier can be used interchangeably with SupportTier, this enum contains the known values that the service supports. Known values supported by the service Microsoft Partner Community
TemplateStatus	Defines values for TemplateStatus. KnownTemplateStatus can be used interchangeably with TemplateStatus, this enum contains the known values that the service supports. Known values supported by the service Installed: Alert rule template installed. and can not use more then once Available: Alert rule template is available. NotAvailable: Alert rule template is not available
ThreatIntelligenceIndicatorCreateIndicatorResponse	Contains response data for the createIndicator operation.
ThreatIntelligenceIndicatorCreateResponse	Contains response data for the create operation.
ThreatIntelligenceIndicatorGetResponse	Contains response data for the get operation.
ThreatIntelligenceIndicatorMetricsListResponse	Contains response data for the list operation.
ThreatIntelligenceIndicatorQueryIndicatorsNextResponse	Contains response data for the queryIndicatorsNext operation.
ThreatIntelligenceIndicatorQueryIndicatorsResponse	Contains response data for the queryIndicators operation.
ThreatIntelligenceIndicatorReplaceTagsResponse	Contains response data for the replaceTags operation.
ThreatIntelligenceIndicatorsListNextResponse	Contains response data for the listNext operation.
ThreatIntelligenceIndicatorsListResponse	Contains response data for the list operation.
ThreatIntelligenceInformationUnion
ThreatIntelligenceResourceKindEnum	Defines values for ThreatIntelligenceResourceKindEnum. KnownThreatIntelligenceResourceKindEnum can be used interchangeably with ThreatIntelligenceResourceKindEnum, this enum contains the known values that the service supports. Known values supported by the service indicator: Entity represents threat intelligence indicator in the system.
ThreatIntelligenceSortingCriteriaEnum	Defines values for ThreatIntelligenceSortingCriteriaEnum. KnownThreatIntelligenceSortingCriteriaEnum can be used interchangeably with ThreatIntelligenceSortingCriteriaEnum, this enum contains the known values that the service supports. Known values supported by the service unsorted ascending descending
TriggerOperator	Defines values for TriggerOperator.
TriggersOn	Defines values for TriggersOn. KnownTriggersOn can be used interchangeably with TriggersOn, this enum contains the known values that the service supports. Known values supported by the service Incidents: Trigger on Incidents Alerts: Trigger on Alerts
TriggersWhen	Defines values for TriggersWhen. KnownTriggersWhen can be used interchangeably with TriggersWhen, this enum contains the known values that the service supports. Known values supported by the service Created: Trigger on created objects Updated: Trigger on updated objects
UebaDataSources	Defines values for UebaDataSources. KnownUebaDataSources can be used interchangeably with UebaDataSources, this enum contains the known values that the service supports. Known values supported by the service AuditLogs AzureActivity SecurityEvent SigninLogs
Version	Defines values for Version. KnownVersion can be used interchangeably with Version, this enum contains the known values that the service supports. Known values supported by the service V1 V2
WatchlistItemsCreateOrUpdateResponse	Contains response data for the createOrUpdate operation.
WatchlistItemsGetResponse	Contains response data for the get operation.
WatchlistItemsListNextResponse	Contains response data for the listNext operation.
WatchlistItemsListResponse	Contains response data for the list operation.
WatchlistsCreateOrUpdateResponse	Contains response data for the createOrUpdate operation.
WatchlistsDeleteResponse	Contains response data for the delete operation.
WatchlistsGetResponse	Contains response data for the get operation.
WatchlistsListNextResponse	Contains response data for the listNext operation.
WatchlistsListResponse	Contains response data for the list operation.

Enums

KnownActionType	Known values of ActionType that the service accepts.
KnownAlertDetail	Known values of AlertDetail that the service accepts.
KnownAlertRuleKind	Known values of AlertRuleKind that the service accepts.
KnownAlertSeverity	Known values of AlertSeverity that the service accepts.
KnownAlertStatus	Known values of AlertStatus that the service accepts.
KnownAntispamMailDirection	Known values of AntispamMailDirection that the service accepts.
KnownAttackTactic	Known values of AttackTactic that the service accepts.
KnownAutomationRuleBooleanConditionSupportedOperator	Known values of AutomationRuleBooleanConditionSupportedOperator that the service accepts.
KnownAutomationRulePropertyArrayChangedConditionSupportedArrayType	Known values of AutomationRulePropertyArrayChangedConditionSupportedArrayType that the service accepts.
KnownAutomationRulePropertyArrayChangedConditionSupportedChangeType	Known values of AutomationRulePropertyArrayChangedConditionSupportedChangeType that the service accepts.
KnownAutomationRulePropertyArrayConditionSupportedArrayConditionType	Known values of AutomationRulePropertyArrayConditionSupportedArrayConditionType that the service accepts.
KnownAutomationRulePropertyArrayConditionSupportedArrayType	Known values of AutomationRulePropertyArrayConditionSupportedArrayType that the service accepts.
KnownAutomationRulePropertyChangedConditionSupportedChangedType	Known values of AutomationRulePropertyChangedConditionSupportedChangedType that the service accepts.
KnownAutomationRulePropertyChangedConditionSupportedPropertyType	Known values of AutomationRulePropertyChangedConditionSupportedPropertyType that the service accepts.
KnownAutomationRulePropertyConditionSupportedOperator	Known values of AutomationRulePropertyConditionSupportedOperator that the service accepts.
KnownAutomationRulePropertyConditionSupportedProperty	Known values of AutomationRulePropertyConditionSupportedProperty that the service accepts.
KnownConditionType	Known values of ConditionType that the service accepts.
KnownConfidenceLevel	Known values of ConfidenceLevel that the service accepts.
KnownConfidenceScoreStatus	Known values of ConfidenceScoreStatus that the service accepts.
KnownConnectAuthKind	Known values of ConnectAuthKind that the service accepts.
KnownConnectivityType	Known values of ConnectivityType that the service accepts.
KnownContentType	Known values of ContentType that the service accepts.
KnownCreatedByType	Known values of CreatedByType that the service accepts.
KnownCustomEntityQueryKind	Known values of CustomEntityQueryKind that the service accepts.
KnownDataConnectorAuthorizationState	Known values of DataConnectorAuthorizationState that the service accepts.
KnownDataConnectorKind	Known values of DataConnectorKind that the service accepts.
KnownDataConnectorLicenseState	Known values of DataConnectorLicenseState that the service accepts.
KnownDataTypeState	Known values of DataTypeState that the service accepts.
KnownDeleteStatus	Known values of DeleteStatus that the service accepts.
KnownDeploymentFetchStatus	Known values of DeploymentFetchStatus that the service accepts.
KnownDeploymentResult	Known values of DeploymentResult that the service accepts.
KnownDeploymentState	Known values of DeploymentState that the service accepts.
KnownDeviceImportance	Known values of DeviceImportance that the service accepts.
KnownEntityItemQueryKind	Known values of EntityItemQueryKind that the service accepts.
KnownEntityKind	Known values of EntityKind that the service accepts.
KnownEntityMappingType	Known values of EntityMappingType that the service accepts.
KnownEntityProviders	Known values of EntityProviders that the service accepts.
KnownEntityQueryKind	Known values of EntityQueryKind that the service accepts.
KnownEntityQueryTemplateKind	Known values of EntityQueryTemplateKind that the service accepts.
KnownEntityTimelineKind	Known values of EntityTimelineKind that the service accepts.
KnownEntityType	Known values of EntityType that the service accepts.
KnownEnum13	Known values of Enum13 that the service accepts.
KnownEventGroupingAggregationKind	Known values of EventGroupingAggregationKind that the service accepts.
KnownFileFormat	Known values of FileFormat that the service accepts.
KnownFileHashAlgorithm	Known values of FileHashAlgorithm that the service accepts.
KnownFileImportContentType	Known values of FileImportContentType that the service accepts.
KnownFileImportState	Known values of FileImportState that the service accepts.
KnownGetInsightsError	Known values of GetInsightsError that the service accepts.
KnownIncidentClassification	Known values of IncidentClassification that the service accepts.
KnownIncidentClassificationReason	Known values of IncidentClassificationReason that the service accepts.
KnownIncidentLabelType	Known values of IncidentLabelType that the service accepts.
KnownIncidentSeverity	Known values of IncidentSeverity that the service accepts.
KnownIncidentStatus	Known values of IncidentStatus that the service accepts.
KnownIngestionMode	Known values of IngestionMode that the service accepts.
KnownKillChainIntent	Known values of KillChainIntent that the service accepts.
KnownKind	Known values of Kind that the service accepts.
KnownMatchingMethod	Known values of MatchingMethod that the service accepts.
KnownMicrosoftSecurityProductName	Known values of MicrosoftSecurityProductName that the service accepts.
KnownOperator	Known values of Operator that the service accepts.
KnownOutputType	Known values of OutputType that the service accepts.
KnownOwnerType	Known values of OwnerType that the service accepts.
KnownPermissionProviderScope	Known values of PermissionProviderScope that the service accepts.
KnownPollingFrequency	Known values of PollingFrequency that the service accepts.
KnownProviderName	Known values of ProviderName that the service accepts.
KnownRegistryHive	Known values of RegistryHive that the service accepts.
KnownRegistryValueKind	Known values of RegistryValueKind that the service accepts.
KnownRepoType	Known values of RepoType that the service accepts.
KnownSecurityMLAnalyticsSettingsKind	Known values of SecurityMLAnalyticsSettingsKind that the service accepts.
KnownSettingKind	Known values of SettingKind that the service accepts.
KnownSettingType	Known values of SettingType that the service accepts.
KnownSettingsStatus	Known values of SettingsStatus that the service accepts.
KnownSourceKind	Known values of SourceKind that the service accepts.
KnownSourceType	Known values of SourceType that the service accepts.
KnownSupportTier	Known values of SupportTier that the service accepts.
KnownTemplateStatus	Known values of TemplateStatus that the service accepts.
KnownThreatIntelligenceResourceKindEnum	Known values of ThreatIntelligenceResourceKindEnum that the service accepts.
KnownThreatIntelligenceSortingCriteriaEnum	Known values of ThreatIntelligenceSortingCriteriaEnum that the service accepts.
KnownTriggersOn	Known values of TriggersOn that the service accepts.
KnownTriggersWhen	Known values of TriggersWhen that the service accepts.
KnownUebaDataSources	Known values of UebaDataSources that the service accepts.
KnownVersion	Known values of Version that the service accepts.

Functions

getContinuationToken(unknown)

Given the last .value produced by the byPage iterator, returns a continuation token that can be used to begin paging from that point later.

Function Details

getContinuationToken(unknown)

Given the last .value produced by the byPage iterator, returns a continuation token that can be used to begin paging from that point later.

function getContinuationToken(page: unknown): string | undefined

Parameters

page

unknown

An object from accessing value on the IteratorResult from a byPage iterator.

Returns

string | undefined

The continuation token that can be passed into byPage() during future calls.