@azure/arm-securityinsight package
Classes
| SecurityInsights |
Interfaces
| AADCheckRequirements |
Represents AADIP (Azure Active Directory Identity Protection) requirements check request. |
| AADCheckRequirementsProperties |
AADIP (Azure Active Directory Identity Protection) requirements check properties. |
| AADDataConnector |
Represents AADIP (Azure Active Directory Identity Protection) data connector. |
| AADDataConnectorProperties |
AADIP (Azure Active Directory Identity Protection) data connector properties. |
| ASCCheckRequirements |
Represents ASC (Azure Security Center) requirements check request. |
| ASCCheckRequirementsProperties |
ASC (Azure Security Center) requirements check properties. |
| ASCDataConnector |
Represents ASC (Azure Security Center) data connector. |
| ASCDataConnectorProperties |
ASC (Azure Security Center) data connector properties. |
| AWSAuthModel |
Model for API authentication with AWS. |
| AatpCheckRequirements |
Represents AATP (Azure Advanced Threat Protection) requirements check request. |
| AatpCheckRequirementsProperties |
AATP (Azure Advanced Threat Protection) requirements check properties. |
| AatpDataConnector |
Represents AATP (Azure Advanced Threat Protection) data connector. |
| AatpDataConnectorProperties |
AATP (Azure Advanced Threat Protection) data connector properties. |
| AccountEntity |
Represents an account entity. |
| AccountEntityProperties |
Account entity property bag. |
| ActionPropertiesBase |
Action property bag base. |
| ActionRequest |
Action for alert rule. |
| ActionRequestProperties |
Action property bag. |
| ActionResponse |
Action for alert rule. |
| ActionResponseProperties |
Action property bag. |
| ActionsCreateOrUpdateOptionalParams |
Optional parameters. |
| ActionsDeleteOptionalParams |
Optional parameters. |
| ActionsGetOptionalParams |
Optional parameters. |
| ActionsListByAlertRuleOptionalParams |
Optional parameters. |
| ActionsOperations |
Interface representing a Actions operations. |
| ActivityCustomEntityQuery |
Represents Activity entity query. |
| ActivityEntityQueriesProperties |
Describes activity entity query properties |
| ActivityEntityQueriesPropertiesQueryDefinitions |
The Activity query definitions |
| ActivityEntityQuery |
Represents Activity entity query. |
| ActivityEntityQueryTemplate |
Represents Activity entity query. |
| ActivityEntityQueryTemplateProperties |
Describes activity entity query properties |
| ActivityEntityQueryTemplatePropertiesQueryDefinitions |
The Activity query definitions |
| ActivityTimelineItem |
Represents Activity timeline item. |
| AddIncidentTaskActionProperties |
model interface AddIncidentTaskActionProperties |
| AlertDetailsOverride |
Settings for how to dynamically override alert static details |
| AlertPropertyMapping |
A single alert property mapping to override |
| AlertRule |
Alert rule. |
| AlertRuleOperations |
Interface representing a AlertRule operations. |
| AlertRuleTemplate |
Alert rule template. |
| AlertRuleTemplateDataSource |
alert rule template data sources |
| AlertRuleTemplatePropertiesBase |
Base alert rule template property bag. |
| AlertRuleTemplateWithMitreProperties |
Alert rule template with MITRE property bag. |
| AlertRuleTemplatesGetOptionalParams |
Optional parameters. |
| AlertRuleTemplatesListOptionalParams |
Optional parameters. |
| AlertRuleTemplatesOperations |
Interface representing a AlertRuleTemplates operations. |
| AlertRuleTriggerRuleRunOptionalParams |
Optional parameters. |
| AlertRulesCreateOrUpdateOptionalParams |
Optional parameters. |
| AlertRulesDeleteOptionalParams |
Optional parameters. |
| AlertRulesGetOptionalParams |
Optional parameters. |
| AlertRulesListOptionalParams |
Optional parameters. |
| AlertRulesOperations |
Interface representing a AlertRules operations. |
| AlertsDataTypeOfDataConnector |
Alerts data type for data connectors. |
| AnalyticsRuleRunTrigger |
Analytics Rule Run Trigger request |
| AnalyticsRuleRunTriggerProperties |
The Analytics Rule Run Trigger properties |
| Anomalies |
Settings with single toggle. |
| AnomaliesSettingsProperties |
Anomalies property bag. |
| AnomalySecurityMLAnalyticsSettings |
Represents Anomaly Security ML Analytics Settings |
| AnomalySecurityMLAnalyticsSettingsProperties |
AnomalySecurityMLAnalytics settings base property bag. |
| AnomalyTimelineItem |
Represents anomaly timeline item. |
| ApiKeyAuthModel |
Model for authentication with the API Key. Will result in additional header on the request (default behavior) to the remote server: 'ApiKeyName: ApiKeyIdentifier ApiKey'. If 'IsApiKeyInPostPayload' is true it will send it in the body of the request and not the header. |
| ApiPollingParameters |
Represents Codeless API Polling data connector |
| AssignmentItem |
An entity describing a content item. |
| AttackPattern |
Represents an attack pattern in Azure Security Insights. |
| AutomationRule |
Concrete proxy resource types can be created by aliasing this type using a specific property type. |
| AutomationRuleAction |
Describes an automation rule action. |
| AutomationRuleAddIncidentTaskAction |
Describes an automation rule action to add a task to an incident |
| AutomationRuleBooleanCondition |
model interface AutomationRuleBooleanCondition |
| AutomationRuleCondition |
Describes an automation rule condition. |
| AutomationRuleModifyPropertiesAction |
Describes an automation rule action to modify an object's properties |
| AutomationRuleProperties |
Automation rule properties |
| AutomationRulePropertyArrayChangedValuesCondition |
model interface AutomationRulePropertyArrayChangedValuesCondition |
| AutomationRulePropertyArrayValuesCondition |
model interface AutomationRulePropertyArrayValuesCondition |
| AutomationRulePropertyValuesChangedCondition |
model interface AutomationRulePropertyValuesChangedCondition |
| AutomationRulePropertyValuesCondition |
model interface AutomationRulePropertyValuesCondition |
| AutomationRuleRunPlaybookAction |
Describes an automation rule action to run a playbook |
| AutomationRuleTriggeringLogic |
Describes automation rule triggering logic. |
| AutomationRulesCreateOrUpdateOptionalParams |
Optional parameters. |
| AutomationRulesDeleteOptionalParams |
Optional parameters. |
| AutomationRulesGetOptionalParams |
Optional parameters. |
| AutomationRulesListOptionalParams |
Optional parameters. |
| AutomationRulesOperations |
Interface representing a AutomationRules operations. |
| Availability |
Connector Availability Status |
| AwsCloudTrailCheckRequirements |
Amazon Web Services CloudTrail requirements check request. |
| AwsCloudTrailDataConnector |
Represents Amazon Web Services CloudTrail data connector. |
| AwsCloudTrailDataConnectorDataTypes |
The available data types for Amazon Web Services CloudTrail data connector. |
| AwsCloudTrailDataConnectorDataTypesLogs |
Logs data type. |
| AwsCloudTrailDataConnectorProperties |
Amazon Web Services CloudTrail data connector properties. |
| AwsS3CheckRequirements |
Amazon Web Services S3 requirements check request. |
| AwsS3DataConnector |
Represents Amazon Web Services S3 data connector. |
| AwsS3DataConnectorDataTypes |
The available data types for Amazon Web Services S3 data connector. |
| AwsS3DataConnectorDataTypesLogs |
Logs data type. |
| AwsS3DataConnectorProperties |
Amazon Web Services S3 data connector properties. |
| AzureDevOpsResourceInfo |
Resources created in Azure DevOps repository. |
| AzureResourceEntity |
Represents an azure resource entity. |
| AzureResourceEntityProperties |
AzureResource entity property bag. |
| BasicAuthModel |
Model for API authentication with basic flow - user name + password. |
| BillingStatistic |
Billing statistic |
| BillingStatisticsGetOptionalParams |
Optional parameters. |
| BillingStatisticsListOptionalParams |
Optional parameters. |
| BillingStatisticsOperations |
Interface representing a BillingStatistics operations. |
| Bookmark |
Represents a bookmark in Azure Security Insights. |
| BookmarkEntityMappings |
Describes the entity mappings of a single entity |
| BookmarkExpandParameters |
The parameters required to execute an expand operation on the given bookmark. |
| BookmarkExpandResponse |
The entity expansion result operation response. |
| BookmarkExpandResponseValue |
The expansion result values. |
| BookmarkOperationsExpandOptionalParams |
Optional parameters. |
| BookmarkOperationsOperations |
Interface representing a BookmarkOperations operations. |
| BookmarkProperties |
Describes bookmark properties |
| BookmarkRelationsCreateOrUpdateOptionalParams |
Optional parameters. |
| BookmarkRelationsDeleteOptionalParams |
Optional parameters. |
| BookmarkRelationsGetOptionalParams |
Optional parameters. |
| BookmarkRelationsListOptionalParams |
Optional parameters. |
| BookmarkRelationsOperations |
Interface representing a BookmarkRelations operations. |
| BookmarkTimelineItem |
Represents bookmark timeline item. |
| BookmarksCreateOrUpdateOptionalParams |
Optional parameters. |
| BookmarksDeleteOptionalParams |
Optional parameters. |
| BookmarksGetOptionalParams |
Optional parameters. |
| BookmarksListOptionalParams |
Optional parameters. |
| BookmarksOperations |
Interface representing a Bookmarks operations. |
| BooleanConditionProperties |
Describes an automation rule condition that applies a boolean operator (e.g AND, OR) to conditions |
| CcpAuthConfig |
Base Model for API authentication. |
| CcpResponseConfig |
A custom response configuration for a rule. |
| ClientInfo |
Information on the client (user or application) that made some action |
| CloudApplicationEntity |
Represents a cloud application entity. |
| CloudApplicationEntityProperties |
CloudApplication entity property bag. |
| CloudError |
Error response structure. |
| CloudErrorBody |
Error details. |
| CodelessApiPollingDataConnector |
Represents Codeless API Polling data connector. |
| CodelessConnectorPollingAuthProperties |
Describe the authentication properties needed to successfully authenticate with the server |
| CodelessConnectorPollingConfigProperties |
Config to describe the polling config for API poller connector |
| CodelessConnectorPollingPagingProperties |
Describe the properties needed to make a pagination call |
| CodelessConnectorPollingRequestProperties |
Describe the request properties needed to successfully pull from the server |
| CodelessConnectorPollingResponseProperties |
Describes the response from the external server |
| CodelessParameters |
Represents Codeless UI data connector |
| CodelessUiConnectorConfigProperties |
Config to describe the instructions blade |
| CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem |
model interface CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem |
| CodelessUiConnectorConfigPropertiesDataTypesItem |
model interface CodelessUiConnectorConfigPropertiesDataTypesItem |
| CodelessUiConnectorConfigPropertiesGraphQueriesItem |
model interface CodelessUiConnectorConfigPropertiesGraphQueriesItem |
| CodelessUiConnectorConfigPropertiesInstructionStepsItem |
model interface CodelessUiConnectorConfigPropertiesInstructionStepsItem |
| CodelessUiConnectorConfigPropertiesSampleQueriesItem |
model interface CodelessUiConnectorConfigPropertiesSampleQueriesItem |
| CodelessUiDataConnector |
Represents Codeless UI data connector. |
| ConditionClause |
Represents a single clause to be evaluated by a NormalizedCondition. |
| ConditionProperties |
Represents a condition used to query for TI objects. |
| ConnectedEntity |
Expansion result connected entities |
| ConnectivityCriteria |
Setting for the connector check connectivity |
| ConnectivityCriterion |
The criteria by which we determine whether the connector is connected or not. For Example, use a KQL query to check if the expected data type is flowing). |
| ConnectorDataType |
The data type which is created by the connector, including a query indicated when was the last time that data type was received in the workspace. |
| ConnectorDefinitionsAvailability |
The exposure status of the connector to the customers. |
| ConnectorDefinitionsPermissions |
The required Permissions for the connector. |
| ConnectorDefinitionsResourceProvider |
The resource provider details include the required permissions for the user to create connections. The user should have the required permissions(Read\Write, ..) in the specified scope ProviderPermissionsScope against the specified resource provider. |
| ConnectorInstructionModelBase |
Instruction step details |
| ContentPackageInstallOptionalParams |
Optional parameters. |
| ContentPackageOperations |
Interface representing a ContentPackage operations. |
| ContentPackageUninstallOptionalParams |
Optional parameters. |
| ContentPackagesGetOptionalParams |
Optional parameters. |
| ContentPackagesListOptionalParams |
Optional parameters. |
| ContentPackagesOperations |
Interface representing a ContentPackages operations. |
| ContentTemplateDeleteOptionalParams |
Optional parameters. |
| ContentTemplateGetOptionalParams |
Optional parameters. |
| ContentTemplateInstallOptionalParams |
Optional parameters. |
| ContentTemplateOperations |
Interface representing a ContentTemplate operations. |
| ContentTemplatesListOptionalParams |
Optional parameters. |
| ContentTemplatesOperations |
Interface representing a ContentTemplates operations. |
| CountQuery |
Represents a query to run on the TI objects in the workspace. |
| CustomEntityQuery |
Specific entity query that supports put requests. |
| CustomPermissionDetails |
The Custom permissions required for the connector. |
| CustomizableConnectionsConfig |
The UiConfig for 'Customizable' connector definition kind. |
| CustomizableConnectorDefinition |
Connector definition for kind 'Customizable'. |
| CustomizableConnectorDefinitionProperties |
The UiConfig for 'Customizable' connector definition kind. |
| CustomizableConnectorUiConfig |
The UiConfig for 'Customizable' connector definition kind. |
| Customs |
Customs permissions required for the connector |
| CustomsPermission |
Customs permissions required for the connector |
| DCRConfiguration |
The configuration of the destination of the data. |
| DataConnector |
Data connector |
| DataConnectorConnectBody |
Represents Codeless API Polling data connector. |
| DataConnectorDataTypeCommon |
Common field for data type in data connectors. |
| DataConnectorDefinition |
An Azure resource, which encapsulate the entire info requires to display a data connector page in Azure portal, and the info required to define data connections. |
| DataConnectorDefinitionsCreateOrUpdateOptionalParams |
Optional parameters. |
| DataConnectorDefinitionsDeleteOptionalParams |
Optional parameters. |
| DataConnectorDefinitionsGetOptionalParams |
Optional parameters. |
| DataConnectorDefinitionsListOptionalParams |
Optional parameters. |
| DataConnectorDefinitionsOperations |
Interface representing a DataConnectorDefinitions operations. |
| DataConnectorRequirementsState |
Data connector requirements status. |
| DataConnectorTenantId |
Properties data connector on tenant level. |
| DataConnectorWithAlertsProperties |
Data connector properties. |
| DataConnectorsCheckRequirements |
Data connector requirements properties. |
| DataConnectorsCheckRequirementsOperationsOperations |
Interface representing a DataConnectorsCheckRequirementsOperations operations. |
| DataConnectorsCheckRequirementsOperationsPostOptionalParams |
Optional parameters. |
| DataConnectorsConnectOptionalParams |
Optional parameters. |
| DataConnectorsCreateOrUpdateOptionalParams |
Optional parameters. |
| DataConnectorsDeleteOptionalParams |
Optional parameters. |
| DataConnectorsDisconnectOptionalParams |
Optional parameters. |
| DataConnectorsGetOptionalParams |
Optional parameters. |
| DataConnectorsListOptionalParams |
Optional parameters. |
| DataConnectorsOperations |
Interface representing a DataConnectors operations. |
| DataTypeDefinitions |
The data type definition |
| Deployment |
Description about a deployment. |
| DeploymentInfo |
Information regarding a deployment. |
| DnsEntity |
Represents a dns entity. |
| DnsEntityProperties |
Dns entity property bag. |
| Dynamics365CheckRequirements |
Represents Dynamics365 requirements check request. |
| Dynamics365CheckRequirementsProperties |
Dynamics365 requirements check properties. |
| Dynamics365DataConnector |
Represents Dynamics365 data connector. |
| Dynamics365DataConnectorDataTypes |
The available data types for Dynamics365 data connector. |
| Dynamics365DataConnectorDataTypesDynamics365CdsActivities |
Common Data Service data type connection. |
| Dynamics365DataConnectorProperties |
Dynamics365 data connector properties. |
| EnrichmentDomainBody |
Domain name to be enriched |
| EnrichmentDomainWhois |
Whois information for a given domain and associated metadata |
| EnrichmentDomainWhoisContact |
An individual contact associated with this domain |
| EnrichmentDomainWhoisContacts |
The set of contacts associated with this domain |
| EnrichmentDomainWhoisDetails |
The whois record for a given domain |
| EnrichmentDomainWhoisRegistrarDetails |
The registrar associated with this domain |
| EnrichmentIpAddressBody |
IP address (v4 or v6) to be enriched |
| EnrichmentIpGeodata |
Geodata information for a given IP address |
| EntitiesExpandOptionalParams |
Optional parameters. |
| EntitiesGetInsightsOptionalParams |
Optional parameters. |
| EntitiesGetOptionalParams |
Optional parameters. |
| EntitiesGetTimelineListOptionalParams |
Optional parameters. |
| EntitiesGetTimelineOperations |
Interface representing a EntitiesGetTimeline operations. |
| EntitiesListOptionalParams |
Optional parameters. |
| EntitiesOperations |
Interface representing a Entities operations. |
| EntitiesQueriesOptionalParams |
Optional parameters. |
| EntitiesRelationsListOptionalParams |
Optional parameters. |
| EntitiesRelationsOperations |
Interface representing a EntitiesRelations operations. |
| EntitiesRunPlaybookOptionalParams |
Optional parameters. |
| Entity |
Specific entity. |
| EntityAnalytics |
Settings with single toggle. |
| EntityAnalyticsProperties |
EntityAnalytics property bag. |
| EntityCommonProperties |
Entity common property bag. |
| EntityEdges |
The edge that connects the entity to the other entity. |
| EntityExpandParameters |
The parameters required to execute an expand operation on the given entity. |
| EntityExpandResponse |
The entity expansion result operation response. |
| EntityExpandResponseValue |
The expansion result values. |
| EntityFieldMapping |
Map identifiers of a single entity |
| EntityGetInsightsParameters |
The parameters required to execute insights operation on the given entity. |
| EntityGetInsightsResponse |
The Get Insights result operation response. |
| EntityInsightItem |
Entity insight Item. |
| EntityInsightItemQueryTimeInterval |
The Time interval that the query actually executed on. |
| EntityManualTriggerRequestBody |
Describes the request body for triggering a playbook on an entity. |
| EntityMapping |
Single entity mapping for the alert rule |
| EntityQueriesCreateOrUpdateOptionalParams |
Optional parameters. |
| EntityQueriesDeleteOptionalParams |
Optional parameters. |
| EntityQueriesGetOptionalParams |
Optional parameters. |
| EntityQueriesListOptionalParams |
Optional parameters. |
| EntityQueriesOperations |
Interface representing a EntityQueries operations. |
| EntityQuery |
Specific entity query. |
| EntityQueryItem |
An abstract Query item for entity |
| EntityQueryItemProperties |
An properties abstract Query item for entity |
| EntityQueryItemPropertiesDataTypesItem |
model interface EntityQueryItemPropertiesDataTypesItem |
| EntityQueryTemplate |
Specific entity query template. |
| EntityQueryTemplatesGetOptionalParams |
Optional parameters. |
| EntityQueryTemplatesListOptionalParams |
Optional parameters. |
| EntityQueryTemplatesOperations |
Interface representing a EntityQueryTemplates operations. |
| EntityRelationsGetRelationOptionalParams |
Optional parameters. |
| EntityRelationsOperations |
Interface representing a EntityRelations operations. |
| EntityTimelineItem |
Entity timeline Item. |
| EntityTimelineParameters |
The parameters required to execute s timeline operation on the given entity. |
| EntityTimelineResponse |
The entity timeline result operation response. |
| ErrorAdditionalInfo |
The resource management error additional info. |
| ErrorDetail |
The error detail. |
| ErrorModel |
The error description for why a publication failed |
| ErrorResponse |
Common error response for all Azure Resource Manager APIs to return error details for failed operations. |
| EventGroupingSettings |
Event grouping settings property bag. |
| ExpansionEntityQueriesProperties |
Describes expansion entity query properties |
| ExpansionEntityQuery |
Represents Expansion entity query. |
| ExpansionResultAggregation |
Information of a specific aggregation in the expansion result. |
| ExpansionResultsMetadata |
Expansion result metadata. |
| EyesOn |
Settings with single toggle. |
| EyesOnSettingsProperties |
EyesOn property bag. |
| FieldMapping |
A single field mapping of the mapped entity |
| FileEntity |
Represents a file entity. |
| FileEntityProperties |
File entity property bag. |
| FileHashEntity |
Represents a file hash entity. |
| FileHashEntityProperties |
FileHash entity property bag. |
| FileImport |
Represents a file import in Azure Security Insights. |
| FileImportProperties |
Describes the FileImport's properties |
| FileImportsCreateOptionalParams |
Optional parameters. |
| FileImportsDeleteOptionalParams |
Optional parameters. |
| FileImportsGetOptionalParams |
Optional parameters. |
| FileImportsListOptionalParams |
Optional parameters. |
| FileImportsOperations |
Interface representing a FileImports operations. |
| FileMetadata |
Represents a file. |
| FusionAlertRule |
Represents Fusion alert rule. |
| FusionAlertRuleProperties |
Fusion alert rule base property bag. |
| FusionAlertRuleTemplate |
Represents Fusion alert rule template. |
| FusionAlertRuleTemplateProperties |
Fusion alert rule template properties |
| FusionScenarioExclusionPattern |
Represents a Fusion scenario exclusion patterns in Fusion detection. |
| FusionSourceSettings |
Represents a supported source signal configuration in Fusion detection. |
| FusionSourceSubTypeSetting |
Represents a supported source subtype configuration under a source signal in Fusion detection. |
| FusionSubTypeSeverityFilter |
Represents severity configuration for a source subtype consumed in Fusion detection. |
| FusionSubTypeSeverityFiltersItem |
Represents a Severity filter setting for a given source subtype consumed in Fusion detection. |
| FusionTemplateSourceSetting |
Represents a source signal consumed in Fusion detection. |
| FusionTemplateSourceSubType |
Represents a source subtype under a source signal consumed in Fusion detection. |
| FusionTemplateSubTypeSeverityFilter |
Represents severity configurations available for a source subtype consumed in Fusion detection. |
| GCPAuthModel |
Model for API authentication for all GCP kind connectors. |
| GCPAuthProperties |
Google Cloud Platform auth section properties. |
| GCPDataConnector |
Represents Google Cloud Platform data connector. |
| GCPDataConnectorProperties |
Google Cloud Platform data connector properties. |
| GCPRequestProperties |
Google Cloud Platform request section properties. |
| GenericBlobSbsAuthModel |
Model for API authentication for working with service bus or storage account. |
| GeoLocation |
The geo-location context attached to the ip entity |
| GetInsightsErrorKind |
GetInsights Query Errors. |
| GetInsightsResultsMetadata |
Get Insights result metadata. |
| GetOperations |
Interface representing a Get operations. |
| GetRecommendationsListOptionalParams |
Optional parameters. |
| GetRecommendationsOperations |
Interface representing a GetRecommendations operations. |
| GetSingleRecommendationOptionalParams |
Optional parameters. |
| GetTriggeredAnalyticsRuleRunsListOptionalParams |
Optional parameters. |
| GetTriggeredAnalyticsRuleRunsOperations |
Interface representing a GetTriggeredAnalyticsRuleRuns operations. |
| GitHubAuthModel |
Model for API authentication for GitHub. For this authentication first we need to approve the Router app (Microsoft Security DevOps) to access the GitHub account, Then we only need the InstallationId to get the access token from https://api.github.com/app/installations/{installId}/access_tokens. |
| GitHubResourceInfo |
Resources created in GitHub repository. |
| GraphQueries |
The graph query to show the current data status |
| GraphQuery |
The graph query to show the volume of data arriving into the workspace over time. |
| GroupingConfiguration |
Grouping configuration property bag. |
| HostEntity |
Represents a host entity. |
| HostEntityProperties |
Host entity property bag. |
| Hunt |
Represents a Hunt in Azure Security Insights. |
| HuntComment |
Represents a Hunt Comment in Azure Security Insights |
| HuntCommentProperties |
Describes a hunt comment properties |
| HuntCommentsCreateOrUpdateOptionalParams |
Optional parameters. |
| HuntCommentsDeleteOptionalParams |
Optional parameters. |
| HuntCommentsGetOptionalParams |
Optional parameters. |
| HuntCommentsListOptionalParams |
Optional parameters. |
| HuntCommentsOperations |
Interface representing a HuntComments operations. |
| HuntOwner |
Describes a user that the hunt is assigned to |
| HuntProperties |
Describes hunt properties |
| HuntRelation |
Represents a Hunt Relation in Azure Security Insights. |
| HuntRelationProperties |
Describes hunt relation properties |
| HuntRelationsCreateOrUpdateOptionalParams |
Optional parameters. |
| HuntRelationsDeleteOptionalParams |
Optional parameters. |
| HuntRelationsGetOptionalParams |
Optional parameters. |
| HuntRelationsListOptionalParams |
Optional parameters. |
| HuntRelationsOperations |
Interface representing a HuntRelations operations. |
| HuntingBookmark |
Represents a Hunting bookmark entity. |
| HuntingBookmarkProperties |
Describes bookmark properties |
| HuntsCreateOrUpdateOptionalParams |
Optional parameters. |
| HuntsDeleteOptionalParams |
Optional parameters. |
| HuntsGetOptionalParams |
Optional parameters. |
| HuntsListOptionalParams |
Optional parameters. |
| HuntsOperations |
Interface representing a Hunts operations. |
| Identity |
Represents an identity in Azure Security Insights. |
| Incident |
Represents an incident in Azure Security Insights. |
| IncidentAdditionalData |
Incident additional data property bag. |
| IncidentAlertList |
List of incident alerts. |
| IncidentBookmarkList |
List of incident bookmarks. |
| IncidentComment |
Represents an incident comment |
| IncidentCommentProperties |
Incident comment property bag. |
| IncidentCommentsCreateOrUpdateOptionalParams |
Optional parameters. |
| IncidentCommentsDeleteOptionalParams |
Optional parameters. |
| IncidentCommentsGetOptionalParams |
Optional parameters. |
| IncidentCommentsListOptionalParams |
Optional parameters. |
| IncidentCommentsOperations |
Interface representing a IncidentComments operations. |
| IncidentConfiguration |
Incident Configuration property bag. |
| IncidentEntitiesResponse |
The incident related entities response. |
| IncidentEntitiesResultsMetadata |
Information of a specific aggregation in the incident related entities result. |
| IncidentInfo |
Describes related incident information for the bookmark |
| IncidentLabel |
Represents an incident label |
| IncidentOwnerInfo |
Information on the user an incident is assigned to |
| IncidentProperties |
Describes incident properties |
| IncidentPropertiesAction |
model interface IncidentPropertiesAction |
| IncidentRelationsCreateOrUpdateOptionalParams |
Optional parameters. |
| IncidentRelationsDeleteOptionalParams |
Optional parameters. |
| IncidentRelationsGetOptionalParams |
Optional parameters. |
| IncidentRelationsListOptionalParams |
Optional parameters. |
| IncidentRelationsOperations |
Interface representing a IncidentRelations operations. |
| IncidentTask |
Describes incident task properties |
| IncidentTaskProperties |
Describes the properties of an incident task |
| IncidentTasksCreateOrUpdateOptionalParams |
Optional parameters. |
| IncidentTasksDeleteOptionalParams |
Optional parameters. |
| IncidentTasksGetOptionalParams |
Optional parameters. |
| IncidentTasksListOptionalParams |
Optional parameters. |
| IncidentTasksOperations |
Interface representing a IncidentTasks operations. |
| IncidentsCreateOrUpdateOptionalParams |
Optional parameters. |
| IncidentsDeleteOptionalParams |
Optional parameters. |
| IncidentsGetOptionalParams |
Optional parameters. |
| IncidentsListAlertsOptionalParams |
Optional parameters. |
| IncidentsListBookmarksOptionalParams |
Optional parameters. |
| IncidentsListEntitiesOptionalParams |
Optional parameters. |
| IncidentsListOptionalParams |
Optional parameters. |
| IncidentsOperations |
Interface representing a Incidents operations. |
| IncidentsRunPlaybookOptionalParams |
Optional parameters. |
| Indicator |
Represents an indicator in Azure Security Insights. |
| IndicatorObservablesItem |
An observable of this indicator |
| InsightQueryItem |
Represents Insight Query. |
| InsightQueryItemProperties |
Represents Insight Query. |
| InsightQueryItemPropertiesAdditionalQuery |
The activity query definitions. |
| InsightQueryItemPropertiesDefaultTimeRange |
The insight chart query. |
| InsightQueryItemPropertiesReferenceTimeRange |
The insight chart query. |
| InsightQueryItemPropertiesTableQuery |
The insight table query. |
| InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem |
model interface InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem |
| InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem |
model interface InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem |
| InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem |
model interface InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem |
| InsightsTableResult |
Query results for table insights query. |
| InsightsTableResultColumnsItem |
model interface InsightsTableResultColumnsItem |
| InstructionStep |
Instruction steps to enable the connector. |
| InstructionStepDetails |
Instruction step details, to be displayed in the Instructions steps section in the connector's page in Sentinel Portal. |
| InstructionSteps |
Instruction steps to enable the connector |
| InstructionStepsInstructionsItem |
model interface InstructionStepsInstructionsItem |
| IoTCheckRequirements |
Represents IoT requirements check request. |
| IoTCheckRequirementsProperties |
IoT requirements check properties. |
| IoTDataConnector |
Represents IoT data connector. |
| IoTDataConnectorProperties |
IoT data connector properties. |
| IoTDeviceEntity |
Represents an IoT device entity. |
| IoTDeviceEntityProperties |
IoTDevice entity property bag. |
| IpEntity |
Represents an ip entity. |
| IpEntityProperties |
Ip entity property bag. |
| Job |
The assignment job |
| JobItem |
An entity describing the publish status of a content item. |
| JobProperties |
The job properties |
| JwtAuthModel |
Model for API authentication with JWT. Simple exchange between user name + password to access token. |
| LastDataReceivedDataType |
Data type for last data received |
| ListGeodataByIpOptionalParams |
Optional parameters. |
| ListWhoisByDomainOptionalParams |
Optional parameters. |
| MLBehaviorAnalyticsAlertRule |
Represents MLBehaviorAnalytics alert rule. |
| MLBehaviorAnalyticsAlertRuleProperties |
MLBehaviorAnalytics alert rule base property bag. |
| MLBehaviorAnalyticsAlertRuleTemplate |
Represents MLBehaviorAnalytics alert rule template. |
| MLBehaviorAnalyticsAlertRuleTemplateProperties |
MLBehaviorAnalytics alert rule template properties. |
| MTPCheckRequirementsProperties |
MTP (Microsoft Threat Protection) requirements check properties. |
| MTPDataConnector |
Represents MTP (Microsoft Threat Protection) data connector. |
| MTPDataConnectorDataTypes |
The available data types for Microsoft Threat Protection Platforms data connector. |
| MTPDataConnectorDataTypesAlerts |
Alerts data type for Microsoft Threat Protection Platforms data connector. |
| MTPDataConnectorDataTypesIncidents |
Incidents data type for Microsoft Threat Protection Platforms data connector. |
| MTPDataConnectorProperties |
MTP (Microsoft Threat Protection) data connector properties. |
| MailClusterEntity |
Represents a mail cluster entity. |
| MailClusterEntityProperties |
Mail cluster entity property bag. |
| MailMessageEntity |
Represents a mail message entity. |
| MailMessageEntityProperties |
Mail message entity property bag. |
| MailboxEntity |
Represents a mailbox entity. |
| MailboxEntityProperties |
Mailbox entity property bag. |
| MalwareEntity |
Represents a malware entity. |
| MalwareEntityProperties |
Malware entity property bag. |
| ManualTriggerRequestBody |
model interface ManualTriggerRequestBody |
| McasCheckRequirements |
Represents MCAS (Microsoft Cloud App Security) requirements check request. |
| McasCheckRequirementsProperties |
MCAS (Microsoft Cloud App Security) requirements check properties. |
| McasDataConnector |
Represents MCAS (Microsoft Cloud App Security) data connector. |
| McasDataConnectorDataTypes |
The available data types for MCAS (Microsoft Cloud App Security) data connector. |
| McasDataConnectorProperties |
MCAS (Microsoft Cloud App Security) data connector properties. |
| MdatpCheckRequirements |
Represents MDATP (Microsoft Defender Advanced Threat Protection) requirements check request. |
| MdatpCheckRequirementsProperties |
MDATP (Microsoft Defender Advanced Threat Protection) requirements check properties. |
| MdatpDataConnector |
Represents MDATP (Microsoft Defender Advanced Threat Protection) data connector. |
| MdatpDataConnectorProperties |
MDATP (Microsoft Defender Advanced Threat Protection) data connector properties. |
| MetadataAuthor |
Publisher or creator of the content item. |
| MetadataCategories |
ies for the solution content item |
| MetadataCreateOptionalParams |
Optional parameters. |
| MetadataDeleteOptionalParams |
Optional parameters. |
| MetadataDependencies |
Dependencies for the content item, what other content items it requires to work. Can describe more complex dependencies using a recursive/nested structure. For a single dependency an id/kind/version can be supplied or operator/criteria for complex dependencies. |
| MetadataGetOptionalParams |
Optional parameters. |
| MetadataListOptionalParams |
Optional parameters. |
| MetadataModel |
Metadata resource definition. |
| MetadataOperations |
Interface representing a Metadata operations. |
| MetadataPatch |
Metadata patch request body. |
| MetadataProperties |
Metadata property bag. |
| MetadataPropertiesPatch |
Metadata property bag for patch requests. This is the same as the MetadataProperties, but with nothing required |
| MetadataSource |
The original source of the content item, where it comes from. |
| MetadataSupport |
Support information for the content item. |
| MetadataUpdateOptionalParams |
Optional parameters. |
| MicrosoftPurviewInformationProtectionCheckRequirements |
Represents MicrosoftPurviewInformationProtection requirements check request. |
| MicrosoftPurviewInformationProtectionCheckRequirementsProperties |
MicrosoftPurviewInformationProtection requirements check properties. |
| MicrosoftPurviewInformationProtectionConnectorDataTypes |
The available data types for Microsoft Purview Information Protection data connector. |
| MicrosoftPurviewInformationProtectionConnectorDataTypesLogs |
Logs data type. |
| MicrosoftPurviewInformationProtectionDataConnector |
Represents Microsoft Purview Information Protection data connector. |
| MicrosoftPurviewInformationProtectionDataConnectorProperties |
Microsoft Purview Information Protection data connector properties. |
| MicrosoftSecurityIncidentCreationAlertRule |
Represents MicrosoftSecurityIncidentCreation rule. |
| MicrosoftSecurityIncidentCreationAlertRuleCommonProperties |
MicrosoftSecurityIncidentCreation rule common property bag. |
| MicrosoftSecurityIncidentCreationAlertRuleProperties |
MicrosoftSecurityIncidentCreation rule property bag. |
| MicrosoftSecurityIncidentCreationAlertRuleTemplate |
Represents MicrosoftSecurityIncidentCreation rule template. |
| MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties |
MicrosoftSecurityIncidentCreation rule template properties |
| MstiCheckRequirements |
Represents Microsoft Threat Intelligence requirements check request. |
| MstiCheckRequirementsProperties |
Microsoft Threat Intelligence requirements check properties. |
| MstiDataConnector |
Represents Microsoft Threat Intelligence data connector. |
| MstiDataConnectorDataTypes |
The available data types for Microsoft Threat Intelligence Platforms data connector. |
| MstiDataConnectorDataTypesMicrosoftEmergingThreatFeed |
Data type for Microsoft Threat Intelligence Platforms data connector. |
| MstiDataConnectorProperties |
Microsoft Threat Intelligence data connector properties. |
| MtpCheckRequirements |
Represents MTP (Microsoft Threat Protection) requirements check request. |
| MtpFilteredProviders |
Represents the connector's Filtered providers |
| NicEntity |
Represents an network interface entity. |
| NicEntityProperties |
Nic entity property bag. |
| NoneAuthModel |
Model for API authentication with no authentication method - public API. |
| NrtAlertRule |
Represents NRT alert rule. |
| NrtAlertRuleProperties |
Nrt alert rule base property bag. |
| NrtAlertRuleTemplate |
Represents NRT alert rule template. |
| NrtAlertRuleTemplateProperties |
NRT alert rule template properties |
| OAuthModel |
Model for API authentication with OAuth2. |
| Office365ProjectCheckRequirements |
Represents Office365 Project requirements check request. |
| Office365ProjectCheckRequirementsProperties |
Office365 Project requirements check properties. |
| Office365ProjectConnectorDataTypes |
The available data types for Office Microsoft Project data connector. |
| Office365ProjectConnectorDataTypesLogs |
Logs data type. |
| Office365ProjectDataConnector |
Represents Office Microsoft Project data connector. |
| Office365ProjectDataConnectorProperties |
Office Microsoft Project data connector properties. |
| OfficeATPCheckRequirements |
Represents OfficeATP (Office 365 Advanced Threat Protection) requirements check request. |
| OfficeATPCheckRequirementsProperties |
OfficeATP (Office 365 Advanced Threat Protection) requirements check properties. |
| OfficeATPDataConnector |
Represents OfficeATP (Office 365 Advanced Threat Protection) data connector. |
| OfficeATPDataConnectorProperties |
OfficeATP (Office 365 Advanced Threat Protection) data connector properties. |
| OfficeConsent |
Consent for Office365 tenant that already made. |
| OfficeConsentProperties |
Consent property bag. |
| OfficeConsentsDeleteOptionalParams |
Optional parameters. |
| OfficeConsentsGetOptionalParams |
Optional parameters. |
| OfficeConsentsListOptionalParams |
Optional parameters. |
| OfficeConsentsOperations |
Interface representing a OfficeConsents operations. |
| OfficeDataConnector |
Represents office data connector. |
| OfficeDataConnectorDataTypes |
The available data types for office data connector. |
| OfficeDataConnectorDataTypesExchange |
Exchange data type connection. |
| OfficeDataConnectorDataTypesSharePoint |
SharePoint data type connection. |
| OfficeDataConnectorDataTypesTeams |
Teams data type connection. |
| OfficeDataConnectorProperties |
Office data connector properties. |
| OfficeIRMCheckRequirements |
Represents OfficeIRM (Microsoft Insider Risk Management) requirements check request. |
| OfficeIRMCheckRequirementsProperties |
OfficeIRM (Microsoft Insider Risk Management) requirements check properties. |
| OfficeIRMDataConnector |
Represents OfficeIRM (Microsoft Insider Risk Management) data connector. |
| OfficeIRMDataConnectorProperties |
OfficeIRM (Microsoft Insider Risk Management) data connector properties. |
| OfficePowerBICheckRequirements |
Represents Office PowerBI requirements check request. |
| OfficePowerBICheckRequirementsProperties |
Office PowerBI requirements check properties. |
| OfficePowerBIConnectorDataTypes |
The available data types for Office Microsoft PowerBI data connector. |
| OfficePowerBIConnectorDataTypesLogs |
Logs data type. |
| OfficePowerBIDataConnector |
Represents Office Microsoft PowerBI data connector. |
| OfficePowerBIDataConnectorProperties |
Office Microsoft PowerBI data connector properties. |
| Operation |
Operation provided by provider |
| OperationDisplay |
Properties of the operation |
| OperationsListOptionalParams |
Optional parameters. |
| OperationsOperations |
Interface representing a Operations operations. |
| OracleAuthModel |
Model for API authentication for Oracle. |
| PackageBaseProperties |
Describes package properties |
| PackageModel |
Represents a Package in Azure Security Insights. |
| PackageProperties |
Describes package properties |
| PageSettings |
Options for the byPage method |
| PagedAsyncIterableIterator |
An interface that allows async iterable iteration both to completion and by page. |
| Permissions |
Permissions required for the connector |
| PermissionsCustomsItem |
model interface PermissionsCustomsItem |
| PermissionsResourceProviderItem |
model interface PermissionsResourceProviderItem |
| PlaybookActionProperties |
model interface PlaybookActionProperties |
| PremiumMdtiDataConnectorDataTypes |
The available data types for Microsoft Defender for Threat Intelligence Premium data connector. |
| PremiumMdtiDataConnectorDataTypesConnector |
Data type for Microsoft Defender for Threat Intelligence Premium data connector. |
| PremiumMdtiDataConnectorProperties |
Microsoft Defender for Threat Intelligence Premium data connector properties. |
| PremiumMicrosoftDefenderForThreatIntelligence |
Represents Microsoft Defender for Threat Intelligence Premium data connector. |
| ProcessEntity |
Represents a process entity. |
| ProcessEntityProperties |
Process entity property bag. |
| ProductPackageGetOptionalParams |
Optional parameters. |
| ProductPackageModel |
Represents a Package in Azure Security Insights. |
| ProductPackageOperations |
Interface representing a ProductPackage operations. |
| ProductPackageProperties |
Describes package properties |
| ProductPackagesListOptionalParams |
Optional parameters. |
| ProductPackagesOperations |
Interface representing a ProductPackages operations. |
| ProductSettingsDeleteOptionalParams |
Optional parameters. |
| ProductSettingsGetOptionalParams |
Optional parameters. |
| ProductSettingsListOptionalParams |
Optional parameters. |
| ProductSettingsOperations |
Interface representing a ProductSettings operations. |
| ProductSettingsUpdateOptionalParams |
Optional parameters. |
| ProductTemplateGetOptionalParams |
Optional parameters. |
| ProductTemplateModel |
Template resource definition. |
| ProductTemplateOperations |
Interface representing a ProductTemplate operations. |
| ProductTemplateProperties |
Template property bag. |
| ProductTemplatesListOptionalParams |
Optional parameters. |
| ProductTemplatesOperations |
Interface representing a ProductTemplates operations. |
| PropertyArrayChangedConditionProperties |
Describes an automation rule condition that evaluates an array property's value change |
| PropertyArrayConditionProperties |
Describes an automation rule condition that evaluates an array property's value |
| PropertyChangedConditionProperties |
Describes an automation rule condition that evaluates a property's value change |
| PropertyConditionProperties |
Describes an automation rule condition that evaluates a property's value |
| ProxyResource |
The resource model definition for a Azure Resource Manager proxy resource. It will not have tags and a location |
| PullRequest |
Information regarding pull request for protected branches. |
| PurviewAuditCheckRequirements |
Represents PurviewAudit requirements check request. |
| PurviewAuditCheckRequirementsProperties |
PurviewAudit requirements check properties. |
| PurviewAuditConnectorDataTypes |
The available data types for PurviewAudit data connector. |
| PurviewAuditConnectorDataTypesLogs |
Logs data type. |
| PurviewAuditDataConnector |
Represents PurviewAudit data connector. |
| PurviewAuditDataConnectorProperties |
PurviewAudit data connector properties. |
| Query |
Represents a query to run on the TI objects in the workspace. |
| QueryCondition |
Represents a condition used to query for TI objects. |
| QueryProperties |
Describes the query properties |
| QuerySortBy |
Specifies how to sort the query results. |
| Recommendation |
Recommendation object. |
| RecommendationPatch |
Recommendation Fields to update. |
| RecommendationPatchProperties |
Recommendation Fields Properties to update. |
| RecommendationProperties |
Recommendation properties object. |
| RecommendedSuggestion |
What suggestions should be taken to complete the recommendation. |
| ReevaluateOperations |
Interface representing a Reevaluate operations. |
| ReevaluateRecommendationOptionalParams |
Optional parameters. |
| ReevaluateResponse |
Reevaluate response object. |
| RegistryKeyEntity |
Represents a registry key entity. |
| RegistryKeyEntityProperties |
RegistryKey entity property bag. |
| RegistryValueEntity |
Represents a registry value entity. |
| RegistryValueEntityProperties |
RegistryValue entity property bag. |
| Relation |
Represents a relation between two resources |
| RelationProperties |
Relation property bag. |
| Relationship |
Represents a relationship in Azure Security Insights. |
| RelationshipHint |
An object used to help follow relationships from this object to other STIX objects. |
| Repo |
Represents a repository. |
| Repository |
metadata of a repository. |
| RepositoryAccess |
Credentials to access repository. |
| RepositoryAccessObject |
Credentials to access repository. |
| RepositoryAccessProperties |
Credentials to access repository. |
| RepositoryResourceInfo |
Resources created in user's repository for the source-control. |
| RequiredPermissions |
Required permissions for the connector |
| Resource |
Common fields that are returned in the response for all Azure Resource Manager resources |
| ResourceProvider |
Resource provider permissions required for the connector |
| ResourceProviderRequiredPermissions |
Required permissions for the connector resource provider that define in ResourceProviders. For more information about the permissions see <see href="https://docs.microsoft.com/en-us/azure/role-based-access-control/role-definitions#actions-format">here</see>. |
| ResourceWithEtag |
An azure resource object with an Etag property |
| RestApiPollerDataConnector |
Represents Rest Api Poller data connector. |
| RestApiPollerDataConnectorProperties |
Rest Api Poller data connector properties. |
| RestApiPollerRequestConfig |
The request configuration. |
| RestApiPollerRequestPagingConfig |
The request paging configuration. |
| RestorePollerOptions | |
| SampleQueries |
The sample queries for the connector |
| SapSolutionUsageStatistic |
Billing statistic about the Microsoft Sentinel solution for SAP Usage |
| SapSolutionUsageStatisticProperties |
Properties of the billing statistic about the Microsoft Sentinel solution for SAP usage |
| ScheduledAlertRule |
Represents scheduled alert rule. |
| ScheduledAlertRuleCommonProperties |
Scheduled alert rule template property bag. |
| ScheduledAlertRuleProperties |
Scheduled alert rule base property bag. |
| ScheduledAlertRuleTemplate |
Represents scheduled alert rule template. |
| ScheduledAlertRuleTemplateProperties |
Scheduled alert rule template properties |
| SecurityAlert |
Represents a security alert entity. |
| SecurityAlertProperties |
SecurityAlert entity property bag. |
| SecurityAlertPropertiesConfidenceReasonsItem |
confidence reason item |
| SecurityAlertTimelineItem |
Represents security alert timeline item. |
| SecurityGroupEntity |
Represents a security group entity. |
| SecurityGroupEntityProperties |
SecurityGroup entity property bag. |
| SecurityInsightsOptionalParams |
Optional parameters for the client. |
| SecurityMLAnalyticsSetting |
Security ML Analytics Setting |
| SecurityMLAnalyticsSettingsCreateOrUpdateOptionalParams |
Optional parameters. |
| SecurityMLAnalyticsSettingsDataSource |
security ml analytics settings data sources |
| SecurityMLAnalyticsSettingsDeleteOptionalParams |
Optional parameters. |
| SecurityMLAnalyticsSettingsGetOptionalParams |
Optional parameters. |
| SecurityMLAnalyticsSettingsListOptionalParams |
Optional parameters. |
| SecurityMLAnalyticsSettingsOperations |
Interface representing a SecurityMLAnalyticsSettings operations. |
| SentinelEntityMapping |
A single sentinel entity mapping |
| SentinelOnboardingState |
Sentinel onboarding state |
| SentinelOnboardingStateProperties |
The Sentinel onboarding state properties |
| SentinelOnboardingStatesCreateOptionalParams |
Optional parameters. |
| SentinelOnboardingStatesDeleteOptionalParams |
Optional parameters. |
| SentinelOnboardingStatesGetOptionalParams |
Optional parameters. |
| SentinelOnboardingStatesList |
List of the Sentinel onboarding states |
| SentinelOnboardingStatesListOptionalParams |
Optional parameters. |
| SentinelOnboardingStatesOperations |
Interface representing a SentinelOnboardingStates operations. |
| ServicePrincipal |
Service principal metadata. |
| SessionAuthModel |
Model for API authentication with session cookie. |
| Settings |
The Setting. |
| SimplePollerLike |
A simple poller that can be used to poll a long running operation. |
| SourceControl |
Represents a SourceControl in Azure Security Insights. |
| SourceControlOperationsListRepositoriesOptionalParams |
Optional parameters. |
| SourceControlOperationsOperations |
Interface representing a SourceControlOperations operations. |
| SourceControlProperties |
Describes source control properties |
| SourceControlsCreateOptionalParams |
Optional parameters. |
| SourceControlsDeleteOptionalParams |
Optional parameters. |
| SourceControlsGetOptionalParams |
Optional parameters. |
| SourceControlsListOptionalParams |
Optional parameters. |
| SourceControlsOperations |
Interface representing a SourceControls operations. |
| SubmissionMailEntity |
Represents a submission mail entity. |
| SubmissionMailEntityProperties |
Submission mail entity property bag. |
| SystemData |
Metadata pertaining to creation and last modification of the resource. |
| TICheckRequirements |
Threat Intelligence Platforms data connector check requirements |
| TICheckRequirementsProperties |
Threat Intelligence Platforms data connector required properties. |
| TIDataConnector |
Represents threat intelligence data connector. |
| TIDataConnectorDataTypes |
The available data types for TI (Threat Intelligence) data connector. |
| TIDataConnectorDataTypesIndicators |
Data type for indicators connection. |
| TIDataConnectorProperties |
TI (Threat Intelligence) data connector properties. |
| TIObject |
Represents a threat intelligence object in Azure Security Insights. |
| TIObjectCommonProperties |
Describes properties common to all threat intelligence objects |
| TeamInformation |
Describes team information |
| TemplateModel |
Template resource definition. |
| TemplateProperties |
Template property bag. |
| ThreatActor |
Represents a threat actor in Azure Security Insights. |
| ThreatIntelligence |
ThreatIntelligence property bag. |
| ThreatIntelligenceAlertRule |
Represents Threat Intelligence alert rule. |
| ThreatIntelligenceAlertRuleProperties |
Threat Intelligence alert rule base property bag. |
| ThreatIntelligenceAlertRuleTemplate |
Represents Threat Intelligence alert rule template. |
| ThreatIntelligenceAlertRuleTemplateProperties |
Threat Intelligence alert rule template properties |
| ThreatIntelligenceAppendTags |
Array of tags to be appended to the threat intelligence indicator. |
| ThreatIntelligenceCount |
Count of all the threat intelligence objects on the workspace that match the provided query. |
| ThreatIntelligenceCountOptionalParams |
Optional parameters. |
| ThreatIntelligenceExternalReference |
Describes external reference |
| ThreatIntelligenceFilteringCriteria |
Filtering criteria for querying threat intelligence indicators. |
| ThreatIntelligenceGranularMarkingModel |
Describes threat granular marking model entity |
| ThreatIntelligenceIndicatorAppendTagsOptionalParams |
Optional parameters. |
| ThreatIntelligenceIndicatorCreateIndicatorOptionalParams |
Optional parameters. |
| ThreatIntelligenceIndicatorCreateOptionalParams |
Optional parameters. |
| ThreatIntelligenceIndicatorDeleteOptionalParams |
Optional parameters. |
| ThreatIntelligenceIndicatorGetOptionalParams |
Optional parameters. |
| ThreatIntelligenceIndicatorListQueryIndicatorsOptionalParams |
Optional parameters. |
| ThreatIntelligenceIndicatorMetricsListOptionalParams |
Optional parameters. |
| ThreatIntelligenceIndicatorMetricsOperations |
Interface representing a ThreatIntelligenceIndicatorMetrics operations. |
| ThreatIntelligenceIndicatorModel |
Threat intelligence indicator entity. |
| ThreatIntelligenceIndicatorOperations |
Interface representing a ThreatIntelligenceIndicator operations. |
| ThreatIntelligenceIndicatorProperties |
Describes threat intelligence entity properties |
| ThreatIntelligenceIndicatorReplaceTagsOptionalParams |
Optional parameters. |
| ThreatIntelligenceIndicatorsListOptionalParams |
Optional parameters. |
| ThreatIntelligenceIndicatorsOperations |
Interface representing a ThreatIntelligenceIndicators operations. |
| ThreatIntelligenceInformation |
Threat intelligence information object. |
| ThreatIntelligenceKillChainPhase |
Describes threat kill chain phase entity |
| ThreatIntelligenceMetric |
Describes threat intelligence metric |
| ThreatIntelligenceMetricEntity |
Describes threat intelligence metric entity |
| ThreatIntelligenceMetrics |
Threat intelligence metrics. |
| ThreatIntelligenceMetricsList |
List of all the threat intelligence metric fields (type/threat type/source). |
| ThreatIntelligenceOperations |
Interface representing a ThreatIntelligence operations. |
| ThreatIntelligenceParsedPattern |
Describes parsed pattern entity |
| ThreatIntelligenceParsedPatternTypeValue |
Describes threat kill chain phase entity |
| ThreatIntelligenceQueryOptionalParams |
Optional parameters. |
| ThreatIntelligenceSortingCriteria |
List of available columns for sorting |
| TiTaxiiCheckRequirements |
Threat Intelligence TAXII data connector check requirements |
| TiTaxiiCheckRequirementsProperties |
Threat Intelligence TAXII data connector required properties. |
| TiTaxiiDataConnector |
Data connector to pull Threat intelligence data from TAXII 2.0/2.1 server |
| TiTaxiiDataConnectorDataTypes |
The available data types for Threat Intelligence TAXII data connector. |
| TiTaxiiDataConnectorDataTypesTaxiiClient |
Data type for TAXII connector. |
| TiTaxiiDataConnectorProperties |
Threat Intelligence TAXII data connector properties. |
| TimelineAggregation |
timeline aggregation information per kind |
| TimelineError |
Timeline Query Errors. |
| TimelineResultsMetadata |
Expansion result metadata. |
| TriggeredAnalyticsRuleRun |
The triggered analytics rule run |
| TriggeredAnalyticsRuleRunGetOptionalParams |
Optional parameters. |
| TriggeredAnalyticsRuleRunOperations |
Interface representing a TriggeredAnalyticsRuleRun operations. |
| TriggeredAnalyticsRuleRunProperties |
The triggered analytics rule run Properties |
| Ueba |
Settings with single toggle. |
| UebaProperties |
Ueba property bag. |
| UpdateOperations |
Interface representing a Update operations. |
| UpdateRecommendationOptionalParams |
Optional parameters. |
| UrlEntity |
Represents a url entity. |
| UrlEntityProperties |
Url entity property bag. |
| UserInfo |
User information that made some action |
| ValidationError |
Describes an error encountered in the file during validation. |
| Warning |
Warning response structure. |
| WarningBody |
Warning details. |
| Watchlist |
Represents a Watchlist in Azure Security Insights. |
| WatchlistItem |
Represents a Watchlist Item in Azure Security Insights. |
| WatchlistItemProperties |
Describes watchlist item properties |
| WatchlistItemsCreateOrUpdateOptionalParams |
Optional parameters. |
| WatchlistItemsDeleteOptionalParams |
Optional parameters. |
| WatchlistItemsGetOptionalParams |
Optional parameters. |
| WatchlistItemsListOptionalParams |
Optional parameters. |
| WatchlistItemsOperations |
Interface representing a WatchlistItems operations. |
| WatchlistProperties |
Describes watchlist properties |
| WatchlistsCreateOrUpdateOptionalParams |
Optional parameters. |
| WatchlistsDeleteOptionalParams |
Optional parameters. |
| WatchlistsGetOptionalParams |
Optional parameters. |
| WatchlistsListOptionalParams |
Optional parameters. |
| WatchlistsOperations |
Interface representing a Watchlists operations. |
| Webhook |
Detail about the webhook object. |
| WorkloadIdentityFederation |
Workload Identity Federation metadata. |
| WorkspaceManagerAssignment |
The workspace manager assignment |
| WorkspaceManagerAssignmentJobsCreateOptionalParams |
Optional parameters. |
| WorkspaceManagerAssignmentJobsDeleteOptionalParams |
Optional parameters. |
| WorkspaceManagerAssignmentJobsGetOptionalParams |
Optional parameters. |
| WorkspaceManagerAssignmentJobsListOptionalParams |
Optional parameters. |
| WorkspaceManagerAssignmentJobsOperations |
Interface representing a WorkspaceManagerAssignmentJobs operations. |
| WorkspaceManagerAssignmentProperties |
The workspace manager assignment properties |
| WorkspaceManagerAssignmentsCreateOrUpdateOptionalParams |
Optional parameters. |
| WorkspaceManagerAssignmentsDeleteOptionalParams |
Optional parameters. |
| WorkspaceManagerAssignmentsGetOptionalParams |
Optional parameters. |
| WorkspaceManagerAssignmentsListOptionalParams |
Optional parameters. |
| WorkspaceManagerAssignmentsOperations |
Interface representing a WorkspaceManagerAssignments operations. |
| WorkspaceManagerConfiguration |
The workspace manager configuration |
| WorkspaceManagerConfigurationProperties |
The workspace manager configuration properties |
| WorkspaceManagerConfigurationsCreateOrUpdateOptionalParams |
Optional parameters. |
| WorkspaceManagerConfigurationsDeleteOptionalParams |
Optional parameters. |
| WorkspaceManagerConfigurationsGetOptionalParams |
Optional parameters. |
| WorkspaceManagerConfigurationsListOptionalParams |
Optional parameters. |
| WorkspaceManagerConfigurationsOperations |
Interface representing a WorkspaceManagerConfigurations operations. |
| WorkspaceManagerGroup |
The workspace manager group |
| WorkspaceManagerGroupProperties |
The workspace manager group properties |
| WorkspaceManagerGroupsCreateOrUpdateOptionalParams |
Optional parameters. |
| WorkspaceManagerGroupsDeleteOptionalParams |
Optional parameters. |
| WorkspaceManagerGroupsGetOptionalParams |
Optional parameters. |
| WorkspaceManagerGroupsListOptionalParams |
Optional parameters. |
| WorkspaceManagerGroupsOperations |
Interface representing a WorkspaceManagerGroups operations. |
| WorkspaceManagerMember |
The workspace manager member |
| WorkspaceManagerMemberProperties |
The workspace manager member properties |
| WorkspaceManagerMembersCreateOrUpdateOptionalParams |
Optional parameters. |
| WorkspaceManagerMembersDeleteOptionalParams |
Optional parameters. |
| WorkspaceManagerMembersGetOptionalParams |
Optional parameters. |
| WorkspaceManagerMembersListOptionalParams |
Optional parameters. |
| WorkspaceManagerMembersOperations |
Interface representing a WorkspaceManagerMembers operations. |
Type Aliases
| ActionType |
The type of the automation rule action. Known values supported by the serviceModifyProperties: Modify an object's properties |
| AlertDetail |
Alert detail Known values supported by the serviceDisplayName: Alert display name |
| AlertProperty |
The V3 alert property Known values supported by the serviceAlertLink: Alert's link |
| AlertRuleKind |
The kind of the alert rule Known values supported by the serviceScheduled: Scheduled |
| AlertRuleTemplateUnion |
Alias for AlertRuleTemplateUnion |
| AlertRuleUnion |
Alias for AlertRuleUnion |
| AlertSeverity |
The severity of the alert Known values supported by the serviceHigh: High severity |
| AlertStatus |
The lifecycle status of the alert. Known values supported by the serviceUnknown: Unknown value |
| AntispamMailDirection |
The directionality of this mail message Known values supported by the serviceUnknown: Unknown |
| AttackTactic |
The severity for alerts created by this alert rule. Known values supported by the serviceReconnaissance: Reconnaissance |
| AutomationRuleActionUnion |
Alias for AutomationRuleActionUnion |
| AutomationRuleBooleanConditionSupportedOperator |
Type of AutomationRuleBooleanConditionSupportedOperator |
| AutomationRuleConditionUnion |
Alias for AutomationRuleConditionUnion |
| AutomationRulePropertyArrayChangedConditionSupportedArrayType |
Type of AutomationRulePropertyArrayChangedConditionSupportedArrayType |
| AutomationRulePropertyArrayChangedConditionSupportedChangeType |
Type of AutomationRulePropertyArrayChangedConditionSupportedChangeType |
| AutomationRulePropertyArrayConditionSupportedArrayConditionType |
Type of AutomationRulePropertyArrayConditionSupportedArrayConditionType |
| AutomationRulePropertyArrayConditionSupportedArrayType |
Type of AutomationRulePropertyArrayConditionSupportedArrayType |
| AutomationRulePropertyChangedConditionSupportedChangedType |
Type of AutomationRulePropertyChangedConditionSupportedChangedType |
| AutomationRulePropertyChangedConditionSupportedPropertyType |
Type of AutomationRulePropertyChangedConditionSupportedPropertyType |
| AutomationRulePropertyConditionSupportedOperator |
Type of AutomationRulePropertyConditionSupportedOperator |
| AutomationRulePropertyConditionSupportedProperty |
The property to evaluate in an automation rule property condition. Known values supported by the serviceIncidentTitle: The title of the incident |
| AutomationRulesDeleteResponse | |
| AzureSupportedClouds |
The supported values for cloud setting as a string literal type |
| BillingStatisticKind |
The kind of the billing statistic Known values supported by the serviceSapSolutionUsage: SapSolutionUsage |
| BillingStatisticUnion |
Alias for BillingStatisticUnion |
| CcpAuthConfigUnion |
Alias for CcpAuthConfigUnion |
| CcpAuthType |
Type of paging Known values supported by the serviceBasic: Basic |
| ConditionType |
Type of ConditionType |
| ConfidenceLevel |
The confidence level of this alert. Known values supported by the serviceUnknown: Unknown confidence, the is the default value |
| ConfidenceScoreStatus |
The confidence score calculation status, i.e. indicating if score calculation is pending for this alert, not applicable or final. Known values supported by the serviceNotApplicable: Score will not be calculated for this alert as it is not supported by virtual analyst |
| ConnectAuthKind |
The authentication kind used to poll the data Known values supported by the serviceBasic: Basic |
| Connective |
Represents boolean connectives used to join clauses in conditions. Known values supported by the serviceAnd: 'And' connective |
| ConnectivityType |
type of connectivity Known values supported by the serviceIsConnectedQuery: IsConnectedQuery |
| ContentType |
The content type of a source control path. Known values supported by the serviceAnalyticsRule: AnalyticsRule |
| ContinuablePage |
An interface that describes a page of results. |
| CreatedByType |
The kind of entity that created the resource. Known values supported by the serviceUser: The entity was created by a user. |
| CustomEntityQueryKind |
The kind of the entity query that supports put request. Known values supported by the serviceActivity: Activity |
| CustomEntityQueryUnion |
Alias for CustomEntityQueryUnion |
| DataConnectorAuthorizationState |
Describes the state of user's authorization for a connector kind. Known values supported by the serviceValid: Valid |
| DataConnectorDefinitionKind |
The kind of the data connector definitions Known values supported by the serviceCustomizable: Customizable |
| DataConnectorDefinitionUnion |
Alias for DataConnectorDefinitionUnion |
| DataConnectorKind |
The kind of the data connector Known values supported by the serviceAzureActiveDirectory: AzureActiveDirectory |
| DataConnectorLicenseState |
Describes the state of user's license for a connector kind. Known values supported by the serviceValid: Valid |
| DataConnectorUnion |
Alias for DataConnectorUnion |
| DataConnectorsCheckRequirementsUnion |
Alias for DataConnectorsCheckRequirementsUnion |
| DataTypeState |
Describe whether this data type connection is enabled or not. Known values supported by the serviceEnabled: Enabled |
| DeleteStatus |
Indicates whether the file was deleted from the storage account. Known values supported by the serviceDeleted: The file was deleted. |
| DeliveryAction |
The delivery action of this mail message like Delivered, Blocked, Replaced etc |
| DeliveryLocation |
The delivery location of this mail message like Inbox, JunkFolder etc |
| DeploymentFetchStatus |
Status while trying to fetch the deployment information. Known values supported by the serviceSuccess: Success |
| DeploymentResult |
Status while trying to fetch the deployment information. Known values supported by the serviceSuccess: Success |
| DeploymentState |
The current state of the deployment. Known values supported by the serviceIn_Progress: In_Progress |
| DeviceImportance |
Device importance, determines if the device classified as 'crown jewel' Known values supported by the serviceUnknown: Unknown - Default value |
| ElevationToken |
The elevation token associated with the process. |
| EnrichmentType |
Type of EnrichmentType |
| EntityItemQueryKind |
Type of EntityItemQueryKind |
| EntityKindEnum |
The kind of the entity Known values supported by the serviceAccount: Entity represents account in the system. |
| EntityMappingType |
The V3 type of the mapped entity Known values supported by the serviceAccount: User account entity type |
| EntityProviders |
The entity provider that is synced. Known values supported by the serviceActiveDirectory: ActiveDirectory |
| EntityQueryItemUnion |
Alias for EntityQueryItemUnion |
| EntityQueryKind |
The kind of the entity query Known values supported by the serviceExpansion: Expansion |
| EntityQueryTemplateKind |
Type of EntityQueryTemplateKind |
| EntityQueryTemplateUnion |
Alias for EntityQueryTemplateUnion |
| EntityQueryUnion |
Alias for EntityQueryUnion |
| EntityTimelineItemUnion |
Alias for EntityTimelineItemUnion |
| EntityTimelineKind |
The entity query kind Known values supported by the serviceActivity: activity |
| EntityType |
The type of the entity Known values supported by the serviceAccount: Entity represents account in the system. |
| EntityUnion |
Alias for EntityUnion |
| EventGroupingAggregationKind |
The event grouping aggregation kinds Known values supported by the serviceSingleAlert: SingleAlert |
| FileFormat |
The format of the file Known values supported by the serviceCSV: A CSV file. |
| FileHashAlgorithm |
The hash algorithm type. Known values supported by the serviceUnknown: Unknown hash algorithm |
| FileImportContentType |
The content type of this file. Known values supported by the serviceBasicIndicator: File containing records with the core fields of an indicator, plus the observables to construct the STIX pattern. |
| FileImportState |
The state of the file import. Known values supported by the serviceFatalError: A fatal error has occurred while ingesting the file. |
| Flag |
The boolean value the metadata is for. Known values supported by the servicetrue: true |
| GetInsightsError |
the query kind Known values supported by the serviceInsight: Insight |
| HttpMethodVerb |
The HTTP method, default value GET. Known values supported by the serviceGET: GET |
| HypothesisStatus |
The hypothesis status of the hunt. Known values supported by the serviceUnknown: Unknown |
| IncidentClassification |
The reason the incident was closed Known values supported by the serviceUndetermined: Incident classification was undetermined |
| IncidentClassificationReason |
The classification reason the incident was closed with Known values supported by the serviceSuspiciousActivity: Classification reason was suspicious activity |
| IncidentLabelType |
The type of the label Known values supported by the serviceUser: Label manually created by a user |
| IncidentSeverity |
The severity of the incident Known values supported by the serviceHigh: High severity |
| IncidentStatus |
The status of the incident Known values supported by the serviceNew: An active incident which isn't being handled currently |
| IncidentTaskStatus |
The status of the task Known values supported by the serviceNew: A new task |
| IncidentsRunPlaybookResponse | |
| IngestionMode |
Describes how to ingest the records in the file. Known values supported by the serviceIngestOnlyIfAllAreValid: No records should be ingested when invalid records are detected. |
| KillChainIntent |
The intent of the alert. Known values supported by the serviceUnknown: The default value. |
| Kind |
The kind of content the metadata is for. Known values supported by the serviceDataConnector: DataConnector |
| MatchingMethod |
Grouping matching method. When method is Selected at least one of groupByEntities, groupByAlertDetails, groupByCustomDetails must be provided and not empty. Known values supported by the serviceAllEntities: Grouping alerts into a single incident if all the entities match |
| MicrosoftSecurityProductName |
The alerts' productName on which the cases will be generated Known values supported by the serviceMicrosoft Cloud App Security: Microsoft Cloud App Security |
| Mode |
The current mode of the workspace manager configuration Known values supported by the serviceEnabled: The workspace manager configuration is enabled |
| MtpProvider |
The available data providers. Known values supported by the servicemicrosoftDefenderForCloudApps: microsoftDefenderForCloudApps |
| OSFamily |
The operating system type. |
| Operator |
Represents an operator in a ConditionClause. Known values supported by the serviceEquals: Equals |
| OutputType |
Insights Column type. Known values supported by the serviceNumber: Number |
| OwnerType |
The type of the owner the hunt is assigned to. Known values supported by the serviceUnknown: The hunt owner type is unknown |
| PackageKind |
The package kind Known values supported by the serviceSolution: Solution |
| PermissionProviderScope |
Permission provider scope Known values supported by the serviceResourceGroup: ResourceGroup |
| PollingFrequency |
The polling frequency for the TAXII server. Known values supported by the serviceOnceAMinute: Once a minute |
| ProviderName |
Provider name Known values supported by the serviceMicrosoft.OperationalInsights/solutions: Microsoft.OperationalInsights/solutions |
| ProviderPermissionsScope |
The scope on which the user should have permissions, in order to be able to create connections. Known values supported by the serviceSubscription: Subscription |
| ProvisioningState |
The triggered analytics rule run provisioning state Known values supported by the serviceAccepted: Accepted |
| RegistryHive |
the hive that holds the registry key. Known values supported by the serviceHKEY_LOCAL_MACHINE: HKEY_LOCAL_MACHINE |
| RegistryValueKind |
Specifies the data types to use when storing values in the registry, or identifies the data type of a value in the registry. Known values supported by the serviceNone: None |
| RepoType |
The type of repository. Known values supported by the serviceGithub: Github |
| RepositoryAccessKind |
The kind of repository access credentials Known values supported by the serviceOAuth: OAuth |
| RestApiPollerRequestPagingKind |
Type of paging Known values supported by the serviceLinkHeader: LinkHeader |
| SecurityMLAnalyticsSettingUnion |
Alias for SecurityMLAnalyticsSettingUnion |
| SecurityMLAnalyticsSettingsKind |
The kind of security ML analytics settings Known values supported by the serviceAnomaly: Anomaly |
| SettingKind |
The kind of the setting Known values supported by the serviceAnomalies: Anomalies |
| SettingType |
The kind of the setting Known values supported by the serviceCopyableLabel: CopyableLabel |
| SettingsStatus |
The anomaly SecurityMLAnalyticsSettings status Known values supported by the serviceProduction: Anomaly settings status in Production mode |
| SettingsUnion |
Alias for SettingsUnion |
| SortingDirection |
The direction to sort the results by. Known values supported by the serviceASC: Indicates that the query should be sorted from lowest-to-highest value. |
| SourceKind |
Source type of the content Known values supported by the serviceLocalWorkspace: LocalWorkspace |
| SourceType |
The sourceType of the watchlist Known values supported by the serviceLocal: The source from local file. |
| State |
State of recommendation. Known values supported by the serviceActive: Recommendation is active. |
| Status |
The status of the hunt. Known values supported by the serviceNew: New |
| SupportTier |
Type of support for content item Known values supported by the serviceMicrosoft: Microsoft |
| TIObjectKind |
The kind of the TI object Known values supported by the serviceAttackPattern: A TI object that represents an attack pattern. |
| TIObjectUnion |
Alias for TIObjectUnion |
| TemplateStatus |
The alert rule template status. Known values supported by the serviceInstalled: Alert rule template installed. and can not use more then once |
| ThreatIntelligenceInformationUnion |
Alias for ThreatIntelligenceInformationUnion |
| ThreatIntelligenceResourceInnerKind |
The kind of the threat intelligence entity Known values supported by the serviceindicator: Entity represents threat intelligence indicator in the system. |
| ThreatIntelligenceSortingOrder |
Sorting order (ascending/descending/unsorted). Known values supported by the serviceunsorted: unsorted |
| TiType |
Type of TiType |
| TriggerOperator |
The operation against the threshold that triggers alert rule. |
| TriggersOn |
Type of TriggersOn |
| TriggersWhen |
Type of TriggersWhen |
| UebaDataSources |
The data source that enriched by ueba. Known values supported by the serviceAuditLogs: AuditLogs |
| Version |
The version of the source control. Known values supported by the serviceV1: V1 |
| WarningCode |
The type of repository. Known values supported by the serviceSourceControlWarning_DeleteServicePrincipal: SourceControlWarning_DeleteServicePrincipal |
Enums
| AzureClouds |
An enum to describe Azure Cloud environments. |
| KnownActionType |
The type of the automation rule action. |
| KnownAlertDetail |
Alert detail |
| KnownAlertProperty |
The V3 alert property |
| KnownAlertRuleKind |
The kind of the alert rule |
| KnownAlertSeverity |
The severity of the alert |
| KnownAlertStatus |
The lifecycle status of the alert. |
| KnownAntispamMailDirection |
The directionality of this mail message |
| KnownAttackTactic |
The severity for alerts created by this alert rule. |
| KnownAutomationRuleBooleanConditionSupportedOperator |
Known values of AutomationRuleBooleanConditionSupportedOperator that the service accepts. |
| KnownAutomationRulePropertyArrayChangedConditionSupportedArrayType |
Known values of AutomationRulePropertyArrayChangedConditionSupportedArrayType that the service accepts. |
| KnownAutomationRulePropertyArrayChangedConditionSupportedChangeType |
Known values of AutomationRulePropertyArrayChangedConditionSupportedChangeType that the service accepts. |
| KnownAutomationRulePropertyArrayConditionSupportedArrayConditionType |
Known values of AutomationRulePropertyArrayConditionSupportedArrayConditionType that the service accepts. |
| KnownAutomationRulePropertyArrayConditionSupportedArrayType |
Known values of AutomationRulePropertyArrayConditionSupportedArrayType that the service accepts. |
| KnownAutomationRulePropertyChangedConditionSupportedChangedType |
Known values of AutomationRulePropertyChangedConditionSupportedChangedType that the service accepts. |
| KnownAutomationRulePropertyChangedConditionSupportedPropertyType |
Known values of AutomationRulePropertyChangedConditionSupportedPropertyType that the service accepts. |
| KnownAutomationRulePropertyConditionSupportedOperator |
Known values of AutomationRulePropertyConditionSupportedOperator that the service accepts. |
| KnownAutomationRulePropertyConditionSupportedProperty |
The property to evaluate in an automation rule property condition. |
| KnownBillingStatisticKind |
The kind of the billing statistic |
| KnownCcpAuthType |
Type of paging |
| KnownConditionType |
Known values of ConditionType that the service accepts. |
| KnownConfidenceLevel |
The confidence level of this alert. |
| KnownConfidenceScoreStatus |
The confidence score calculation status, i.e. indicating if score calculation is pending for this alert, not applicable or final. |
| KnownConnectAuthKind |
The authentication kind used to poll the data |
| KnownConnective |
Represents boolean connectives used to join clauses in conditions. |
| KnownConnectivityType |
type of connectivity |
| KnownContentType |
The content type of a source control path. |
| KnownCreatedByType |
The kind of entity that created the resource. |
| KnownCustomEntityQueryKind |
The kind of the entity query that supports put request. |
| KnownDataConnectorAuthorizationState |
Describes the state of user's authorization for a connector kind. |
| KnownDataConnectorDefinitionKind |
The kind of the data connector definitions |
| KnownDataConnectorKind |
The kind of the data connector |
| KnownDataConnectorLicenseState |
Describes the state of user's license for a connector kind. |
| KnownDataTypeState |
Describe whether this data type connection is enabled or not. |
| KnownDeleteStatus |
Indicates whether the file was deleted from the storage account. |
| KnownDeploymentFetchStatus |
Status while trying to fetch the deployment information. |
| KnownDeploymentResult |
Status while trying to fetch the deployment information. |
| KnownDeploymentState |
The current state of the deployment. |
| KnownDeviceImportance |
Device importance, determines if the device classified as 'crown jewel' |
| KnownEnrichmentType |
Known values of EnrichmentType that the service accepts. |
| KnownEntityItemQueryKind |
Known values of EntityItemQueryKind that the service accepts. |
| KnownEntityKindEnum |
The kind of the entity |
| KnownEntityMappingType |
The V3 type of the mapped entity |
| KnownEntityProviders |
The entity provider that is synced. |
| KnownEntityQueryKind |
The kind of the entity query |
| KnownEntityQueryTemplateKind |
Known values of EntityQueryTemplateKind that the service accepts. |
| KnownEntityTimelineKind |
The entity query kind |
| KnownEntityType |
The type of the entity |
| KnownEventGroupingAggregationKind |
The event grouping aggregation kinds |
| KnownFileFormat |
The format of the file |
| KnownFileHashAlgorithm |
The hash algorithm type. |
| KnownFileImportContentType |
The content type of this file. |
| KnownFileImportState |
The state of the file import. |
| KnownFlag |
The boolean value the metadata is for. |
| KnownGetInsightsError |
the query kind |
| KnownHttpMethodVerb |
The HTTP method, default value GET. |
| KnownHypothesisStatus |
The hypothesis status of the hunt. |
| KnownIncidentClassification |
The reason the incident was closed |
| KnownIncidentClassificationReason |
The classification reason the incident was closed with |
| KnownIncidentLabelType |
The type of the label |
| KnownIncidentSeverity |
The severity of the incident |
| KnownIncidentStatus |
The status of the incident |
| KnownIncidentTaskStatus |
The status of the task |
| KnownIngestionMode |
Describes how to ingest the records in the file. |
| KnownKillChainIntent |
The intent of the alert. |
| KnownKind |
The kind of content the metadata is for. |
| KnownMatchingMethod |
Grouping matching method. When method is Selected at least one of groupByEntities, groupByAlertDetails, groupByCustomDetails must be provided and not empty. |
| KnownMicrosoftSecurityProductName |
The alerts' productName on which the cases will be generated |
| KnownMode |
The current mode of the workspace manager configuration |
| KnownMtpProvider |
The available data providers. |
| KnownOperator |
Represents an operator in a ConditionClause. |
| KnownOutputType |
Insights Column type. |
| KnownOwnerType |
The type of the owner the hunt is assigned to. |
| KnownPackageKind |
The package kind |
| KnownPermissionProviderScope |
Permission provider scope |
| KnownPollingFrequency |
The polling frequency for the TAXII server. |
| KnownProviderName |
Provider name |
| KnownProviderPermissionsScope |
The scope on which the user should have permissions, in order to be able to create connections. |
| KnownProvisioningState |
The triggered analytics rule run provisioning state |
| KnownRegistryHive |
the hive that holds the registry key. |
| KnownRegistryValueKind |
Specifies the data types to use when storing values in the registry, or identifies the data type of a value in the registry. |
| KnownRepoType |
The type of repository. |
| KnownRepositoryAccessKind |
The kind of repository access credentials |
| KnownRestApiPollerRequestPagingKind |
Type of paging |
| KnownSecurityMLAnalyticsSettingsKind |
The kind of security ML analytics settings |
| KnownSettingKind |
The kind of the setting |
| KnownSettingType |
The kind of the setting |
| KnownSettingsStatus |
The anomaly SecurityMLAnalyticsSettings status |
| KnownSortingDirection |
The direction to sort the results by. |
| KnownSourceKind |
Source type of the content |
| KnownSourceType |
The sourceType of the watchlist |
| KnownState |
State of recommendation. |
| KnownStatus |
The status of the hunt. |
| KnownSupportTier |
Type of support for content item |
| KnownTIObjectKind |
The kind of the TI object |
| KnownTemplateStatus |
The alert rule template status. |
| KnownThreatIntelligenceResourceInnerKind |
The kind of the threat intelligence entity |
| KnownThreatIntelligenceSortingOrder |
Sorting order (ascending/descending/unsorted). |
| KnownTiType |
Known values of TiType that the service accepts. |
| KnownTriggersOn |
Known values of TriggersOn that the service accepts. |
| KnownTriggersWhen |
Known values of TriggersWhen that the service accepts. |
| KnownUebaDataSources |
The data source that enriched by ueba. |
| KnownVersion |
The version of the source control. |
| KnownVersions |
The available API versions. |
| KnownWarningCode |
The type of repository. |
Functions
| is |
Typeguard for RestError |
| restore |
Creates a poller from the serialized state of another poller. This can be useful when you want to create pollers on a different host or a poller needs to be constructed after the original one is not in scope. |
Variables
| Rest |
A custom error type for failed pipeline requests. |
Function Details
isRestError(unknown)
Typeguard for RestError
function isRestError(e: unknown): eParameters
- e
-
unknown
Something caught by a catch clause.
Returns
e
restorePoller<TResponse, TResult>(SecurityInsights, string, (args: any[]) => PollerLike<OperationState<TResult>, TResult>, RestorePollerOptions<TResult, PathUncheckedResponse>)
Creates a poller from the serialized state of another poller. This can be useful when you want to create pollers on a different host or a poller needs to be constructed after the original one is not in scope.
function restorePoller<TResponse, TResult>(client: SecurityInsights, serializedState: string, sourceOperation: (args: any[]) => PollerLike<OperationState<TResult>, TResult>, options?: RestorePollerOptions<TResult, PathUncheckedResponse>): PollerLike<OperationState<TResult>, TResult>Parameters
- client
- SecurityInsights
- serializedState
-
string
- sourceOperation
-
(args: any[]) => PollerLike<OperationState<TResult>, TResult>
- options
-
RestorePollerOptions<TResult, PathUncheckedResponse>
Returns
PollerLike<OperationState<TResult>, TResult>
Variable Details
RestError
A custom error type for failed pipeline requests.
RestError: RestErrorConstructor