Adaptive Application Controls - List
Abonelik için uygulama denetimi makine gruplarının listesini alır.
GET https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.Security/applicationWhitelistings?api-version=2020-01-01
GET https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.Security/applicationWhitelistings?api-version=2020-01-01&includePathRecommendations={includePathRecommendations}&summary={summary}
URI Parametreleri
Name | İçinde | Gerekli | Tür | Description |
---|---|---|---|---|
subscription
|
path | True |
string |
Azure abonelik kimliği Regex pattern: |
api-version
|
query | True |
string |
İşlem için API sürümü |
include
|
query |
boolean |
İlke kurallarını dahil et |
|
summary
|
query |
boolean |
Özetlenmiş formda çıktı döndürme |
Yanıtlar
Name | Tür | Description |
---|---|---|
200 OK |
Tamam |
|
Other Status Codes |
İşlemin neden başarısız olduğunu açıklayan hata yanıtı. |
Güvenlik
azure_auth
Azure Active Directory OAuth2 Flow
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
Name | Description |
---|---|
user_impersonation | kullanıcı hesabınızın kimliğine bürünme |
Örnekler
Gets a list of application control groups of machines for the subscription
Sample Request
GET https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/applicationWhitelistings?api-version=2020-01-01&includePathRecommendations=True&summary=False
Sample Response
{
"value": [
{
"id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/locations/centralus/applicationWhitelistings/AMIT-VA",
"name": "AMIT-VA",
"type": "Microsoft.Security/applicationWhitelistings",
"location": "centralus",
"properties": {
"recommendationStatus": "Recommended",
"enforcementMode": "Audit",
"protectionMode": {
"exe": "Audit",
"msi": "Audit",
"script": "None"
},
"vmRecommendations": [
{
"configurationStatus": "Configured",
"resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/erelh-dsc/providers/microsoft.compute/virtualmachines/erelh-14011",
"recommendationAction": "Recommended",
"enforcementSupport": "Supported"
},
{
"configurationStatus": "Configured",
"resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/amit-va/providers/microsoft.compute/virtualmachines/ream-test",
"recommendationAction": "Recommended",
"enforcementSupport": "Supported"
},
{
"configurationStatus": "Configured",
"resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/v-arrikl-scheduledapps/providers/microsoft.compute/virtualmachines/v-arrikl-14060",
"recommendationAction": "Recommended",
"enforcementSupport": "Supported"
}
],
"pathRecommendations": [
{
"path": "C:\\Windows\\SoftwareDistribution\\Download\\Install\\Windows-KB890830-x64-V5.53-delta.exe",
"type": "File",
"common": true,
"action": "Remove",
"usernames": [
{
"username": "LOCAL SYSTEM",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-5-18"
],
"fileType": "Exe",
"configurationStatus": "NoStatus"
},
{
"path": "C:\\WindowsAzure\\GuestAgent_2.7.1198.822\\CollectGuestLogs.exe",
"type": "File",
"common": true,
"action": "Remove",
"usernames": [
{
"username": "LOCAL SYSTEM",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-5-18"
],
"fileType": "Exe",
"configurationStatus": "NoStatus"
},
{
"path": "C:\\Windows\\System32\\wbem\\WmiPrvSE.exe",
"type": "PublisherSignature",
"publisherInfo": {
"publisherName": "O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US",
"productName": "*",
"binaryName": "*",
"version": "0.0.0.0"
},
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "Everyone",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-5-18",
"S-1-1-0"
],
"fileType": "Exe",
"configurationStatus": "Configured"
},
{
"path": "%OSDRIVE%\\WINDOWSAZURE\\SECAGENT\\WASECAGENTPROV.EXE",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "Everyone",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Exe",
"configurationStatus": "Configured"
}
],
"configurationStatus": "Configured",
"issues": [],
"sourceSystem": "Azure_AppLocker"
}
},
{
"id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/locations/centralus/applicationWhitelistings/ERELGROUP1",
"name": "ERELGROUP1",
"type": "Microsoft.Security/applicationWhitelistings",
"location": "centralus",
"properties": {
"recommendationStatus": "Recommended",
"enforcementMode": "Audit",
"protectionMode": {
"exe": "Audit",
"msi": "None",
"script": "None"
},
"vmRecommendations": [
{
"configurationStatus": "Configured",
"resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/erelh-stable/providers/microsoft.compute/virtualmachines/erelh-16090",
"recommendationAction": "Recommended",
"enforcementSupport": "NotSupported"
}
],
"pathRecommendations": [
{
"path": "[Exe] O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US\\*\\*\\0.0.0.0",
"type": "PublisherSignature",
"publisherInfo": {
"publisherName": "O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US",
"productName": "*",
"binaryName": "*",
"version": "0.0.0.0"
},
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "Everyone",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Exe",
"configurationStatus": "Configured"
}
],
"configurationStatus": "Configured",
"issues": [],
"sourceSystem": "Azure_AppLocker"
}
},
{
"id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/locations/centralus/applicationWhitelistings/GROUP1",
"name": "GROUP1",
"type": "Microsoft.Security/applicationWhitelistings",
"location": "centralus",
"properties": {
"recommendationStatus": "Recommended",
"enforcementMode": "Audit",
"protectionMode": {
"exe": "Audit",
"msi": "None",
"script": "None"
},
"vmRecommendations": [
{
"configurationStatus": "Configured",
"resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/talk-va/providers/microsoft.compute/virtualmachines/tal-win-vm",
"recommendationAction": "Recommended",
"enforcementSupport": "Supported"
},
{
"configurationStatus": "Configured",
"resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/talk-va/providers/microsoft.compute/virtualmachines/tal-win-vm-jit",
"recommendationAction": "Recommended",
"enforcementSupport": "Supported"
},
{
"configurationStatus": "Configured",
"resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/myresourcegroup/providers/microsoft.compute/virtualmachines/myvmweb",
"recommendationAction": "Recommended",
"enforcementSupport": "Supported"
},
{
"configurationStatus": "Configured",
"resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/v-arrikl-scheduledapps/providers/microsoft.compute/virtualmachines/v-arrikl-14061",
"recommendationAction": "Recommended",
"enforcementSupport": "Supported"
}
],
"pathRecommendations": [
{
"path": "[Exe] O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US\\*\\*\\0.0.0.0",
"type": "PublisherSignature",
"publisherInfo": {
"publisherName": "O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US",
"productName": "*",
"binaryName": "*",
"version": "0.0.0.0"
},
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "Everyone",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Exe",
"configurationStatus": "Configured"
},
{
"path": "%OSDRIVE%\\WINDOWSAZURE\\SECAGENT\\WASECAGENTPROV.EXE",
"type": "ProductSignature",
"publisherInfo": {
"publisherName": "CN=MICROSOFT AZURE DEPENDENCY CODE SIGN",
"productName": "MICROSOFT® COREXT",
"binaryName": "*",
"version": "0.0.0.0"
},
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "NT AUTHORITY\\SYSTEM",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Exe",
"configurationStatus": "Configured"
},
{
"path": "%PROGRAMFILES%\\RAPID7\\INSIGHT AGENT\\COMPONENTS\\INSIGHT_AGENT\\2.6.7.9\\GET_PROXY.EXE",
"type": "PublisherSignature",
"publisherInfo": {
"publisherName": "O=RAPID7 LLC, L=BOSTON, S=MASSACHUSETTS, C=US",
"productName": "*",
"binaryName": "*",
"version": "0.0.0.0"
},
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "NT AUTHORITY\\SYSTEM",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Exe",
"configurationStatus": "Configured"
},
{
"path": "%PROGRAMFILES%\\GOOGLE\\CHROME\\APPLICATION\\CHROME.EXE",
"type": "ProductSignature",
"publisherInfo": {
"publisherName": "O=GOOGLE LLC, L=MOUNTAIN VIEW, S=CA, C=US",
"productName": "GOOGLE CHROME",
"binaryName": "*",
"version": "0.0.0.0"
},
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "NT AUTHORITY\\SYSTEM",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Exe",
"configurationStatus": "Configured"
},
{
"path": "O=GOOGLE INC, L=MOUNTAIN VIEW, S=CALIFORNIA, C=US\\GOOGLE UPDATE\\*\\0.0.0.0",
"type": "ProductSignature",
"publisherInfo": {
"publisherName": "O=GOOGLE INC, L=MOUNTAIN VIEW, S=CALIFORNIA, C=US",
"productName": "GOOGLE UPDATE",
"binaryName": "*",
"version": "0.0.0.0"
},
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "NT AUTHORITY\\SYSTEM",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Exe",
"configurationStatus": "Configured"
}
],
"configurationStatus": "Configured",
"issues": [],
"sourceSystem": "Azure_AppLocker"
}
},
{
"id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/locations/westeurope/applicationWhitelistings/GROUP1",
"name": "GROUP1",
"type": "Microsoft.Security/applicationWhitelistings",
"location": "westeurope",
"properties": {
"recommendationStatus": "Recommended",
"enforcementMode": "Audit",
"protectionMode": {
"executable": "Audit"
},
"vmRecommendations": [
{
"configurationStatus": "Configured",
"resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/nic-no-pip/providers/microsoft.compute/virtualmachines/nic-no-pip-vm",
"recommendationAction": "Recommended",
"enforcementSupport": "Unknown"
}
],
"pathRecommendations": [
{
"path": "/sbin/init",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "root",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/sbin/upstart-udev-bridge",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "root",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/lib/systemd/systemd-udevd",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "root",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/sbin/upstart-socket-bridge",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "root",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/sbin/dhclient",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "root",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/usr/bin/python3.4",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "root",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/sbin/upstart-file-bridge",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "root",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/bin/dbus-daemon",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "messagebus",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/lib/systemd/systemd-logind",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "root",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/sbin/getty",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "root",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/usr/sbin/atd",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "root",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/usr/sbin/cron",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "root",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/usr/sbin/acpid",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "root",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/usr/sbin/sshd",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "root",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/usr/lib/linux-lts-xenial-tools-4.4.0-103/hv_vss_daemon",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "root",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/usr/lib/linux-lts-xenial-tools-4.4.0-103/hv_kvp_daemon",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "root",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/usr/sbin/nscd",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "unscd",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/usr/sbin/ntpd",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "ntp",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/opt/microsoft/auoms/bin/auomscollect",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "root",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/opt/omi/bin/omiserver",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "root",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/opt/omi/bin/omiengine",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "omi",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/opt/omi/bin/omiagent",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "root",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/usr/sbin/rsyslogd",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "syslog",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/usr/bin/python2.7",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "root",
"recommendationAction": "Recommended"
},
{
"username": "omsagent",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/opt/microsoft/omsagent/ruby/bin/ruby",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "omsagent",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/opt/microsoft/auoms/bin/auoms",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "root",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/usr/local/qualys/cloud-agent/bin/qualys-cloud-agent",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "root",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/bin/dash",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "omsagent",
"recommendationAction": "Recommended"
},
{
"username": "root",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/bin/sleep",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "omsagent",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/opt/dsc/bin/dsc_host",
"type": "File",
"common": false,
"action": "Recommended",
"usernames": [
{
"username": "omsagent",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/usr/bin/sudo",
"type": "File",
"common": false,
"action": "Recommended",
"usernames": [
{
"username": "root",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/bin/bash",
"type": "File",
"common": false,
"action": "Recommended",
"usernames": [
{
"username": "root",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/usr/bin/apt-get",
"type": "File",
"common": false,
"action": "Recommended",
"usernames": [
{
"username": "root",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/usr/lib/apt/methods/http",
"type": "File",
"common": false,
"action": "Recommended",
"usernames": [
{
"username": "root",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/usr/lib/apt/methods/gpgv",
"type": "File",
"common": false,
"action": "Recommended",
"usernames": [
{
"username": "root",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/usr/lib/apt/methods/copy",
"type": "File",
"common": false,
"action": "Recommended",
"usernames": [
{
"username": "root",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/usr/bin/pgrep",
"type": "File",
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "omsagent",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
},
{
"path": "/opt/microsoft/omsconfig/bin/omsconsistencyinvoker",
"type": "File",
"common": false,
"action": "Recommended",
"usernames": [
{
"username": "omsagent",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Executable",
"configurationStatus": "Configured"
}
],
"configurationStatus": "Configured",
"issues": [
{
"issue": "ExecutableViolationsAudited",
"numberOfVms": 1
}
],
"sourceSystem": "Azure_AuditD"
}
}
]
}
Tanımlar
Name | Description |
---|---|
Adaptive |
|
Adaptive |
Vm/sunucu gruplarının listesini ve buluta izin verileceği için Microsoft Defender tarafından önerilen kurallar kümesini temsil eder |
Adaptive |
Bir grup içindeki makinelerin sahip olabileceği bir uyarı |
Adaptive |
Makine grubunun uyarılarının özetini temsil eder |
Cloud |
Başarısız işlemlerin hata ayrıntılarını döndürmek için tüm Azure Resource Manager API'leri için genel hata yanıtı. (Bu, OData hata yanıtı biçimini de izler.). |
Cloud |
Hata ayrıntısı. |
Configuration |
Makine grubunun, makinenin veya kuralın yapılandırma durumu |
Enforcement |
Makine grubunun uygulama denetimi ilkesi zorlama/koruma modu |
Enforcement |
Zorlama özelliğinin makine desteklenebilirliği |
Error |
Kaynak yönetimi hatası ek bilgileri. |
File |
Dosyanın türü (Linux dosyaları için - Yürütülebilir dosya kullanılır) |
Path |
İzin verilen bir yolu ve özelliklerini temsil eder |
Protection |
Koleksiyon/dosya türlerinin koruma modu. Exe/Msi/Script, Windows için kullanılır, Linux için yürütülebilir dosya kullanılır. |
Publisher |
Bir işlemin/kuralın yayımcı bilgilerini temsil eder |
Recommendation |
Makinenin veya kuralın öneri eylemi |
Recommendation |
Makine grubunun veya makinenin ilk öneri durumu |
Recommendation |
İzin verilen kuralın türü |
Source |
Makine grubunun kaynak türü |
User |
Belirli bir kural için izin alınması önerilen bir kullanıcıyı temsil eder |
Vm |
Bir makine grubunun parçası olan bir makineyi temsil eder |
AdaptiveApplicationControlGroup
Name | Tür | Description |
---|---|---|
id |
string |
Kaynak Kimliği |
location |
string |
Kaynağın depolandığı konum |
name |
string |
Kaynak adı |
properties.configurationStatus |
Makine grubunun, makinenin veya kuralın yapılandırma durumu |
|
properties.enforcementMode |
Makine grubunun uygulama denetimi ilkesi zorlama/koruma modu |
|
properties.issues |
Makine grubunun uyarılarının özetini temsil eder |
|
properties.pathRecommendations |
İzin verilen bir yolu ve özelliklerini temsil eder |
|
properties.protectionMode |
Koleksiyon/dosya türlerinin koruma modu. Exe/Msi/Script, Windows için kullanılır, Linux için yürütülebilir dosya kullanılır. |
|
properties.recommendationStatus |
Makine grubunun veya makinenin ilk öneri durumu |
|
properties.sourceSystem |
Makine grubunun kaynak türü |
|
properties.vmRecommendations |
Bir makine grubunun parçası olan bir makineyi temsil eder |
|
type |
string |
Kaynak türü |
AdaptiveApplicationControlGroups
Vm/sunucu gruplarının listesini ve buluta izin verileceği için Microsoft Defender tarafından önerilen kurallar kümesini temsil eder
Name | Tür | Description |
---|---|---|
value |
AdaptiveApplicationControlIssue
Bir grup içindeki makinelerin sahip olabileceği bir uyarı
Name | Tür | Description |
---|---|---|
ExecutableViolationsAudited |
string |
|
MsiAndScriptViolationsAudited |
string |
|
MsiAndScriptViolationsBlocked |
string |
|
RulesViolatedManually |
string |
|
ViolationsAudited |
string |
|
ViolationsBlocked |
string |
AdaptiveApplicationControlIssueSummary
Makine grubunun uyarılarının özetini temsil eder
Name | Tür | Description |
---|---|---|
issue |
Bir grup içindeki makinelerin sahip olabileceği bir uyarı |
|
numberOfVms |
number |
Grupta bu uyarıya sahip makine sayısı |
CloudError
Başarısız işlemlerin hata ayrıntılarını döndürmek için tüm Azure Resource Manager API'leri için genel hata yanıtı. (Bu, OData hata yanıtı biçimini de izler.).
Name | Tür | Description |
---|---|---|
error.additionalInfo |
Hata ek bilgileri. |
|
error.code |
string |
Hata kodu. |
error.details |
Hata ayrıntıları. |
|
error.message |
string |
Hata iletisi. |
error.target |
string |
Hata hedefi. |
CloudErrorBody
Hata ayrıntısı.
Name | Tür | Description |
---|---|---|
additionalInfo |
Hata ek bilgileri. |
|
code |
string |
Hata kodu. |
details |
Hata ayrıntıları. |
|
message |
string |
Hata iletisi. |
target |
string |
Hata hedefi. |
ConfigurationStatus
Makine grubunun, makinenin veya kuralın yapılandırma durumu
Name | Tür | Description |
---|---|---|
Configured |
string |
|
Failed |
string |
|
InProgress |
string |
|
NoStatus |
string |
|
NotConfigured |
string |
EnforcementMode
Makine grubunun uygulama denetimi ilkesi zorlama/koruma modu
Name | Tür | Description |
---|---|---|
Audit |
string |
|
Enforce |
string |
|
None |
string |
EnforcementSupport
Zorlama özelliğinin makine desteklenebilirliği
Name | Tür | Description |
---|---|---|
NotSupported |
string |
|
Supported |
string |
|
Unknown |
string |
ErrorAdditionalInfo
Kaynak yönetimi hatası ek bilgileri.
Name | Tür | Description |
---|---|---|
info |
object |
Ek bilgiler. |
type |
string |
Ek bilgi türü. |
FileType
Dosyanın türü (Linux dosyaları için - Yürütülebilir dosya kullanılır)
Name | Tür | Description |
---|---|---|
Dll |
string |
|
Exe |
string |
|
Executable |
string |
|
Msi |
string |
|
Script |
string |
|
Unknown |
string |
PathRecommendation
İzin verilen bir yolu ve özelliklerini temsil eder
Name | Tür | Description |
---|---|---|
action |
Makinenin veya kuralın öneri eylemi |
|
common |
boolean |
Uygulamanın makinede yaygın olarak çalıştırılıp çalıştırılmadığı |
configurationStatus |
Makine grubunun, makinenin veya kuralın yapılandırma durumu |
|
fileType |
Dosyanın türü (Linux dosyaları için - Yürütülebilir dosya kullanılır) |
|
path |
string |
Dosyanın tam yolu veya uygulamanın tanımlayıcısı |
publisherInfo |
Bir işlemin/kuralın yayımcı bilgilerini temsil eder |
|
type |
İzin verilen kuralın türü |
|
userSids |
string[] |
Güvenlik tanımlayıcısı |
usernames |
Belirli bir kural için izin alınması önerilen bir kullanıcıyı temsil eder |
ProtectionMode
Koleksiyon/dosya türlerinin koruma modu. Exe/Msi/Script, Windows için kullanılır, Linux için yürütülebilir dosya kullanılır.
Name | Tür | Description |
---|---|---|
exe |
Makine grubunun uygulama denetimi ilkesi zorlama/koruma modu |
|
executable |
Makine grubunun uygulama denetimi ilkesi zorlama/koruma modu |
|
msi |
Makine grubunun uygulama denetimi ilkesi zorlama/koruma modu |
|
script |
Makine grubunun uygulama denetimi ilkesi zorlama/koruma modu |
PublisherInfo
Bir işlemin/kuralın yayımcı bilgilerini temsil eder
Name | Tür | Description |
---|---|---|
binaryName |
string |
Dosyanın sürüm kaynağından alınan "OriginalName" alanı |
productName |
string |
Dosyanın sürüm kaynağından alınan ürün adı |
publisherName |
string |
Aşağıdaki alanları kullanarak kodu imzalamak için kullanılan x.509 sertifikasının Konu alanı - O = Kuruluş, L = Yerellik, S = Eyalet veya İl ve C = Ülke |
version |
string |
Dosyanın sürüm kaynağından alınan ikili dosya sürümü |
RecommendationAction
Makinenin veya kuralın öneri eylemi
Name | Tür | Description |
---|---|---|
Add |
string |
|
Recommended |
string |
|
Remove |
string |
RecommendationStatus
Makine grubunun veya makinenin ilk öneri durumu
Name | Tür | Description |
---|---|---|
NoStatus |
string |
|
NotAvailable |
string |
|
NotRecommended |
string |
|
Recommended |
string |
RecommendationType
İzin verilen kuralın türü
Name | Tür | Description |
---|---|---|
BinarySignature |
string |
|
File |
string |
|
FileHash |
string |
|
ProductSignature |
string |
|
PublisherSignature |
string |
|
VersionAndAboveSignature |
string |
SourceSystem
Makine grubunun kaynak türü
Name | Tür | Description |
---|---|---|
Azure_AppLocker |
string |
|
Azure_AuditD |
string |
|
NonAzure_AppLocker |
string |
|
NonAzure_AuditD |
string |
|
None |
string |
UserRecommendation
Belirli bir kural için izin alınması önerilen bir kullanıcıyı temsil eder
Name | Tür | Description |
---|---|---|
recommendationAction |
Makinenin veya kuralın öneri eylemi |
|
username |
string |
Belirli bir kural için izin alınması önerilen bir kullanıcıyı temsil eder |
VmRecommendation
Bir makine grubunun parçası olan bir makineyi temsil eder
Name | Tür | Description |
---|---|---|
configurationStatus |
Makine grubunun, makinenin veya kuralın yapılandırma durumu |
|
enforcementSupport |
Zorlama özelliğinin makine desteklenebilirliği |
|
recommendationAction |
Makinenin veya kuralın öneri eylemi |
|
resourceId |
string |
Makinenin tam kaynak kimliği |