你当前正在访问 Microsoft Azure Global Edition 技术文档网站。 如果需要访问由世纪互联运营的 Microsoft Azure 中国技术文档网站,请访问 https://docs.azure.cn。
Microsoft.Azure.PowerShell.Cmdlets.SecurityInsights.Models.Api20210901Preview Namespace
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Classes
| AadCheckRequirements |
Represents AAD (Azure Active Directory) requirements check request. |
| AadCheckRequirementsProperties |
AAD (Azure Active Directory) requirements check properties. |
| AadDataConnector |
Represents AAD (Azure Active Directory) data connector. |
| AadDataConnectorProperties |
AAD (Azure Active Directory) data connector properties. |
| AatpCheckRequirements |
Represents AATP (Azure Advanced Threat Protection) requirements check request. |
| AatpCheckRequirementsProperties |
AATP (Azure Advanced Threat Protection) requirements check properties. |
| AatpDataConnector |
Represents AATP (Azure Advanced Threat Protection) data connector. |
| AatpDataConnectorProperties |
AATP (Azure Advanced Threat Protection) data connector properties. |
| AccountEntity |
Represents an account entity. |
| AccountEntityProperties |
Account entity property bag. |
| ActionPropertiesBase |
Action property bag base. |
| ActionRequest |
Action for alert rule. |
| ActionRequestProperties |
Action property bag. |
| ActionResponse |
Action for alert rule. |
| ActionResponseProperties |
Action property bag. |
| ActionsList |
List all the actions. |
| ActivityCustomEntityQuery |
Represents Activity entity query. |
| ActivityEntityQueriesProperties |
Describes activity entity query properties |
| ActivityEntityQueriesPropertiesEntitiesFilter |
The query applied only to entities matching to all filters |
| ActivityEntityQueriesPropertiesQueryDefinitions |
The Activity query definitions |
| ActivityEntityQuery |
Represents Activity entity query. |
| ActivityEntityQueryTemplate |
Represents Activity entity query. |
| ActivityEntityQueryTemplateProperties |
Describes activity entity query properties |
| ActivityEntityQueryTemplatePropertiesEntitiesFilter |
The query applied only to entities matching to all filters |
| ActivityEntityQueryTemplatePropertiesQueryDefinitions |
The Activity query definitions |
| ActivityTimelineItem |
Represents Activity timeline item. |
| AlertDetailsOverride |
Settings for how to dynamically override alert static details |
| AlertRule |
Alert rule. |
| AlertRulesList |
List all the alert rules. |
| AlertRuleTemplate |
Alert rule template. |
| AlertRuleTemplateDataSource |
alert rule template data sources |
| AlertRuleTemplatePropertiesBase |
Base alert rule template property bag. |
| AlertRuleTemplatesList |
List all the alert rule templates. |
| AlertsDataTypeOfDataConnector |
Alerts data type for data connectors. |
| Anomalies |
Settings with single toggle. |
| AnomaliesSettingsProperties |
Anomalies property bag. |
| ApiPollingParameters |
Represents Codeless API Polling data connector |
| AscCheckRequirements |
Represents ASC (Azure Security Center) requirements check request. |
| AscCheckRequirementsProperties |
ASC (Azure Security Center) requirements check properties. |
| AscDataConnector |
Represents ASC (Azure Security Center) data connector. |
| AscDataConnectorProperties |
ASC (Azure Security Center) data connector properties. |
| AutomationRule |
Represents an automation rule. |
| AutomationRuleAction |
Describes an automation rule action |
| AutomationRuleCondition |
Describes an automation rule condition |
| AutomationRuleModifyPropertiesAction |
Describes an automation rule action to modify an object's properties |
| AutomationRuleModifyPropertiesActionConfiguration |
The configuration of the modify properties automation rule action |
| AutomationRuleProperties |
Describes automation rule properties |
| AutomationRulePropertyValuesCondition |
Describes an automation rule condition that evaluates a property's value |
| AutomationRulePropertyValuesConditionProperties |
The configuration of the automation rule condition |
| AutomationRuleRunPlaybookAction |
Describes an automation rule action to run a playbook |
| AutomationRuleRunPlaybookActionConfiguration |
The configuration of the run playbook automation rule action |
| AutomationRulesList |
List all the automation rules. |
| AutomationRuleTriggeringLogic |
Describes automation rule triggering logic |
| Availability |
Connector Availability Status |
| AwsCloudTrailCheckRequirements |
Amazon Web Services CloudTrail requirements check request. |
| AwsCloudTrailDataConnector |
Represents Amazon Web Services CloudTrail data connector. |
| AwsCloudTrailDataConnectorDataTypes |
The available data types for Amazon Web Services CloudTrail data connector. |
| AwsCloudTrailDataConnectorDataTypesLogs |
Logs data type. |
| AwsCloudTrailDataConnectorProperties |
Amazon Web Services CloudTrail data connector properties. |
| AwsS3CheckRequirements |
Amazon Web Services S3 requirements check request. |
| AwsS3DataConnector |
Represents Amazon Web Services S3 data connector. |
| AwsS3DataConnectorDataTypes |
The available data types for Amazon Web Services S3 data connector. |
| AwsS3DataConnectorDataTypesLogs |
Logs data type. |
| AwsS3DataConnectorProperties |
Amazon Web Services S3 data connector properties. |
| AzureResourceEntity |
Represents an azure resource entity. |
| AzureResourceEntityProperties |
AzureResource entity property bag. |
| Bookmark |
Represents a bookmark in Azure Security Insights. |
| BookmarkExpandParameters |
The parameters required to execute an expand operation on the given bookmark. |
| BookmarkExpandResponse |
The entity expansion result operation response. |
| BookmarkExpandResponseValue |
The expansion result values. |
| BookmarkList |
List all the bookmarks. |
| BookmarkProperties |
Describes bookmark properties |
| BookmarkTimelineItem |
Represents bookmark timeline item. |
| CloudApplicationEntity |
Represents a cloud application entity. |
| CloudApplicationEntityProperties |
CloudApplication entity property bag. |
| CodelessApiPollingDataConnector |
Represents Codeless API Polling data connector. |
| CodelessConnectorPollingAuthProperties |
Describe the authentication properties needed to successfully authenticate with the server |
| CodelessConnectorPollingConfigProperties |
Config to describe the polling config for API poller connector |
| CodelessConnectorPollingPagingProperties |
Describe the properties needed to make a pagination call |
| CodelessConnectorPollingRequestProperties |
Describe the request properties needed to successfully pull from the server |
| CodelessConnectorPollingResponseProperties |
Describes the response from the external server |
| CodelessParameters |
Represents Codeless UI data connector |
| CodelessUiConnectorConfigProperties |
Config to describe the instructions blade |
| CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem | |
| CodelessUiConnectorConfigPropertiesDataTypesItem | |
| CodelessUiConnectorConfigPropertiesGraphQueriesItem | |
| CodelessUiConnectorConfigPropertiesInstructionStepsItem | |
| CodelessUiConnectorConfigPropertiesSampleQueriesItem | |
| CodelessUiDataConnector |
Represents Codeless UI data connector. |
| ConnectedEntity |
Expansion result connected entities |
| ConnectivityCriteria |
Setting for the connector check connectivity |
| ConnectorInstructionModelBase |
Instruction step details |
| ContentPathMap |
The mapping of content type to a repo path. |
| CustomEntityQuery |
Specific entity query that supports put requests. |
| Customs |
Customs permissions required for the connector |
| CustomsPermission |
Customs permissions required for the connector |
| DataConnector |
Data connector |
| DataConnectorConnectBody |
Represents Codeless API Polling data connector. |
| DataConnectorDataTypeCommon |
Common field for data type in data connectors. |
| DataConnectorList |
List all the data connectors. |
| DataConnectorRequirementsState |
Data connector requirements status. |
| DataConnectorsCheckRequirements |
Data connector requirements properties. |
| DataConnectorTenantId |
Properties data connector on tenant level. |
| DataConnectorWithAlertsProperties |
Data connector properties. |
| DataTypeDefinitions |
The data type definition |
| DnsEntity |
Represents a dns entity. |
| DnsEntityProperties |
Dns entity property bag. |
| Dynamics365CheckRequirements |
Represents Dynamics365 requirements check request. |
| Dynamics365CheckRequirementsProperties |
Dynamics365 requirements check properties. |
| Dynamics365DataConnector |
Represents Dynamics365 data connector. |
| Dynamics365DataConnectorDataTypes |
The available data types for Dynamics365 data connector. |
| Dynamics365DataConnectorDataTypesDynamics365CdsActivities |
Common Data Service data type connection. |
| Dynamics365DataConnectorProperties |
Dynamics365 data connector properties. |
| EnrichmentDomainWhois |
Whois information for a given domain and associated metadata |
| EnrichmentDomainWhoisContact |
An individual contact associated with this domain |
| EnrichmentDomainWhoisContacts |
The set of contacts associated with this domain |
| EnrichmentDomainWhoisDetails |
The whois record for a given domain |
| EnrichmentDomainWhoisRegistrarDetails |
The registrar associated with this domain |
| EnrichmentIPGeodata |
Geodata information for a given IP address |
| Entity |
Specific entity. |
| EntityAnalytics |
Settings with single toggle. |
| EntityAnalyticsProperties |
EntityAnalytics property bag. |
| EntityCommonProperties |
Entity common property bag. |
| EntityCommonPropertiesAdditionalData |
A bag of custom fields that should be part of the entity and will be presented to the user. |
| EntityEdges |
The edge that connects the entity to the other entity. |
| EntityEdgesAdditionalData |
A bag of custom fields that should be part of the entity and will be presented to the user. |
| EntityExpandParameters |
The parameters required to execute an expand operation on the given entity. |
| EntityExpandResponse |
The entity expansion result operation response. |
| EntityExpandResponseValue |
The expansion result values. |
| EntityGetInsightsParameters |
The parameters required to execute insights operation on the given entity. |
| EntityGetInsightsResponse |
The Get Insights result operation response. |
| EntityInsightItem |
Entity insight Item. |
| EntityInsightItemQueryTimeInterval |
The Time interval that the query actually executed on. |
| EntityList |
List of all the entities. |
| EntityMapping |
Single entity mapping for the alert rule |
| EntityQuery |
Specific entity query. |
| EntityQueryItem |
An abstract Query item for entity |
| EntityQueryItemProperties |
An properties abstract Query item for entity |
| EntityQueryItemPropertiesDataTypesItem | |
| EntityQueryList |
List of all the entity queries. |
| EntityQueryTemplate |
Specific entity query template. |
| EntityQueryTemplateList |
List of all the entity query templates. |
| EntityTimelineItem |
Entity timeline Item. |
| EntityTimelineParameters |
The parameters required to execute s timeline operation on the given entity. |
| EntityTimelineResponse |
The entity timeline result operation response. |
| EventGroupingSettings |
Event grouping settings property bag. |
| ExpansionEntityQueriesProperties |
Describes expansion entity query properties |
| ExpansionEntityQuery |
Represents Expansion entity query. |
| ExpansionResultAggregation |
Information of a specific aggregation in the expansion result. |
| ExpansionResultsMetadata |
Expansion result metadata. |
| EyesOn |
Settings with single toggle. |
| EyesOnSettingsProperties |
EyesOn property bag. |
| FieldMapping |
A single field mapping of the mapped entity |
| FileEntity |
Represents a file entity. |
| FileEntityProperties |
File entity property bag. |
| FileHashEntity |
Represents a file hash entity. |
| FileHashEntityProperties |
FileHash entity property bag. |
| FusionAlertRule |
Represents Fusion alert rule. |
| FusionAlertRuleProperties |
Fusion alert rule base property bag. |
| FusionAlertRuleTemplate |
Represents Fusion alert rule template. |
| FusionAlertRuleTemplateProperties |
Fusion alert rule template properties |
| GeoLocation |
The geo-location context attached to the ip entity |
| GetInsightsError |
GetInsights Query Errors. |
| GetInsightsResultsMetadata |
Get Insights result metadata. |
| GetQueriesResponse |
Retrieve queries for entity result operation response. |
| GraphQueries |
The graph query to show the current data status |
| GroupingConfiguration |
Grouping configuration property bag. |
| HostEntity |
Represents a host entity. |
| HostEntityProperties |
Host entity property bag. |
| HuntingBookmark |
Represents a Hunting bookmark entity. |
| HuntingBookmarkProperties |
Describes bookmark properties |
| Incident |
Represents an incident in Azure Security Insights. |
| IncidentAdditionalData |
Incident additional data property bag. |
| IncidentAlertList |
List of incident alerts. |
| IncidentBookmarkList |
List of incident bookmarks. |
| IncidentComment |
Represents an incident comment |
| IncidentCommentList |
List of incident comments. |
| IncidentCommentProperties |
Incident comment property bag. |
| IncidentConfiguration |
Incident Configuration property bag. |
| IncidentEntitiesResponse |
The incident related entities response. |
| IncidentEntitiesResultsMetadata |
Information of a specific aggregation in the incident related entities result. |
| IncidentInfo |
Describes related incident information for the bookmark |
| IncidentLabel |
Represents an incident label |
| IncidentList |
List all the incidents. |
| IncidentOwnerInfo |
Information on the user an incident is assigned to |
| IncidentProperties |
Describes incident properties |
| InsightQueryItem |
Represents Insight Query. |
| InsightQueryItemProperties |
Represents Insight Query. |
| InsightQueryItemPropertiesAdditionalQuery |
The activity query definitions. |
| InsightQueryItemPropertiesDefaultTimeRange |
The insight chart query. |
| InsightQueryItemPropertiesReferenceTimeRange |
The insight chart query. |
| InsightQueryItemPropertiesTableQuery |
The insight table query. |
| InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem | |
| InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem | |
| InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem | |
| InsightsTableResult |
Query results for table insights query. |
| InsightsTableResultColumnsItem | |
| InstructionSteps |
Instruction steps to enable the connector |
| InstructionStepsInstructionsItem | |
| IoTDeviceEntity |
Represents an IoT device entity. |
| IoTDeviceEntityProperties |
IoTDevice entity property bag. |
| IPEntity |
Represents an ip entity. |
| IPEntityProperties |
Ip entity property bag. |
| LastDataReceivedDataType |
Data type for last data received |
| MailboxEntity |
Represents a mailbox entity. |
| MailboxEntityProperties |
Mailbox entity property bag. |
| MailClusterEntity |
Represents a mail cluster entity. |
| MailClusterEntityProperties |
Mail cluster entity property bag. |
| MailMessageEntity |
Represents a mail message entity. |
| MailMessageEntityProperties |
Mail message entity property bag. |
| MalwareEntity |
Represents a malware entity. |
| MalwareEntityProperties |
Malware entity property bag. |
| McasCheckRequirements |
Represents MCAS (Microsoft Cloud App Security) requirements check request. |
| McasCheckRequirementsProperties |
MCAS (Microsoft Cloud App Security) requirements check properties. |
| McasDataConnector |
Represents MCAS (Microsoft Cloud App Security) data connector. |
| McasDataConnectorDataTypes |
The available data types for MCAS (Microsoft Cloud App Security) data connector. |
| McasDataConnectorProperties |
MCAS (Microsoft Cloud App Security) data connector properties. |
| MdatpCheckRequirements |
Represents MDATP (Microsoft Defender Advanced Threat Protection) requirements check request. |
| MdatpCheckRequirementsProperties |
MDATP (Microsoft Defender Advanced Threat Protection) requirements check properties. |
| MdatpDataConnector |
Represents MDATP (Microsoft Defender Advanced Threat Protection) data connector. |
| MdatpDataConnectorProperties |
MDATP (Microsoft Defender Advanced Threat Protection) data connector properties. |
| MetadataAuthor |
Publisher or creator of the content item. |
| MetadataCategories |
ies for the solution content item |
| MetadataDependencies |
Dependencies for the content item, what other content items it requires to work. Can describe more complex dependencies using a recursive/nested structure. For a single dependency an id/kind/version can be supplied or operator/criteria for complex dependencies. |
| MetadataList |
List of all the metadata. |
| MetadataModel |
Metadata resource definition. |
| MetadataPatch |
Metadata patch request body. |
| MetadataProperties |
Metadata property bag. |
| MetadataPropertiesPatch |
Metadata property bag for patch requests. This is the same as the MetadataProperties, but with nothing required |
| MetadataSource |
The original source of the content item, where it comes from. |
| MetadataSupport |
Support information for the content item. |
| MicrosoftSecurityIncidentCreationAlertRule |
Represents MicrosoftSecurityIncidentCreation rule. |
| MicrosoftSecurityIncidentCreationAlertRuleCommonProperties |
MicrosoftSecurityIncidentCreation rule common property bag. |
| MicrosoftSecurityIncidentCreationAlertRuleProperties |
MicrosoftSecurityIncidentCreation rule property bag. |
| MicrosoftSecurityIncidentCreationAlertRuleTemplate |
Represents MicrosoftSecurityIncidentCreation rule template. |
| MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties |
MicrosoftSecurityIncidentCreation rule template properties |
| MlBehaviorAnalyticsAlertRule |
Represents MLBehaviorAnalytics alert rule. |
| MlBehaviorAnalyticsAlertRuleProperties |
MLBehaviorAnalytics alert rule base property bag. |
| MlBehaviorAnalyticsAlertRuleTemplate |
Represents MLBehaviorAnalytics alert rule template. |
| MlBehaviorAnalyticsAlertRuleTemplateProperties |
MLBehaviorAnalytics alert rule template properties. |
| MstiCheckRequirements |
Represents Microsoft Threat Intelligence requirements check request. |
| MstiCheckRequirementsProperties |
Microsoft Threat Intelligence requirements check properties. |
| MstiDataConnector |
Represents Microsoft Threat Intelligence data connector. |
| MstiDataConnectorDataTypes |
The available data types for Microsoft Threat Intelligence Platforms data connector. |
| MstiDataConnectorDataTypesBingSafetyPhishingUrl |
Data type for Microsoft Threat Intelligence Platforms data connector. |
| MstiDataConnectorDataTypesMicrosoftEmergingThreatFeed |
Data type for Microsoft Threat Intelligence Platforms data connector. |
| MstiDataConnectorProperties |
Microsoft Threat Intelligence data connector properties. |
| MtpCheckRequirements |
Represents MTP (Microsoft Threat Protection) requirements check request. |
| MtpCheckRequirementsProperties |
MTP (Microsoft Threat Protection) requirements check properties. |
| MtpDataConnector |
Represents MTP (Microsoft Threat Protection) data connector. |
| MtpDataConnectorDataTypes |
The available data types for Microsoft Threat Protection Platforms data connector. |
| MtpDataConnectorDataTypesIncidents |
Data type for Microsoft Threat Protection Platforms data connector. |
| MtpDataConnectorProperties |
MTP (Microsoft Threat Protection) data connector properties. |
| NrtAlertRule |
Represents NRT alert rule. |
| NrtAlertRuleProperties |
Nrt alert rule base property bag. |
| NrtAlertRuleTemplate |
Represents NRT alert rule template. |
| NrtAlertRuleTemplateProperties |
NRT alert rule template properties |
| OfficeAtpCheckRequirements |
Represents OfficeATP (Office 365 Advanced Threat Protection) requirements check request. |
| OfficeAtpCheckRequirementsProperties |
OfficeATP (Office 365 Advanced Threat Protection) requirements check properties. |
| OfficeAtpDataConnector |
Represents OfficeATP (Office 365 Advanced Threat Protection) data connector. |
| OfficeAtpDataConnectorProperties |
OfficeATP (Office 365 Advanced Threat Protection) data connector properties. |
| OfficeConsent |
Consent for Office365 tenant that already made. |
| OfficeConsentList |
List of all the office365 consents. |
| OfficeConsentProperties |
Consent property bag. |
| OfficeDataConnector |
Represents office data connector. |
| OfficeDataConnectorDataTypes |
The available data types for office data connector. |
| OfficeDataConnectorDataTypesExchange |
Exchange data type connection. |
| OfficeDataConnectorDataTypesSharePoint |
SharePoint data type connection. |
| OfficeDataConnectorDataTypesTeams |
Teams data type connection. |
| OfficeDataConnectorProperties |
Office data connector properties. |
| OfficeIrmCheckRequirements |
Represents OfficeIRM (Microsoft Insider Risk Management) requirements check request. |
| OfficeIrmCheckRequirementsProperties |
OfficeIRM (Microsoft Insider Risk Management) requirements check properties. |
| OfficeIrmDataConnector |
Represents OfficeIRM (Microsoft Insider Risk Management) data connector. |
| OfficeIrmDataConnectorProperties |
OfficeIRM (Microsoft Insider Risk Management) data connector properties. |
| Operation |
Operation provided by provider |
| OperationDisplay |
Properties of the operation |
| OperationsList |
Lists the operations available in the SecurityInsights RP. |
| Permissions |
Permissions required for the connector |
| PermissionsCustomsItem | |
| PermissionsResourceProviderItem | |
| ProcessEntity |
Represents a process entity. |
| ProcessEntityProperties |
Process entity property bag. |
| QueryBasedAlertRuleProperties |
Query based alert rule base property bag. |
| QueryBasedAlertRulePropertiesCustomDetails |
Dictionary of string key-value pairs of columns to be attached to the alert |
| QueryBasedAlertRuleTemplateProperties |
Query based alert rule template base property bag. |
| QueryBasedAlertRuleTemplatePropertiesCustomDetails |
Dictionary of string key-value pairs of columns to be attached to the alert |
| RegistryKeyEntity |
Represents a registry key entity. |
| RegistryKeyEntityProperties |
RegistryKey entity property bag. |
| RegistryValueEntity |
Represents a registry value entity. |
| RegistryValueEntityProperties |
RegistryValue entity property bag. |
| Relation |
Represents a relation between two resources |
| RelationList |
List of relations. |
| RelationProperties |
Relation property bag. |
| Repo |
Represents a repository. |
| RepoList |
List all the source controls. |
| Repository |
metadata of a repository. |
| RequiredPermissions |
Required permissions for the connector |
| ResourceProvider |
Resource provider permissions required for the connector |
| SampleQueries |
The sample queries for the connector |
| ScheduledAlertRule |
Represents scheduled alert rule. |
| ScheduledAlertRuleCommonProperties |
Scheduled alert rule template property bag. |
| ScheduledAlertRuleProperties |
Scheduled alert rule base property bag. |
| ScheduledAlertRuleTemplate |
Represents scheduled alert rule template. |
| ScheduledAlertRuleTemplateProperties |
Scheduled alert rule template properties |
| SecurityAlert |
Represents a security alert entity. |
| SecurityAlertProperties |
SecurityAlert entity property bag. |
| SecurityAlertPropertiesConfidenceReasonsItem |
confidence reason item |
| SecurityAlertTimelineItem |
Represents security alert timeline item. |
| SecurityGroupEntity |
Represents a security group entity. |
| SecurityGroupEntityProperties |
SecurityGroup entity property bag. |
| SentinelOnboardingState |
Sentinel onboarding state |
| SentinelOnboardingStateProperties |
The Sentinel onboarding state properties |
| SentinelOnboardingStatesList |
List of the Sentinel onboarding states |
| SettingList |
List of all the settings. |
| Settings |
The Setting. |
| Sku |
The pricing tier of the solution |
| SourceControl |
Represents a SourceControl in Azure Security Insights. |
| SourceControlList |
List all the source controls. |
| SourceControlProperties |
Describes source control properties |
| SubmissionMailEntity |
Represents a submission mail entity. |
| SubmissionMailEntityProperties |
Submission mail entity property bag. |
| TeamInformation |
Describes team information |
| TeamProperties |
Describes team properties |
| ThreatIntelligence |
ThreatIntelligence property bag. |
| ThreatIntelligenceAlertRule |
Represents Threat Intelligence alert rule. |
| ThreatIntelligenceAlertRuleProperties |
Threat Intelligence alert rule base property bag. |
| ThreatIntelligenceAlertRuleTemplate |
Represents Threat Intelligence alert rule template. |
| ThreatIntelligenceAlertRuleTemplateProperties |
Threat Intelligence alert rule template properties |
| ThreatIntelligenceAppendTags |
Array of tags to be appended to the threat intelligence indicator. |
| ThreatIntelligenceExternalReference |
Describes external reference |
| ThreatIntelligenceExternalReferenceHashes |
External reference hashes |
| ThreatIntelligenceFilteringCriteria |
Filtering criteria for querying threat intelligence indicators. |
| ThreatIntelligenceGranularMarkingModel |
Describes threat granular marking model entity |
| ThreatIntelligenceIndicatorModel |
Threat intelligence indicator entity. |
| ThreatIntelligenceIndicatorModelForRequestBody |
Threat intelligence indicator entity used in request body. |
| ThreatIntelligenceIndicatorProperties |
Describes threat intelligence entity properties |
| ThreatIntelligenceIndicatorPropertiesExtensions |
Extensions map |
| ThreatIntelligenceInformation |
Threat intelligence information object. |
| ThreatIntelligenceInformationList |
List of all the threat intelligence information objects. |
| ThreatIntelligenceKillChainPhase |
Describes threat kill chain phase entity |
| ThreatIntelligenceMetric |
Describes threat intelligence metric |
| ThreatIntelligenceMetricEntity |
Describes threat intelligence metric entity |
| ThreatIntelligenceMetrics |
Threat intelligence metrics. |
| ThreatIntelligenceMetricsList |
List of all the threat intelligence metric fields (type/threat type/source). |
| ThreatIntelligenceParsedPattern |
Describes parsed pattern entity |
| ThreatIntelligenceParsedPatternTypeValue |
Describes threat kill chain phase entity |
| ThreatIntelligenceResourceKind |
Describes an entity with kind. |
| ThreatIntelligenceSortingCriteria |
List of available columns for sorting |
| TiCheckRequirements |
Threat Intelligence Platforms data connector check requirements |
| TiCheckRequirementsProperties |
Threat Intelligence Platforms data connector required properties. |
| TiDataConnector |
Represents threat intelligence data connector. |
| TiDataConnectorDataTypes |
The available data types for TI (Threat Intelligence) data connector. |
| TiDataConnectorDataTypesIndicators |
Data type for indicators connection. |
| TiDataConnectorProperties |
TI (Threat Intelligence) data connector properties. |
| TimelineAggregation |
timeline aggregation information per kind |
| TimelineError |
Timeline Query Errors. |
| TimelineResultsMetadata |
Expansion result metadata. |
| TiTaxiiCheckRequirements |
Threat Intelligence TAXII data connector check requirements |
| TiTaxiiCheckRequirementsProperties |
Threat Intelligence TAXII data connector required properties. |
| TiTaxiiDataConnector |
Data connector to pull Threat intelligence data from TAXII 2.0/2.1 server |
| TiTaxiiDataConnectorDataTypes |
The available data types for Threat Intelligence TAXII data connector. |
| TiTaxiiDataConnectorDataTypesTaxiiClient |
Data type for TAXII connector. |
| TiTaxiiDataConnectorProperties |
Threat Intelligence TAXII data connector properties. |
| Ueba |
Settings with single toggle. |
| UebaProperties |
Ueba property bag. |
| UrlEntity |
Represents a url entity. |
| UrlEntityProperties |
Url entity property bag. |