diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2019-01-01-preview/SecurityInsights.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2019-01-01-preview/SecurityInsights.json index 8f5a0dbce22a..062f46155e9a 100644 --- a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2019-01-01-preview/SecurityInsights.json +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2019-01-01-preview/SecurityInsights.json @@ -1411,6 +1411,54 @@ } } } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/aggregations/{aggregationsName}": { + "get": { + "x-ms-examples": { + "Get aggregative data for all cases under the defined workspace, between the time range if specified.": { + "$ref": "./examples/aggregations/GetCasesAggregations.json" + } + }, + "tags": [ + "Aggregations" + ], + "description": "Get aggregative result for the given resources under the defined workspace", + "operationId": "CasesAggregations_Get", + "parameters": [ + { + "$ref": "#/parameters/ApiVersion" + }, + { + "$ref": "#/parameters/SubscriptionId" + }, + { + "$ref": "#/parameters/ResourceGroupName" + }, + { + "$ref": "#/parameters/OperationalInsightsResourceProvider" + }, + { + "$ref": "#/parameters/WorkspaceName" + }, + { + "$ref": "#/parameters/AggregationsName" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/Aggregations" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } } }, "definitions": { @@ -2797,6 +2845,36 @@ "description": "Determines whether the setting is enable or disabled." } } + }, + "Aggregations": { + "type": "object", + "description": "The aggregation.", + "discriminator": "kind", + "allOf": [ + { + "$ref": "#/definitions/Resource" + }, + { + "$ref": "#/definitions/AggregationsKind" + } + ] + }, + "AggregationsKind": { + "type": "object", + "description": "Describes an Azure resource with kind.", + "properties": { + "kind": { + "type": "string", + "description": "The kind of the setting", + "enum": [ + "CasesAggregation" + ], + "x-ms-enum": { + "name": "AggregationsKind", + "modelAsString": true + } + } + } } }, "parameters": { @@ -2970,6 +3048,14 @@ "$ref": "#/definitions/Settings" }, "x-ms-parameter-location": "method" + }, + "AggregationsName": { + "name": "aggregationsName", + "in": "path", + "required": true, + "type": "string", + "description": "The aggregation name. Supports - Cases", + "x-ms-parameter-location": "method" } } } \ No newline at end of file diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2019-01-01-preview/examples/aggregations/GetCasesAggregations.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2019-01-01-preview/examples/aggregations/GetCasesAggregations.json new file mode 100644 index 000000000000..f67eaa7781d2 --- /dev/null +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2019-01-01-preview/examples/aggregations/GetCasesAggregations.json @@ -0,0 +1,35 @@ +{ + "parameters": { + "api-version": "2019-01-01-preview", + "subscriptionId": "d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + "resourceGroupName": "myRg", + "workspaceName": "myWorkspace", + "operationalInsightsResourceProvider": "Microsoft.OperationalInsights", + "aggregationsName": "cases" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/aggregations/Cases", + "name": "Cases", + "type": "Microsoft.SecurityInsights/aggregations", + "kind": "CasesAggregation", + "properties": { + "aggregationBySeverity": { + "totalCriticalSeverity": 13, + "totalHighSeverity": 14, + "totalMediumSeverity": 4, + "totalLowSeverity": 15, + "totalInformationalSeverity": 26 + }, + "aggregationByStatus": { + "totalNewStatus": 42, + "totalInProgressStatus": 30, + "totalResolvedStatus": 2, + "totalDismissedStatus": 1 + } + } + } + } + } +} \ No newline at end of file